Commit Graph

2810 Commits

Author SHA1 Message Date
Humble Chirammal
f822600689 rbd: change the keyprotect metadata name to ibmkeyprotect
To be consistent with other components and also to explictly
state it belong to `ibm keyprotect` service introducing this
change

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-01-26 02:28:05 +00:00
Humble Chirammal
7ff048bf1e e2e: add podsecuritycontext fsgroup for normal user validation
considering the pod has run as normal user, the fsgroup has also
set to the same.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-01-25 16:25:11 +00:00
Humble Chirammal
bf4ba0ec84 rbd: dont attempt explicit permission mod change from the RBD driver
currently we are overriding the permission to `0o777` at time of node
stage which is not the correct action. That said, this permission
change causes an extra permission correction at time of nodestaging
by the CO while the FSGROUP change policy has been set to
`OnRootMismatch`.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-01-25 16:25:11 +00:00
dependabot[bot]
5f4c6e033b rebase: bump github.com/aws/aws-sdk-go from 1.42.37 to 1.42.40
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.42.37 to 1.42.40.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.42.37...v1.42.40)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-25 13:28:05 +00:00
dependabot[bot]
9c1c1306cb rebase: bump github.com/hashicorp/vault/api from 1.3.0 to 1.3.1
Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/hashicorp/vault/releases)
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/vault/compare/v1.3.0...v1.3.1)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-25 08:27:29 +00:00
Madhu Rajanna
bce5c3dc7c doc: update upgrade doc for 3.5.1
updating upgrade to to point to 3.5.1
for upgrades a 3.5.1 release is out.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-01-24 12:45:31 +00:00
Madhu Rajanna
6df71410e3 doc: update readme for 3.5.1 release
updated Readme for 3.5.1 release.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-01-24 12:45:31 +00:00
Madhu Rajanna
f0a2a20466 ci: update minikube to latest release
update minikube to latest release i.e
1.25.0

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-01-24 09:07:32 +00:00
Madhu Rajanna
8096dd47e4 cleanup: remove unwanted type declaration
removed unwanted int64 type declaration to
fix style check.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-01-24 05:25:11 +00:00
Madhu Rajanna
9c841c83d4 cleanup: rename errorPair to pairError
to fix the errname check renaming the
struct.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-01-24 05:25:11 +00:00
Madhu Rajanna
4938fc2ff4 cleanup: use 0o600 intead of 0600
as we are using 0o600 in multiple files
use the same in all files which also fixes
go lint issue.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-01-24 05:25:11 +00:00
Madhu Rajanna
c67bacdb11 cleanup: use %s instead of %w for t.Errorf
As t.Errorf does not support error-wrapping
directive using %s.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-01-24 05:25:11 +00:00
Madhu Rajanna
813f6c30cc cleanup: use WriteString instead of Write
use WriteString instead of Write  for the temp
files.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-01-24 05:25:11 +00:00
Madhu Rajanna
aba6979d29 cleanup: use os.ReadFile to read file
as ioutil.ReadFile is deprecated and
suggestion is to use os.ReadFile as
per https://pkg.go.dev/io/ioutil updating
the same.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-01-24 05:25:11 +00:00
Madhu Rajanna
562dff0d19 cleanup: use os.WriteFile to write files
as ioutil.WriteFile is deprecated and
suggestion is to use os.WriteFile as
per https://pkg.go.dev/io/ioutil updating
the same.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-01-24 05:25:11 +00:00
Madhu Rajanna
15ed9709d4 ci: skip new checks in golangci-lint
skipping new checks in golangci-lint as
its much work to addresses new check errors
in this PR.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-01-24 05:25:11 +00:00
Madhu Rajanna
1a69957e1d ci: update golangci-lint to 1.43.0
As we have latest golangci-lint 1.43.0
using the same in cephcsi.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-01-24 05:25:11 +00:00
dependabot[bot]
f56ee59515 rebase: bump github.com/aws/aws-sdk-go from 1.42.7 to 1.42.37
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.42.7 to 1.42.37.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.42.7...v1.42.37)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-21 10:25:25 +00:00
Madhu Rajanna
6f0087e870 build: use cephcsi image version from build.env
we dont need to specify the image version
separately in minikube script, use the image
version defined in the build.env

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-01-20 17:53:30 +00:00
Madhu Rajanna
6bdeffda59 build: pull ceph base image from quay.io
pull the ceph image from quay.io instead
of dockerhub.
From ceph doc, the images are available
in both quay and dockerhub
https://docs.ceph.com/en/latest/install/
containers/#official-releases but latest
images are not updated in dockerhub.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-01-20 14:28:12 +00:00
dependabot[bot]
0f53f2385f rebase: bump github.com/prometheus/client_golang from 1.11.0 to 1.12.0
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.11.0 to 1.12.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.11.0...v1.12.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-20 07:02:06 +00:00
dependabot[bot]
c313fcd69d rebase: bump k8s.io/klog/v2 from 2.30.0 to 2.40.1
Bumps [k8s.io/klog/v2](https://github.com/kubernetes/klog) from 2.30.0 to 2.40.1.
- [Release notes](https://github.com/kubernetes/klog/releases)
- [Changelog](https://github.com/kubernetes/klog/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes/klog/compare/v2.30.0...v2.40.1)

---
updated-dependencies:
- dependency-name: k8s.io/klog/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-19 13:25:35 +00:00
dependabot[bot]
bbce265ead rebase: bump google.golang.org/grpc from 1.42.0 to 1.43.0
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.42.0 to 1.43.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.42.0...v1.43.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-19 08:06:59 +00:00
Humble Chirammal
097e339d69 rbd: lift snapshot, clone and metrics to GA version
We have added enough e2e tests and the below functionality is
also proven as working based on the user reports so far. The
support at CO side is also pretty stable for these features.

* snapshot
* clone
* metrics
* RWO/RWX CephFS volumes

This commit lift the support state of above features to GA from next
release onwards.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-01-19 04:35:28 +00:00
dependabot[bot]
2200092244 rebase: bump k8s.io/kubernetes from 1.23.0 to 1.23.1
Bumps [k8s.io/kubernetes](https://github.com/kubernetes/kubernetes) from 1.23.0 to 1.23.1.
- [Release notes](https://github.com/kubernetes/kubernetes/releases)
- [Commits](https://github.com/kubernetes/kubernetes/compare/v1.23.0...v1.23.1)

---
updated-dependencies:
- dependency-name: k8s.io/kubernetes
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-17 16:39:26 +00:00
Humble Chirammal
41c7725c8c doc: move 3.3.0 and 3.3.1 to deprecated release
With the release v3.5, as per support policy we can mark
v3.3.0 and 3.3.1 to be in deprecated release list

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-01-17 12:53:41 +00:00
Madhu Rajanna
ba5809e191 rbd: make rbdImage as received for internal methods
Currently most of the internal methods have the
rbdVolume as the received. As these methods
are completely internal and requires only
the fields of the rbdImage use rbdImage
as the receiver instead of rbdVolume.

updates #2742

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-01-17 12:15:21 +00:00
Madhu Rajanna
2daf2f9f0c cephfs: log error message if clone fails
During CreateVolume from snapshot/volume,
its difficult to identify if the clone is
failed and a new clone is created. In case
of clone failure logging the error message
for better debugging.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-01-17 09:43:09 +00:00
Madhu Rajanna
d293d91c07 rbd: disallow creating small size volume from volume
as per the CSI standard the size is optional parameter,
as we are allowing the clone to a bigger size
today we need to block the clone to a smaller size
as its a have side effects like data corruption etc.

Note:- Even though this check is present in kubernetes
sidecar as CSI is CO independent adding the check
here.

updates: #2718

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-01-17 07:00:00 +00:00
Madhu Rajanna
ceafca6ddf rbd: disallow creating small size volume from snapshot
as per the CSI standard the size is optional parameter,
as we are allowing the restore to a bigger size
today we need to block the restore to a smaller size
as its a have side effects like data corruption.

Note:- Even though this check is present in kubernetes
sidecar as CSI is CO independent adding the check
here.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-01-17 07:00:00 +00:00
Humble Chirammal
f9c368f225 doc: update support matrix for release 3.5
This commit adds release 3.5 to the release support matrix.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-01-14 18:18:16 +00:00
Humble Chirammal
0078e5c8e7 deploy: update node driver registrar container to v2.4.0
This commit updates the node driver registrar container to latest
version.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-01-14 17:24:49 +05:30
Humble Chirammal
c0c2d72933 deploy: update sidecar versions to deploy values.
This commit adds latest versions of the sidecars to the build.env
to pass the latest versions on the deployment

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-01-14 17:24:49 +05:30
Humble Chirammal
0ab717f06f deploy: update csi-attacher to v3.4.0
This commit update the csi-attacher sidecar version to v3.4.0

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-01-14 17:24:49 +05:30
Humble Chirammal
ea8e360888 deploy: update sidecars to latest versions.
This commit updates sidecars to the latest available version
which is compatible with kubernetes 1.23 and csi spec 1.5

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-01-14 17:24:49 +05:30
Prasanna Kumar Kalever
1c153b120c doc: add kernel version recommendation for rbd-nbd
Without commit [1] Kernel doesn't handle io-timeout=0 correctly
Hence we recommend Kernel version 5.4 or higher that has commit [1]

[1] https://bit.ly/34CFh06

Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
2022-01-13 13:36:21 +00:00
Humble Chirammal
63913141a4 ci: add mergify rules for release-3.5 backport
This add automatic backport rules for version 3.5

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-01-13 15:25:05 +05:30
Humble Chirammal
b151325871 doc: add udgrade from v3.4 to v3.5
This commit adds the upgrade documentation from v3.4 to v3.5

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-01-13 07:13:19 +00:00
Humble Chirammal
dbb523c150 doc: add in-tree volume to csi migration usage doc
This commit adds in-tree to csi volume migration usage documentation
to the examples.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-01-12 14:54:40 +00:00
Madhu Rajanna
42d6130cbc e2e: cephfs e2e for bigger size clone,restore pvc
adding E2E to verify the bigger size clone
and restore pvc from a smaller size pvc/snapshot.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-01-12 10:44:11 +00:00
Madhu Rajanna
ef14ea7723 cephfs: resize cloned, restored volume if required
Currently, as a workaround, we are calling
the resize volume on the cloned, restore volumes
to adjust the cloned, restored volumes.
With this fix, we are calling the resize volume
only if there is a size mismatch with requested
and the volume from which the new volume needs
to be created.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-01-12 10:44:11 +00:00
Humble Chirammal
0bd1d44dc0 e2e: add rwop validation for cephfs volumes
This commit adds the rwop validation tests for cephfs.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-01-11 19:40:22 +00:00
Humble Chirammal
8737d7e0a5 e2e: add rwop validation tests for rbd filemode and block mode
This commit adds the validation tests for rbd block and filemode
PVCs.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-01-11 19:40:22 +00:00
Humble Chirammal
375e9c8a51 e2e: add rwop validation helper function in pod.go
This commit adds the rwop validation helper for rbd and cephfs tests.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-01-11 19:40:22 +00:00
Humble Chirammal
8f7016229a e2e: add example yamls for RWOP POD and PVC
This commit add example yamls for RBD and CephFS Pod and PVCs

RBD:
 Raw Block Volume and File Mode PVCs with RWOP accessmode
 Raw Block Volume POD and FileMode POD yamls referring RWOP PVC

CephFS:
 RWOP PVC and POD yaml referring RWOP PVC

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-01-11 19:40:22 +00:00
Humble Chirammal
233ac8f936 deploy: adjust minikube deployment for RWOP support
The ReadWriteOncePod feature gate need to be enabled only when we
are operating on kube 1.22 or above cluster. This commit adds the
logic to parse the kubernetes cluster at time of minikube deployment
and if it is above v1.22, enable the RWOP feature gate

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-01-11 19:40:22 +00:00
Humble Chirammal
4a69378698 rbd: introduce a helper function to detect multi writer,block & rwofile
SINGLE_NODE_WRITER capability ambiguity has been fixed in csi spec v1.5
which allows the SP drivers to declare more granular WRITE capability in form
of SINGLE_NODE_SINGLE_WRITER or SINGLE_NODE_MULTI_WRITER.

These are not really new capabilities rather capabilities introduced to
get the desired functionality from CO side based on the capabilities SP
driver support for various CSI operations, this new capabilities also help
to address new access mode RWOP (readwriteoncepod).

This commit adds a helper function which identity the request is of
multiwriter mode and also validates whether it is filesystem mode or
block mode. Based on the inspection it fails to allow multi write
requests for filesystem mode and only allow multi write request against
block mode.

This commit also adds unit tests for isMultiWriterBlock function which
validates various accesstypes and accessmodes.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-01-11 19:40:22 +00:00
Humble Chirammal
68350e8815 cephfs: add SINGLE_NODE_{SINGLE/MULTI}_WRITER capability
SINGLE_NODE_WRITER capability ambiguity has been fixed in csi spec v1.5
which allows the SP drivers to declare more granular WRITE capability.
These are not really new capabilities rather capabilities introduced to
get the desired functionality from CO side based on the capabilities SP
driver support for various CSI operations.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-01-11 19:40:22 +00:00
Humble Chirammal
3730a462f4 rbd: add SINGLE_NODE{SINGLE_MULTI}_WRITER capabilities
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-01-11 19:40:22 +00:00
Humble Chirammal
d0b846772a doc: add RWOP support matrix to README.md
This commit add RWOP support matrix to README

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-01-11 19:40:22 +00:00