Commit Graph

2907 Commits

Author SHA1 Message Date
Niels de Vos
74965fef41 deploy: fix default URL for --csi-addons-endpoint option
The --csi-addons-endpoint= option has been added recently, but was not
configured in the deployment files yet. The socket was incorrectly
created as `/csi-addons.sock`, by correcting the URL to the socket, the
socket now gets created as `/tmp/csi-addons.sock` in the same directory
as other sockets.

If an endpoint is a UNIX Domain Socket, the format needs to be
`unix:///path/to/socket`. The `unix://` URL format allows an
authentication provider to be added directly after the `//`. If there is
no authentication provider needed, the field can remain empty. After the
authetication provider, the full path needs to be specified, starting
with a `/`. This means that URLs to a UDS should start with `unix:///`
in normal cases.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-12-22 13:21:59 +00:00
Steven Reitsma
6be0e8cb51 helm: Fix missing ClusterRoleBinding for nodeplugin ServiceAccount
When topology is disabled, the ClusterRoleBinding is not created in the Helm
chart. However, the nodeplugin needs access to volumeattachments for the volume
healer.

Signed-off-by: Steven Reitsma <steven@properchaos.nl>
2021-12-22 11:06:11 +00:00
Madhu Rajanna
bc8ef89811 ci: strict rule for commit body length
body-max-line-length is added as a warning
even if the commit body is crossing the length
limit of 80 its considered as a warning not an
error. This commit moves the check from warning
to error.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-12-22 07:53:03 +00:00
Madhu Rajanna
810e285c50 rbd: reset dummy image id
dummy image rbdVolume struct is derived
from the actual one rbdVolume of the
volumeID sent in the EnableVolumeReplication
request. and the dummy rbdVolume struct contains
the image id of the actual volume because
of that when we are repairing the dummy
image the image is sent to trash but not
deleted due to the wrong image ID. resetting
the image id will makes sure the image id
is fetching from ceph cluster and same
image id will be used for manager operation.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-12-21 17:39:07 +00:00
Humble Chirammal
93e43d1a0f rebase: IBM key protect integration module dependency update
This commit adds the Key protect client SDK for the Key Protect
KMS integration to the Ceph CSI driver.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2021-12-21 17:09:50 +00:00
Humble Chirammal
967076e4ba doc: IBM key protect/HPCS design doc
This commit add the design considerations of IBM Key protect KMS
service to the Ceph CSI integration.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2021-12-21 17:09:50 +00:00
Humble Chirammal
b904c446d6 rbd: add kms unit test for key protect server
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2021-12-21 17:09:50 +00:00
Humble Chirammal
9200bc7a00 rbd: Implement Key Protect KMS integration for Ceph CSI
This commit adds the support for HPCS/Key Protect IBM KMS service
to Ceph CSI service. EncryptDEK() and DecryptDEK() of RBD volumes are
done with the help of key protect KMS server by wrapping and unwrapping
the DEK and by using the DEKStoreMetadata.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2021-12-21 17:09:50 +00:00
Humble Chirammal
c4eaf6e747 ci: place the markdown linter rule to restrict the line length at 80
This try to enforce the markdown rule for the line length to 80

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2021-12-21 14:53:13 +00:00
Humble Chirammal
3196b798cc doc: few corrections or typo fixing in design documentation
- Fixes spelling mistakes.
- Grammatical error correction.
- Wrapping the text at 80 line count..etc

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2021-12-21 14:53:13 +00:00
Madhu Rajanna
12e8e46bcf revert: remove explicit size setting of cloned volume
The ceph changes  are done on the both server and the
client side this change is not enough for remove
setting the size of cloned volumes.
this caused the regression like #2719 #2720 #2721 #2722.

This reverts commit 3565a342d5.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-12-21 14:15:46 +00:00
Humble Chirammal
0ff7062c2b doc: add helper function details to the migration design doc
This commit add some more details like helper or utility functions
which will be introduced as part of the effort and also add some more
details about the CSI operations a particular identified change touches.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2021-12-21 05:19:30 +00:00
Humble Chirammal
cf6fdcb796 e2e: adjust migration e2e tests and introduce helper functions
This commit adjust existing migration e2e tests to a couple of tests
to cover the scenarios. The seperate filesystem and block tests have
been shrinked to single one and also introduced a couple of helper
functions to setup and teardown migraition specific secret,configmap
and sc. The static pv function has been renamed to a general name
while the tests were adjusted.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2021-12-20 07:34:43 +00:00
Humble Chirammal
784c3ef06d e2e: remove unparam linter escapes from getStaticPV and getStaticPVC
This `unparam` linter escape is no longer needed and CI is failing
if we keep there. This commit remove the same and make CI happy.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2021-12-20 07:34:43 +00:00
Humble Chirammal
88911eb4e9 rbd: add migration secret support to controllerserver functions
This commit adds the migration secret request validation to expand,
create controller functions.

Ref # https://github.com/ceph/ceph-csi/issues/2509

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2021-12-20 07:34:43 +00:00
Niels de Vos
30333378ef cleanup: add IsBlockMultiNode() helper
IsBlockMultiNode() is a new helper that takes a slice of
VolumeCapability objects and checks if it includes multi-node access
and/or block-mode support.

This can then easily be used in other services that need checking for
these particular capabilities, and preventing multi-node block-mode
access.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-12-17 07:31:55 +00:00
Madhu Rajanna
50d6ea825c rbd: remove retrieving volumeHandle from PV annotation
we have added clusterID mapping to identify the volumes
in case of a failover in Disaster recovery in #1946.
with #2314 we are moving to a configuration in
configmap for clusterID and poolID mapping.
and with #2314 we have all the required information
to identify the image mappings.
This commit removes the workaround implementation done
in #1946.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-12-17 03:38:29 +00:00
Madhu Rajanna
e743e06748 ci: install arch specific go in Dockerfile.test
Instead of installing the amd64 on all the
platforms, install architecture specific go
version in test dockerfile.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-12-15 05:13:36 +00:00
Madhu Rajanna
8a3fe53e87 ci: install arch specific go in Dockerfile.devel
Instead of installing the amd64 on all the
platforms, install architecture specific go
version for devel dockerfile

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-12-15 05:13:36 +00:00
Madhu Rajanna
b1a3b02741 cleanup: remove k8s.io/utils from vendor
as part of running `go mod tidy` the unused
k8s.io/utils is removed from the vendor
directory.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-12-13 07:32:54 +00:00
Madhu Rajanna
9595c89855 ci: install findutils in dockerfile.test
currently getting find command not found
and xargs command not found when we run
the dockerfile.test. installing findutils
to fix it.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-12-13 07:32:54 +00:00
Madhu Rajanna
b114a8fdad ci: install go version specified in build.env
installed the go version specified in build.env
in the test docker image.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-12-13 07:32:54 +00:00
Madhu Rajanna
9f9ef0eca5 ci: update action go.mod to 1.17
As we are updating the cephcsi main repo
to golang 1.17, updating the action package
to golang 1.17

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-12-13 07:32:54 +00:00
Madhu Rajanna
51a5bde97f ci: update golang dependencies to 1.17.5 release
updating the depencendices to golang 1.17.5
release

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-12-13 07:32:54 +00:00
Madhu Rajanna
8bae51db12 ci: ignore go.sum from codespell check
as go-sum is auto generated, ignore checking
codespell on this file.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-12-13 07:32:54 +00:00
Madhu Rajanna
5762da3e91 rebase: update kubernetes to v1.23.0
updating go dependency to latest kubernetes
released version i.e v1.23.0

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-12-13 07:32:54 +00:00
Madhu Rajanna
42403e2ba7 rebase: add protobuf to go.mod
adding protobuf to go.mod to fix
`from implicitly required module
to add missing requirement` error

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-12-10 10:08:05 +00:00
Madhu Rajanna
b8b30eb668 rebase: update golang version to 1.17.5
This commit updates the golang to the
latest available release i.e 1.17.5

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-12-10 10:08:05 +00:00
Madhu Rajanna
99b814fe94 ci: remove kubernetes 1.20 from condition
as we added kubernetes 1.23 for mergify, removing
older version i.e 1.20 as we will run tests
only on latest 3 kubernetes releases.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-12-10 13:11:38 +05:30
Madhu Rajanna
8b48ded21f ci: add mergify condition for kubernetes 1.23
as we are running tests on kubernetes 1.23 by
default, adding mergify condition to check test
passed on kubernetes 1.23 also.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-12-10 13:11:38 +05:30
Madhu Rajanna
0bcaffc433 ci: remove release-v3.3 rules
as we are no longer supporting
the release 3.3.x removing the
mergify rules for the same.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-12-10 13:11:38 +05:30
Niels de Vos
203920d8f4 rbd: move driver component into the rbd/driver package
The rbd package contains several functions that can be used by
CSI-Addons Service implmentations. Unfortunately it is not possible to
do this, as the rbd-driver needs to import the csi-addons/rbd package to
provide the CSI-Addons server. This causes a circular import when
services use the rbd package:

 - rbd/driver.go import csi-addons/rbd
 - csi-addons/rbd import rbd (including the driver)

By moving rbd/driver.go into its own package, the circular import can be
prevented.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-12-10 07:35:26 +00:00
Niels de Vos
44d69502bc rbd: export HexStringToInteger()
HexStringToInteger() used to return a uint64, but everywhere else uint
is used. Having HexStringToInteger() return a uint as well makes it a
little easier to use when setting it with SetGlobalInt().

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-12-10 07:35:26 +00:00
Niels de Vos
8b531f337e rbd: add functions for initializing global variables
When the rbd-driver starts, it initializes some global (yuck!) variables
in the rbd package. Because the rbd-driver is moved out into its own
package, these variables can not easily be set anymore.

Introcude SetGlobalInt(), SetGlobalBool() and InitJournals() so that the
rbd-driver can configure the rbd package.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-12-10 07:35:26 +00:00
Niels de Vos
3eeac3d36c rbd: export RunVolumeHealer() so that rbd/driver can start it
The rbd-driver calls rbd.runVolumeHealer() which is not available
outside the rbd package. By moving the rbd-driver into its own package,
RunVolumeHealer() needs to be exported.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-12-10 07:35:26 +00:00
Niels de Vos
5baf9811f9 rbd: export NodeServer.mounter outside of the rbd package
NodeServer.mounter is internal to the NodeServer type, but it needs to
be initialized by the rbd-driver. The rbd-driver is moved to its own
package, so .Mounter needs to be available from there in order to set
it.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-12-10 07:35:26 +00:00
Niels de Vos
8d09134125 rbd: export GenVolFromVolID() for consumption by csi-addons
genVolFromVolID() is used by the CSI Controller service to create an
rbdVolume object from a CSI volume_id. This function is useful for
CSI-Addons Services as well, so rename it to GenVolFromVolID().

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-12-10 07:35:26 +00:00
Niels de Vos
e76bffe353 cleanup: import k8s.io/mount-utils instead of k8s.io/utils/mount
k8s.io/utils/mount has moved to k8s.io/mount-utils, and Ceph-CSI uses
that already in most locations. Only internal/util/util.go still imports
the old path.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-12-09 17:58:34 +00:00
Madhu Rajanna
4ebfeaaa75 e2e: add e2e testcase of new image features
adding e2e testcase to validate the workflow
of pvc creation and attaching to pod works for
new image features like fast-diff,obj-map,exclusive-lock
and layering.

fixes: #2695

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-12-09 12:30:42 +00:00
Yug Gupta
2bf17007d9 e2e: validate pvc-pvc clone in ec pool
Validate pvc to pvc clone in erasure
coded pools.

Signed-off-by: Yug Gupta <yuggupta27@gmail.com>
2021-12-08 18:17:22 +00:00
Yug Gupta
938051463f e2e: validate snapshot restore in ec pool
validate snapshot restore in erasure coded
pool.

Signed-off-by: Yug Gupta <yuggupta27@gmail.com>
2021-12-08 18:17:22 +00:00
Yug Gupta
34c37663c2 e2e: Verify if app can mount ec pvc
Verify if an application is able to mount
a pvc created via an erasure coded pool.

Signed-off-by: Yug Gupta <yuggupta27@gmail.com>
2021-12-08 18:17:22 +00:00
Madhu Rajanna
8081ac8251 rbd: add new image features for dummy image
The dummy image will be created with 1Mib size.
during the snapshot transfer operation the 1Mib
will be transferred even if the dummy image doesnot
contains any data. adding the new image features
`fast-diff,layering,obj-map,exclusive-lock`on the
dummy image will ensure that only the diff is
transferred to the remote cluster.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-12-07 17:34:14 +00:00
Madhu Rajanna
9a4533e549 rbd: create 1MiB size dummy image
we added a workaround for rbd scheduling by creating
a dummy image in #2656. with the fix we are creating
a dummy image of the size of the first actual rbd
image which is sent in EnableVolumeReplication request
if the actual rbd image size is 1TiB we are creating
a dummy image of 1TiB which is not good. even though
its a thin provisioned rbd images this is causing
issue for the transfer of the snapshot during
the mirroring operation.

This commit recreates the rbd image with 1MiB size
which is the smaller supported size in rbd.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-12-07 17:34:14 +00:00
Madhu Rajanna
d943fbd265 e2e: run generic ephemeral for kubernetes 1.21+
Currently, we are skipping the generic ephemeral
testing if the kubernetes version is less than
1.21 because of this one the who test suite is
getting skipped and e2e is marked as success
in 2 minutes. This commit runs the ephemeral
tests if the kube=>1.21+. If we do this, for
the lower version we can run other tests.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-12-07 15:02:45 +00:00
Humble Chirammal
73ecf06f97 ci: rename golangci linter github action file to proper name
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2021-12-07 09:12:10 +00:00
Konstantin Shalygin
7411773f73 rbd: added RBD features support for krbd
Added support for `object-map, fast-diff`

Signed-off-by: Konstantin Shalygin <k0ste@k0ste.ru>
2021-12-07 07:38:24 +00:00
Madhu Rajanna
64ce5e0949 rbd: check local image state during promote operation
rbd mirroring CLI calls are async and it doesn't wait
for the operation to be completed. ex:- `rbd mirror image enable`
it will enable the mirroring on the image but it doesn't
ensure that the image is mirroring enabled and healthy
primary. The same goes for the promote volume also.
This commits adds a check-in PromoteVolume to make sure
the image in a healthy state i.e `up+stopped`.

note:- not considering any intermediate states to make
sure the image is completely healthy before responding
success to the RPC call.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-12-01 20:19:05 +00:00
Prasanna Kumar Kalever
e7d8834149 rbd: enabe journal based mirroring
Journal-based RADOS block device mirroring ensures point-in-time
consistent replicas of all changes to an image, including reads and
writes, block device resizing, snapshots, clones, and flattening.

Journaling-based mirroring records all modifications to an image in the
order in which they occur. This ensures that a crash-consistent mirror
of an image is available.

Mirroring when configured in journal mode, mirroring will
utilize the RBD journaling image feature to replicate the image
contents. If the RBD journaling image feature is not yet enabled on the
image, it will be automatically enabled.

Fixes: #2018
Co-authored-by: Madhu Rajanna <madhupr007@gmail.com>
Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
2021-12-01 14:12:30 +00:00
Niels de Vos
ab76459e87 rbd: implement CSI-Addons Identity Service
Depending on the way Ceph-CSI is deployed, the capabilities will be
configured for the GetCapabilities procedure. The other procedures are
more straight-forward.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-12-01 06:31:09 +00:00