Commit Graph

3320 Commits

Author SHA1 Message Date
Madhu Rajanna
e0cc7740f6 CSI: run all containers as privileged in daemonset pods
On systems with SELinux enabled, non-privileged containers
can't access data of privileged containers. Since the socket
is exposed by privileged containers, all sidecars must be
privileged too. This is needed only for containers running
in daemonset as we are using bidirectional mounts in daemonset

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2020-01-13 13:21:29 +00:00
Madhu Rajanna
fbda8cc4ca Use EmptyDir to store provisioner socket
currently, we are making use of host path directory
to store the provisioner socket, as this
the socket is not needed by anyone else other than
containers inside the provisioner pod using the
empty directory to store this socket is the best option.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2020-01-13 13:21:29 +00:00
Madhu Rajanna
a4f6a3407f Add ContentSource to the CreateVolume response
if PVC is created from a snapshot, external-provisioner
expects the volume ContentSource to be set in Create
VolumeResponse

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2020-01-10 09:20:45 +00:00
Yibo Cai
4b8b52e0de Support Arm64 image
Update CI merge job to build and push Arm64 image to
quay.io/cephcsi/cephcsi:version-arm64.

Add CI PR job running on Travis Arm64 nodes to make sure cephcsi
compiles successfully on Arm64.

No CI test job is availabe for Arm64 now due to below issues
- k8s-csi sidecar images for Arm64 are not available
- Travis Arm64 CI job runs inside unprivileged LXD which blocks
  launching minikube test environment

Signed-off-by: Yibo Cai <yibo.cai@arm.com>
2020-01-09 09:53:50 +00:00
Wong Hoi Sing Edison
543360ee00 Upgrade: csi-attacher from v1.2.0 to v2.1.0
See https://github.com/kubernetes-csi/external-attacher/releases/tag/v2.1.0
See https://github.com/kubernetes-csi/external-attacher/blob/v2.1.0/CHANGELOG-2.1.md
2020-01-07 14:27:29 +00:00
Chin-Ya Huang
47f89889ef Fix typo for comment in charts
* ceph-csi-cephfs
* ceph-csi-rbd

Signed-off-by: Chin-Ya Huang <chin-ya.huang@suse.com>
2020-01-07 07:52:32 +00:00
Wong Hoi Sing Edison
202a2a7200 Upgrade: csi-snapshotter from v1.2.1 to v1.2.2
See https://github.com/kubernetes-csi/external-snapshotter/releases/tag/v1.2.2
See https://github.com/kubernetes-csi/external-snapshotter/blob/v1.2.2/CHANGELOG-1.2.md
2020-01-06 12:36:44 +00:00
Wong Hoi Sing Edison
f37bdfdd44 Upgrade: csi-node-driver-registrar from v1.1.0 to v1.2.0
See https://github.com/kubernetes-csi/node-driver-registrar/releases/tag/v1.2.0
See https://github.com/kubernetes-csi/node-driver-registrar/blob/v1.2.0/CHANGELOG-1.2.md
2020-01-06 07:48:41 +00:00
Madhu Rajanna
4d28a981fc Remove hard-coded UpdateStrategy from templates
Provided an option to specify the UpdateStrategy
in helm  charts.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2020-01-05 08:05:06 +00:00
Wong Hoi Sing Edison
74cb18bd28 Upgrade: csi-resizer from v0.3.0 to v0.4.0
See https://github.com/kubernetes-csi/external-resizer/releases/tag/v0.4.0
See https://github.com/kubernetes-csi/external-resizer/blob/v0.4.0/CHANGELOG-0.4.md
2020-01-05 07:21:12 +00:00
Wong Hoi Sing Edison
3e656769b7 Update csi-provisioner from v1.3.0 to v1.4.0
See https://github.com/kubernetes-csi/external-provisioner/releases/tag/v1.4.0
See https://github.com/kubernetes-csi/external-provisioner/blob/v1.4.0/CHANGELOG-1.4.md
2020-01-02 15:53:07 +00:00
Madhu Rajanna
f69ec085cc Improve logging while waiting for deployment to complete
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2019-12-31 06:10:40 +00:00
Madhu Rajanna
ad7e5ca301 Add E2E for block PVC resize
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2019-12-31 06:10:40 +00:00
Madhu Rajanna
374e47046f Move resize E2E to new resize.go file
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2019-12-31 06:10:40 +00:00
Madhu Rajanna
3394432371 Fix block resize issue in RBD
For the filesystem resize the stagingPath will
be passed to NodeExpandVolume and for the block
resize the targetpath will be passed.
Added code to handle resize for both block and
file system resize

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2019-12-31 06:10:40 +00:00
Sébastien Bernard
40b04d2f3a Add missing env for namespace. 2019-12-20 13:59:15 +00:00
Madhu Rajanna
7d15992769 Enable logging in E2E if test fails
source: https://github.com/kubernetes/kubernetes/blob/master/test/e2e/framework/kubectl/kubectl_utils.go
kubectlLogPod function is not exposed in above code so copied it.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2019-12-18 12:35:17 +00:00
Madhu Rajanna
b4f20e941c Enable Block E2E for rbd
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2019-12-18 12:35:17 +00:00
Madhu Rajanna
72e3767594 Replace Warningf and Infof with Errorf
incase of err, log as Errorf instead of
warningf and Infof

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2019-12-17 14:25:34 +00:00
Madhu Rajanna
85960b6571 Add ID based logging for ExpandVolume
Updated logging to log ReqID

Fixes: #732

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2019-12-17 14:25:34 +00:00
Madhu Rajanna
dcafdb519e discard umount error if directory is not mounted
if the directory is not mounted return nil
during umount of mountPoint

Discard error if error is os.IsNotExist

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2019-12-17 13:33:41 +00:00
Madhu Rajanna
b849b7daaa Fix leader election flag in deployment files
Fixes: https://github.com/ceph/ceph-csi/issues/748

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2019-12-17 12:19:01 +00:00
Madhu Rajanna
f281eba475 Validate rbd image name in NodeExpand
Added one more validation in NodeExpand for
the volume name from the request and the image
name stored in the staging path metadata.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2019-12-17 11:33:50 +00:00
Vasyl Purchel
166eaf700f Adds PVC encryption with LUKS
Adds encryption in StorageClass as a parameter. Encryption passphrase is
stored in kubernetes secrets per StorageClass. Implements rbd volume
encryption relying on dm-crypt and cryptsetup using LUKS extension

The change is related to proposal made earlier. This is a first part of
the full feature that adds encryption with passphrase stored in secrets.

Signed-off-by: Vasyl Purchel vasyl.purchel@workday.com
Signed-off-by: Andrea Baglioni andrea.baglioni@workday.com
Signed-off-by: Ioannis Papaioannou ioannis.papaioannou@workday.com
Signed-off-by: Paul Mc Auley paul.mcauley@workday.com
Signed-off-by: Sergio de Carvalho sergio.carvalho@workday.com
2019-12-16 08:12:44 +00:00
Humble Chirammal
7c8e66e427 Add resize check for XFS formatted FS
Lock out parellel requests against same volumeID
Remove pod after resize and validation in E2E

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2019-12-13 12:40:12 +00:00
Humble Chirammal
8e437244de Enable RBD resizer in travis
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2019-12-13 12:40:12 +00:00
Humble Chirammal
e69f462336 Add e2e tests for RBD resizer
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2019-12-13 12:40:12 +00:00
Humble Chirammal
7e59c0ed78 Change deployment artifacts for RBD resizer
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2019-12-13 12:40:12 +00:00
Humble Chirammal
2f2585dc3c Resize RBD CSI volumes on demand of CO resize request
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2019-12-13 12:40:12 +00:00
Madhu Rajanna
aa32e8b43b update E2E testing to 1.15.6 and 1.17.0
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2019-12-13 11:45:54 +00:00
Madhu Rajanna
0ae7cd36ce Update minikube to latest released version
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2019-12-13 11:45:54 +00:00
Woohyung Han
8a16f740d6 Update golangci-lint version to v1.21.0
Signed-off-by: Woohyung Han <techhanx@gmail.com>
2019-12-12 04:57:14 +00:00
Madhu Rajanna
118f34525e Remove deprecated containerized
As we are moving towards v2.0.0 I think
it's a good time to remove the deprecated flag.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2019-12-11 14:44:35 +00:00
Madhu Rajanna
9e0cd4805c Update readme to add new ceph-csi releases
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2019-12-11 14:23:41 +00:00
Woohyung Han
5c96ab1d0e Fix to use kubectl create not kubectl apply in the e2e
Signed-off-by: Woohyung Han <techhanx@gmail.com>
2019-12-11 09:31:03 +00:00
Woohyung Han
2c9d711463 Move rook-deploy code from e2e to ./scripts/minikube.sh
We have the e2e test with --deploy-rook=true that makes all test
environment. It works fine, but It does not seem to be the role of
e2e test. In addition, when developing the code we need to run full
test scenario with deploying rook every time, or we need to build
rook environment by hand. Move rook-deploy code to minikube.sh.
2019-12-05 12:32:59 +00:00
Woohyung Han
685e2540a8 Fix typo in deleteConfigMap 2019-12-04 04:31:50 +00:00
Jorge Isnardo Altamirano
dccbf484a8 fixed toYaml 2019-12-03 13:36:44 +00:00
Woohyung Han
63589f3314 Fix kubeconfig default working correctly
Kuberentes e2e framework get kubeconfig information from
KUBECONFIG environment variable. set the variable by default.
2019-12-02 10:02:47 +00:00
Humble Chirammal
671e2d814a Add volumesize roundoff for expandrequest
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2019-11-27 14:00:47 +00:00
Humble Chirammal
ac09c5553c Add E2E for cephfs resize functionality
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2019-11-27 14:00:47 +00:00
Humble Chirammal
daad8070ac Add resize side car to helm charts
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2019-11-27 14:00:47 +00:00
Humble Chirammal
b721accaf5 Resize CephFS Volumes
This feature enables CephFS Volume expansion on demand
based on the CO resizer request.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2019-11-27 14:00:47 +00:00
Madhu Rajanna
d590434374 Delete provisioner deployment deployed by rook
If kube version is == 1.13.x cephfs
and rbd provisioner are deployed as statefulset
and if kube version is > 1.13.x cephfs and
rbd provisioner are deployed as deployment

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2019-11-20 17:45:04 +00:00
techhanx
b1efb36b38 Add skip wait for rook-ceph-agent when version > 1.1.0
after version 1.1.0, flex driver is disabled and doesn't need to
wait for rook-ceph-agent pod anymore. Add skip wait for rook-ceph
-agent.
2019-11-19 11:43:39 +00:00
Niels de Vos
290beb4dda cephfs: add kernel version detection for mounting with client
Linux kernel 4.17.0 adds support for quota with CephFS. Without quota,
it is not possible to fullfill the requirements of the CSI Spec and
guarantee sufficient space on the filesystem for a volume. With this in
mind, usage of the kernel client is only allowed with kernel 4.17.0 or
newer.

However, some Linux vendors backport features and patches to their
Enterprise products. These kernels may have an older version, but do
support quota. One of these is the kernel that comes with RHEL-7.7.

By comparing the current running version of the Linux kernel against
known versions that support quota, we can now automatically decide to
use the kernel client, or not.

Note that this does not change the 'forcekernelclient' parameter. The
parameter is still available and can be used for kernels that are not in
the 'known to support quota list'. Or users can pass the parameter to
use a CephFS kernel client that does not support quota.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2019-11-13 11:56:09 +00:00
Madhu Rajanna
dfc3562e29 Add Version flag to cephcsi
This will be helpful if someone wants
to check the cephcsi version

output
```
docker run quay.io/cephcsi/cephcsi:v1.2.1 --version
Cephcsi Version: v1.2.1
Git Commit: 4b871366327d63e27fc1abfb699f0faaf0fc16b9
GoVersion: go1.12.5
Compiler: gc
Platform: linux/amd64
```

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2019-11-06 12:35:28 +00:00
techhanx
8e117db80d Change e2e rook-ceph default version to 'v1.1.2' not master
When rook-ceph is upgraded and changed some feature, e2e can be
failed. Change rook-ceph default verion to 'v1.1.2' explicitly
which is working fine in current code.
2019-10-21 08:40:58 +00:00
techhanx
e4b4c70d92 Delete IDE releated files in .gitignore
The IDE is a user preference, and they should configure in
individual envrionment. Delete IDE releated files in the
gitignore.
2019-10-17 08:17:27 +00:00
Stefan Haas
6a2717ce20 Added forcecephkernelclient as startup parameter to force enabling ceph
Signed-off-by: Stefan Haas <shaas@suse.com>
2019-10-16 06:47:10 +00:00