Commit Graph

349 Commits

Author SHA1 Message Date
Ali Afsharzadeh
1c93d9e4a6 build: refactor dockerfile to simplify selinux config directory creation
Signed-off-by: Ali Afsharzadeh <afsharzadeh8@gmail.com>
2024-12-09 14:39:34 +00:00
yati1998
a6f1af49c6 doc: resturcture the doc folder
This commit is the restructure the doc folder to
include sub-folders like csi-addons, rbd, cephfs
to contain related docs and other general docs can be
placed under doc folder.
This will enhance the doc structure will make it easier
for the users to search the docs as it get more populated.

Signed-off-by: yati1998 <ypadia@redhat.com>
2024-10-29 15:21:36 +00:00
Niels de Vos
512bba485b build: remove conflicting protobuf package
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-10-22 13:53:10 +00:00
Praveen M
c7f41cf84b util: add GetCephFSRadosNamespace method
This commit adds `GetCephFSRadosNamespace` util method that returns
the `RadosNamespace` specified in ceph-csi-config ConfigMap under
cephFS.radosNamespace.

If not specified, the method returns the default RadosNamespace
i.e, csi.

Signed-off-by: Praveen M <m.praveen@ibm.com>
2024-10-21 14:11:27 +00:00
Niels de Vos
8ddb615df2 build: no need to use the CentOS 8 archived repositories on CentOS 9
The Ceph base container-image moved to CentOS Stream 9, so there is no
need to adapt the repositories anymore.

Closes: #4659
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-10-16 16:17:04 +00:00
Nikhil-Ladha
cf2a262e09 nfs: expose csi metrics of sidecars
Expose csi metrics of sidecars deployed by nfs driver

Signed-off-by: Nikhil-Ladha <nikhilladha1999@gmail.com>
2024-10-10 15:11:20 +00:00
Nikhil-Ladha
209240de91 rbd: expose csi metrics of sidecars
Expose csi metrics of sidecars deployed by rbd driver

Signed-off-by: Nikhil-Ladha <nikhilladha1999@gmail.com>
2024-10-10 15:11:20 +00:00
Nikhil-Ladha
dfd8550667 cephfs: expose csi metrics of sidecars
Expose csi metrics of sidecars deployed by cephfs driver

Signed-off-by: Nikhil-Ladha <nikhilladha1999@gmail.com>
2024-10-10 15:11:20 +00:00
Praveen M
55f221ff50 deploy: add immediate-topology flag to external-provisioner
In csi-external-provisioner: v5.0.1, topology-aware
provisioning is enabled by default. As a result provisioner
now expects toologyKeys to be present in CSINode object which
must be passed by user via `--domainlabels` flag in RBD nodeplugin.

Issue: Users upgrading to v3.12.0 who were not previously using
topology-aware provisioning may encounter issues when provisionining
RBD PVCs, as the `--domainlabels` flag might not be set.

Fix: To address this, add `--immediate-topology=false` to disable
topology-aware provisioning. User requiring topology-aware
provisioning should provided the volumeBindingMode as
`WaitForFirstConsumer` and `TopologyConstrainedPools` as required in
the StorageClass and configure `--domainlabels` flag in RBD nodeplugin.

Signed-off-by: Praveen M <m.praveen@ibm.com>
2024-08-21 13:39:53 +00:00
ShravaniVangur
0eabe32b76 deploy: setting RequiredDropCapabilities to ALL for ceph-csi scc
This commit sets the RequiredDropCapabilities of ceph-csi to "ALL".

Signed-off-by: ShravaniVangur <shravanivangur@gmail.com>
2024-08-15 12:00:02 +00:00
Praveen M
0e4d455e54 deploy: update CSI sidecar driver-registrar to v2.11.1
Signed-off-by: Praveen M <m.praveen@ibm.com>
2024-07-17 12:05:41 +00:00
Praveen M
5118ff64e8 deploy: remove feature gate topology.
This commit removes the Topology feature gate as it is now enabled by default
and will be removed in a future release. It is CSI driver's responsibility to
report capability `VOLUME_ACCESSIBILITY_CONSTRAINTS` so that topology gets
enabled in external-provisioner. When driver doesn't report it,
external-provisioner disables topology support.

As of this change, Only RBD driver supports topology based volume provisioning
and it reports the `VOLUME_ACCESSIBILITY_CONSTRAINTS` capability,
enabling topology support in the external-provisioner.

Signed-off-by: Praveen M <m.praveen@ibm.com>
2024-06-13 10:08:15 +00:00
Praveen M
5709b45b3a deploy: update CSI sidecars to latest versions available
Below sidecars are updated with latest available versions

csi-node-driver-registrar: v2.10.1
csi-resizer: v1.11.1
csi-provisioner: v5.0.1
csi-attacher: v4.6.1
csi-snapshotter: v8.0.1

Signed-off-by: Praveen M <m.praveen@ibm.com>
2024-06-13 10:08:15 +00:00
Praveen M
5809628523 ci: update centos stream 8 baseurl
Since CentOS Stream 8 is EOL, this commit updates the
config to use vault.centos.org for CentOS Stream 8.
This should be removed once the base image (ceph) is
updated to a version with a newer CentOS.

Signed-off-by: Praveen M <m.praveen@ibm.com>
2024-06-05 09:51:07 +00:00
Praveen M
b095e0441a deploy: update CSI sidecars to latest versions available
Below sidecars are updated with latest available versions

csi-node-driver-registrar: v2.10.1
csi-resizer: v1.10.1
csi-provisioner: v4.0.1
csi-attacher: v4.5.1
csi-snapshotter: v7.0.2

Signed-off-by: Praveen M <m.praveen@ibm.com>
2024-04-23 13:49:14 +00:00
Madhu Rajanna
4c2d2caf9f util: add support to configure mirror daemon count
Currently we are assuming that only one
rbd mirror daemon running on the ceph cluster
but that is not true for many cases and it
can be more that one, this PR make this as a
configurable parameter.

fixes: #4312

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-04-22 09:49:59 +00:00
Praveen M
bd07dd4e71 rbd: deployment changes to support VGS
Signed-off-by: Praveen M <m.praveen@ibm.com>
2024-03-18 17:00:45 +00:00
Niels de Vos
6f0d9a5d59 deploy: include ServiceAccount in the NFS provisioner RBAC artifact
It seems that the ServiceAccount was not created anymore, this causes
problems with provisioning volumes.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-03-15 08:02:25 +00:00
Niels de Vos
a6466fb1ca build: add NFS provisioner RBAC to generated artifacts
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-03-14 09:27:07 +00:00
Madhu Rajanna
a36412e709 cephfs: deployment changes to support VGS
deployment changes to support VGS for
cephfs.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-02-22 15:21:07 +00:00
Niels de Vos
c9e64f9478 deploy: make the csi-*plugin containers the default for kubectl commands
When issues or bugs are reported, users often share the logs of the
default container in a Pod. These logs do not contain the required
information, as that mostly only can be found in the logs of the
Ceph-CSI container (named csi-cephfsplugin or csi-rbdplugin).

By moving the Ceph-CSI containers in the Pods to the 1st in the list,
they become the default container for commands like `kubectl logs`.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
2024-02-14 16:23:52 +00:00
Praveen M
fc6d34abaf deploy: update CSI sidecars to latest versions available
Below sidecars are updated with latest available versions

csi-node-driver-registrar: v2.10.0
csi-resizer: v1.10.0
csi-provisioner: v4.0.0
csi-attacher: v4.5.0
csi-snapshotter: v7.0.0

Signed-off-by: Praveen M <m.praveen@ibm.com>
2024-02-10 14:37:34 +00:00
Riya Singhal
3cc47f37dc deploy: update csi sidecars to latest versions
Signed-off-by: Riya Singhal <rsinghal@redhat.com>
2024-01-04 12:24:46 +00:00
Niels de Vos
1f09ca26eb build: create /etc/selinux/config in case it is missing
Sometimes the Ceph container images seem to have a broken scriptlet
while installing/updating Ceph packages. It is relatively common for
them to fail when `/etc/selinux/config` does not exist. By ensuring the
file directory and file exist (even if empty), the package installation
or upgrades succeed.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-12-19 13:06:50 +00:00
Sebastian Hoß
b25a02e0df deploy: use release repository for csi-resizer
The image is now available in the release repository and can be fetched from
there instead of the staging repository.

Signed-off-by: Sebastian Hoß <seb@xn--ho-hia.de>
2023-12-14 17:40:32 +00:00
Praveen M
7e262515a8 nfs: enable featuregate for volume expansion recovery
The commit enables the featuregate for volume expansion recovery
in NFS.

Signed-off-by: Praveen M <m.praveen@ibm.com>
2023-11-23 21:18:30 +00:00
Riya Singhal
5e80c6aee0 rebase: install libcephfs-devel
Signed-off-by: Riya Singhal <rsinghal@redhat.com>
2023-11-23 00:55:17 +00:00
Praveen M
4d466843b9 cephfs: add read affinity mount option
This commit makes use of crush location labels from node
labels to supply `crush_location` and `read_from_replica=localize`
options during mount. Using these options, cephfs
will be able to redirect reads to the closest OSD,
improving performance.

Signed-off-by: Praveen M <m.praveen@ibm.com>
2023-11-22 13:13:01 +00:00
Praveen M
afe3873947 deploy: update CSI sidecars to latest versions available
Below sidecars are updated with latest available versions

csi-node-driver-registrar: v2.9.1
csi-resizer: v1.9.2
csi-provisioner: v3.6.2
csi-attacher: v4.4.2
csi-snapshotter: v6.3.2

Signed-off-by: Praveen M <m.praveen@ibm.com>
2023-11-20 11:42:52 +00:00
Praveen M
fb8bb3f576 cephfs: support for kernelMountOptions & fuseMountOptions per cluster
Implemented the capability to include kernel mount options and
fuse mount options for individual clusters within the ceph-csi-config
ConfigMap.This allows users to configure the kernel/fuse mount options
for each cluster separately. The mount options specified in the ConfigMap
will supersede those provided via command line arguments.

Signed-off-by: Praveen M <m.praveen@ibm.com>
2023-11-15 11:43:27 +00:00
Praveen M
1e4ff115a7 util: added GetCephFSMountOptions method
This commit adds GetCephFSMountOptions util method which returns
KernelMountOptions and fuseMountOptions for cluster `clusterID`.

Signed-off-by: Praveen M <m.praveen@ibm.com>
2023-11-15 11:43:27 +00:00
Praveen M
5df2a23f43 doc: updated doc for subvolumegroup creation
Signed-off-by: Praveen M <m.praveen@ibm.com>
2023-11-10 11:41:35 +00:00
Niels de Vos
d753eaa016 build: make sure nfs-utils is installed
Ceph is minimizing their container-images, which can cause the
`nfs-utils` package to be dropped. As Ceph-CSI supports mounting NFS, it
needs the `/sbin/mount.nfs` executable, so install the package (or a
no-op if it is installed already).

See-also: https://rook-io.slack.com/archives/C46Q5UC05/p1699188662893109
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-11-09 12:00:40 +00:00
Praveen M
c4e373c72f deploy: support for read affinity options per cluster
Implemented the capability to include read affinity options
for individual clusters within the ceph-csi-config ConfigMap.
This allows users to configure the crush location for each
cluster separately. The read affinity options specified in
the ConfigMap will supersede those provided via command line arguments.

Signed-off-by: Praveen M <m.praveen@ibm.com>
2023-11-08 21:17:00 +00:00
Praveen M
cf577e39af deploy: update CSI sidecars to latest versions available
Below sidecars are updated with latest available versions

csi-node-driver-registrar: v2.9.0
csi-resizer: v1.9.0
csi-provisioner: v3.6.0
csi-attacher: v4.4.0
csi-snapshotter: v6.3.0

Signed-off-by: Praveen M <m.praveen@ibm.com>
2023-09-20 08:20:38 +00:00
Madhu Rajanna
d45bb12cc1 build: disable ganesha package in Dockerfile
disable ganesha as dnf update is
failing on Reef ceph version.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2023-08-25 17:50:40 +00:00
Niels de Vos
16e5de5e1d build: use lower version for dependencies if repositories are broken
Some packages have dependencies on other repositories. On occasion these
repositories seem to be out-of-sync. In that case, install updates with
an older version, instead of erroring out.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-08-25 11:43:03 +00:00
Madhu Rajanna
ff030f12e1 deploy: use resizer canary image
use resizer canary image to as it
might contain fix for pvc resize
with kubernetes 1.28

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2023-08-25 11:43:03 +00:00
Niels de Vos
0efe8e4711 build: disable ceph-iscsi repository
The ceph-iscsi repository seems to provide broken metadata or packages.
Ceph-CSI does not need to install them, so disable the repository for
now.

It seems that other repositories gave issues before too, but these
repositories were disabled after installing all available updates. For
ceph-iscsi updating fails already, so disable the repositories before
updating.

Updates: #2034
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-07-03 12:10:49 +00:00
Rakshith R
c0201e493b deploy: set seLinuxMount to true for csidriver objects
Setting seLinuxMount:true in csidriver objects advertize
that the driver supports passing selinux label in mount
options.

refer: https://kubernetes.io/blog/2023/04/18/ \
kubernetes-1-27-efficient-selinux-relabeling-beta/

Signed-off-by: Rakshith R <rar@redhat.com>
2023-06-19 09:51:40 +00:00
karthik-us
6ac3a4dabc cleanup: Move common files to deploy folder
Few common files related to deployments were kept
in the examples folder initially. Moving them to
deploy folder and updating the relevant files.

Signed-off-by: karthik-us <ksubrahm@redhat.com>
2023-06-07 12:51:43 +00:00
iPraveenParihar
40c1d32518 deploy: update CSI sidecars to latest versions available
Below sidecars are updated with latest available versions

csi-node-driver-registrar: v2.8.0
csi-attacher: v4.3.0
csi-resizer: v1.8.0
csi-snapshotter: v6.2.2
csi-provisioner: v3.5.0

Signed-off-by: iPraveenParihar <praveenparihar68@gmail.com>
2023-06-01 19:06:53 +00:00
riya-singhal31
54fa028465 deploy: move cephfs/csidriver to API
Signed-off-by: riya-singhal31 <rsinghal@redhat.com>
2023-05-25 12:24:28 +00:00
riya-singhal31
802df8f69b deploy: move cephfs/csi-config-map to API
Signed-off-by: riya-singhal31 <rsinghal@redhat.com>
2023-05-25 12:24:28 +00:00
riya-singhal31
f12cd9c986 ci: fix codespell failure
Signed-off-by: riya-singhal31 <rsinghal@redhat.com>
2023-04-20 15:24:35 +00:00
Rakshith R
db8320ce51 doc: add documentation regarding read affinity
This commit adds documentation about read affinity supported
for rbd volumes.

Signed-off-by: Rakshith R <rar@redhat.com>
2023-02-14 08:29:46 +00:00
Gert van den Berg
c3d5b78276 build: Update packages in release image
This will get updates released after the base image was built. This adds a layer
and increase the image size, but significantly reduce the number of CVEs in the
resultant image.

Signed-off-by: Gert van den Berg <github@mohag.net>
2023-02-01 15:47:31 +00:00
Humble Chirammal
31f0ac6e2d deploy: update node-driver-registrar to v2.6.2
This version has a fix for an important bug at kubelet
registration path.
https://github.com/kubernetes-csi/node-driver-registrar/pull/247

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-12-08 11:50:40 +00:00
Marcel Lauhoff
5da977db8a deploy: Remove unnecessary RBAC permissions
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
2022-11-23 12:21:02 +00:00
Marcel Lauhoff
0e66c3211a deploy: Add KMS configuration to Ceph FS
Adds necessary KMS configuration based on the RBD configuration to use
Ceph FS with fscrypt

Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
2022-11-23 12:21:02 +00:00