Madhu Rajanna
0f724480f5
cephfs: implement DeleteVolumeGroupSnapshot RPC
...
implemented DeleteVolumeGroupSnapshot RPC which
does below operations
* Basic request validation
* Get the snapshotId's and volumeId's
mapping reserved for the UUID
* Delete snapshot and remove its mapping
from the omap
* Repeat above steps until all the mapping
are removed
* Remove the reserved uuid from the omap
* Reset the filesystem quiesce, This might be
required as cephfs doesnt provide any options to
remove the quiesce, if we get any request with same
ID again we can reuse the quiesce API for same set-id
* Return success if the received error is
Pool not found or key not found.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-03-21 06:16:42 +00:00
Madhu Rajanna
df770e4139
cephfs: implement CreateVolumeGroupSnapshot RPC
...
implemented CreateVolumeGroupSnapshot RPC which
does below operations
* Basic request validation
* Reserve the UUID for the group name
* Quiesce the filesystem for all the subvolumes
from the input volumeId's
* Take the snapshot for all the input volumeId's
* Add the mapping between volumeId's and snapshot
Id's in omap
* Release the quiesce for the filesystem for
all the subvolumes from the input volumeId's
Undo all the operations if anything fails.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-03-21 06:16:42 +00:00
Madhu Rajanna
ffb2b1144d
cephfs: add helper for group options
...
volumegroup.go holders all the helpers
to extra the group details from the request
and also to extra group details from the
groupID.
This also provide helpers to reserve group
for the request Name and also an undo function
incase if somethings goes wrong and we need to
cleanup the reserved omap entries.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-03-21 06:16:42 +00:00
Madhu Rajanna
86bf74bb5c
cephfs: add helper function to getVolumeOptions
...
added helper function to extract basic
details from the parameters related to volume
options.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-03-21 06:16:42 +00:00
Madhu Rajanna
6a4c45deeb
cephfs: add helper for quiesce api
...
added helper function which calls
the go-ceph API for the quiesce
operations.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-03-21 06:16:42 +00:00
Madhu Rajanna
eff0fe3a23
cephfs: add error for quiesce operation
...
added ErrInProgress to indicate the
the quiesce operation is in progress.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-03-21 06:16:42 +00:00
Madhu Rajanna
ef25a816a7
cephfs: add locks for volumegroup
...
Adding a lock for the volumegroup so
that we can take care of serializing
the same requests to ensure same requests
are not served in parallel.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-03-21 06:16:42 +00:00
Madhu Rajanna
b30da094b0
build: add ceph_preview to GO_TAGS_LIST
...
added required ceph_preview tag to the
GO_TAGS_LIST in Makefile which is
required for FSQuiesce API.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-03-21 06:16:42 +00:00
Madhu Rajanna
6ec86879e6
cephfs: register group controller
...
register the group controller service
for the cephfs.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-03-21 06:16:42 +00:00
Madhu Rajanna
ff6eda0de1
cephfs: initialize VolumeGroupJournal
...
initialize VolumeGroupJournal which is
required for volumegroup rados communication
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-03-21 06:16:42 +00:00
Madhu Rajanna
445de7926d
cephfs: add validateCreateVolumeGroupSnapshotRequest
...
added validateCreateVolumeGroupSnapshotRequest
to validate the CreateVolumeGroupSnapshotRequest
request and ensure that all the requirement
options are set. if not, reject the RPC request.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-03-21 06:16:42 +00:00
Madhu Rajanna
68e93a31cc
journal: fix connection problem with groupjournal
...
Same group jounral config need to be reused
for multiple connection where different monitors
and users are used, for that reason create a unique
connection each time.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-03-21 06:16:42 +00:00
Madhu Rajanna
f17ea38736
cephfs: advertise group snapshot capability
...
Advertise VOLUME_GROUP_SNAPSHOT capability
from the cephfs driver.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-03-21 06:16:42 +00:00
Madhu Rajanna
6b3484f285
cephfs: add volumegroup service capability
...
Add GROUP_CONTROLLER_SERVICE capabilities to
the GetPluginCapabilities of the cephFS
plugin.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-03-21 06:16:42 +00:00
dependabot[bot]
3ad922dbae
rebase: bump the k8s-dependencies group in /api with 1 update
...
Bumps the k8s-dependencies group in /api with 1 update: [k8s.io/api](https://github.com/kubernetes/api ).
Updates `k8s.io/api` from 0.29.2 to 0.29.3
- [Commits](https://github.com/kubernetes/api/compare/v0.29.2...v0.29.3 )
---
updated-dependencies:
- dependency-name: k8s.io/api
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: k8s-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-19 12:31:13 +00:00
dependabot[bot]
5b9730ce6e
rebase: bump the k8s-dependencies group with 1 update
...
Bumps the k8s-dependencies group with 1 update: [k8s.io/kubernetes](https://github.com/kubernetes/kubernetes ).
Updates `k8s.io/kubernetes` from 1.29.2 to 1.29.3
- [Release notes](https://github.com/kubernetes/kubernetes/releases )
- [Commits](https://github.com/kubernetes/kubernetes/compare/v1.29.2...v1.29.3 )
---
updated-dependencies:
- dependency-name: k8s.io/kubernetes
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: k8s-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-03-19 11:43:39 +00:00
Praveen M
b9543d3fd3
helm: update template for rbd volumegroupsnapshot
...
This commit updates template for rbd VolumeGroupSnapshot.
The value is set to false by default.
Signed-off-by: Praveen M <m.praveen@ibm.com>
2024-03-18 17:00:45 +00:00
Praveen M
bd07dd4e71
rbd: deployment changes to support VGS
...
Signed-off-by: Praveen M <m.praveen@ibm.com>
2024-03-18 17:00:45 +00:00
Niels de Vos
991343d9e5
cleanup: do not pass EncodingVersion to GenerateVolID()
...
The only encoding version that exists is `1`. There is no need to have
multiple constants for that version across different packages. Because
there is only one version, `GenerateVolID()` does not really require it,
and it can use a default version.
If there is a need in the future to support an other encoding version,
this can be revisited with a cleaner solution.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-03-18 06:23:28 +00:00
Niels de Vos
c32dfc0ae6
cleanup: correct typo in NewCSIVolumeroupJournal()
function
...
The name of the function should be `NewCSIVolumeGroupJournal()`.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-03-15 11:05:10 +00:00
muxuelan
4f04748c87
rbd: support nbd on euler or arm
...
Signed-off-by: muxuelan <muxuelan@cmss.chinamobile.com>
2024-03-15 10:39:50 +00:00
Niels de Vos
6f0d9a5d59
deploy: include ServiceAccount in the NFS provisioner RBAC artifact
...
It seems that the ServiceAccount was not created anymore, this causes
problems with provisioning volumes.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-03-15 08:02:25 +00:00
Niels de Vos
a469a66f9d
e2e: replace quoted namespace in templates too
...
Some templates are now generated with the API, and these include
namespaces as "quotes" values. Namespace replacing in the templates need
to replace both the unquoted and quoted strings.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-03-15 08:02:25 +00:00
Niels de Vos
32de26828f
cleanup: don't return an internal type from VolumeGroupJournal.Connect()
...
The VolumeGroupJournal interface does not need to return anything except
for a potential error. Any instance that implements the
VolumeGroupJournal interface can be used to call all functions.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-03-14 10:39:36 +00:00
dependabot[bot]
9276aeb7fc
rebase: bump google.golang.org/protobuf in /actions/retest
...
Bumps google.golang.org/protobuf from 1.31.0 to 1.33.0.
---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-14 10:12:28 +00:00
Niels de Vos
1cb2ccd704
rebase: update vendored Ceph-CSI API
...
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-03-14 09:27:07 +00:00
Niels de Vos
a6466fb1ca
build: add NFS provisioner RBAC to generated artifacts
...
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-03-14 09:27:07 +00:00
Niels de Vos
6b13352c9b
api: add CSIProvisionerRBAC functions for the NFS-provisioner
...
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-03-14 09:27:07 +00:00
Niels de Vos
35da67be45
vendor: include k8s.io/api/rbac/v1
...
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-03-14 09:27:07 +00:00
Dmitriy Alekseev
6c43789de4
doc: Update capabilities readme to solve to open permissions
...
Signed-off-by: Dmytro Alieksieiev <1865999+dragoangel@users.noreply.github.com>
2024-03-13 17:07:28 +00:00
Praveen M
47b202554e
rebase: Azure key vault module dependency update
...
This commit adds the Azure SDK for Azure key vault KMS
integration to the Ceph CSI driver.
Signed-off-by: Praveen M <m.praveen@ibm.com>
2024-03-13 14:46:41 +00:00
Praveen M
b2087e4517
doc: added docs for Azure KMS
...
Signed-off-by: Praveen M <m.praveen@ibm.com>
2024-03-13 14:46:41 +00:00
Praveen M
8901b456fd
kms: Implement Azure key vault as KMS provider
...
This commit adds the Azure Key Vault as a supported
KMS provider.
Signed-off-by: Praveen M <m.praveen@ibm.com>
2024-03-13 14:46:41 +00:00
dependabot[bot]
d93c75517e
rebase: bump google.golang.org/grpc from 1.62.0 to 1.62.1
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.62.0 to 1.62.1.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.62.0...v1.62.1 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-13 09:54:50 +00:00
Dmytro Alieksieiev
fcaac58a1e
helm: Include seLinuxMount only if KubeVersion greater or equal of 1.25
...
Signed-off-by: Dmytro Alieksieiev <1865999+dragoangel@users.noreply.github.com>
2024-03-13 07:40:19 +00:00
dependabot[bot]
948d5e0b5d
rebase: bump the github-dependencies group in /api with 1 update
...
Bumps the github-dependencies group in /api with 1 update: [github.com/stretchr/testify](https://github.com/stretchr/testify ).
Updates `github.com/stretchr/testify` from 1.8.4 to 1.9.0
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.8.4...v1.9.0 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: github-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-12 14:48:34 +00:00
dependabot[bot]
65954fa563
rebase: bump golang.org/x/oauth2 in /actions/retest
...
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2 ) from 0.17.0 to 0.18.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.17.0...v0.18.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-12 14:22:14 +00:00
Praveen M
e345b26340
cleanup: refactor functions to accept a context parameter
...
Signed-off-by: Praveen M <m.praveen@ibm.com>
2024-03-12 13:54:19 +00:00
Niels de Vos
c90f7ed777
cleanup: use latest version for k8s.io/pod-security-admission
...
The version v0.0.0 looks incorrect in go.mod, use the latest version
like all other Kubernetes modules.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-03-12 10:00:36 +00:00
dependabot[bot]
5298762c4c
rebase: bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3
...
Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose ) from 3.0.1 to 3.0.3.
- [Release notes](https://github.com/go-jose/go-jose/releases )
- [Changelog](https://github.com/go-jose/go-jose/blob/v3.0.3/CHANGELOG.md )
- [Commits](https://github.com/go-jose/go-jose/compare/v3.0.1...v3.0.3 )
---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v3
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-08 11:48:21 +00:00
dependabot[bot]
f12b6064d6
rebase: bump the golang-dependencies group with 4 updates
...
Bumps the golang-dependencies group with 4 updates: [github.com/golang/protobuf](https://github.com/golang/protobuf ), [golang.org/x/crypto](https://github.com/golang/crypto ), [golang.org/x/net](https://github.com/golang/net ) and [golang.org/x/sys](https://github.com/golang/sys ).
Updates `github.com/golang/protobuf` from 1.5.3 to 1.5.4
- [Release notes](https://github.com/golang/protobuf/releases )
- [Commits](https://github.com/golang/protobuf/compare/v1.5.3...v1.5.4 )
Updates `golang.org/x/crypto` from 0.20.0 to 0.21.0
- [Commits](https://github.com/golang/crypto/compare/v0.20.0...v0.21.0 )
Updates `golang.org/x/net` from 0.21.0 to 0.22.0
- [Commits](https://github.com/golang/net/compare/v0.21.0...v0.22.0 )
Updates `golang.org/x/sys` from 0.17.0 to 0.18.0
- [Commits](https://github.com/golang/sys/compare/v0.17.0...v0.18.0 )
---
updated-dependencies:
- dependency-name: github.com/golang/protobuf
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: golang-dependencies
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: golang-dependencies
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: golang-dependencies
- dependency-name: golang.org/x/sys
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: golang-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-07 13:37:04 +00:00
Michael Fritch
3410687855
cephfs: create a new blank key sized according to the passphrase
...
Padding a passphrase with null chars to arrive at a 32-byte length
later forces a user to also pass null chars via the term when
attempting to manually unlock a subvolume via the fscrypt cli tools.
This also had a side-effect of truncating any longer length passphrase
down to a shorter 32-byte length.
fixup for:
cfea8d7562
dd0e1988c0
Signed-off-by: Michael Fritch <mfritch@suse.com>
2024-03-06 19:23:30 +00:00
Michael Fritch
2368df7e69
cephfs: return ErrBadAuth
during keyFn retry
...
fscrypt will infinitely retry the keyFn during an auth failure,
preventing the csi driver from progressing when configured with
an invalid passphrase
See also:
8c12cd64ab/actions/callback.go (L102-L106)
Signed-off-by: Michael Fritch <mfritch@suse.com>
2024-03-06 19:23:30 +00:00
dependabot[bot]
b8ab1c8bd8
rebase: bump google.golang.org/grpc from 1.61.1 to 1.62.0
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.61.1 to 1.62.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.61.1...v1.62.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-06 13:51:38 +00:00
dependabot[bot]
328e4e5a0f
rebase: bump the github-dependencies group with 2 updates
...
Bumps the github-dependencies group with 2 updates: [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) and [github.com/aws/aws-sdk-go-v2/service/sts](https://github.com/aws/aws-sdk-go-v2 ).
Updates `github.com/aws/aws-sdk-go` from 1.50.21 to 1.50.26
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.50.21...v1.50.26 )
Updates `github.com/aws/aws-sdk-go-v2/service/sts` from 1.27.0 to 1.28.1
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/service/ecs/v1.28.1/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.27.0...service/ecs/v1.28.1 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: github-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/service/sts
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: github-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-02-27 08:36:05 +00:00
dependabot[bot]
3a91487c8a
rebase: bump the golang-dependencies group with 1 update
...
Bumps the golang-dependencies group with 1 update: [golang.org/x/crypto](https://github.com/golang/crypto ).
Updates `golang.org/x/crypto` from 0.19.0 to 0.20.0
- [Commits](https://github.com/golang/crypto/compare/v0.19.0...v0.20.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: golang-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-02-27 07:53:48 +00:00
Madhu Rajanna
e6d913970b
helm: template changes for cephfs volumegroupsnapshot
...
tempalate changes for cephfs volumegroupsnapshot
the default is set to false and user can set
the value to true to get the support for VGS.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-02-22 15:21:07 +00:00
Madhu Rajanna
a36412e709
cephfs: deployment changes to support VGS
...
deployment changes to support VGS for
cephfs.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-02-22 15:21:07 +00:00
Niels de Vos
83ec7096b6
rebase: use Helm client 3.14.1 for generating charts
...
By using version 3.14.1 of the client for generating Helm charts, users
are prevented to run into a security issue when they manually create the
charts.
The automatically generated Helm charts are not affected by this issue.
Fixes: CVE-2024-25620
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-02-21 11:20:13 +00:00
dependabot[bot]
5286aab201
rebase: bump the k8s-dependencies group in /api with 1 update
...
Bumps the k8s-dependencies group in /api with 1 update: [k8s.io/api](https://github.com/kubernetes/api ).
Updates `k8s.io/api` from 0.29.1 to 0.29.2
- [Commits](https://github.com/kubernetes/api/compare/v0.29.1...v0.29.2 )
---
updated-dependencies:
- dependency-name: k8s.io/api
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: k8s-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-02-21 09:12:39 +00:00