Commit Graph

1296 Commits

Author SHA1 Message Date
Niels de Vos
435e26d948 cleanup: make VolumeGroupJournalConnection a private type
VolumeGroupJournalConnection is not used outside the internal/journal
package. There is no need to expose the type outside of the package, it
causes only confusion about the usage of the journalling API.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-07-24 15:55:07 +00:00
Sunnatillo
d46b7d7ff4 cephfs: Avoid hanging lock in volume mutex lock
This patch allows to avoid hanging mutex lock scenario when
fscrypt fails to unlock. Prevents uncessary delays

Signed-off-by: Sunnatillo <sunnat.samadov@est.tech>
2024-07-24 09:55:17 +00:00
Niraj Yadav
ebc56887cd rbd: implement pv key rotation
This patch implements the EncryptionKeyRotation spec for ceph-csi

Signed-off-by: Niraj Yadav <niryadav@redhat.com>
2024-07-19 13:26:28 +00:00
Praveen M
f11fa815c8 util: exclude empty label values for crushlocation map
This commit resolves a bug where node labels with empty values
are processed for the crush_location mount option,
leading to invalid mount options and subsequent mount failures.

Signed-off-by: Praveen M <m.praveen@ibm.com>
2024-07-16 09:57:37 +00:00
Sunnatillo
e7762ac1af cephfs: Set object lock for volumes for cephfs encryption
The way fscrypt client handles metadata and policy creation
causing errors when multiple instances start simultaneously.
This commit adds a lock to ensure the initial setup
completes correctly, preventing race conditions and
mismatches.

Signed-off-by: Sunnatillo <sunnat.samadov@est.tech>
2024-07-11 16:17:22 +00:00
Niels de Vos
9b41feac9d csiaddons: initial implementation of CSI-Addons VolumeGroup
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-07-11 11:17:13 +00:00
Niels de Vos
d248a1e200 rbd: add Manager interface for using Volumes and VolumeGroups
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-07-11 11:17:13 +00:00
Niels de Vos
4246b30178 rbd: add the VolumeGroup type
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-07-11 11:17:13 +00:00
Niels de Vos
2803ec1290 rbd: add a ToCSI() function to the Volume interface
A VolumeGroup CSI-Addons object contains a list of CSI Volumes. A
ToCSI() function makes creating such a list much simpler.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-07-11 11:17:13 +00:00
Madhu Rajanna
2dd2ac8e91 csiaddons: register volumegroup controller
Register the volumegroup controller as part
of rbd controller server to serve the volume
group RPC spec.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-07-11 11:17:13 +00:00
Niels de Vos
6e5de23674 rbd: move internal/rbd_types -> internal/rbd/types
The rbd_types package was initially created with references to the rbd
package. And the rbd package references the rbd_types package. Having
rbd/types was not possible due to recursive imports. After cleaning up
the rbd_types package, it can be renamed to rbd/types.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-07-11 11:17:13 +00:00
Praveen M
d376271376 cleanup: append pointer instead of value to avoid copying lock value
This commit resolves the govet issue -
`copylocks: call of append copies lock value ... contains sync.Mutex`

Embedding DoNotCopy in a struct is a convention to signal and prevent
shallow copies, as recommended in Go's best practices. This does not
rely on a language feature but is instead a special case within the vet
checker.

For more details, see https://golang.org/issues/8005

Signed-off-by: Praveen M <m.praveen@ibm.com>
2024-07-10 12:18:50 +00:00
Niels de Vos
69ef70e25b util: DefaultIdentityServer should use csi.UnimplementedIdentityServer
The DefaultIdentityServer struct embedded UnimplementedControllerServer,
but it should have been UnimplementedIdentityServer instead.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-07-10 12:18:50 +00:00
Niels de Vos
902946ebfa rbd: add Volume interface
The Volume interface will make it easier to work with the rbdImage
struct, as the functions are cleaner defined. This benefits work that is
needed for VolumeGroups and other CSI-Addons procedures.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-07-08 09:23:58 +00:00
Niels de Vos
8d5e1aad4e rbd: rename deleteImage() to Delete()
Renaming the `Delete()` function makes it easier to implement the
upcoming `Volume` interface.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-07-08 09:23:58 +00:00
Niels de Vos
6b5ef1d76a journal: remove unused parameter journalPoolID from ReserveName()
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-07-08 09:23:58 +00:00
Niels de Vos
3aece2f38e cleanup: pass context to rbdImage.Destroy()
In the future we'll introduce a more standard interface for objects like
Volumes and Snapshots. It is useful to have the context passed as 1st
argument to all functions of those objects, including their Destroy()
function.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-07-08 09:23:58 +00:00
Praveen M
34228c6d0b build: passing context parameter as required
Version 0.18.0 of github.com/kubernetes-csi/csi-lib-utils
added support for structured logging.
This commit includes passing the context parameter for the
necessary function.

Signed-off-by: Praveen M <m.praveen@ibm.com>
2024-06-28 08:38:54 +00:00
Madhu Rajanna
c03152bcaf csiaddons: read volumeId from source
read the volumeID from replication
source if the ID is missing read
it from req VolumeId as a fallback.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-06-25 05:14:58 +00:00
Rakshith R
d166229d8f rbd: add support for flattenMode option for replication
This commit adds support for flattenMode option
for replication.
If the flattenMode is set to "force" in
volumereplicationclass parameters, cephcsi will
add a task to flatten the image if it has parent.
This enable cephcsi to then mirror such images after
flattening them.
The error message when the image's parent is
in trash or unmirrored is improved as well.

Signed-off-by: Rakshith R <rar@redhat.com>
2024-06-20 14:51:36 +00:00
Madhu Rajanna
f8fbf2e95a journal: add volumeMap to the group
instead of adding single volumes to the
group journal, support adding multiple
volumeID's map to the group journal
which is required for RBD as well.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-06-20 12:22:35 +00:00
Madhu Rajanna
fc0a7d2542 journal: support removing multiple volumeID
Updating the code to support removing
multiple volumeID's mapping from the
group journal.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-06-20 12:22:35 +00:00
Madhu Rajanna
f346f3d201 journal: remove snapshot specific name from group
Adjusted method names to not have any
specific things to volumesnapshot as
we want to reuse the same journal for
volumegroup as well.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-06-20 12:22:35 +00:00
Madhu Rajanna
95733b3a91 journal: add option to store the groupID
we need to have groupID stored and retrived
when we are doing group level operations,
we need to find out the groupID from the volumeID

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-06-20 12:22:35 +00:00
Praveen M
8a392e5652 cephs: remove VOLUME_ACCESSIBILITY_CONSTRAINTS capabilities
This commit remove `VOLUME_ACCESSIBILITY_CONSTRAINTS` capabilities
from CephFS as topology based volume provisioning is not yet supported.

Signed-off-by: Praveen M <m.praveen@ibm.com>
2024-06-13 10:08:15 +00:00
Rakshith R
ec8017512f rbd: use internal as default error code in getGRPCError()
This commit replaces codes.Unknown with codes.Internal
as the default error code in getGRPCError().

Signed-off-by: Rakshith R <rar@redhat.com>
2024-06-11 15:17:53 +00:00
guangwu
9574fa881b cephfs: close dir
Signed-off-by: guoguangwu <guoguangwug@gmail.com>
2024-05-27 10:28:37 +00:00
Mayank Pal
822794c242 ci: Use temporary directory for unit tests
ensure a clean and isolated environment for testing purposes.

Signed-off-by: Mayank Pal <mayankpal9654@gmail.com>

ci: Use temporary directory for unit tests

remove err = os.Mkdir('/etc/ceph-csi-config', 0o600)

Signed-off-by: Mayank Pal <mayankpal9654@gmail.com>

ci: Use temporary directory for unit tests

remove err = os.Mkdir('/etc/ceph-csi-config', 0o600)

Signed-off-by: Mayank Pal <mayankpal9654@gmail.com>

ci: Use temporary directory for unit tests

remove if err

Signed-off-by: Mayank Pal <mayankpal9654@gmail.com>
2024-05-27 05:57:27 +00:00
Madhu Rajanna
7fd2e8935b rebase: changes as per new controller runtime import
changes as per new controller runtime import

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-05-24 09:27:53 +00:00
Mike Perez
c8af2b638a util: Removing JoinError in favor of fmt.Errorf
Signed-off-by: Mike Perez <thingee@gmail.com>
2024-05-22 09:05:42 +00:00
Praveen M
0e61b826ea cleanup: incorrect fuserecovery logging
Signed-off-by: Praveen M <m.praveen@ibm.com>
2024-05-07 17:08:46 +00:00
Niels de Vos
6db7138ca0 build: address gosec warning "Implicit memory aliasing in for loop"
gosec warns about it like this:

    G601: Implicit memory aliasing in for loop. (gosec)

Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-04-29 14:36:48 +00:00
Niels de Vos
e85914fc0d build: address 'intrange' linter warning
golangci-lint warns about this:

    for loop can be changed to use an integer range (Go 1.22+)
    (intrange)

Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-04-29 14:36:48 +00:00
Niels de Vos
0e7b06e9d0 build: address 'copyloopvar' linter warning
golangci-lint reports these:

    The copy of the 'for' variable "kmsID" can be deleted (Go 1.22+)
    (copyloopvar)

Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-04-29 14:36:48 +00:00
Rakshith R
1bb78fdf43 e2e: validate PVC-PVC clone creation with deleted parent snap
This commit modifies a test case to check creation of
PVC-PVC clone of a restored PVC when parent snapshot
is deleted.

Signed-off-by: Rakshith R <rar@redhat.com>
2024-04-23 12:04:59 +00:00
Rakshith R
c34b31ee05 rbd: add ParentInTrash parameter in rbdImage struct
This commit adds ParentInTrash parameter in rbdImage struct
and makes use of it in getParent() function in order to avoid
error in case the parent is present but in trash.

Signed-off-by: Rakshith R <rar@redhat.com>
2024-04-23 12:04:59 +00:00
Madhu Rajanna
4c2d2caf9f util: add support to configure mirror daemon count
Currently we are assuming that only one
rbd mirror daemon running on the ceph cluster
but that is not true for many cases and it
can be more that one, this PR make this as a
configurable parameter.

fixes: #4312

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-04-22 09:49:59 +00:00
Praveen M
29f1fbeb84 cleanup: client cert decoding is not required
Signed-off-by: Praveen M <m.praveen@ibm.com>
2024-04-15 13:25:49 +00:00
Madhu Rajanna
5aace6e02d cleanup: remove nolint:interfacer comment
nolint:interfacer is not required for
the latest golangci-lint

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-04-09 06:55:23 +00:00
Madhu Rajanna
f6da33b6f7 util: address golangci-lint in controller
addressing golangci-lint in the controller
code.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-04-09 06:55:23 +00:00
Madhu Rajanna
a85b4a9305 util: address golangci-lint for csi-common
addressing golangci-lint issues in the
csi-common related code.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-04-09 06:55:23 +00:00
Madhu Rajanna
2465310543 util: address golangci-lint for kms
addressing golangci-lint issues for
the kms related code.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-04-09 06:55:23 +00:00
Madhu Rajanna
48d2e2ce2d nfs: address golangci-lint issues
addressing golangci-lint issues for
the nfs code.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-04-09 06:55:23 +00:00
Madhu Rajanna
4b7cafe821 util: address golangci-lint issues
address golangci-lint issues in utils

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-04-09 06:55:23 +00:00
Madhu Rajanna
8c4a38eec6 rbd: address golangci-lint issues
addressing golangci-lint issues in rbd
related code.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-04-09 06:55:23 +00:00
Madhu Rajanna
29a9114409 csi-addons: address golangci-lint issues
addressed golangci-lint issues in csi-addons
code.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-04-09 06:55:23 +00:00
Madhu Rajanna
a362ef6bd4 cephfs: address golangci-lint issues
address golangci-lint issues in cephfs
related code.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-04-09 06:55:23 +00:00
Praveen M
c1467242c6 cleanup: use slices package
This commit replaces the user implemented function
`CheckSliceContains()` with `slices.Contains()`
function introduced in Go 1.21.

Signed-off-by: Praveen M <m.praveen@ibm.com>
2024-04-05 12:18:00 +00:00
Praveen M
86a89d5425 cephfs: refactor code for improved reusability
Signed-off-by: Praveen M <m.praveen@ibm.com>
2024-04-05 12:18:00 +00:00
Praveen M
3538b23794 rbd: remove topologyConstrainedPools parameter
This commit removes the `topologyConstrainedPools` parameter
from PV volumeAttributes as it is not required.

Signed-off-by: Praveen M <m.praveen@ibm.com>
2024-04-05 12:18:00 +00:00
Madhu Rajanna
1e0254daba util: use slices package for contains
use slices package to check whether
the slice contains the element or not.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-04-02 14:10:11 +00:00
Niels de Vos
86b5db90bc cleanup: rename EncryptionTypeString() to EncryptionType.String()
This makes it easier to log the EncryptionType as string, or int,
whatever is preferred. Standard fmt formatting notations like %s or %d
can be used now.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-04-02 14:04:10 +00:00
Niels de Vos
5a6556c4d4 cleanup: destroy connections after .Copy() an other one
Everytime a connection is copied with the .Copy() function, it needs to
be destroyed once the object is not needed anymore. This was not done
consistently, a few more locations require the freeing of the connection
resources.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-04-02 11:11:20 +00:00
Niels de Vos
8e57efad98 cleanup: use standard Golang "slices" instead of k8s package
The "slices" package has been introduced in Go 1.21 and can be used
instead of the Kubernetes package that will be replaced by the standard
package at one point too.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-03-29 12:42:24 +00:00
Niels de Vos
3df396e6f1 rbd: add extra logging while cleaning up snapshots
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-03-28 11:54:28 +00:00
Niels de Vos
ba05c0f5f1 cleanup: reformat generateVolFromSnap() to rbdSnapshot.toVolume()
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-03-28 11:54:28 +00:00
Niels de Vos
a517290ea7 rbd: let parseVolCreateRequest() return a connected rbdVolume
By returning a connected rbdVolume in parseVolCreateRequest(), the
CreateVolume() function can be simplified a little. There is no need to
call the additional Connect() and detect failures with it.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-03-28 11:54:28 +00:00
Niels de Vos
7b2b125b18 rbd: free snapshot resources after allocation
Not all snapshot objects are free'd correctly after they were allocated.
It is possible that some connections to the Ceph cluster were never
closed. This does not need to be a noticeable problem, as connections
are re-used where possible, but it isn't clean either.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-03-28 11:54:28 +00:00
Niels de Vos
18162c71bc cleanup: do not pass an empty snapshot to genSnapFromSnapID()
Just like GenVolFromVolID() the genSnapFromSnapID() function can return
a snapshot. There is no need to allocated an empty snapshot and pass
that to the genSnapFromSnapID() function.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-03-28 11:54:28 +00:00
parth-gr
063319f6e5 rbd: make pool optional in rbd sc if topologyconstraints are present
if rbd storage class is created with topologyconstraintspools
replicated pool was still mandatory, making the pool optional if the
topologyconstraintspools is requested

Closes: https://github.com/ceph/ceph-csi/issues/4380

Signed-off-by: parth-gr <partharora1010@gmail.com>
2024-03-22 13:15:50 +00:00
Madhu Rajanna
aa2094ba30 cephfs: unit test for validateVolumeGroupSnapshotRequest
Added unit test for
validateVolumeGroupSnapshotRequest API which
validates the input VolumeGroupSnapshotRequest
request

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-03-21 06:16:42 +00:00
Madhu Rajanna
728a7f5ac7 util: add UnimplementedGroupControllerServer
adding UnimplementedGroupControllerServer to
the DefaultControllerServer struct to avoid
build errors when some non mandatory RPC's
are not implemented.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-03-21 06:16:42 +00:00
Madhu Rajanna
0f724480f5 cephfs: implement DeleteVolumeGroupSnapshot RPC
implemented DeleteVolumeGroupSnapshot RPC which
does below operations

* Basic request validation
* Get the snapshotId's and volumeId's
mapping reserved for the UUID
* Delete snapshot and remove its mapping
from the omap
* Repeat above steps until all the mapping
are removed
* Remove the reserved uuid from the omap
* Reset the filesystem quiesce, This might be
required as cephfs doesnt provide any options to
remove the quiesce, if we get any request with same
ID again we can reuse the quiesce API for same set-id
* Return success if the received error is
Pool not found or key not found.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-03-21 06:16:42 +00:00
Madhu Rajanna
df770e4139 cephfs: implement CreateVolumeGroupSnapshot RPC
implemented CreateVolumeGroupSnapshot RPC which
does below operations

* Basic request validation
* Reserve the UUID for the group name
* Quiesce the filesystem for all the subvolumes
from the input volumeId's
* Take the snapshot for all the input volumeId's
* Add the mapping between volumeId's and snapshot
Id's in omap
* Release the quiesce for the filesystem for
all the subvolumes from the input volumeId's

Undo all the operations if anything fails.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-03-21 06:16:42 +00:00
Madhu Rajanna
ffb2b1144d cephfs: add helper for group options
volumegroup.go holders all the helpers
to extra the group details from the request
and also to extra group details from the
groupID.

This also provide helpers to reserve group
for the request Name and also an undo function
incase if somethings goes wrong and we need to
cleanup the reserved omap entries.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-03-21 06:16:42 +00:00
Madhu Rajanna
86bf74bb5c cephfs: add helper function to getVolumeOptions
added helper function to extract basic
details from the parameters related to volume
options.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-03-21 06:16:42 +00:00
Madhu Rajanna
6a4c45deeb cephfs: add helper for quiesce api
added helper function which calls
the go-ceph API for the quiesce
operations.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-03-21 06:16:42 +00:00
Madhu Rajanna
eff0fe3a23 cephfs: add error for quiesce operation
added ErrInProgress to indicate the
the quiesce operation is in progress.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-03-21 06:16:42 +00:00
Madhu Rajanna
ef25a816a7 cephfs: add locks for volumegroup
Adding a lock for the volumegroup so
that we can take care of serializing
the same requests to ensure same requests
are not served in parallel.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-03-21 06:16:42 +00:00
Madhu Rajanna
6ec86879e6 cephfs: register group controller
register the group controller service
for the cephfs.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-03-21 06:16:42 +00:00
Madhu Rajanna
ff6eda0de1 cephfs: initialize VolumeGroupJournal
initialize VolumeGroupJournal which is
required for volumegroup rados communication

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-03-21 06:16:42 +00:00
Madhu Rajanna
445de7926d cephfs: add validateCreateVolumeGroupSnapshotRequest
added validateCreateVolumeGroupSnapshotRequest
to validate the CreateVolumeGroupSnapshotRequest
request and ensure that all the requirement
options are set. if not, reject the RPC request.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-03-21 06:16:42 +00:00
Madhu Rajanna
68e93a31cc journal: fix connection problem with groupjournal
Same group jounral config need to be reused
for multiple connection where different monitors
and users are used, for that reason create a unique
connection each time.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-03-21 06:16:42 +00:00
Madhu Rajanna
f17ea38736 cephfs: advertise group snapshot capability
Advertise VOLUME_GROUP_SNAPSHOT capability
from the cephfs driver.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-03-21 06:16:42 +00:00
Madhu Rajanna
6b3484f285 cephfs: add volumegroup service capability
Add GROUP_CONTROLLER_SERVICE capabilities to
the GetPluginCapabilities of the cephFS
plugin.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-03-21 06:16:42 +00:00
Niels de Vos
991343d9e5 cleanup: do not pass EncodingVersion to GenerateVolID()
The only encoding version that exists is `1`. There is no need to have
multiple constants for that version across different packages. Because
there is only one version, `GenerateVolID()` does not really require it,
and it can use a default version.

If there is a need in the future to support an other encoding version,
this can be revisited with a cleaner solution.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-03-18 06:23:28 +00:00
Niels de Vos
c32dfc0ae6 cleanup: correct typo in NewCSIVolumeroupJournal() function
The name of the function should be `NewCSIVolumeGroupJournal()`.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-03-15 11:05:10 +00:00
muxuelan
4f04748c87 rbd: support nbd on euler or arm
Signed-off-by: muxuelan <muxuelan@cmss.chinamobile.com>
2024-03-15 10:39:50 +00:00
Niels de Vos
32de26828f cleanup: don't return an internal type from VolumeGroupJournal.Connect()
The VolumeGroupJournal interface does not need to return anything except
for a potential error. Any instance that implements the
VolumeGroupJournal interface can be used to call all functions.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-03-14 10:39:36 +00:00
Praveen M
8901b456fd kms: Implement Azure key vault as KMS provider
This commit adds the Azure Key Vault as a supported
KMS provider.

Signed-off-by: Praveen M <m.praveen@ibm.com>
2024-03-13 14:46:41 +00:00
Praveen M
e345b26340 cleanup: refactor functions to accept a context parameter
Signed-off-by: Praveen M <m.praveen@ibm.com>
2024-03-12 13:54:19 +00:00
Michael Fritch
3410687855 cephfs: create a new blank key sized according to the passphrase
Padding a passphrase with null chars to arrive at a 32-byte length
later forces a user to also pass null chars via the term when
attempting to manually unlock a subvolume via the fscrypt cli tools.

This also had a side-effect of truncating any longer length passphrase
down to a shorter 32-byte length.

fixup for:
cfea8d7562
dd0e1988c0

Signed-off-by: Michael Fritch <mfritch@suse.com>
2024-03-06 19:23:30 +00:00
Michael Fritch
2368df7e69 cephfs: return ErrBadAuth during keyFn retry
fscrypt will infinitely retry the keyFn during an auth failure,
preventing the csi driver from progressing when configured with
an invalid passphrase

See also:
8c12cd64ab/actions/callback.go (L102-L106)

Signed-off-by: Michael Fritch <mfritch@suse.com>
2024-03-06 19:23:30 +00:00
Yati Padia
fbaf9d5485 rbd: log sitestatuses and description
This commit logs sitestatues and description in
GetVolumeReplicationInfo RPC call for better
debuging.

Fixes: #4430

Signed-off-by: Yati Padia <ypadia@redhat.com>
2024-02-19 12:58:42 +00:00
Madhu Rajanna
4e296bf65e util: log repication RequestID
currently we are not logging the RequestID
for the replication RPC calls. This PR
adds the replication case to the getReqID
function.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-02-13 14:09:54 +00:00
Madhu Rajanna
5afc6fd0d2 util: register group controller server
Register group controller server
if its initialized.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-02-09 07:27:55 +00:00
Madhu Rajanna
2af26ca62d util: add ValidateGroupControllerServiceRequest helper
added ValidateGroupControllerServiceRequest
helper function which can be used to validate the
group controller service request.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-02-09 07:27:55 +00:00
Madhu Rajanna
5ecfa0660f util: add groupSnapshot details to getReqID
added CreateVolumeGroupSnapshotRequest and
DeleteVolumeGroupSnapshotRequest to the
getReqID so that we can get the ReqID for
the logging.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-02-09 07:27:55 +00:00
Madhu Rajanna
12bd269d5b util: add GroupControllerGetCapabilities RPC
added GroupControllerGetCapabilities RPC
to the default controller server which returns
the group capabilities which are already set.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-02-09 07:27:55 +00:00
Madhu Rajanna
aa39b3dc1f util: add helper for group controller
Added helper function to add the group
controller capabilities which needs to
be included by csi driver that wants to
implement group controller.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-02-09 07:27:55 +00:00
Madhu Rajanna
dd235d88e0 journal: omap implementation for volumegroup
Implement the required function to store/retrieve
the details from the omap for the volumegroup.

This adds a new omap object that contains the
mapping of the RequestName and all the volumeID
and its corresponding snapshotID belonging to a
group.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-02-09 07:20:37 +00:00
Madhu Rajanna
9e08a67b36 journal: implementation for listOmapVals
Added a implementation for the listOmapVals
which list the object keys and values from
the rados omap.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-02-09 07:20:37 +00:00
Niels de Vos
ab87045afb cephfs: do not run modprobe if support is compiled into the kernel
By reading the contents of /proc/filesystems, and checking if "ceph" is
included there, running "modprobe ceph" can be skipped.

Fixes: #4376
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-01-17 17:48:45 +00:00
Madhu Rajanna
1d17600401 cephfs: make fsname as optional for static PVC
consider fsName optional for static volume
as it is not required to be set during mount
operation with fuse and kernel client.

fixes: #4311

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-01-12 18:27:45 +00:00
Niels de Vos
3bf5c0e478 cleanup: simplify rbdGetDeviceList()
The `rbdGetDeviceList()` function uses two very similar types for
converting krbd and NBD device information from JSON. There is no need
to use this distinction, and callers of `rbdGetDeviceList()` should not
need to care about it either.

By introducing a `deviceInfo` interface with Get-functions, the
`rbdGetDeviceList()` function becomes a little simpler, with a clearly
defined API for the returned list.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-01-11 18:00:41 +00:00
Praveen M
50e505619c deploy: added json field tags for csi config map
This commit adds the json field tags for csi config map for
encoding and decoding JSON.

Signed-off-by: Praveen M <m.praveen@ibm.com>
2023-12-21 17:44:46 +00:00
Riya Singhal
bee77f7fac cephfs: fix fetchIP to support more formats
Signed-off-by: Riya Singhal <rsinghal@redhat.com>
2023-12-15 18:21:20 +00:00
Riya Singhal
51faa2ad7f cephfs: fix network fencing admin id
this commit replaces user id requirement with
admin id

Signed-off-by: Riya Singhal <rsinghal@redhat.com>
2023-12-12 18:23:57 +00:00
Jan Nemcik
3443546370 rbd: updated node labels fetching logic
node labels are fetched only if controller is running in k8s and is nodeserver

Signed-off-by: Jan Nemcik <jan.nemcik@solargis.com>
2023-12-11 10:59:50 +00:00
karthik-us
f6665294a1 cephfs: handle cephfs clone limit error
This is to pre-emptively add check for EAGAIN error returned from
ceph as part of https://github.com/ceph/ceph/pull/52670 if all the
clone threads are busy and return csi compatible error.

Fixes: #3996
Signed-off-by: karthik-us <ksubrahm@redhat.com>
2023-11-24 08:47:45 +00:00
karthik-us
31aeaf7e5b cleanup: cephfs resize code cleanup
The ceph fs subvolume resize support is available
in all the active ceph releases. Hence removing the
code to check the supportability of the feature.

Signed-off-by: karthik-us <ksubrahm@redhat.com>
2023-11-23 10:59:12 +00:00
Riya Singhal
4b5cdd5316 util: addresed few todo
this commit replaces string comparsion with error code
at few places

Signed-off-by: Riya Singhal <rsinghal@redhat.com>
2023-11-23 00:55:17 +00:00
Praveen M
4d466843b9 cephfs: add read affinity mount option
This commit makes use of crush location labels from node
labels to supply `crush_location` and `read_from_replica=localize`
options during mount. Using these options, cephfs
will be able to redirect reads to the closest OSD,
improving performance.

Signed-off-by: Praveen M <m.praveen@ibm.com>
2023-11-22 13:13:01 +00:00
Praveen M
e9983306d9 util: remove metrics argument from NewMiddlewareServerOption
This commit removes metrics argument from NewMiddlewareServerOption
as it always set to false.

Signed-off-by: Praveen M <m.praveen@ibm.com>
2023-11-17 10:15:32 +00:00
Niels de Vos
0c13a70363 util: include request-IDs in all gRPC calls for the Controller
Snapshot procedures do not seem to contain the `Req-ID:` prefix in the
logs anymore (or weren't they there at all?) for some reason. This adds
them back.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-11-16 16:50:16 +00:00
Praveen M
fb8bb3f576 cephfs: support for kernelMountOptions & fuseMountOptions per cluster
Implemented the capability to include kernel mount options and
fuse mount options for individual clusters within the ceph-csi-config
ConfigMap.This allows users to configure the kernel/fuse mount options
for each cluster separately. The mount options specified in the ConfigMap
will supersede those provided via command line arguments.

Signed-off-by: Praveen M <m.praveen@ibm.com>
2023-11-15 11:43:27 +00:00
Praveen M
1e4ff115a7 util: added GetCephFSMountOptions method
This commit adds GetCephFSMountOptions util method which returns
KernelMountOptions and fuseMountOptions for cluster `clusterID`.

Signed-off-by: Praveen M <m.praveen@ibm.com>
2023-11-15 11:43:27 +00:00
Praveen M
6f9b1ab04d cephfs: remove subvolumegroup creation
Signed-off-by: Praveen M <m.praveen@ibm.com>
2023-11-10 11:41:35 +00:00
Praveen M
c4e373c72f deploy: support for read affinity options per cluster
Implemented the capability to include read affinity options
for individual clusters within the ceph-csi-config ConfigMap.
This allows users to configure the crush location for each
cluster separately. The read affinity options specified in
the ConfigMap will supersede those provided via command line arguments.

Signed-off-by: Praveen M <m.praveen@ibm.com>
2023-11-08 21:17:00 +00:00
Praveen M
93f2ed681f util: added RunsOnKubernetes() function
Signed-off-by: Praveen M <m.praveen@ibm.com>
2023-11-08 21:17:00 +00:00
Praveen M
9cec05f484 util: added read affinity related functions and unit testcases
This commit adds util functions related to read affinity
and unit testcases for the same.

Signed-off-by: Praveen M <m.praveen@ibm.com>
2023-11-08 21:17:00 +00:00
Praveen M
a93f3e24ba util: moved GetNodeLabels() under internal/util/k8s
Signed-off-by: Praveen M <m.praveen@ibm.com>
2023-11-08 21:17:00 +00:00
Madhu Rajanna
1b39b82a85 cephfs: avoid variable shadowing
Avoiding variable shadowing as it
becomes hard to debug this kind of
issues in real enviroment.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2023-11-08 19:25:51 +00:00
Madhu Rajanna
c25f572ae0 cephfs: remove subvolume during clone
If any operations like Resize, Deleting
snapshot fails, we need to remove
both snapshot and the clone to avoid
resource leak.

closes: #4218

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2023-11-08 19:25:51 +00:00
Riya Singhal
2598300f66 cephfs: add test case for ipv6 address
Signed-off-by: Riya Singhal <rsinghal@redhat.com>
2023-11-08 15:43:58 +00:00
Riya Singhal
0631c15025 cephfs: update fetchIP to support ipv6 addresses
Signed-off-by: Riya Singhal <rsinghal@redhat.com>
2023-11-08 15:43:58 +00:00
Madhu Rajanna
304462c7cc cleanup: fix spellcheck errors
fixed spellcheck errors caught in
CI.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2023-11-08 12:32:06 +00:00
Niels de Vos
76d9400725 cleanup: remove left-overs of ReplicationServer in csi-common
The ReplicationServer is not used anymore, the functionality has moved
to CSI-Addons and the `internal/csi-addons/rbd` package. These last
references were not activated anywhere, so can be removed without any
impact.

See-also: #3314
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-11-07 07:37:16 +00:00
Madhu Rajanna
9f753889ed rbd: remove deprecated rbdImageRequiresEncryption
remove support for deprecated
rbdImageRequiresEncryption case.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2023-11-04 08:14:51 +00:00
Madhu Rajanna
1e05a0da7c util: remove RadosNamespace from configmap
remove RadosNamespace from the configmap main
section as its already added to the rbd section

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2023-11-04 08:14:51 +00:00
Niels de Vos
4d3b1fc46f util: if FilesystemNodeGetVolumeStats succeeds the volume is healthy
When FilesystemNodeGetVolumeStats() succeeds, the volume must be
healthy. This can be included in the VolumeCondition CSI message by
default.

Checks that detect an abnormal VolumeCondition should prevent calling
FilesystemNodeGetVolumeStats() as it is possible that the function will
hang.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-11-03 13:41:44 +00:00
Niels de Vos
7d96cafad7 cephfs: enable VolumeCondition with new health-checker
The HealthChecker is configured to use the Staging path pf the volume,
with a `.csi/` subdirectory. In the future this directory could be a
directory that is not under the Published directory.

Fixes: #4219
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-11-03 13:41:44 +00:00
Niels de Vos
54fc65a561 util: add health-checker for periodic filesystem checks
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-11-03 13:41:44 +00:00
Madhu Rajanna
00d6971dbd util: rearrange struct to fix lint
re-arrange the struct members to
fix below lint issue

```
struct of size 336 bytes could be of size 328 bytes
```

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2023-11-03 10:04:50 +00:00
Madhu Rajanna
3ea540bf0f util: remove deprecated grpc metrics
This commit removes the deprecated
grpc related code from cephcsi.

fixes: #4122

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2023-11-03 10:04:50 +00:00
Praveen M
c09700b568 cleanup: removed unused SnapshotInfo from CheckSnapExists()
Signed-off-by: Praveen M <m.praveen@ibm.com>
2023-11-01 11:32:07 +00:00
Praveen M
ad3a3d704a cephfs: remove snapshot protect/unprotect
This commit eliminates the code for protecting and unprotecting
snapshots, as the functionality to protect and unprotect snapshots
is being deprecated.

Signed-off-by: Praveen M <m.praveen@ibm.com>
2023-11-01 11:32:07 +00:00
Riya Singhal
1fc9678342 cephfs: expose FenceControllerServer in driver.go to handle the requests
Signed-off-by: Riya Singhal <rsinghal@redhat.com>
2023-10-24 16:36:41 +00:00
Riya Singhal
74dfb7b913 cephfs: adds unit testing for unfencing procedure
Signed-off-by: Riya Singhal <rsinghal@redhat.com>
2023-10-24 16:36:41 +00:00
Riya Singhal
14b06837d0 cephfs: implement the logic for unfencing procedure
this commit un-blocklists the clients provided in cidr
for unfencing operation.

Signed-off-by: Riya Singhal <rsinghal@redhat.com>
2023-10-24 16:36:41 +00:00
Riya Singhal
1420ad193a cephfs: adds unit testing for fencing procedure
Signed-off-by: Riya Singhal <rsinghal@redhat.com>
2023-10-24 16:36:41 +00:00
Riya Singhal
d925937d53 cephfs: adding unit test for fetchID
Signed-off-by: Riya Singhal <rsinghal@redhat.com>
2023-10-24 16:36:41 +00:00
Riya Singhal
b8e74e62c0 cephfs: adding unit test for fetchIP for client eviction
Signed-off-by: Riya Singhal <rsinghal@redhat.com>
2023-10-24 16:36:41 +00:00
Riya Singhal
6b0c412996 cephfs: add network fence service to identity.go
Signed-off-by: Riya Singhal <rsinghal@redhat.com>
2023-10-24 16:36:41 +00:00
Riya Singhal
9d5ee285a2 cephfs: adds the implementation of client eviction
this commit adds client eviction to cephfs, based
on the IPs in cidr block, it evicts those IPs from
the network.

Signed-off-by: Riya Singhal <rsinghal@redhat.com>
2023-10-24 16:36:41 +00:00
Madhu Rajanna
b062479012 util: remove unimplemented methods
As we are using UnimplementedControllerServer
we dont need to implement mock
methods.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2023-10-23 07:02:40 +00:00
Madhu Rajanna
e5d2d3eeb4 util: add UnimplementedControllerServer to default
Add UnimplementedControllerServer to the default
implementation to avoid missing method
error.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2023-10-23 07:02:40 +00:00
Rakshith R
e46a007961 rebase: update github.com/libopenstorage/secrets to latest
With this update, we no longer import github.com/hashicorp/vault
which now is under BSL license.
https://github.com/hashicorp/vault/blob/main/LICENSE

resolves: #4196

Signed-off-by: Rakshith R <rar@redhat.com>
2023-10-17 11:06:24 +00:00
karthik-us
5ff0607360 e2e: To test 500MB PVC creation
Adding e2e test to check for successful PVC creation
of 500MB.

Signed-off-by: karthik-us <ksubrahm@redhat.com>
2023-10-12 17:31:46 +00:00
karthik-us
5a0eeb882e cephfs: Fix cephfs PVC sizing
Issue:
The RoundOffCephFSVolSize() function omits the fractional
part when calculating the size for cephfs volumes, leading
to the created volume capacity to be lesser than the requested
volume capacity.

Fix:
Consider the fractional part during the size calculation so the
rounded off volume size will be greater than or equal to the
requested volume size.

Signed-off-by: karthik-us <ksubrahm@redhat.com>
Fixes: #4179
2023-10-12 17:31:46 +00:00
Rakshith R
d516a1d66d cephfs: safeguard subVolumeGroupCreated map from race condition
Multiple go-routines may simultaneously create the
subVolumeGroupCreated map or  write into it
for a particular group.

This commit safeguards subVolumeGroupCreated map
from concurrent creation/writes while allowing for multiple
readers.

Signed-off-by: Rakshith R <rar@redhat.com>
2023-10-10 21:04:05 +00:00
Rakshith R
82f1323af4 cephfs: safeguard localClusterState struct from race conditions
Multiple go-routines may simultaneously check for a clusterID's
presence in clusterAdditionalInfo and create an entry if it is
absent. This set of operation needs to be serialized.

Therefore, this commit safeguards clusterAdditionalInfo map
from concurrent writes with a mutex to prevent the above problem.

Signed-off-by: Rakshith R <rar@redhat.com>
2023-10-10 21:04:05 +00:00
Praveen M
0ed7a64191 rbd: update snap RbdImageName in createSnapshot
This PR updates the snapshot RbdImageName in
`createSnapshot` method. This resolves the
incorrect statement logged during snapshot creation.

Signed-off-by: Praveen M <m.praveen@ibm.com>
2023-10-03 11:45:03 +00:00
Praveen M
e504987984 rbd: update snap RbdImageName
This commit updates the snapshot RbdImageName with the clone
RbdImageName before snapshot creation. This will fix the
incorrect log statement.

Signed-off-by: Praveen M <m.praveen@ibm.com>
2023-09-28 11:51:13 +00:00
HF
5411a69839 rbd: fixed all potential crashing when decoding volume ID failed
Signed-off-by: HF <crazytaxii666@gmail.com>
2023-09-06 13:46:22 +00:00
HF
80ad5b6b8f rbd: fixed csi-rbdplugin crashes when decoding volume ID failed
Signed-off-by: HF <crazytaxii666@gmail.com>
2023-09-05 12:08:53 +00:00
Madhu Rajanna
683821c407 rbd: discard not found error from GetMetadata
During ResyncVolume call, discard not found
error from GetMetadata API. If the image gets
resynced the local image creation time will be
lost, if the key is not present in the image
metadata then we can assume that the image is
already resynced.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2023-09-04 05:55:52 +00:00
Madhu Rajanna
771470d975 cephfs: add support for RWX clone from ROX
Add support to create RWX clone from the
ROX clone, in ceph no subvolume clone is
created when ROX clone is created from a
snapshot just a internal ref counter is
added. This PR allows creating a RWX clone
from a ROX clone which allows users to create
RW copy of PVC where cephcsi will identify
the snapshot created for the ROX volume and
creates a subvolume from the CephFS snapshot.

updates: #3603

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2023-08-31 11:51:18 +00:00
Madhu Rajanna
5d034b1124 cephfs: block creation of ROX clone from ROX volume
As there is no usecase currently, blocking the
creation of ROX clone from the ROX volume.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2023-08-31 11:51:18 +00:00
Madhu Rajanna
e013cfed15 rbd: fix resync issue
During the Demote volume store
the image creation timestamp.

During Resync do below operation

* Check image creation timestamp
stored during Demote operation
and current creation timestamp during Resync
and check both are equal and its for
force resync then issue resync
* If the image on both sides is
not in unknown state, check
last_snapshot_timestamp on the
local mirror description, if its present
send volumeReady as false or else return
error message.

If both the images are in up+unknown the
send volumeReady as true.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2023-08-30 09:07:46 +00:00