Skip to content

Commit

Permalink
csi: accept list of caps during validation in volume register
Browse files Browse the repository at this point in the history
When `nomad volume create` was introduced in Nomad 1.1.0, we changed the
volume spec to take a list of capabilities rather than a single capability, to
meet the requirements of the CSI spec. When a volume is registered via `nomad
volume register`, we should be using the same fields to validate the volume
with the controller plugin.
  • Loading branch information
tgross committed Jun 4, 2021
1 parent 24e963f commit 9a8c68f
Show file tree
Hide file tree
Showing 6 changed files with 48 additions and 32 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ BUG FIXES:
* cli: Fixed a bug where `quota status` and `namespace status` commands may panic if the CLI targets a pre-1.1.0 cluster [[GH-10620](https://github.com/hashicorp/nomad/pull/10620)]
* cli: Fixed a bug where `alloc exec` may fail with "unexpected EOF" without returning the exit code after a command [[GH-10657](https://github.com/hashicorp/nomad/issues/10657)]
* csi: Fixed a bug where `mount_options` were not passed to CSI controller plugins for validation during volume creation and mounting. [[GH-10643](https://github.com/hashicorp/nomad/issues/10643)]
* csi: Fixed a bug where `capability` blocks were not passed to CSI controller plugins for validation for `nomad volume register` commands. [[GH-10703](https://github.com/hashicorp/nomad/issues/10703)]
* drivers/exec: Fixed a bug where `exec` and `java` tasks inherit the Nomad agent's `oom_score_adj` value [[GH-10698](https://github.com/hashicorp/nomad/issues/10698)]
* quotas (Enterprise): Fixed a bug where stopped allocations for a failed deployment can be double-credited to quota limits, resulting in a quota limit bypass. [[GH-10694](https://github.com/hashicorp/nomad/issues/10694)]
* ui: Fixed a bug where exec would not work across regions. [[GH-10539](https://github.com/hashicorp/nomad/issues/10539)]
Expand Down
16 changes: 10 additions & 6 deletions client/csi_endpoint_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -206,9 +206,11 @@ func TestCSIController_ValidateVolume(t *testing.T) {
CSIControllerQuery: structs.CSIControllerQuery{
PluginID: fakePlugin.Name,
},
VolumeID: "1234-4321-1234-4321",
AttachmentMode: nstructs.CSIVolumeAttachmentMode("bar"),
AccessMode: nstructs.CSIVolumeAccessModeMultiNodeReader,
VolumeID: "1234-4321-1234-4321",
VolumeCapabilities: []*nstructs.CSIVolumeCapability{{
AttachmentMode: nstructs.CSIVolumeAttachmentMode("bar"),
AccessMode: nstructs.CSIVolumeAccessModeMultiNodeReader,
}},
},
ExpectedErr: errors.New("CSI.ControllerValidateVolume: unknown volume attachment mode: bar"),
},
Expand All @@ -218,9 +220,11 @@ func TestCSIController_ValidateVolume(t *testing.T) {
CSIControllerQuery: structs.CSIControllerQuery{
PluginID: fakePlugin.Name,
},
VolumeID: "1234-4321-1234-4321",
AttachmentMode: nstructs.CSIVolumeAttachmentModeFilesystem,
AccessMode: nstructs.CSIVolumeAccessMode("foo"),
VolumeID: "1234-4321-1234-4321",
VolumeCapabilities: []*nstructs.CSIVolumeCapability{{
AttachmentMode: nstructs.CSIVolumeAttachmentModeFilesystem,
AccessMode: nstructs.CSIVolumeAccessMode("foo"),
}},
},
ExpectedErr: errors.New("CSI.ControllerValidateVolume: unknown volume access mode: foo"),
},
Expand Down
29 changes: 19 additions & 10 deletions client/structs/csi.go
Original file line number Diff line number Diff line change
Expand Up @@ -54,10 +54,14 @@ func (c *CSIControllerQuery) SetControllerNodeID(nodeID string) {
type ClientCSIControllerValidateVolumeRequest struct {
VolumeID string // note: this is the external ID

VolumeCapabilities []*structs.CSIVolumeCapability
MountOptions *structs.CSIMountOptions
Secrets structs.CSISecrets

// COMPAT(1.1.1): the AttachmentMode and AccessMode fields are deprecated
// and replaced by the VolumeCapabilities field above
AttachmentMode structs.CSIVolumeAttachmentMode
AccessMode structs.CSIVolumeAccessMode
MountOptions *structs.CSIMountOptions
Secrets structs.CSISecrets

// Parameters as returned by storage provider in CreateVolumeResponse.
// This field is optional.
Expand All @@ -75,18 +79,23 @@ func (c *ClientCSIControllerValidateVolumeRequest) ToCSIRequest() (*csi.Controll
return &csi.ControllerValidateVolumeRequest{}, nil
}

caps, err := csi.VolumeCapabilityFromStructs(c.AttachmentMode, c.AccessMode, c.MountOptions)
if err != nil {
return nil, err
}

return &csi.ControllerValidateVolumeRequest{
creq := &csi.ControllerValidateVolumeRequest{
ExternalID: c.VolumeID,
Secrets: c.Secrets,
Capabilities: caps,
Capabilities: []*csi.VolumeCapability{},
Parameters: c.Parameters,
Context: c.Context,
}, nil
}

for _, cap := range c.VolumeCapabilities {
ccap, err := csi.VolumeCapabilityFromStructs(
cap.AttachmentMode, cap.AccessMode, c.MountOptions)
if err != nil {
return nil, err
}
creq.Capabilities = append(creq.Capabilities, ccap)
}
return creq, nil
}

type ClientCSIControllerValidateVolumeResponse struct {
Expand Down
11 changes: 5 additions & 6 deletions nomad/csi_endpoint.go
Original file line number Diff line number Diff line change
Expand Up @@ -249,12 +249,11 @@ func (v *CSIVolume) controllerValidateVolume(req *structs.CSIVolumeRegisterReque

method := "ClientCSI.ControllerValidateVolume"
cReq := &cstructs.ClientCSIControllerValidateVolumeRequest{
VolumeID: vol.RemoteID(),
AttachmentMode: vol.AttachmentMode,
AccessMode: vol.AccessMode,
Secrets: vol.Secrets,
Parameters: vol.Parameters,
Context: vol.Context,
VolumeID: vol.RemoteID(),
VolumeCapabilities: vol.RequestedCapabilities,
Secrets: vol.Secrets,
Parameters: vol.Parameters,
Context: vol.Context,
}
cReq.PluginID = plugin.ID
cResp := &cstructs.ClientCSIControllerValidateVolumeResponse{}
Expand Down
4 changes: 2 additions & 2 deletions plugins/csi/client_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -664,14 +664,14 @@ func TestClient_RPC_ControllerValidateVolume(t *testing.T) {
_, cc, _, client := newTestClient()
defer client.Close()

requestedCaps := &VolumeCapability{
requestedCaps := []*VolumeCapability{{
AccessType: tc.AccessType,
AccessMode: tc.AccessMode,
MountVolume: &structs.CSIMountOptions{ // should be ignored
FSType: "ext4",
MountFlags: []string{"noatime", "errors=remount-ro"},
},
}
}}
req := &ControllerValidateVolumeRequest{
ExternalID: "volumeID",
Secrets: structs.CSISecrets{},
Expand Down
19 changes: 11 additions & 8 deletions plugins/csi/plugin.go
Original file line number Diff line number Diff line change
Expand Up @@ -349,7 +349,7 @@ func NewControllerCapabilitySet(resp *csipbv1.ControllerGetCapabilitiesResponse)
type ControllerValidateVolumeRequest struct {
ExternalID string
Secrets structs.CSISecrets
Capabilities *VolumeCapability
Capabilities []*VolumeCapability
Parameters map[string]string
Context map[string]string
}
Expand All @@ -359,14 +359,17 @@ func (r *ControllerValidateVolumeRequest) ToCSIRepresentation() *csipbv1.Validat
return nil
}

caps := make([]*csipbv1.VolumeCapability, 0, len(r.Capabilities))
for _, cap := range r.Capabilities {
caps = append(caps, cap.ToCSIRepresentation())
}

return &csipbv1.ValidateVolumeCapabilitiesRequest{
VolumeId: r.ExternalID,
VolumeContext: r.Context,
VolumeCapabilities: []*csipbv1.VolumeCapability{
r.Capabilities.ToCSIRepresentation(),
},
Parameters: r.Parameters,
Secrets: r.Secrets,
VolumeId: r.ExternalID,
VolumeContext: r.Context,
VolumeCapabilities: caps,
Parameters: r.Parameters,
Secrets: r.Secrets,
}
}

Expand Down

0 comments on commit 9a8c68f

Please sign in to comment.