A RBD image can only be part of a single group. While an image is added
to a group, check if the image is already part of a group, and return an
error in case it is.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
Add extra error checking to make sure trying to create an existing
volume group does not result in a failure. The same counts for deleting
a non-existing volume group, and adding/removing volumes to/from the
volume group.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
VolumeGroupJournalConnection is not used outside the internal/journal
package. There is no need to expose the type outside of the package, it
causes only confusion about the usage of the journalling API.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
This patch allows to avoid hanging mutex lock scenario when
fscrypt fails to unlock. Prevents uncessary delays
Signed-off-by: Sunnatillo <sunnat.samadov@est.tech>
This commit resolves a bug where node labels with empty values
are processed for the crush_location mount option,
leading to invalid mount options and subsequent mount failures.
Signed-off-by: Praveen M <m.praveen@ibm.com>
The way fscrypt client handles metadata and policy creation
causing errors when multiple instances start simultaneously.
This commit adds a lock to ensure the initial setup
completes correctly, preventing race conditions and
mismatches.
Signed-off-by: Sunnatillo <sunnat.samadov@est.tech>
A VolumeGroup CSI-Addons object contains a list of CSI Volumes. A
ToCSI() function makes creating such a list much simpler.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
Register the volumegroup controller as part
of rbd controller server to serve the volume
group RPC spec.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
The rbd_types package was initially created with references to the rbd
package. And the rbd package references the rbd_types package. Having
rbd/types was not possible due to recursive imports. After cleaning up
the rbd_types package, it can be renamed to rbd/types.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
This commit resolves the govet issue -
`copylocks: call of append copies lock value ... contains sync.Mutex`
Embedding DoNotCopy in a struct is a convention to signal and prevent
shallow copies, as recommended in Go's best practices. This does not
rely on a language feature but is instead a special case within the vet
checker.
For more details, see https://golang.org/issues/8005
Signed-off-by: Praveen M <m.praveen@ibm.com>
The DefaultIdentityServer struct embedded UnimplementedControllerServer,
but it should have been UnimplementedIdentityServer instead.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
The Volume interface will make it easier to work with the rbdImage
struct, as the functions are cleaner defined. This benefits work that is
needed for VolumeGroups and other CSI-Addons procedures.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
In the future we'll introduce a more standard interface for objects like
Volumes and Snapshots. It is useful to have the context passed as 1st
argument to all functions of those objects, including their Destroy()
function.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
Version 0.18.0 of github.com/kubernetes-csi/csi-lib-utils
added support for structured logging.
This commit includes passing the context parameter for the
necessary function.
Signed-off-by: Praveen M <m.praveen@ibm.com>
read the volumeID from replication
source if the ID is missing read
it from req VolumeId as a fallback.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
This commit adds support for flattenMode option
for replication.
If the flattenMode is set to "force" in
volumereplicationclass parameters, cephcsi will
add a task to flatten the image if it has parent.
This enable cephcsi to then mirror such images after
flattening them.
The error message when the image's parent is
in trash or unmirrored is improved as well.
Signed-off-by: Rakshith R <rar@redhat.com>
instead of adding single volumes to the
group journal, support adding multiple
volumeID's map to the group journal
which is required for RBD as well.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
Adjusted method names to not have any
specific things to volumesnapshot as
we want to reuse the same journal for
volumegroup as well.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
we need to have groupID stored and retrived
when we are doing group level operations,
we need to find out the groupID from the volumeID
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
This commit remove `VOLUME_ACCESSIBILITY_CONSTRAINTS` capabilities
from CephFS as topology based volume provisioning is not yet supported.
Signed-off-by: Praveen M <m.praveen@ibm.com>
ensure a clean and isolated environment for testing purposes.
Signed-off-by: Mayank Pal <mayankpal9654@gmail.com>
ci: Use temporary directory for unit tests
remove err = os.Mkdir('/etc/ceph-csi-config', 0o600)
Signed-off-by: Mayank Pal <mayankpal9654@gmail.com>
ci: Use temporary directory for unit tests
remove err = os.Mkdir('/etc/ceph-csi-config', 0o600)
Signed-off-by: Mayank Pal <mayankpal9654@gmail.com>
ci: Use temporary directory for unit tests
remove if err
Signed-off-by: Mayank Pal <mayankpal9654@gmail.com>
golangci-lint reports these:
The copy of the 'for' variable "kmsID" can be deleted (Go 1.22+)
(copyloopvar)
Signed-off-by: Niels de Vos <ndevos@ibm.com>
This commit modifies a test case to check creation of
PVC-PVC clone of a restored PVC when parent snapshot
is deleted.
Signed-off-by: Rakshith R <rar@redhat.com>
This commit adds ParentInTrash parameter in rbdImage struct
and makes use of it in getParent() function in order to avoid
error in case the parent is present but in trash.
Signed-off-by: Rakshith R <rar@redhat.com>
Currently we are assuming that only one
rbd mirror daemon running on the ceph cluster
but that is not true for many cases and it
can be more that one, this PR make this as a
configurable parameter.
fixes: #4312
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
This commit replaces the user implemented function
`CheckSliceContains()` with `slices.Contains()`
function introduced in Go 1.21.
Signed-off-by: Praveen M <m.praveen@ibm.com>
This commit removes the `topologyConstrainedPools` parameter
from PV volumeAttributes as it is not required.
Signed-off-by: Praveen M <m.praveen@ibm.com>
This makes it easier to log the EncryptionType as string, or int,
whatever is preferred. Standard fmt formatting notations like %s or %d
can be used now.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
Everytime a connection is copied with the .Copy() function, it needs to
be destroyed once the object is not needed anymore. This was not done
consistently, a few more locations require the freeing of the connection
resources.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
The "slices" package has been introduced in Go 1.21 and can be used
instead of the Kubernetes package that will be replaced by the standard
package at one point too.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
By returning a connected rbdVolume in parseVolCreateRequest(), the
CreateVolume() function can be simplified a little. There is no need to
call the additional Connect() and detect failures with it.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
Not all snapshot objects are free'd correctly after they were allocated.
It is possible that some connections to the Ceph cluster were never
closed. This does not need to be a noticeable problem, as connections
are re-used where possible, but it isn't clean either.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
Just like GenVolFromVolID() the genSnapFromSnapID() function can return
a snapshot. There is no need to allocated an empty snapshot and pass
that to the genSnapFromSnapID() function.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
if rbd storage class is created with topologyconstraintspools
replicated pool was still mandatory, making the pool optional if the
topologyconstraintspools is requested
Closes: https://github.com/ceph/ceph-csi/issues/4380
Signed-off-by: parth-gr <partharora1010@gmail.com>
Added unit test for
validateVolumeGroupSnapshotRequest API which
validates the input VolumeGroupSnapshotRequest
request
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
adding UnimplementedGroupControllerServer to
the DefaultControllerServer struct to avoid
build errors when some non mandatory RPC's
are not implemented.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
implemented DeleteVolumeGroupSnapshot RPC which
does below operations
* Basic request validation
* Get the snapshotId's and volumeId's
mapping reserved for the UUID
* Delete snapshot and remove its mapping
from the omap
* Repeat above steps until all the mapping
are removed
* Remove the reserved uuid from the omap
* Reset the filesystem quiesce, This might be
required as cephfs doesnt provide any options to
remove the quiesce, if we get any request with same
ID again we can reuse the quiesce API for same set-id
* Return success if the received error is
Pool not found or key not found.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
implemented CreateVolumeGroupSnapshot RPC which
does below operations
* Basic request validation
* Reserve the UUID for the group name
* Quiesce the filesystem for all the subvolumes
from the input volumeId's
* Take the snapshot for all the input volumeId's
* Add the mapping between volumeId's and snapshot
Id's in omap
* Release the quiesce for the filesystem for
all the subvolumes from the input volumeId's
Undo all the operations if anything fails.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
volumegroup.go holders all the helpers
to extra the group details from the request
and also to extra group details from the
groupID.
This also provide helpers to reserve group
for the request Name and also an undo function
incase if somethings goes wrong and we need to
cleanup the reserved omap entries.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
Adding a lock for the volumegroup so
that we can take care of serializing
the same requests to ensure same requests
are not served in parallel.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
added validateCreateVolumeGroupSnapshotRequest
to validate the CreateVolumeGroupSnapshotRequest
request and ensure that all the requirement
options are set. if not, reject the RPC request.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
Same group jounral config need to be reused
for multiple connection where different monitors
and users are used, for that reason create a unique
connection each time.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
The only encoding version that exists is `1`. There is no need to have
multiple constants for that version across different packages. Because
there is only one version, `GenerateVolID()` does not really require it,
and it can use a default version.
If there is a need in the future to support an other encoding version,
this can be revisited with a cleaner solution.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
The VolumeGroupJournal interface does not need to return anything except
for a potential error. Any instance that implements the
VolumeGroupJournal interface can be used to call all functions.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
Padding a passphrase with null chars to arrive at a 32-byte length
later forces a user to also pass null chars via the term when
attempting to manually unlock a subvolume via the fscrypt cli tools.
This also had a side-effect of truncating any longer length passphrase
down to a shorter 32-byte length.
fixup for:
cfea8d7562dd0e1988c0
Signed-off-by: Michael Fritch <mfritch@suse.com>
fscrypt will infinitely retry the keyFn during an auth failure,
preventing the csi driver from progressing when configured with
an invalid passphrase
See also:
8c12cd64ab/actions/callback.go (L102-L106)
Signed-off-by: Michael Fritch <mfritch@suse.com>
This commit logs sitestatues and description in
GetVolumeReplicationInfo RPC call for better
debuging.
Fixes: #4430
Signed-off-by: Yati Padia <ypadia@redhat.com>
currently we are not logging the RequestID
for the replication RPC calls. This PR
adds the replication case to the getReqID
function.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
added ValidateGroupControllerServiceRequest
helper function which can be used to validate the
group controller service request.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
added CreateVolumeGroupSnapshotRequest and
DeleteVolumeGroupSnapshotRequest to the
getReqID so that we can get the ReqID for
the logging.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
added GroupControllerGetCapabilities RPC
to the default controller server which returns
the group capabilities which are already set.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
Added helper function to add the group
controller capabilities which needs to
be included by csi driver that wants to
implement group controller.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
Implement the required function to store/retrieve
the details from the omap for the volumegroup.
This adds a new omap object that contains the
mapping of the RequestName and all the volumeID
and its corresponding snapshotID belonging to a
group.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
Added a implementation for the listOmapVals
which list the object keys and values from
the rados omap.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
By reading the contents of /proc/filesystems, and checking if "ceph" is
included there, running "modprobe ceph" can be skipped.
Fixes: #4376
Signed-off-by: Niels de Vos <ndevos@ibm.com>
consider fsName optional for static volume
as it is not required to be set during mount
operation with fuse and kernel client.
fixes: #4311
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
The `rbdGetDeviceList()` function uses two very similar types for
converting krbd and NBD device information from JSON. There is no need
to use this distinction, and callers of `rbdGetDeviceList()` should not
need to care about it either.
By introducing a `deviceInfo` interface with Get-functions, the
`rbdGetDeviceList()` function becomes a little simpler, with a clearly
defined API for the returned list.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
This is to pre-emptively add check for EAGAIN error returned from
ceph as part of https://github.com/ceph/ceph/pull/52670 if all the
clone threads are busy and return csi compatible error.
Fixes: #3996
Signed-off-by: karthik-us <ksubrahm@redhat.com>
The ceph fs subvolume resize support is available
in all the active ceph releases. Hence removing the
code to check the supportability of the feature.
Signed-off-by: karthik-us <ksubrahm@redhat.com>
This commit makes use of crush location labels from node
labels to supply `crush_location` and `read_from_replica=localize`
options during mount. Using these options, cephfs
will be able to redirect reads to the closest OSD,
improving performance.
Signed-off-by: Praveen M <m.praveen@ibm.com>
Snapshot procedures do not seem to contain the `Req-ID:` prefix in the
logs anymore (or weren't they there at all?) for some reason. This adds
them back.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
Implemented the capability to include kernel mount options and
fuse mount options for individual clusters within the ceph-csi-config
ConfigMap.This allows users to configure the kernel/fuse mount options
for each cluster separately. The mount options specified in the ConfigMap
will supersede those provided via command line arguments.
Signed-off-by: Praveen M <m.praveen@ibm.com>
This commit adds GetCephFSMountOptions util method which returns
KernelMountOptions and fuseMountOptions for cluster `clusterID`.
Signed-off-by: Praveen M <m.praveen@ibm.com>
Implemented the capability to include read affinity options
for individual clusters within the ceph-csi-config ConfigMap.
This allows users to configure the crush location for each
cluster separately. The read affinity options specified in
the ConfigMap will supersede those provided via command line arguments.
Signed-off-by: Praveen M <m.praveen@ibm.com>
If any operations like Resize, Deleting
snapshot fails, we need to remove
both snapshot and the clone to avoid
resource leak.
closes: #4218
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
The ReplicationServer is not used anymore, the functionality has moved
to CSI-Addons and the `internal/csi-addons/rbd` package. These last
references were not activated anywhere, so can be removed without any
impact.
See-also: #3314
Signed-off-by: Niels de Vos <ndevos@ibm.com>
When FilesystemNodeGetVolumeStats() succeeds, the volume must be
healthy. This can be included in the VolumeCondition CSI message by
default.
Checks that detect an abnormal VolumeCondition should prevent calling
FilesystemNodeGetVolumeStats() as it is possible that the function will
hang.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
The HealthChecker is configured to use the Staging path pf the volume,
with a `.csi/` subdirectory. In the future this directory could be a
directory that is not under the Published directory.
Fixes: #4219
Signed-off-by: Niels de Vos <ndevos@ibm.com>
re-arrange the struct members to
fix below lint issue
```
struct of size 336 bytes could be of size 328 bytes
```
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
This commit eliminates the code for protecting and unprotecting
snapshots, as the functionality to protect and unprotect snapshots
is being deprecated.
Signed-off-by: Praveen M <m.praveen@ibm.com>
this commit adds client eviction to cephfs, based
on the IPs in cidr block, it evicts those IPs from
the network.
Signed-off-by: Riya Singhal <rsinghal@redhat.com>
Issue:
The RoundOffCephFSVolSize() function omits the fractional
part when calculating the size for cephfs volumes, leading
to the created volume capacity to be lesser than the requested
volume capacity.
Fix:
Consider the fractional part during the size calculation so the
rounded off volume size will be greater than or equal to the
requested volume size.
Signed-off-by: karthik-us <ksubrahm@redhat.com>
Fixes: #4179
Multiple go-routines may simultaneously create the
subVolumeGroupCreated map or write into it
for a particular group.
This commit safeguards subVolumeGroupCreated map
from concurrent creation/writes while allowing for multiple
readers.
Signed-off-by: Rakshith R <rar@redhat.com>
Multiple go-routines may simultaneously check for a clusterID's
presence in clusterAdditionalInfo and create an entry if it is
absent. This set of operation needs to be serialized.
Therefore, this commit safeguards clusterAdditionalInfo map
from concurrent writes with a mutex to prevent the above problem.
Signed-off-by: Rakshith R <rar@redhat.com>