Commit Graph

764 Commits

Author SHA1 Message Date
Niels de Vos
30dc83c3bb util: create ceph.conf with 0600 permissions
The generated ceph.conf does not need readable by the group, there is
only one (system) user consuming the configurations file.

This addresses the following gosec warning:

    [/go/src/github.com/ceph/ceph-csi/internal/util/cephconf.go:52] - G306 (CWE-): Expect WriteFile permissions to be 0600 or less (Confidence: HIGH, Severity: MEDIUM)
      > ioutil.WriteFile(CephConfigPath, cephConfig, 0640)

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-07-01 05:56:32 +00:00
Niels de Vos
16c4e33b09 util: log error when closing temp fail fails in GetOMapValue()
gosec-2.3.0 complains about the following:

    [/go/src/github.com/ceph/ceph-csi/internal/util/cephcmds.go:146] - G307 (CWE-): Deferring unsafe method "*os.File" on type "Close" (Confidence: HIGH, Severity: MEDIUM)
      > defer tmpFile.Close()

By logging the error from Close(), the warning is gone.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-07-01 05:56:32 +00:00
Madhu Rajanna
e1fd12fb29 cephfs: do chmod on stagingpath
instead of doing chmod on the targetpath always
do it once at the stagintpath.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2020-06-30 17:43:41 +00:00
Madhu Rajanna
4d11490a2b cephfs: Add support for ROX PVC
cephcsi need to add mount the cephfs subvolume
as the readonly when the PVC type is ROX to
provide only readonly access to the users

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2020-06-30 17:43:41 +00:00
Yug Gupta
c9ad904331 cephfs: Add support for multiple subvolumegroups
With the current code base, the subvolumegroup will
be created once, and even for a different cluster,
subvolumegroup creation is not allowed again.

Added support multiple subvolumegroups creation by
validating one subvolumegroup creation per cluster.

Fixes: #1123

Signed-off-by: Yug Gupta <ygupta@redhat.com>
2020-06-26 09:19:24 +00:00
Niels de Vos
efd9b31043 cleanup: use util.MountOptionsAdd() in CephFS volumemounter
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-06-24 13:33:44 +00:00
Niels de Vos
cdbc56de7d ci: add test for MountOptionsAdd()
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-06-24 13:33:44 +00:00
Niels de Vos
887aab1d72 util: add MountOptionsAdd() to add mount options
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-06-24 13:33:44 +00:00
John Mulligan
75088aa36d util: add doc comments for exported functions in errors.go
A number of exported functions in errors.go were missing doc comments.
Add them.

Signed-off-by: John Mulligan <jmulligan@redhat.com>
2020-06-22 15:41:00 +00:00
John Mulligan
09e1c856d0 journal: do not return errors from remove omap func if omap missing
The previous function used to remove omap keys apparently did not
return errors when removing omap keys from a missing omap (oid).
Mimic that behavior when using the api.

Signed-off-by: John Mulligan <jmulligan@redhat.com>
2020-06-22 15:41:00 +00:00
John Mulligan
c14cbee132 journal: change omap set func to handle multiple key-value pairs
For any function that sets more than one key on a single oid setting
them as a batch will be more efficient.

Signed-off-by: John Mulligan <jmulligan@redhat.com>
2020-06-22 15:41:00 +00:00
John Mulligan
a8409eccc8 journal: change omap remove func to handle multiple keys at once
For any function that removes more than one key on a single oid removing
them as a batch will be more efficient.

Signed-off-by: John Mulligan <jmulligan@redhat.com>
2020-06-22 15:41:00 +00:00
John Mulligan
0ac5f40d09 journal: change omap get func to handle multiple keys at once
Taking this appraoch means that any function that must get more than one
key's value from the same oid can be more efficient by calling out to
ceph only once.

To be cautious and avoid missing things we always request ceph return
more keys than we actually expect to be set on the oid. If there are
unexpected keys there, we will not miss the keys we want if we first hit
an unexpected key if we were to limit ourselves to iterating only over
the number of keys we're expecting to be on the object.

Signed-off-by: John Mulligan <jmulligan@redhat.com>
2020-06-22 15:41:00 +00:00
John Mulligan
cd24bb3f5c journal: convert journal to use new omap functions
Convert the business-logic of the journal to use the new go-ceph based
omap manipulation functions.

Signed-off-by: John Mulligan <jmulligan@redhat.com>
2020-06-22 15:41:00 +00:00
John Mulligan
0b99bdaa82 journal: add omap.go with go-ceph based omap manipulation funcs
These new omap manipulation functions (get/set/remove) are roughly
equivalent to the previous command-line based approach but rely
on direct api calls to ceph.

Signed-off-by: John Mulligan <jmulligan@redhat.com>
2020-06-22 15:41:00 +00:00
John Mulligan
f3192bd1b3 util: add New* funcs for ErrKeyNotFound & ErrPoolNotFound types
These types have private fields but we need to construct them outside of
the util package. Add New* methods for both.

Signed-off-by: John Mulligan <jmulligan@redhat.com>
2020-06-22 15:41:00 +00:00
Madhu Rajanna
649aeb7aaf rbd: Add support for rbd ROX PVC mounting
if the PVC access mode is ReadOnlyMany
or single node readonly, mounting the rbd
device path to the staging path as readonly
to avoid the write operation.

If the PVC acccess mode is readonly, mapping
rbd images as readonly.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2020-06-22 06:15:40 +00:00
Niels de Vos
da40d8e05e rbd: use librbd.FeatureSet for features
go-ceph v0.3 adds constants for ImageFeature values and their names.
Instead of hardcoding "layering" in several places, use the constant
given by librbd.

The rbdVolume.ImageFeatures does not seem to be used anywhere after the
conversion. Stashing the image metadata does include the ImageFeatures
as these are retrieved when getting the image information. It is safe to
drop ImageFeatures altogether and only use the imageFeatureSet instead.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-06-19 11:37:29 +00:00
Niels de Vos
decfc1ae2c rbd: make hasSnapshotFeature() a method of rbdVolume
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-06-19 11:37:29 +00:00
Niels de Vos
ebe378c79a util: trim "\x00" characters from the kernel version
It seems that convering the release component from the unix.Utsrelease
type leaves some trailing "\x00" characters.

While splitting the string to compare kernel versions, these additional
characters might prevent converting the string to an int. Strip the
additional characters before returning the string.

Note:
  "\x00" characters are not visible when printing to a file or screen.
  They can be seen in hex-editors, or sending the output through 'xxd'.

Fixes: #1167
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-06-18 11:42:47 +00:00
Niels de Vos
209a5e5602 util: add function to get the kernel version
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-06-18 11:42:47 +00:00
Niels de Vos
3364fe7b78 rbd: remove unneeded updateVolWithImageInfo()
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-06-17 09:28:57 +00:00
Niels de Vos
824f38daaa rbd: use go-ceph to implement getImageInfo()
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-06-17 09:28:57 +00:00
Humble Chirammal
323cc0e3bb cleanup: avoid comparing errors directly
Go 1.13 contains support for error wrapping. To support wrapping,
fmt.Errorf now has a %w verb for creating wrapped errors, and three
new functions in the errors package ( errors.Unwrap, errors.Is and
errors.As) simplify unwrapping and inspecting wrapped errors.

With this change, If we currently compare errors using ==, we have to
use errors.Is instead. Example:

if err == io.ErrUnexpectedEOF

becomes

if errors.Is(err, io.ErrUnexpectedEOF)

https://tip.golang.org/doc/go1.13#error_wrapping

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2020-06-17 06:26:11 +00:00
Yug Gupta
5fbc153e0f cephfs: fix IneffAssign warnings in resizeVolume()
IneffAssign warns about the two following statements:

Line 147: warning: ineffectual assignment to supported (ineffassign)
Line 148: warning: ineffectual assignment to ok (ineffassign)

Reported-by: https://goreportcard.com/report/github.com/ceph/ceph-csi
Updates: #975

Signed-off-by: Yug Gupta <ygupta@redhat.com>
2020-06-16 09:06:18 +00:00
Humble Chirammal
d11266e255 cleanup: remove double import of csi spec from nodeserver
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2020-06-11 10:28:24 +00:00
Niels de Vos
be703d1e42 util: implement CreateObject() with go-ceph
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-06-10 07:20:25 +00:00
Niels de Vos
6e24b10364 util: implement RemoveObject() with go-ceph
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-06-10 07:20:25 +00:00
Niels de Vos
926f1e813c rbd: keep rados.IOContext for re-use
This prevents the need to open the IOContext for additional operations
on the image.

It also addresses a leak of the IOContext in case `rbdVolume.open()` was
called. The method only returned the `rbd.Image` without the possibility
to close the related IOContext.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-06-09 13:17:31 +00:00
Niels de Vos
365fbd1ca0 util: remove unused GetImageMeta() and SetImageMeta()
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-06-03 06:15:46 +00:00
Madhu Rajanna
2f7e51076b rbd: unmap rbd image if the mounting fails
There is a bug in current code where the devicePath
is always empty and the rbd image unmap never
happens if nodeplugin fails to mount the rbd image
to the stagingpath.
This is a fix to unmap the rbd image if some issue
occurs after rbd image is mapped.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2020-06-01 11:27:25 +00:00
Mehdy Khoshnoody
c0361c47d6 rbd: Add new methods to generate spec strings
Refactor lots of string concatenation using the Stringer
implementation for each type.

Signed-off-by: Mehdy Khoshnoody <mehdy.khoshnoody@gmail.com>
2020-06-01 05:54:54 +00:00
Mehdy Khoshnoody
fe384bccfe rbd: Fix error checking mistake in CreateVolume
deleteErr should be checked if it's nil instead of err

Signed-off-by: Mehdy Khoshnoody <mehdy.khoshnoody@gmail.com>
2020-05-29 07:38:01 +00:00
Mudit Agarwal
9fe7d1612e journal: In mount failure case, suggest to check the kernel logs
When mounting fails, the node-plugin should give a suggestion to check the
kernel logs so that users can report problems better.
Edited the existing log to include the message in both rbd and cephfs.
Fixes: https://github.com/ceph/ceph-csi/issues/1006

Signed-off-by: Mudit Agarwal <muagarwa@redhat.com>
2020-05-27 10:52:37 +00:00
Yug Gupta
753f6b7fec cleanup: fix golint warnings in util, e2e
util: golint warns about exported methods to have a
comment or to unexport them.

e2e: golint warns about package comment to be of the form
"Package e2e ..."

Reported-by: https://goreportcard.com/report/github.com/ceph/ceph-csi

Updates: #975

Signed-off-by: Yug Gupta <ygupta@redhat.com>
2020-05-20 13:18:41 +00:00
Niels de Vos
6cea9e2649 util: remove unused getPools()
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-05-20 08:08:33 +00:00
Niels de Vos
3fea4fa827 util: remove unused context.Context from GetPoolName()
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-05-20 08:08:33 +00:00
Niels de Vos
ec61f0746b util: implement GetPoolName() with go-ceph
Remove an other call to the "rados" executable and re-use the existing
connection to the Ceph cluster.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-05-20 08:08:33 +00:00
Niels de Vos
be8c3c4b72 cleanup: return InvalidPoolID on error in GetPoolID()
InvalidPoolID has recently been added, and can be used in other location
too. As GetPoolID is updated with this patch set, return InvalidPoolID
on errors too.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-05-20 08:08:33 +00:00
Niels de Vos
08144df2a8 util: remove unused context.Context parameter from GetPoolID()
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-05-20 08:08:33 +00:00
Niels de Vos
c9b4ee42e0 util: use go-ceph instead of "rados" command for GetPoolID()
GetPoolID() did not return ErrPoolNotFound in case the pool could not be
found. This has been addressed as well, so that looking for an existing
pool behaves the same for checking by Name or ID.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-05-20 08:08:33 +00:00
John Mulligan
8dea42a624 journal: rename CSIJournal to Config
This better reflects what it actually does now.

Signed-off-by: John Mulligan <jmulligan@redhat.com>
2020-05-15 15:14:48 +00:00
John Mulligan
52603d595a journal: split journal types creating a new Connection type
Before, the one CSIJournal type was handling both configuration and
providing methods to make changes to the journal. This created the
temptation to modify the state of the global configuration object to
enact changes through the method calls.

This change creates a new type `journal.Connection` that takes the
monitors and credentials to create a short(er)-lived object to actually
read and make changes on the journal. This also avoid mixing the
arguments needed to connect to the cluster with the arguments needed
for the various journal read & update calls.

Signed-off-by: John Mulligan <jmulligan@redhat.com>
2020-05-15 15:14:48 +00:00
Yug Gupta
2cdf5c3b9f util: make util.ClusterInfo usable outside util package
functions like getClusterInfo() returns struct
instead of a set of strings.

Fix: #998

Signed-off-by: Yug Gupta <ygupta@redhat.com>
2020-05-14 19:43:21 +00:00
Niels de Vos
63c458bd63 rbd: use rbdVolume.open() for metadata operations
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-05-14 18:20:15 +00:00
Niels de Vos
7a18e68a6e rbd: add rbdVolume.open() to get access to an image
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-05-14 18:20:15 +00:00
Niels de Vos
f889dc20bd cleanup: use switch/case for genVolFromVolID() error checking
By using switch/case it is easier to follow the error checking of the
genVolFromVolID() function. In case a new error is added as a return of
the function, it will be simpler to add checking for it.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-05-14 14:43:05 +00:00
John Mulligan
f091374ba9 journal: remove SetNamespace setter function
The SetNamespace setter function was called only once, immediately after
the creation of a volume journal object in cephfs only.
Remove this function so that it is no longer implied that this field can
be mutated after the journal is created. In it's place, use an extended
"constructor" NewCSIVolumeJournalWithNamespace that takes a namespace
value at create-time only.

Signed-off-by: John Mulligan <jmulligan@redhat.com>
2020-05-12 17:57:36 +00:00
John Mulligan
78a6de2bd0 journal: remove SetCSIDirectorySuffix to simplify journal creation
The function SetCSIDirectorySuffix was used only one per (long-lived,
gloabl) journal object. It is simpler to construct the journal objects
with this needed parameter:
1. As it is required to function and non-optional AFAICT
2. Removes the temptation to mutate global object
3. Reduces LOC with exact same functionality
4. SetCSIDirectorySuffix would not behave correctly if called a 2nd time
   anyway.

Point 4. means that if you called the function twice to change the
suffix when you previously had "csi.volumes.alice", you'd get
"csi.volumes.alice.bob" instead of "csi.volumes.bob" what one would
expect.

Signed-off-by: John Mulligan <jmulligan@redhat.com>
2020-05-12 08:19:09 +00:00
Madhu Rajanna
b065726f19 cephfs: use new 'ceph fs resize' command when available
Use ceph fs resize command when its available
in the cluster.if its not available fallback to
old style of resizing the subvolume

ceph change log:https://docs.ceph.com/docs/master/releases/nautilus/#v14-2-8-nautilus

Fixes #1002

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2020-05-12 06:57:44 +00:00
Niels de Vos
43857a3b75 rbd: implement deleteImage() with go-ceph
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-05-06 14:55:47 +00:00
Madhu Rajanna
22a86c568e rbd: default nouuid if the formattype is xfs
The problem happens when multiple PVCs with the
same UUID are attached/mounted on a node. This
can happen after creating a PVC from a snapshot,
or cloning a PVC.

make nouuid as the default mount option if
the format type is xfs to avoid mounting
issues.

updates: #966

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2020-05-05 07:07:16 +00:00
Niels de Vos
45d1404d3e rbd: split buildCreateVolumeResponse() from CreateVolume()
The gocyclo linter complains about the high complexity of the
CreateVolume() function:

> pkg/rbd/controllerserver.go:133:1: cyclomatic complexity 21 of func `(*ControllerServer).CreateVolume` is high (> 20) (gocyclo)

By splitting it up and separeting the creation of an exisint CSI Volume
object in buildCreateVolumeResponse(), the gocyclic linter does not
complain any longer.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-05-04 13:21:03 +00:00
Niels de Vos
c89c68e9ea rbd: use 'rv' as name of the rbdVolume (golint)
golint has a pretty struct stylechek, it down not allow different
variable names for methods on an object:

    pkg/rbd/rbd_util.go:970:1: receiver name rbdVol should be consistent with previous receiver name rv for rbdVolume (golint)
    func (rbdVol *rbdVolume) ensureEncryptionMetadataSet(ctx context.Context) error {
    ^
    pkg/rbd/rbd_journal.go:166:26: ST1016: methods on the same type should have the same receiver name (seen 2x "rbdVol", 3x "rv") (stylecheck)
    func (rbdVol *rbdVolume) Exists(ctx context.Context) (bool, error) {
                             ^

Rename the 'rbdVol' variable to 'rv' to make it consistent.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-05-04 13:21:03 +00:00
Niels de Vos
f814bd72e5 rbd/go-ceph: add GetMetadata() and GetMetadata() functions
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-05-04 13:21:03 +00:00
Niels de Vos
ea51b04017 rbd: setup connection in genVolFromVolID()
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-05-04 13:21:03 +00:00
Niels de Vos
12130123ac rbd: do not pass Credentials to checkVolExists()
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-05-04 13:21:03 +00:00
Niels de Vos
805f10fd71 rbd: remove unused rbdVolume.open()
rbdVolume.open() was split from commit 5dd34732e1e while moving part of
the functionality to util.ClusterConnection. It seems that .open() is
not used anywhere at the moment, so drop it until follow-up patches
require it again.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-05-04 13:21:03 +00:00
Niels de Vos
01edaf8a71 move rbdVolume connection details to utils.ClusterConnection
The shared util.ClusterConnection can be used for rbd.rbdVolume and
cephfs.volumeOptions to connect to the Ceph cluster. This will then use
the shared ConnPool, and functions for obtaining connection details will
be the same across cephfs and rbd packages.

The ClusterConnection.Creds credentials are temporarily available until
all the functions have been adapted to use go-ceph and the connection
from the ConnPool.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-05-04 13:21:03 +00:00
Mathias Merscher
0991cdf498 make CephFS SubvolumeGroup configurable
The name of the CephFS SubvolumeGroup for the CSI volumes was hardcoded to "csi". To make permission management in multi tenancy environments easier, this commit makes it possible to configure the CSI SubvolumeGroup.

related to #798 and #931
2020-05-04 05:50:06 +00:00
Yug Gupta
47226ccdf7 util: fix golint warnings in csiconfig, volid
golint warns about the following statements:

ceph-csi/internal/util/csiconfig.go
Line 49: warning: exported function Mons should have comment or be unexported (golint)

ceph-csi/pkg/util/volid.go :
Line 72: warning: exported method CSIIdentifier.ComposeCSIID should have comment
or be unexported (golint)

Reported-by: https://goreportcard.com/report/github.com/ceph/ceph-csi
Updates: #975

Signed-off-by: Yug Gupta <ygupta@redhat.com>
2020-04-29 11:36:53 +00:00
John Mulligan
c8271fe64c journal: move voljournal.go to a new package
This new journal package isolates journal logic from the rest of util
and helps draw bright lines between what is a generic utility function
and what is csi journal logic.

Done partly as preparation for making use of go-ceph in journal.

No functional changes are made except to update references to allow the
code to compile.

Signed-off-by: John Mulligan <jmulligan@redhat.com>
2020-04-24 07:36:38 +00:00
John Mulligan
22d1476bba util: create a NewErrSnapNameConflict function
The NewErrSnapNameConflict will allow packages outside of "util" to
create new instances of the ErrSnapNameConflict error.

Signed-off-by: John Mulligan <jmulligan@redhat.com>
2020-04-24 07:36:38 +00:00
Niels de Vos
32839948ef cleanup: move pkg/ to internal/
The internal/ directory in Go has a special meaning, and indicates that
those packages are not meant for external consumption. Ceph-CSI does
provide public APIs for other projects to consume. There is no plan to
keep the API of the internally used packages stable.

Closes: #903
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-04-23 11:00:59 +00:00