Commit Graph

249 Commits

Author SHA1 Message Date
Praveen M
c4e373c72f deploy: support for read affinity options per cluster
Implemented the capability to include read affinity options
for individual clusters within the ceph-csi-config ConfigMap.
This allows users to configure the crush location for each
cluster separately. The read affinity options specified in
the ConfigMap will supersede those provided via command line arguments.

Signed-off-by: Praveen M <m.praveen@ibm.com>
2023-11-08 21:17:00 +00:00
Praveen M
6719d6497f e2e: added test to verify read affinity functionality
e2e test case is added to test if read affinity is enabled by
verifying read_from_replica=localize option is passed

Signed-off-by: Praveen M <m.praveen@ibm.com>
2023-09-26 07:02:21 +00:00
Praveen M
1b20fec20d helm: add option to enable read affinity for rbd
This commit adds --enable-read-affinity flag to
enable read affinity for rbd

Signed-off-by: Praveen M <m.praveen@ibm.com>
2023-09-26 07:02:21 +00:00
Praveen M
cf577e39af deploy: update CSI sidecars to latest versions available
Below sidecars are updated with latest available versions

csi-node-driver-registrar: v2.9.0
csi-resizer: v1.9.0
csi-provisioner: v3.6.0
csi-attacher: v4.4.0
csi-snapshotter: v6.3.0

Signed-off-by: Praveen M <m.praveen@ibm.com>
2023-09-20 08:20:38 +00:00
runzhliu
3be99d6477 doc: Update README.md and fix typo
Unified hump stylek

Signed-off-by: runzhliu <runzhliu@163.com>
2023-09-04 12:45:10 +00:00
Madhu Rajanna
ff030f12e1 deploy: use resizer canary image
use resizer canary image to as it
might contain fix for pvc resize
with kubernetes 1.28

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2023-08-25 11:43:03 +00:00
Cheng Wang
874d0bcf4b doc: fix helm doc of ceph-csi deployment
To make the doc better.

Signed-off-by: astraw99 <wangchengiscool@gmail.com>
2023-08-08 12:40:22 +00:00
karthik-us
89ad6e8c53 deploy: Update provisioner image repository
Update ceph-csi-rbd helm chart to use the released image
repo for csi-provisioner instead of the staging repo.

Fixes: #3976
Signed-off-by: karthik-us <ksubrahm@redhat.com>
2023-07-13 11:36:24 +00:00
Garen Fang
37018a2eef helm: add imagePullSecrets option
Currently the Helm chart does not contain a
imagePullSecrets option when you are using
private container registry, this is very inconvenient.
This PR add this option for both CephFS and RBD.

Signed-off-by: Garen Fang <fungaren@qq.com>
2023-06-16 04:37:03 +00:00
iPraveenParihar
40c1d32518 deploy: update CSI sidecars to latest versions available
Below sidecars are updated with latest available versions

csi-node-driver-registrar: v2.8.0
csi-attacher: v4.3.0
csi-resizer: v1.8.0
csi-snapshotter: v6.2.2
csi-provisioner: v3.5.0

Signed-off-by: iPraveenParihar <praveenparihar68@gmail.com>
2023-06-01 19:06:53 +00:00
DashJay
9df4634fd0 deploy: fix bug of ceph-csi-rbd helm chart
fix bug that make provisioner get dup affinities
when deploy helm chart ceph-csi-rbd and ceph-csi-cephfs.

Signed-off-by: DashJay <45532257+dashjay@users.noreply.github.com>
2023-05-22 06:34:19 +00:00
Christian Kugler
ae278797be doc: Add basic upgrade documentation for Helm Charts
Without this patch the READMEs for the Helm Charts do not provide any
documentation on how to upgrade to a newer version. There is at least
one known issue when updating to a newer versions that is unavoidable as
of writing. There is a workaround for the issue which should be
documented in the upgrade section.

This is a problem because currently the only way to find this workaround
is to go through closed GitHub issues. These might not be around at the
time someone needs this information. Furthermore the issue should be
communicated to the operator before it occurs.

This patch adds basic documentation for updating the Helm repository,
and upgrading the installed release of the Helm Chart. How values can be
set is not part of the documentation. If an operator used custom values,
e.g. for the secret, they probably already know how to deal with setting
values. However, the docs still remind the reader to take values into
account.
Reusing the installed values (`--reuse-values`) has lead to problems in
past, which is why it is explicitly discouraged. An example for this
would be the value `logLevel` which was changed to `sidecarLogLevel`.
Reusing values lead to `.Values.sidecarLogLevel` being empty and the
`csi-provisioner` not being started due to invalid value `-v=""`.
Comparing new values with set values is encouraged.

The workaround for issue #3397 from GitHub is being addressed in the
section Know Issues Upgrading.

Signed-off-by: Christian Kugler <syphdias+git@gmail.com>
2023-02-08 12:59:23 +00:00
Domonkos Cinke
b7b491c097 deploy: add extraArgs for sidecars
Add the ability to control more arguments for CSI sidecar components.

Signed-off-by: Domonkos Cinke <seayou@gmail.com>
2023-01-05 15:58:48 +00:00
Humble Chirammal
31f0ac6e2d deploy: update node-driver-registrar to v2.6.2
This version has a fix for an important bug at kubelet
registration path.
https://github.com/kubernetes-csi/node-driver-registrar/pull/247

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-12-08 11:50:40 +00:00
Humble Chirammal
b258628b05 helm: get rid of storage group enablement based on the version
deploy: remove beta storage group mention from csidriver yaml

the kubernetes version based enablement of storage api group
enablement is no longer requried and its already on v1 for
supported kubernetes versions.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-11-11 16:41:24 +00:00
Humble Chirammal
eff8a9b3be helm: fuse_set_user_groups need not be part of the config
this setting in ceph.conf is no longer required and this commit
remove it from the chart.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-11-11 16:41:24 +00:00
Humble Chirammal
6bba64c872 rebase: update node driver registar to latest version
v2.6.0 is the latest version of the same and this commit
update it.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-11-03 14:31:26 +00:00
BOSSER, Bastien
dea07aa184 deploy: add commonLabels value
Signed-off-by: BOSSER, Bastien <bastien.bosser@atos.net>
2022-11-02 11:28:18 +00:00
Humble Chirammal
d1acae7209 deploy: update sidecars to latest versions available
Below sidecars are updated with this commit.

csi-provisioner: v3.3.0
csi-snapshotter: v6.1.0

This commit change the sidecar versions in build.env setup.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-09-29 10:24:26 +00:00
Humble Chirammal
1e0bd66108 rbd: make default fstype explicit to ext4
With the attacher sidecar update to v4.0.0 this has to be set
explictly.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-09-21 22:00:24 +00:00
Humble Chirammal
5fa606b14d deploy: update resizer to v1.6.0 version
This commit make deployment changes to consume v1.6.0
version of the resizer controller.

Reference:
https://github.com/kubernetes-csi/external-resizer/releases/tag/v1.6.0

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-09-20 10:32:28 +00:00
Humble Chirammal
586a9cc8ee rbd: change default FsGroupPolicy to "File" for RBD CSI driver
This commit change the default fsgroup policy for csi driver object
to "File" type which is the better/correct setting for the CSI volumes.
We have been using default value which is "ReadWriteOnceWithFSType".
with this change backward compatibility should be preserved.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-09-05 07:06:37 +00:00
Madhu Rajanna
96a3aabe5a deploy: remove psp from cephcsi
as PSP is deprecated in kubernetes 1.21
and will be removed in kubernetes 1.25
removing the existing PSP related templates
from the repo and updated the required documents.

fixes #1988

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-08-23 07:53:46 +00:00
Prasanna Kumar Kalever
b4f44a43d5 doc: Add documentation about --setmetadata option
Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
2022-08-01 07:15:29 +00:00
Prasanna Kumar Kalever
c0a566b5ed deploy: add setmetadata=true in the templates
setmetadata on the volume by default, otherwise e2e will fail

Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
2022-08-01 07:15:29 +00:00
Prasanna Kumar Kalever
f84265fdf5 deploy: add --extra-create-metadata arg to csi-snapshotter sidecar
This argument in csi-snapshotter sidecar allows us to receive
snapshot-name/snapshot-namespace/snapshotcontent-name metadata in the
CreateSnapshot() request.

For ex:

csi.storage.k8s.io/volumesnapshot/name
csi.storage.k8s.io/volumesnapshot/namespace
csi.storage.k8s.io/volumesnapshotcontent/name

This is a useful information which can be used depend on the use case we
have at our driver. The features like adding metadata to snapshot image
can consume this based on the need.

Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
2022-07-28 19:37:23 +00:00
Humble Chirammal
76ddf8e306 deploy: introduce new log level for sidecar controllers
At present we have single log level configuration for all the containers
running for our CSI pods, which has been defaulted to log Level 5.
However this cause many logs to be spitted in a cluster and cause log
spamming to an extent. This commit introduce one more log level control
for CSI pods called sidecarLogLevel which defaults to log Level 1.

The sidecar controllers like snapshotter, resizer, attacher..etc has
been configured with this new log level and driver pods are with old
configruation value.

This allow us to have different configuration options for sidecar
constrollers and driver pods.

With this, we will also have a choice of different configuation setting
instead of locking onto one variable for the containers deployed via CSI driver.

To summarize the CSI containers maintained by Ceph CSI driver has log
level 5 and controllers/sidecars not maintained by Ceph CSI driver has
log level 1 configuration.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-07-28 08:31:37 +00:00
Prasanna Kumar Kalever
3ddb8c289c doc: add documentation about --clustername option
Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
2022-07-28 04:07:52 +00:00
Prasanna Kumar Kalever
cc9e8aa7b6 deploy: add cluster name in the templates
added in helm charts which should help users.

Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
2022-07-28 04:07:52 +00:00
Yati Padia
b0b0e083ad cephfs: add update rbac rule to pv resource
This commit adds the update rbac rule to persistent
volume resource as the ci was failing with below error:
cannot update resource "persistentvolumes" in API group
"" at the cluster scope

Signed-off-by: Yati Padia <ypadia@redhat.com>
2022-07-19 14:42:21 +00:00
Yati Padia
776821f17f deploy: update csi-provisioner to latest version
This commits updates csi-provisioner sidecar to
latest version i.e., v3.2.0.

fixes: #3184

Signed-off-by: Yati Padia <ypadia@redhat.com>
2022-07-19 14:42:21 +00:00
takeaki-matsumoto
1025871021 cephfs: Support mount option on nodeplugin
add mount options on nodeplugin side

Signed-off-by: takeaki-matsumoto <takeaki.matsumoto@linecorp.com>
2022-07-18 22:04:12 +00:00
Humble Chirammal
1856647506 cephfs: go with default permissions while creating subvolumes
While creating subvolumes, CephFS driver set the mode to `777`
and pass it along to go ceph apis which cause the subvolume
permission to be on 777, however if we create a subvolume
directly in the ceph cluster, the default permission bits are
set which is 755 for the subvolume. This commit try to stick
to the default behaviour even while creating the subvolume.

This also means that we can work with fsgrouppolicy set to
`File` in csiDriver object which is also addressed in this commit.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-07-13 06:49:58 +00:00
Carsten Buchberger
b262f06c33 helm: enable host networking for provisioner
Adds the possibility in the helm-chart to enable hostNetworking
for provider pods.

Signed-off-by: Carsten Buchberger <c.buchberger@witcom.de>
2022-07-04 15:14:59 +00:00
Prasanna Kumar Kalever
af0bdaf2cb doc: Add documentation about --setmetadata option
Fixes: #2874
Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
2022-06-28 19:12:53 +00:00
Prasanna Kumar Kalever
dc738b96b4 deploy: add setmetadata=true in the templates
setmetadata on the volume by default, otherwise e2e will fail

Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
2022-06-28 19:12:53 +00:00
Prasanna Kumar Kalever
d3650ae863 deploy: fix the staging path accordingly in the templates
Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
2022-06-24 12:23:29 +00:00
Humble Chirammal
fa0da71ce2 deploy: update external resizer to v1.5.0
Refer#
https://github.com/kubernetes-csi/external-resizer/releases/tag/v1.5.0

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-06-21 07:43:15 +00:00
Humble Chirammal
34378aafb8 deploy: make use of latest attacher release v3.5.0
attacher sidecar has a new release:
https://github.com/kubernetes-csi/external-attacher/releases/tag/v3.5.0

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-06-17 15:46:09 +00:00
Madhu Rajanna
7a2dd4c3cf rbd: create token and use it for vault SA
create the token if kubernetes version in
1.24+ and use it for vault sa.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
Signed-off-by: Rakshith R <rar@redhat.com>
2022-06-17 11:37:59 +00:00
Humble Chirammal
8f99fe7250 helm: update the sidecar mentions in the Chart Description
CephFS chart description didnt have `resizer` in it
and this commit add the same.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-06-09 09:41:55 +00:00
Prasanna Kumar Kalever
c4de0854da doc: add documentation about --clustername option
Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
2022-06-08 16:23:59 +00:00
Prasanna Kumar Kalever
fb58d73b1b deploy: add cluster name in the templates
added in helm charts which should help users.

Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
2022-06-08 16:23:59 +00:00
Humble Chirammal
8d3bb82949 deploy: remove attachrequired param from csidriver object
As the attacher is no longer required we have to mention the same
for csidriver object parameter.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-06-06 12:25:11 +00:00
Humble Chirammal
793072deab doc: remove attacher sidecar mentions from chart README
This commit remove the references to the attacher sidecar
attributes.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-06-06 12:25:11 +00:00
Humble Chirammal
c0fa88435f deploy: remove external-attacher sidecar from cephfs deployment
CephFS CSI driver dont need attacher sidecar for its operations.
This commit remove the same. The RBAC has also got adjusted.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-06-06 12:25:11 +00:00
Humble Chirammal
f558f4d1a6 helm: update external-snapshotter to v6.0.1
The extenal snapshotter has a new version which address some of the
issues in v6.0.0.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-05-31 15:37:14 +00:00
Madhu Rajanna
7a12a20f19 helm: updating Readme for image tags
image tags are not updated on the Readme, updating
the image tags in Readme to match the tags in
values.yaml

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-05-31 07:23:49 +00:00
Madhu Rajanna
80eb7d3fd0 helm: update snapshotter to v6
As snapshotter v6.0.0 is released updating
snapshot to v6.0.0

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-05-31 07:23:49 +00:00
Humble Chirammal
9b64e0a170 helm: enable RecoverVolumeExpansionFailure feature gate
This commit enable the mentioned feature gate which helps to
recover from volume expansion failures.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-05-25 18:03:16 +00:00
Humble Chirammal
85ed268530 helm: updated node driver registrar to latest version
the helm chart template value has been updated to latest
version of node driver registrar container.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-05-25 07:27:03 +00:00
Humble Chirammal
7e1ed75cfb doc: remove topology mention from cephfs documentation
as we are removing the topology configuration from the deployment
this commit remove it from the documentation too.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-05-23 10:57:56 +00:00
Humble Chirammal
29870cdbcc helm: remove topology RBAC section for cephfs deployment
At present CephFS does not support topology aware provisioning and this
commit remove the same.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-05-23 10:57:56 +00:00
Rakshith R
c880061882 ci: use canary csi-provisioner image to test different sc clones
This commit is added to use canary csi-provisioner image
to test different sc pvc-pvc cloning feature, which is not
yet present in released versions.
refer:
https://github.com/kubernetes-csi/external-provisioner/pull/699

Signed-off-by: Rakshith R <rar@redhat.com>
2022-05-06 10:32:21 +00:00
Humble Chirammal
6558de9e08 helm: remove cephfs node plugin cluster role RBAC
This commit remove the node plugin RBAC of CephFS.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-04-27 10:51:33 +00:00
Silvan Loser
06c4477ff9 helm: allowPrivilegeEscalation: true in containerSecurityContext
When running the kubernetes cluster with one single privileged
PodSecurityPolicy which is allowing everything the nodeplugin
daemonset can fail to start. To be precise the problem is the
defaultAllowPrivilegeEscalation: false configuration in the PSP.
 Containers of the nodeplugin daemonset won't start when they
have privileged: true but no allowPrivilegeEscalation in their
container securityContext.

Kubernetes will not schedule if this mismatch exists cannot set
allowPrivilegeEscalation to false and privileged to true

Signed-off-by: Silvan Loser <silvan.loser@hotmail.ch>
Signed-off-by: Silvan Loser <33911078+losil@users.noreply.github.com>
2022-04-22 23:36:02 +00:00
Humble Chirammal
6d06698672 rbd: change the image registry for sidecars
This commit change the image registry URL for sidecars in the
RBD deployment from `k8s.gcr.io` to `registry.k8s.io` as
the migration is happening from former to the latter.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-04-20 10:05:13 +00:00
Humble Chirammal
1ced736447 cephfs: change the image registry for sidecars
This commit change the image registry URL for sidecars in the
CephFS deployment from `k8s.gcr.io` to `registry.k8s.io` as
the migration is happening from former to the latter.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-04-20 10:05:13 +00:00
Madhu Rajanna
d2bc9743f7 cephfs: add netNamespaceFilePath for CephFS
as same host directory is not shared between
the cephfs and the rbd plugin pod. we need
to keep the netNamespaceFilePath separately
for both cephfs and rbd. CephFS plugin will
use this path to execute mount -t commands.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-04-19 12:28:46 +00:00
Madhu Rajanna
766346868e util: Add RBD specific options in clusterInfo
As the netNamespaceFilePath can be separate for
both cephfs and rbd adding the netNamespaceFilePath
path for RBD, This will help us to keep RBD and
CephFS specific options separately.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-04-19 12:28:46 +00:00
Prasanna Kumar Kalever
d870cb152a deploy: add --extra-create-metadata arg to csi-snapshotter sidecar
This argument in csi-snapshotter sidecar allows us to receive
snapshot-name/snapshot-namespace/snapshotcontent-name metadata in the
CreateSnapshot() request.

For ex:

csi.storage.k8s.io/volumesnapshot/name
csi.storage.k8s.io/volumesnapshot/namespace
csi.storage.k8s.io/volumesnapshotcontent/name

This is a useful information which can be used depend on the use case we
have at our driver. The features like adding metadata to snapshot image
can consume this based on the need.

Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
2022-04-08 15:43:14 +00:00
Madhu Rajanna
7b2aef0d81 util: add support for the nsenter
add support to run rbd map and mount -t
commands with the nsenter.

complete design of pod/multus network
is added here https://github.com/rook/rook/
blob/master/design/ceph/multus-network.md#csi-pods

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-04-08 10:23:21 +00:00
Rakshith R
40de75e0db rbd: modify oidc token file path according to FHS 3.0
OIDC token file path has been modified from
`/var/run/secrets/token` to `/run/secrets/tokens`.
This has been done to ensure compliance with
FHS 3.0.

refer:
https://refspecs.linuxfoundation.org/FHS_3.0/fhs/ch05s13.html

Signed-off-by: Rakshith R <rar@redhat.com>
2022-03-23 13:29:35 +00:00
Rakshith R
4f0bb2315b rbd: add aws-sts-metdata encryption type
With Amazon STS and kubernetes cluster is configured with
OIDC identity provider, credentials to access Amazon KMS
can be fetched using oidc-token(serviceaccount token).
Each tenant/namespace needs to create a secret with aws region,
role and CMK ARN.
Ceph-CSI will assume the given role with oidc token and access
aws KMS, with given CMK to encrypt/decrypt DEK which will stored
in the image metdata.

Refer: https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html
Resolves: #2879

Signed-off-by: Rakshith R <rar@redhat.com>
2022-03-16 07:29:56 +00:00
Robert Vasek
80dda7cc30 cephfs: detect corrupt ceph-fuse mounts and try to remount
Mounts managed by ceph-fuse may get corrupted by e.g. the ceph-fuse process
exiting abruptly, or its parent container being terminated, taking down its
child processes with it.

This commit adds checks to NodeStageVolume and NodePublishVolume procedures
to detect whether a mountpoint in staging_target_path and/or target_path is
corrupted, and remount is performed if corruption is detected.

Signed-off-by: Robert Vasek <robert.vasek@cern.ch>
2022-03-10 06:05:52 +00:00
Benjamin Guillon
d236968bf9 helm: remove kube version semver check for CSI cephfs resizer component
It was decided that latest ceph CSI versions would drop support for
older Kubernetes versions, making this check useless. So it was removed.

Removing this version check allows for the deployment of the CephFS
resizer component when using the helm chart on non vanilla kubernetes
clusters whose API server version are in the form of `1.x.y-abc+def-ghi`.

Signed-off-by: Benjamin Guillon <benjamin.guillon@cc.in2p3.fr>
2022-03-09 06:07:49 +00:00
Madhu Rajanna
dd96024620 doc: remove mention of image feature dependency
avoid specifying the image feature dependencies
and add a link to rbd official document for
reference to the image feature dependencies.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-03-02 09:08:33 +00:00
Madhu Rajanna
d5c98f81a2 rbd: make image features as optional parameter
Makes the rbd images features in the storageclass
as optional so that default image features of librbd
can be used. and also kept the option to user
to specify the image features in the storageclass.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-02-28 13:10:03 +00:00
Madhu Rajanna
fb3835691f rbd: add support for deep-flatten image feature
as deep-flatten is long supported in ceph and its
enabled by default in the librbd, providing an option
to enable it in cephcsi for the rbd images we are
creating.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-02-28 13:10:03 +00:00
Silvio Gissi
9c50e255fb helm: make ceph.conf ConfigMap name configurable
ConfigMap name was hardcoded and led to conflicts. Fixes #2858.

Signed-off-by: Silvio Gissi <silvio@gissilabs.com>
2022-02-21 07:25:22 +00:00
Francesco Astegiano
4235178f7c helm: Add selinuxMount flag to enable/disable /etc/selinux host mount
Add selinuxMount flag to enable/disable /etc/selinux host mount inside pods
to support selinux-enabled filesystems

Signed-off-by: Francesco Astegiano <francesco.astegiano@gmail.com>
2022-02-16 12:48:00 +00:00
Deividas Burškaitis
91c22f521b helm: add port sections to helm templates
to show what ports containers are exposing add port sections to nodeplugin
and provisioner helm templates

Signed-off-by: Deividas Burškaitis <deividas.burskaitis@oxylabs.io>
2022-02-15 10:06:26 +00:00
Madhu Rajanna
0311eb5f44 helm: remove namespace from storageclass yaml
removes namespace from non-namespaced storageclass
object.

fixes: #2714

Replacement for #2715 as we didnt receive any update
and PR is already closed.

Co-authored-by: jhrcz-ls
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-02-11 12:32:58 +00:00
Rakshith R
3203673d17 cleanup: remove ceph.conf WA options which are already fixed
This commit removes ceph.conf WA options:
```
     # Workaround for http://tracker.ceph.com/issues/23446
     fuse_set_user_groups = false

     # ceph-fuse which uses libfuse2 by default has write buffer size of 2KiB
     # adding 'fuse_big_writes = true' option by default to override this limit
     # see https://github.com/ceph/ceph-csi/issues/1928
     fuse_big_writes = true
```
Since they are already fixed.

Refer: https://tracker.ceph.com/issues/44885
Refer: https://tracker.ceph.com/issues/23446
Closes: #2825

Signed-off-by: Rakshith R <rar@redhat.com>
2022-02-04 15:42:32 +00:00
Humble Chirammal
de2489ed7d deploy: update csi-snapshotter sidecar to v5.0.1
This release of snapshotter has a breaking change as mentioned
in the release note:

Refer#
[1]: https://github.com/kubernetes-csi/external-snapshotter/releases/tag/v5.0.0

RBAC rules are also updated with this commit.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-02-03 19:01:57 +00:00
Madhu Rajanna
28fef9b379 cleanup: remove thick provisioning code
This commit removes the thick provisioning
code as thick provisioning is deprecated in
cephcsi 3.5.0.

fixes: #2795

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-01-28 11:17:15 +00:00
Madhu Rajanna
3a445cfc36 deploy: update resizer to 1.4.0
updating external resizer image version
from 1.3.0 to latest available release i.e
1.4.0

1.4.0 changelog link
https://github.com/kubernetes-csi/
external-resizer/blob/master/CHANGELOG/CHANGELOG-1.4.md

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-01-26 15:22:24 +00:00
Humble Chirammal
0078e5c8e7 deploy: update node driver registrar container to v2.4.0
This commit updates the node driver registrar container to latest
version.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-01-14 17:24:49 +05:30
Humble Chirammal
0ab717f06f deploy: update csi-attacher to v3.4.0
This commit update the csi-attacher sidecar version to v3.4.0

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-01-14 17:24:49 +05:30
Humble Chirammal
ea8e360888 deploy: update sidecars to latest versions.
This commit updates sidecars to the latest available version
which is compatible with kubernetes 1.23 and csi spec 1.5

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-01-14 17:24:49 +05:30
Niels de Vos
ee2e97b62d deploy: add CSI-Addons endpoint
Deployments place all sockets for communicating with CSI components in
the shared `/csi` directory. The CSI-Addons socket was introduced
recently, but not configured to be in the same location (by default
placed in `/tmp`).

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-12-22 13:21:59 +00:00
Steven Reitsma
6be0e8cb51 helm: Fix missing ClusterRoleBinding for nodeplugin ServiceAccount
When topology is disabled, the ClusterRoleBinding is not created in the Helm
chart. However, the nodeplugin needs access to volumeattachments for the volume
healer.

Signed-off-by: Steven Reitsma <steven@properchaos.nl>
2021-12-22 11:06:11 +00:00
Konstantin Shalygin
7411773f73 rbd: added RBD features support for krbd
Added support for `object-map, fast-diff`

Signed-off-by: Konstantin Shalygin <k0ste@k0ste.ru>
2021-12-07 07:38:24 +00:00
Toby Jackson
989905aa9f helm: csiplugin-configmap generates invalid configuation
When generating csiconfiguration from values the config.json key gets merged with cluster-mapping.json
as the config.json toYaml element supresses a newline.

This fixes the situation where configuration is generated as shown;

```
 data:
   config.json: |-
    [{"clusterID":"....","monitors":["..."]}]cluster-mapping.json: |-
    []
```

Signed-off-by: Toby Jackson <toby@warmfusion.co.uk>
2021-11-25 06:31:38 +00:00
Rakshith R
c461f9d9b7 helm: use "version: 3-canary" for helm charts on "devel"
Version field for helm Chart.yaml needs to have SemVer 2
compatible value, therefore use "<MAJOR-VERSION>-canary"
on "devel" branch.

Refer: https://helm.sh/docs/topics/charts/#the-chartyaml-file

Signed-off-by: Rakshith R <rar@redhat.com>
2021-11-24 04:32:15 +00:00
Prasanna Kumar Kalever
ec8397d8d9 deploy: updated sc templates for map/unmap Options with the new schema
Fixes: #2641
Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
2021-11-23 08:54:37 +00:00
Prasanna Kumar Kalever
9a3170bf77 rbd: provide a way to disable the auto fallback to nbd mounter
This change allows the user to choose not to fallback to NBD mounter
when some ImageFeatures are absent with krbd driver, rather just fail
the NodeStage call.

Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
2021-11-01 08:17:36 +00:00
Shaohui Liu
af752dd38f helm: support adding annotations to StorageClasses
Signed-off-by: Shaohui Liu <liushaohui@xiaomi.com>
2021-10-28 16:56:12 +00:00
Yati Padia
1cf14cd83c cleanup: rework on naming conventions
This commits replaces cephfs -> cephFS
to maintain consistency throughout the
codebase

Updates: #1465

Signed-off-by: Yati Padia <ypadia@redhat.com>
2021-09-24 06:17:17 +00:00
Madhu Rajanna
e45bf03bd8 helm: remove securityContext from cephfs deployment
we dont need securityContext for the cephfs provisioner
pod as its not doing any special operations like mount,
selinux operations etc .

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-09-22 07:12:34 +00:00
Madhu Rajanna
f267d77801 helm: remove extra volumes from rbd plugin PSP
removed extra volume permissions from the rbd
nodeplugin PSP

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-09-22 07:12:34 +00:00
Madhu Rajanna
6f1066fd36 helm: reduce the PSP permission for rbd deployment
rbd deployment doesnot need extra permission like
privileged and extra volumes etc.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-09-22 07:12:34 +00:00
Madhu Rajanna
c154886926 helm: remove extra volumes from cephfs plugin PSP
removed extra volume permissions from the cephfs
nodeplugin PSP.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-09-22 07:12:34 +00:00
Madhu Rajanna
8374fa929a helm: reduce the PSP permission for cephfs deployment
cephfs deployment doesnot need extra permission like
privileged,Capabilities and reduce unwanted volumes.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-09-22 07:12:34 +00:00
Madhu Rajanna
62a9ab6d9f helm: remove securityContext from cephfs provisioner
we dont need securityContext for the cephfs provisioner
pod as its not doing any special operations.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-09-22 07:12:34 +00:00
Prasanna Kumar Kalever
c9cc36d8db rbd: provide alternatives to preserve the ceph log files
Currently, we delete the ceph client log file on unmap/detach.

This patch provides additional alternatives for users who would like to
persist the log files.

Strategies:
-----------
`remove`: delete log file on unmap/detach
`compress`: compress the log file to gzip on unmap/detach
`preserve`: preserve the log file in text format

Note that the default strategy will be remove on unmap, and these options
can be tweaked from the storage class

Compression size details example:

On Map: (with debug-rbd=20)
---------
$ ls -lh
-rw-r--r-- 1 root root 526K Sep  1 18:15
rbd-nbd-0001-0024-fed5480a-f00f-417a-a51d-31d8a8144c03-0000000000000003-d2e89c87-0b4d-11ec-8ea6-160f128e682d.log

On unmap:
---------
$ ls -lh
-rw-r--r-- 1 root root  33K Sep  1 18:15
rbd-nbd-0001-0024-fed5480a-f00f-417a-a51d-31d8a8144c03-0000000000000003-d2e89c87-0b4d-11ec-8ea6-160f128e682d.gz

Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
2021-09-16 13:55:15 +00:00
Prasanna Kumar Kalever
314516cedd deploy: fix cephLogDir passing to storageclass via helm
cephLogDir: is a storage class option that is passed to rbd-nbd daemon.
cephLogDirHostPath: is a nodeplugin daemonset level option that helps in
                   using the right host-path while bind-mounting

Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
2021-09-16 13:55:15 +00:00
Madhu Rajanna
d22e7a1bdb helm: update templates for ceph.conf
updated cephfs and rbd templates to
configure the ceph.conf content.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-09-03 14:14:43 +00:00
Prasanna Kumar Kalever
473adf99fc deploy: provide variable to alter hostpath location for ceph clients
Also update the documentation about the same.

Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
2021-08-24 07:15:30 +00:00
Prasanna Kumar Kalever
0be7024726 rbd: provide host-path for rbd-nbd logging
Problem:
--------
1. rbd-nbd by default logs to /var/log/ceph/ceph-client.admin.log,
Unfortunately, container doesn't have /var/log/ceph directory hence
rbd-nbd is not logging now.
2. Rbd-nbd logs are not persistent across nodeplugin restarts.

Solution:
--------
Provide a host path so that log directory is made available, and the
logs persist on the hostnode across container restarts.

Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
2021-08-24 07:15:30 +00:00