From c8098c332ca862da7ccb443ac1494f87a9942cea Mon Sep 17 00:00:00 2001 From: Weka CSI Bot Date: Sat, 3 Aug 2024 09:34:02 +0000 Subject: [PATCH 01/75] chore: autopublish 2024-08-03T09:34:02Z --- README.md | 6 +++--- charts/csi-wekafsplugin/Chart.yaml | 6 +++--- charts/csi-wekafsplugin/README.md | 6 +++--- charts/csi-wekafsplugin/values.yaml | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index a5fa965fc..929483e92 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # CSI WekaFS Driver Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for WekaFS - the world fastest filesystem -![Version: 2.4.1](https://img.shields.io/badge/Version-2.4.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.1](https://img.shields.io/badge/AppVersion-v2.4.1-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.0.db3054a](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.0.db3054a-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.0.db3054a](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.0.db3054a-informational?style=flat-square) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) @@ -43,7 +43,7 @@ make build |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.1"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.0.db3054a"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -52,7 +52,7 @@ make build | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.1"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.0.db3054a"` | CSI driver tag | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | | nodePluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI node component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/Chart.yaml b/charts/csi-wekafsplugin/Chart.yaml index b9944de0e..7f18f1be3 100644 --- a/charts/csi-wekafsplugin/Chart.yaml +++ b/charts/csi-wekafsplugin/Chart.yaml @@ -6,12 +6,12 @@ maintainers: email: csi@weka.io url: https://weka.io sources: - - https://github.com/weka/csi-wekafs/tree/v2.4.1 + - https://github.com/weka/csi-wekafs/tree/v$CHART_VERSION/charts/csi-wekafsplugin home: https://github.com/weka/csi-wekafs icon: https://weka.github.io/csi-wekafs/logo.png type: application -version: 2.4.1 -appVersion: v2.4.1 +version: 2.4.2-SNAPSHOT.0.db3054a +appVersion: v2.4.2-SNAPSHOT.0.db3054a keywords: [storage, filesystem, HPC] annotations: artifacthub.io/category: "storage" diff --git a/charts/csi-wekafsplugin/README.md b/charts/csi-wekafsplugin/README.md index 43a6a01d1..406f52faa 100644 --- a/charts/csi-wekafsplugin/README.md +++ b/charts/csi-wekafsplugin/README.md @@ -3,7 +3,7 @@ Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) -![Version: 2.4.1](https://img.shields.io/badge/Version-2.4.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.1](https://img.shields.io/badge/AppVersion-v2.4.1-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.0.db3054a](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.0.db3054a-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.0.db3054a](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.0.db3054a-informational?style=flat-square) ## Homepage https://github.com/weka/csi-wekafs @@ -52,7 +52,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.1"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.0.db3054a"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -61,7 +61,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.1"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.0.db3054a"` | CSI driver tag | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | | nodePluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI node component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index 2bd6e5c7e..ff4f19da6 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -5,7 +5,7 @@ dynamicProvisionPath: "csi-volumes" # -- Name of the driver (and provisioner) csiDriverName: "csi.weka.io" # -- CSI driver version -csiDriverVersion: &csiDriverVersion 2.4.1 +csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.0.db3054a images: # -- CSI liveness probe sidecar image URL livenessprobesidecar: registry.k8s.io/sig-storage/livenessprobe:v2.12.0 From 7a3c251a692f778bc6711e9e3cda0d18e7a1e904 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Mon, 12 Aug 2024 19:08:46 +0300 Subject: [PATCH 02/75] Update README.md Updated the link to the official documentation to: https://docs.weka.io/appendices/weka-csi-plugin. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index a5fa965fc..0bc917bf3 100644 --- a/README.md +++ b/README.md @@ -28,7 +28,7 @@ https://github.com/weka/csi-wekafs - [SELinux Support & Installation Notes](selinux/README.md) ## Additional Documentation -- [Official Weka CSI Plugin documentation](https://docs.weka.io/appendix/weka-csi-plugin) +- [Official Weka CSI Plugin documentation](https://docs.weka.io/appendices/weka-csi-plugin) ## Building the binaries If you want to build the driver yourself, you can do so with the following command from the root directory: From 5b1968b74eda82db4399b3a5352f9ed3fe085042 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Wed, 11 Sep 2024 13:09:35 +0300 Subject: [PATCH 03/75] feat(CSI-253): support custom CA certificate in API secret --- examples/common/csi-wekafs-api-secret.yaml | 6 +++++- pkg/wekafs/apiclient/apiclient.go | 17 ++++++++++++++++- pkg/wekafs/wekafs.go | 5 +++++ 3 files changed, 26 insertions(+), 2 deletions(-) diff --git a/examples/common/csi-wekafs-api-secret.yaml b/examples/common/csi-wekafs-api-secret.yaml index c1c3b6b30..6a8468351 100644 --- a/examples/common/csi-wekafs-api-secret.yaml +++ b/examples/common/csi-wekafs-api-secret.yaml @@ -15,7 +15,7 @@ data: # It is recommended to configure at least 2 management endpoints (cluster backend nodes), or a load-balancer if used # e.g. 172.31.15.113:14000,172.31.12.91:14000 endpoints: MTcyLjMxLjQxLjU0OjE0MDAwLDE3Mi4zMS40Ny4xNTI6MTQwMDAsMTcyLjMxLjM4LjI1MDoxNDAwMCwxNzIuMzEuNDcuMTU1OjE0MDAwLDE3Mi4zMS4zMy45MToxNDAwMCwxNzIuMzEuMzguMTU1OjE0MDAwCg== - # protocol to use for API connection (may be either http or https, base64-encoded) + # protocol to use for API connection (may be either http or https, base64-encoded. NOTE: since Weka 4.3.0, HTTPS is mandatory) scheme: aHR0cA== # for multiple clusters setup, set specific container name rather than attempt to identify it automatically localContainerName: "" @@ -24,3 +24,7 @@ data: # maybe either (true/false), base64-encoded # NOTE: if a load balancer is used to access the cluster API, leave this setting as "false" autoUpdateEndpoints: ZmFsc2U= + # When using HTTPS connection and self-signed or untrusted certificates, provide a CA certificate in PEM format, base64-encoded + # caCertificate: + caCertificate: "" + diff --git a/pkg/wekafs/apiclient/apiclient.go b/pkg/wekafs/apiclient/apiclient.go index 253200f8e..d7c0cbd3d 100644 --- a/pkg/wekafs/apiclient/apiclient.go +++ b/pkg/wekafs/apiclient/apiclient.go @@ -4,6 +4,7 @@ import ( "bytes" "context" "crypto/tls" + "crypto/x509" "encoding/json" "errors" "fmt" @@ -89,9 +90,22 @@ func (e *ApiEndPoint) String() string { } func NewApiClient(ctx context.Context, credentials Credentials, allowInsecureHttps bool, hostname string) (*ApiClient, error) { + logger := log.Ctx(ctx) tr := &http.Transport{ TLSClientConfig: &tls.Config{InsecureSkipVerify: allowInsecureHttps}, } + useCustomCACert := credentials.CaCertificate != "" + if useCustomCACert { + var caCertPool *x509.CertPool + if pool, err := x509.SystemCertPool(); err != nil { + caCertPool = x509.NewCertPool() + } else { + caCertPool = pool + } + caCertPool.AppendCertsFromPEM([]byte(credentials.CaCertificate)) + tr.TLSClientConfig.RootCAs = caCertPool + } + a := &ApiClient{ Mutex: sync.Mutex{}, client: &http.Client{ @@ -108,7 +122,7 @@ func NewApiClient(ctx context.Context, credentials Credentials, allowInsecureHtt } a.resetDefaultEndpoints(ctx) - log.Ctx(ctx).Trace().Bool("insecure_skip_verify", allowInsecureHttps).Msg("Creating new API client") + logger.Trace().Bool("insecure_skip_verify", allowInsecureHttps).Bool("custom_ca_cert", useCustomCACert).Msg("Creating new API client") a.clientHash = a.generateHash() return a, nil } @@ -756,6 +770,7 @@ type Credentials struct { Endpoints []string LocalContainerName string AutoUpdateEndpoints bool + CaCertificate string } func (c *Credentials) String() string { diff --git a/pkg/wekafs/wekafs.go b/pkg/wekafs/wekafs.go index 01241bcf2..38b624574 100644 --- a/pkg/wekafs/wekafs.go +++ b/pkg/wekafs/wekafs.go @@ -110,6 +110,10 @@ func (api *ApiStore) fromSecrets(ctx context.Context, secrets map[string]string, if ok { autoUpdateEndpoints = strings.TrimSpace(strings.TrimSuffix(autoUpdateEndpointsStr, "\n")) == "true" } + caCertificate, ok := secrets["caCertificate"] + if !ok { + caCertificate = "" + } credentials := apiclient.Credentials{ Username: strings.TrimSpace(strings.TrimSuffix(secrets["username"], "\n")), @@ -119,6 +123,7 @@ func (api *ApiStore) fromSecrets(ctx context.Context, secrets map[string]string, HttpScheme: strings.TrimSpace(strings.TrimSuffix(secrets["scheme"], "\n")), LocalContainerName: localContainerName, AutoUpdateEndpoints: autoUpdateEndpoints, + CaCertificate: caCertificate, } return api.fromCredentials(ctx, credentials, hostname) } From cf8823c3d3ad14f2f556afa7858b7d071a47e71c Mon Sep 17 00:00:00 2001 From: Weka CSI Bot Date: Thu, 12 Sep 2024 10:19:19 +0000 Subject: [PATCH 04/75] chore: autopublish 2024-09-12T10:19:19Z --- README.md | 6 +++--- charts/csi-wekafsplugin/Chart.yaml | 4 ++-- charts/csi-wekafsplugin/README.md | 6 +++--- charts/csi-wekafsplugin/values.yaml | 2 +- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 929483e92..85aaa08ad 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # CSI WekaFS Driver Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for WekaFS - the world fastest filesystem -![Version: 2.4.2-SNAPSHOT.0.db3054a](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.0.db3054a-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.0.db3054a](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.0.db3054a-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.3.9238cc3](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.3.9238cc3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.3.9238cc3](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.3.9238cc3-informational?style=flat-square) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) @@ -43,7 +43,7 @@ make build |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.0.db3054a"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.3.9238cc3"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -52,7 +52,7 @@ make build | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.0.db3054a"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.3.9238cc3"` | CSI driver tag | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | | nodePluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI node component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/Chart.yaml b/charts/csi-wekafsplugin/Chart.yaml index 7f18f1be3..b07e4da4c 100644 --- a/charts/csi-wekafsplugin/Chart.yaml +++ b/charts/csi-wekafsplugin/Chart.yaml @@ -10,8 +10,8 @@ sources: home: https://github.com/weka/csi-wekafs icon: https://weka.github.io/csi-wekafs/logo.png type: application -version: 2.4.2-SNAPSHOT.0.db3054a -appVersion: v2.4.2-SNAPSHOT.0.db3054a +version: 2.4.2-SNAPSHOT.3.9238cc3 +appVersion: v2.4.2-SNAPSHOT.3.9238cc3 keywords: [storage, filesystem, HPC] annotations: artifacthub.io/category: "storage" diff --git a/charts/csi-wekafsplugin/README.md b/charts/csi-wekafsplugin/README.md index 406f52faa..3d1662213 100644 --- a/charts/csi-wekafsplugin/README.md +++ b/charts/csi-wekafsplugin/README.md @@ -3,7 +3,7 @@ Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) -![Version: 2.4.2-SNAPSHOT.0.db3054a](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.0.db3054a-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.0.db3054a](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.0.db3054a-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.3.9238cc3](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.3.9238cc3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.3.9238cc3](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.3.9238cc3-informational?style=flat-square) ## Homepage https://github.com/weka/csi-wekafs @@ -52,7 +52,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.0.db3054a"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.3.9238cc3"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -61,7 +61,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.0.db3054a"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.3.9238cc3"` | CSI driver tag | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | | nodePluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI node component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index ff4f19da6..78d66a87b 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -5,7 +5,7 @@ dynamicProvisionPath: "csi-volumes" # -- Name of the driver (and provisioner) csiDriverName: "csi.weka.io" # -- CSI driver version -csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.0.db3054a +csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.3.9238cc3 images: # -- CSI liveness probe sidecar image URL livenessprobesidecar: registry.k8s.io/sig-storage/livenessprobe:v2.12.0 From 152354b8c7e9f22fec5c0b3e62e67b0de9768950 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Mon, 2 Sep 2024 12:23:08 +0300 Subject: [PATCH 05/75] fix(CSI-241): disregard sync_on_close in mountmap per FS --- pkg/wekafs/mounter.go | 10 +++++----- pkg/wekafs/mountoptions.go | 10 ++++++++++ 2 files changed, 15 insertions(+), 5 deletions(-) diff --git a/pkg/wekafs/mounter.go b/pkg/wekafs/mounter.go index b736f1cab..3d76ad700 100644 --- a/pkg/wekafs/mounter.go +++ b/pkg/wekafs/mounter.go @@ -45,7 +45,7 @@ func (m *wekaMounter) NewMount(fsName string, options MountOptions) *wekaMount { if _, ok := m.mountMap[fsName]; !ok { m.mountMap[fsName] = mountsMapPerFs{} } - if _, ok := m.mountMap[fsName][options.String()]; !ok { + if _, ok := m.mountMap[fsName][options.AsMapKey()]; !ok { uniqueId := getStringSha1AsB32(fsName + ":" + options.String()) wMount := &wekaMount{ kMounter: m.kMounter, @@ -55,10 +55,10 @@ func (m *wekaMounter) NewMount(fsName string, options MountOptions) *wekaMount { mountOptions: options, allowProtocolContainers: m.allowProtocolContainers, } - m.mountMap[fsName][options.String()] = wMount + m.mountMap[fsName][options.AsMapKey()] = wMount } m.lock.Unlock() - return m.mountMap[fsName][options.String()] + return m.mountMap[fsName][options.AsMapKey()] } type UnmountFunc func() @@ -119,10 +119,10 @@ func (m *wekaMounter) unmountWithOptions(ctx context.Context, fsName string, opt options.setSelinux(m.getSelinuxStatus(ctx)) log.Ctx(ctx).Trace().Strs("mount_options", opts.Strings()).Str("filesystem", fsName).Msg("Received an unmount request") - if mnt, ok := m.mountMap[fsName][options.String()]; ok { + if mnt, ok := m.mountMap[fsName][options.AsMapKey()]; ok { err := mnt.decRef(ctx) if err == nil { - if m.mountMap[fsName][options.String()].refCount <= 0 { + if m.mountMap[fsName][options.AsMapKey()].refCount <= 0 { log.Ctx(ctx).Trace().Str("filesystem", fsName).Strs("mount_options", options.Strings()).Msg("This is a last use of this mount, removing from map") delete(m.mountMap[fsName], options.String()) } diff --git a/pkg/wekafs/mountoptions.go b/pkg/wekafs/mountoptions.go index f161a0e7b..8636d3f4c 100644 --- a/pkg/wekafs/mountoptions.go +++ b/pkg/wekafs/mountoptions.go @@ -145,6 +145,16 @@ func (opts MountOptions) Hash() uint32 { return h.Sum32() } +func (opts MountOptions) AsMapKey() string { + ret := opts + // TODO: if adding any other version-agnostic options, add them here + excludedOpts := []string{MountOptionSyncOnClose} + for _, o := range excludedOpts { + ret = ret.RemoveOption(o) + } + return ret.String() +} + func (opts MountOptions) setSelinux(selinuxSupport bool) { if selinuxSupport { o := newMountOptionFromString(fmt.Sprintf("fscontext=\"system_u:object_r:%s_t:s0\"", selinuxContext)) From 1e593842fcea26fded5178d166f7fcce90098abe Mon Sep 17 00:00:00 2001 From: Weka CSI Bot Date: Thu, 12 Sep 2024 10:27:52 +0000 Subject: [PATCH 06/75] chore: autopublish 2024-09-12T10:27:52Z --- README.md | 6 +++--- charts/csi-wekafsplugin/Chart.yaml | 4 ++-- charts/csi-wekafsplugin/README.md | 6 +++--- charts/csi-wekafsplugin/values.yaml | 2 +- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 85aaa08ad..cc31777e7 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # CSI WekaFS Driver Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for WekaFS - the world fastest filesystem -![Version: 2.4.2-SNAPSHOT.3.9238cc3](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.3.9238cc3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.3.9238cc3](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.3.9238cc3-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.6.8455a9b](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.6.8455a9b-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.6.8455a9b](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.6.8455a9b-informational?style=flat-square) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) @@ -43,7 +43,7 @@ make build |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.3.9238cc3"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.6.8455a9b"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -52,7 +52,7 @@ make build | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.3.9238cc3"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.6.8455a9b"` | CSI driver tag | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | | nodePluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI node component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/Chart.yaml b/charts/csi-wekafsplugin/Chart.yaml index b07e4da4c..f6eb6c1fa 100644 --- a/charts/csi-wekafsplugin/Chart.yaml +++ b/charts/csi-wekafsplugin/Chart.yaml @@ -10,8 +10,8 @@ sources: home: https://github.com/weka/csi-wekafs icon: https://weka.github.io/csi-wekafs/logo.png type: application -version: 2.4.2-SNAPSHOT.3.9238cc3 -appVersion: v2.4.2-SNAPSHOT.3.9238cc3 +version: 2.4.2-SNAPSHOT.6.8455a9b +appVersion: v2.4.2-SNAPSHOT.6.8455a9b keywords: [storage, filesystem, HPC] annotations: artifacthub.io/category: "storage" diff --git a/charts/csi-wekafsplugin/README.md b/charts/csi-wekafsplugin/README.md index 3d1662213..480bd0975 100644 --- a/charts/csi-wekafsplugin/README.md +++ b/charts/csi-wekafsplugin/README.md @@ -3,7 +3,7 @@ Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) -![Version: 2.4.2-SNAPSHOT.3.9238cc3](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.3.9238cc3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.3.9238cc3](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.3.9238cc3-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.6.8455a9b](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.6.8455a9b-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.6.8455a9b](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.6.8455a9b-informational?style=flat-square) ## Homepage https://github.com/weka/csi-wekafs @@ -52,7 +52,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.3.9238cc3"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.6.8455a9b"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -61,7 +61,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.3.9238cc3"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.6.8455a9b"` | CSI driver tag | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | | nodePluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI node component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index 78d66a87b..d4d30d3c5 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -5,7 +5,7 @@ dynamicProvisionPath: "csi-volumes" # -- Name of the driver (and provisioner) csiDriverName: "csi.weka.io" # -- CSI driver version -csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.3.9238cc3 +csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.6.8455a9b images: # -- CSI liveness probe sidecar image URL livenessprobesidecar: registry.k8s.io/sig-storage/livenessprobe:v2.12.0 From 72b003000ce171ca53617d9ac054a3656f9bc755 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Wed, 20 Mar 2024 13:54:10 +0200 Subject: [PATCH 07/75] feat(CSI-213): initial support for NFS --- charts/csi-wekafsplugin/templates/NOTES.txt | 18 ++ .../controllerserver-statefulset.yaml | 6 + .../nodeserver-daemonset-selinux.yaml | 0 .../templates/nodeserver-daemonset.yaml | 6 + charts/csi-wekafsplugin/values.yaml | 7 + cmd/wekafsplugin/main.go | 4 + pkg/wekafs/apiclient/apiclient.go | 1 + pkg/wekafs/apiclient/interfacegroup.go | 166 ++++++++++++++++++ pkg/wekafs/apiclient/utils.go | 10 ++ pkg/wekafs/controllerserver.go | 6 +- pkg/wekafs/driverconfig.go | 20 ++- pkg/wekafs/gc.go | 4 +- pkg/wekafs/interfaces.go | 39 +++- pkg/wekafs/mountoptions.go | 21 ++- pkg/wekafs/nfsmount.go | 152 ++++++++++++++++ pkg/wekafs/nfsmounter.go | 152 ++++++++++++++++ pkg/wekafs/nodeserver.go | 6 +- pkg/wekafs/volume.go | 2 +- pkg/wekafs/wekafs.go | 21 ++- pkg/wekafs/{mount.go => wekafsmount.go} | 38 ++-- pkg/wekafs/{mounter.go => wekafsmounter.go} | 53 +++--- 21 files changed, 676 insertions(+), 56 deletions(-) create mode 100644 charts/csi-wekafsplugin/templates/nodeserver-daemonset-selinux.yaml create mode 100644 pkg/wekafs/apiclient/interfacegroup.go create mode 100644 pkg/wekafs/nfsmount.go create mode 100644 pkg/wekafs/nfsmounter.go rename pkg/wekafs/{mount.go => wekafsmount.go} (83%) rename pkg/wekafs/{mounter.go => wekafsmounter.go} (71%) diff --git a/charts/csi-wekafsplugin/templates/NOTES.txt b/charts/csi-wekafsplugin/templates/NOTES.txt index 7bf60d2f3..039e6e00e 100644 --- a/charts/csi-wekafsplugin/templates/NOTES.txt +++ b/charts/csi-wekafsplugin/templates/NOTES.txt @@ -25,3 +25,21 @@ https://github.com/weka/csi-wekafs/tree/master/examples | NEW FEATURES RELY ON API CONNECTIVITY TO WEKA CLUSTER AND WILL NOT BE SUPPORTED ON API-UNBOUND VOLUMES. | | PLEASE MAKE SURE TO MIGRATE ALL EXISTING VOLUMES TO API-BASED SCHEME PRIOR TO NEXT VERSION UPGRADE. | ------------------------------------------------------------------------------------------------------------ + +{{- if or .Values.pluginConfig.mountProtocol.useNfs .Values.pluginConfig.mountProtocol.allowNfsFailback }} +-------------------------------------------------- WARNING ------------------------------------------------- +{{- if .Values.pluginConfig.mountProtocol.useNfs }} +| WARNING: NFS PROTOCOL IS ENFORCED AND WILL ALWAYS BE USED FOR MOUNTING WEKA FILESYSTEMS! | +| NFS TRANSPORT DOES NOT PROVIDE MAXIMUM PERFORMANCE AND IS NOT RECOMMENDED FOR PRODUCTION USE. | +{{- else }} +| WARNING: NFS MOUNT PROTOCOL FAILBACK IS ENABLED, AND NFS MOUNTS WILL BE USED IF WEKA IS NOT INSTALLED. | +| NFS TRANSPORT DOES NOT PROVIDE MAXIMUM PERFORMANCE AND IS NOT RECOMMENDED FOR PRODUCTION USE. | +| HOWEVER, IN CERTAIN CASES WHEN WEKA CLIENT INSTALLATION IS NOT POSSIBLE, NFS MOUNTS WILL BE USED. | +| IF WEKA CLIENT IS INSTALLED ON NODES AFTER CSI PLUGIN INSTALLATION, RESTART IS REQUIRED FOR THE | +| CORRESPONDENT CSI PLUGIN COMPONENTS RUNNING ON THE NODE TO SWITCH BACK TO WEKAFS PROTOCOL MOUNTING. | +{{- end }} +| MAKE SURE THAT AT LEAST ONE INTERFACE GROUP IS CONFIGURED ON WEKA CLUSTER, OTHERWISE PROVISION WILL FAIL | +| REFER TO THE DOCUMENTATION ABOVE FOR MORE INFORMATION ON NFS INTERFACE GROUP CONFIGURATION. | +| REFER TO WEKA CUSTOMER SUCCESS TEAM FOR RECOMMENDED CONFIGURATION AND BEST PRACTICES | +------------------------------------------------------------------------------------------------------------ +{{- end }} \ No newline at end of file diff --git a/charts/csi-wekafsplugin/templates/controllerserver-statefulset.yaml b/charts/csi-wekafsplugin/templates/controllerserver-statefulset.yaml index b15ee8ab5..40340c642 100755 --- a/charts/csi-wekafsplugin/templates/controllerserver-statefulset.yaml +++ b/charts/csi-wekafsplugin/templates/controllerserver-statefulset.yaml @@ -215,6 +215,12 @@ spec: - "--concurrency.createSnapshot={{ .Values.controller.concurrency.createSnapshot | default "1" }}" - "--concurrency.deleteSnapshot={{ .Values.controller.concurrency.deleteSnapshot | default "1" }}" {{- end }} + {{- if .Values.pluginConfig.mountProtocol.useNfs | default false }} + - "--usenfs" + {{- end }} + {{- if .Values.pluginConfig.mountProtocol.allowNfsFailback | default false }} + - "--allownfsfailback" + {{- end }} ports: - containerPort: 9898 name: healthz diff --git a/charts/csi-wekafsplugin/templates/nodeserver-daemonset-selinux.yaml b/charts/csi-wekafsplugin/templates/nodeserver-daemonset-selinux.yaml new file mode 100644 index 000000000..e69de29bb diff --git a/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml b/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml index e438de56b..d12d2cbf3 100644 --- a/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml +++ b/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml @@ -106,6 +106,12 @@ spec: - "--concurrency.nodePublishVolume={{ .Values.node.concurrency.nodePublishVolume | default "1" }}" - "--concurrency.nodeUnpublishVolume={{ .Values.node.concurrency.nodeUnpublishVolume | default "1" }}" {{- end }} + {{- if .Values.pluginConfig.mountProtocol.useNfs | default false }} + - "--usenfs" + {{- end }} + {{- if .Values.pluginConfig.mountProtocol.allowNfsFailback | default false }} + - "--allownfsfailback" + {{- end }} ports: - containerPort: 9899 name: healthz diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index d4d30d3c5..a520c7ad5 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -140,3 +140,10 @@ pluginConfig: snapshotVolumesWithoutQuotaEnforcement: false mutuallyExclusiveMountOptions: - "readcache,writecache,coherent,forcedirect" + mountProtocol: + # -- Use NFS transport for mounting Weka filesystems, off by default + useNfs: false + # -- Allow Failback to NFS transport if Weka client fails to mount filesystem using native protocol + allowNfsFailback: false + + diff --git a/cmd/wekafsplugin/main.go b/cmd/wekafsplugin/main.go index 54c8a9271..05c7cba37 100644 --- a/cmd/wekafsplugin/main.go +++ b/cmd/wekafsplugin/main.go @@ -91,6 +91,8 @@ var ( maxConcurrentNodeUnpublishVolumeReqs = flag.Int64("concurrency.nodeUnpublishVolume", 1, "Maximum concurrent NodeUnpublishVolume requests") grpcRequestTimeoutSeconds = flag.Int("grpcrequesttimeoutseconds", 30, "Time out requests waiting in queue after X seconds") allowProtocolContainers = flag.Bool("allowprotocolcontainers", false, "Allow protocol containers to be used for mounting filesystems") + allowNfsFailback = flag.Bool("allownfsfailback", false, "Allow NFS failback") + useNfs = flag.Bool("usenfs", false, "Use NFS for mounting volumes") // Set by the build process version = "" ) @@ -217,6 +219,8 @@ func handle() { *maxConcurrentNodeUnpublishVolumeReqs, *grpcRequestTimeoutSeconds, *allowProtocolContainers, + *allowNfsFailback, + *useNfs, ) driver, err := wekafs.NewWekaFsDriver( *driverName, *nodeID, *endpoint, *maxVolumesPerNode, version, *debugPath, csiMode, *selinuxSupport, config) diff --git a/pkg/wekafs/apiclient/apiclient.go b/pkg/wekafs/apiclient/apiclient.go index d7c0cbd3d..f0e21c9dd 100644 --- a/pkg/wekafs/apiclient/apiclient.go +++ b/pkg/wekafs/apiclient/apiclient.go @@ -64,6 +64,7 @@ type ApiClient struct { CompatibilityMap *WekaCompatibilityMap clientHash uint32 hostname string + NfsInterfaceGroup *InterfaceGroup } type ApiEndPoint struct { diff --git a/pkg/wekafs/apiclient/interfacegroup.go b/pkg/wekafs/apiclient/interfacegroup.go new file mode 100644 index 000000000..604f8b538 --- /dev/null +++ b/pkg/wekafs/apiclient/interfacegroup.go @@ -0,0 +1,166 @@ +package apiclient + +import ( + "context" + "errors" + "fmt" + "github.com/google/uuid" + "k8s.io/helm/pkg/urlutil" + "os" + "sort" +) + +type InterfaceGroupType string + +const ( + InterfaceGroupTypeNFS InterfaceGroupType = "NFS" + InterfaceGroupTypeSMB InterfaceGroupType = "SMB" +) + +type InterfaceGroup struct { + SubnetMask string `json:"subnet_mask"` + Name string `json:"name"` + Uid uuid.UUID `json:"uid"` + Ips []string `json:"ips"` + AllowManageGids bool `json:"allow_manage_gids"` + Type InterfaceGroupType `json:"type"` + Gateway string `json:"gateway"` + Status string `json:"status"` +} + +func (i *InterfaceGroup) String() string { + return fmt.Sprintln("InterfaceGroup ", i.Name, "Uid:", i.Uid.String(), "type:", i.Type, "status:", i.Status) +} + +func (i *InterfaceGroup) getImmutableFields() []string { + return []string{"Id", "Uid", "Slot"} +} + +func (i *InterfaceGroup) GetType() string { + return "interfaceGroup" +} + +func (i *InterfaceGroup) GetBasePath(client *ApiClient) string { + return "interfaceGroups" +} + +func (i *InterfaceGroup) GetApiUrl(client *ApiClient) string { + url, err := urlutil.URLJoin(i.GetBasePath(client), i.Uid.String()) + if err != nil { + return url + } + return "" +} + +func (i *InterfaceGroup) EQ(other ApiObject) bool { + return ObjectsAreEqual(i, other) +} + +func (i *InterfaceGroup) getInterfaceGroupType() InterfaceGroupType { + return i.Type +} + +func (i *InterfaceGroup) isNfs() bool { + return i.getInterfaceGroupType() == InterfaceGroupTypeNFS +} + +func (i *InterfaceGroup) isSmb() bool { + return i.getInterfaceGroupType() == InterfaceGroupTypeSMB +} + +// GetIpAddress returns a single IP address based on hostname, so for same server, always same IP address will be returned +// This is useful for NFS mount, where we need to have same IP address for same server +// TODO: this could be further optimized in future to avoid a situation where multiple servers are not evenly distributed +// and some IPs are getting more load than others. Could be done, for example, by random selection of IP address etc. +func (i *InterfaceGroup) GetIpAddress() (string, error) { + if len(i.Ips) == 0 { + return "", errors.New("no IP addresses found for interface group") + } + hostname, err := os.Hostname() + if err != nil { + return "", err + } + if hostname == "" { + hostname = "localhost" + } + + return i.Ips[hashString(hostname, len(i.Ips))], nil +} + +func (a *ApiClient) GetInterfaceGroups(ctx context.Context, interfaceGroups *[]InterfaceGroup) error { + ig := &InterfaceGroup{} + + err := a.Get(ctx, ig.GetBasePath(a), nil, interfaceGroups) + if err != nil { + return err + } + return nil +} + +func (a *ApiClient) GetInterfaceGroupsByType(ctx context.Context, groupType InterfaceGroupType, interfaceGroups *[]InterfaceGroup) error { + res := &[]InterfaceGroup{} + err := a.GetInterfaceGroups(ctx, res) + if err != nil { + return nil + } + for _, ig := range *res { + if ig.getInterfaceGroupType() == groupType { + *interfaceGroups = append(*interfaceGroups, ig) + } + } + return nil +} + +func (a *ApiClient) GetInterfaceGroupByUid(ctx context.Context, uid uuid.UUID, interfaceGroup *InterfaceGroup) error { + ig := &InterfaceGroup{ + Uid: uid, + } + err := a.Get(ctx, ig.GetApiUrl(a), nil, interfaceGroup) + if err != nil { + return err + } + return nil +} + +func (a *ApiClient) fetchNfsInterfaceGroup(ctx context.Context, name *string, useDefault bool) error { + igs := &[]InterfaceGroup{} + err := a.GetInterfaceGroupsByType(ctx, InterfaceGroupTypeNFS, igs) + if err != nil { + return errors.Join(errors.New("failed to fetch nfs interface groups"), err) + } + if len(*igs) == 0 { + return errors.New("no nfs interface groups found") + } + if name != nil { + for _, ig := range *igs { + if ig.Name == *name { + a.NfsInterfaceGroup = &ig + } + } + } else if useDefault { + a.NfsInterfaceGroup = &(*igs)[0] + } + if len(a.NfsInterfaceGroup.Ips) == 0 { + return errors.New("no IP addresses found for nfs interface group") + } + // Make sure the IPs are always sorted + sort.Strings(a.NfsInterfaceGroup.Ips) + return nil +} + +func (a *ApiClient) GetNfsInterfaceGroup(ctx context.Context) *InterfaceGroup { + if a.NfsInterfaceGroup == nil { + _ = a.fetchNfsInterfaceGroup(ctx, nil, true) + } + return a.NfsInterfaceGroup +} + +// GetNfsMountIp returns the IP address of the NFS interface group to be used for NFS mount +// TODO: need to do it much more sophisticated way to distribute load +func (a *ApiClient) GetNfsMountIp(ctx context.Context) (string, error) { + ig := a.GetNfsInterfaceGroup(ctx) + if ig == nil { + return "", errors.New("no NFS interface group found") + } + return ig.GetIpAddress() +} diff --git a/pkg/wekafs/apiclient/utils.go b/pkg/wekafs/apiclient/utils.go index 498c49e6e..5b0d7d723 100644 --- a/pkg/wekafs/apiclient/utils.go +++ b/pkg/wekafs/apiclient/utils.go @@ -39,3 +39,13 @@ func ObjectRequestHasRequiredFields(o ApiObjectRequest) bool { } return true } + +// hashString is a simple hash function that takes a string and returns a hash value in the range [0, n) +func hashString(s string, n int) int { + const prime = 31 + hash := 0 + for _, char := range s { + hash = hash*prime + int(char) + } + return hash % n +} diff --git a/pkg/wekafs/controllerserver.go b/pkg/wekafs/controllerserver.go index 3b71ef0a4..dd14a9094 100644 --- a/pkg/wekafs/controllerserver.go +++ b/pkg/wekafs/controllerserver.go @@ -44,7 +44,7 @@ type ControllerServer struct { csi.UnimplementedControllerServer caps []*csi.ControllerServiceCapability nodeID string - mounter *wekaMounter + mounter AnyMounter api *ApiStore config *DriverConfig semaphores map[string]*semaphore.Weighted @@ -67,7 +67,7 @@ func (cs *ControllerServer) getConfig() *DriverConfig { return cs.config } -func (cs *ControllerServer) getMounter() *wekaMounter { +func (cs *ControllerServer) getMounter() AnyMounter { return cs.mounter } @@ -105,7 +105,7 @@ func (cs *ControllerServer) ControllerModifyVolume(context.Context, *csi.Control panic("implement me") } -func NewControllerServer(nodeID string, api *ApiStore, mounter *wekaMounter, config *DriverConfig) *ControllerServer { +func NewControllerServer(nodeID string, api *ApiStore, mounter AnyMounter, config *DriverConfig) *ControllerServer { exposedCapabilities := []csi.ControllerServiceCapability_RPC_Type{ csi.ControllerServiceCapability_RPC_CREATE_DELETE_VOLUME, csi.ControllerServiceCapability_RPC_EXPAND_VOLUME, diff --git a/pkg/wekafs/driverconfig.go b/pkg/wekafs/driverconfig.go index 3f3b0611d..d96f68201 100644 --- a/pkg/wekafs/driverconfig.go +++ b/pkg/wekafs/driverconfig.go @@ -33,6 +33,8 @@ type DriverConfig struct { maxConcurrencyPerOp map[string]int64 grpcRequestTimeout time.Duration allowProtocolContainers bool + allowNfsFailback bool + useNfs bool } func (dc *DriverConfig) Log() { @@ -41,7 +43,20 @@ func (dc *DriverConfig) Log() { Bool("allow_auto_fs_creation", dc.allowAutoFsCreation).Bool("allow_auto_fs_expansion", dc.allowAutoFsExpansion). Bool("advertise_snapshot_support", dc.advertiseSnapshotSupport).Bool("advertise_volume_clone_support", dc.advertiseVolumeCloneSupport). Bool("allow_insecure_https", dc.allowInsecureHttps).Bool("always_allow_snapshot_volumes", dc.alwaysAllowSnapshotVolumes). - Interface("mutually_exclusive_mount_options", dc.mutuallyExclusiveOptions).Msg("Starting driver with the following configuration") + Interface("mutually_exclusive_mount_options", dc.mutuallyExclusiveOptions). + Int64("max_create_volume_reqs", dc.maxConcurrencyPerOp["CreateVolume"]). + Int64("max_delete_volume_reqs", dc.maxConcurrencyPerOp["DeleteVolume"]). + Int64("max_expand_volume_reqs", dc.maxConcurrencyPerOp["ExpandVolume"]). + Int64("max_create_snapshot_reqs", dc.maxConcurrencyPerOp["CreateSnapshot"]). + Int64("max_delete_snapshot_reqs", dc.maxConcurrencyPerOp["DeleteSnapshot"]). + Int64("max_node_publish_volume_reqs", dc.maxConcurrencyPerOp["NodePublishVolume"]). + Int64("max_node_unpublish_volume_reqs", dc.maxConcurrencyPerOp["NodeUnpublishVolume"]). + Int("grpc_request_timeout_seconds", int(dc.grpcRequestTimeout.Seconds())). + Bool("allow_protocol_containers", dc.allowProtocolContainers). + Bool("allow_nfs_failback", dc.allowNfsFailback). + Bool("use_nfs", dc.useNfs). + Msg("Starting driver with the following configuration") + } func NewDriverConfig(dynamicVolPath, VolumePrefix, SnapshotPrefix, SeedSnapshotPrefix, debugPath string, allowAutoFsCreation, allowAutoFsExpansion, allowSnapshotsOfLegacyVolumes bool, @@ -50,6 +65,7 @@ func NewDriverConfig(dynamicVolPath, VolumePrefix, SnapshotPrefix, SeedSnapshotP maxCreateVolumeReqs, maxDeleteVolumeReqs, maxExpandVolumeReqs, maxCreateSnapshotReqs, maxDeleteSnapshotReqs, maxNodePublishVolumeReqs, maxNodeUnpublishVolumeReqs int64, grpcRequestTimeoutSeconds int, allowProtocolContainers bool, + allowNfsFailback, useNfs bool, ) *DriverConfig { var MutuallyExclusiveMountOptions []mutuallyExclusiveMountOptionSet @@ -89,6 +105,8 @@ func NewDriverConfig(dynamicVolPath, VolumePrefix, SnapshotPrefix, SeedSnapshotP maxConcurrencyPerOp: concurrency, grpcRequestTimeout: grpcRequestTimeout, allowProtocolContainers: allowProtocolContainers, + allowNfsFailback: allowNfsFailback, + useNfs: useNfs, } } diff --git a/pkg/wekafs/gc.go b/pkg/wekafs/gc.go index 304758f02..604799207 100644 --- a/pkg/wekafs/gc.go +++ b/pkg/wekafs/gc.go @@ -21,10 +21,10 @@ type innerPathVolGc struct { isRunning map[string]bool isDeferred map[string]bool sync.Mutex - mounter *wekaMounter + mounter AnyMounter } -func initInnerPathVolumeGc(mounter *wekaMounter) *innerPathVolGc { +func initInnerPathVolumeGc(mounter AnyMounter) *innerPathVolGc { gc := innerPathVolGc{mounter: mounter} gc.isRunning = make(map[string]bool) gc.isDeferred = make(map[string]bool) diff --git a/pkg/wekafs/interfaces.go b/pkg/wekafs/interfaces.go index 75af3f50f..13cc44648 100644 --- a/pkg/wekafs/interfaces.go +++ b/pkg/wekafs/interfaces.go @@ -1,10 +1,45 @@ package wekafs +import ( + "context" + "github.com/wekafs/csi-wekafs/pkg/wekafs/apiclient" + "time" +) + type AnyServer interface { - getMounter() *wekaMounter + getMounter() AnyMounter getApiStore() *ApiStore getConfig() *DriverConfig - isInDevMode() bool // TODO: Rename to isInDevMode + isInDevMode() bool getDefaultMountOptions() MountOptions getNodeId() string } + +type AnyMounter interface { + NewMount(fsName string, options MountOptions) AnyMount + mountWithOptions(ctx context.Context, fsName string, mountOptions MountOptions, apiClient *apiclient.ApiClient) (string, error, UnmountFunc) + Mount(ctx context.Context, fs string, apiClient *apiclient.ApiClient) (string, error, UnmountFunc) + unmountWithOptions(ctx context.Context, fsName string, options MountOptions) error + LogActiveMounts() + gcInactiveMounts() + schedulePeriodicMountGc() + getGarbageCollector() *innerPathVolGc +} + +type mountsMapPerFs map[string]AnyMount +type mountsMap map[string]mountsMapPerFs + +type UnmountFunc func() + +type AnyMount interface { + isInDevMode() bool + isMounted() bool + incRef(ctx context.Context, apiClient *apiclient.ApiClient) error + decRef(ctx context.Context) error + getRefCount() int + doUnmount(ctx context.Context) error + doMount(ctx context.Context, apiClient *apiclient.ApiClient, mountOptions MountOptions) error + getMountPoint() string + getMountOptions() MountOptions + getLastUsed() time.Time +} diff --git a/pkg/wekafs/mountoptions.go b/pkg/wekafs/mountoptions.go index 8636d3f4c..1f06e61c1 100644 --- a/pkg/wekafs/mountoptions.go +++ b/pkg/wekafs/mountoptions.go @@ -8,12 +8,15 @@ import ( ) const ( - selinuxContext = "wekafs_csi_volume" + selinuxContextWekaFs = "wekafs_csi_volume_t" + selinuxContextNfs = "nfs_t" MountOptionSyncOnClose = "sync_on_close" MountOptionReadOnly = "ro" MountOptionWriteCache = "writecache" MountOptionCoherent = "coherent" MountOptionReadCache = "readcache" + MountProtocolWekafs = "wekafs" + MountProtocolNfs = "nfs" ) type mountOption struct { @@ -155,12 +158,22 @@ func (opts MountOptions) AsMapKey() string { return ret.String() } -func (opts MountOptions) setSelinux(selinuxSupport bool) { +func (opts MountOptions) setSelinux(selinuxSupport bool, mountProtocol string) { if selinuxSupport { - o := newMountOptionFromString(fmt.Sprintf("fscontext=\"system_u:object_r:%s_t:s0\"", selinuxContext)) + var o mountOption + if mountProtocol == MountProtocolWekafs { + o = newMountOptionFromString(fmt.Sprintf("fscontext=\"system_u:object_r:%s:s0\"", selinuxContextWekaFs)) + } else if mountProtocol == MountProtocolNfs { + o = newMountOptionFromString(fmt.Sprintf("context=\"system_u:object_r:%s:s0\"", selinuxContextNfs)) + } opts.customOptions[o.option] = o } else { - delete(opts.customOptions, "fscontext") + if mountProtocol == MountProtocolWekafs { + delete(opts.customOptions, "fscontext") + } + if mountProtocol == MountProtocolNfs { + delete(opts.customOptions, "context") + } } } diff --git a/pkg/wekafs/nfsmount.go b/pkg/wekafs/nfsmount.go new file mode 100644 index 000000000..daa3888c0 --- /dev/null +++ b/pkg/wekafs/nfsmount.go @@ -0,0 +1,152 @@ +package wekafs + +import ( + "context" + "errors" + "fmt" + "github.com/rs/zerolog/log" + "github.com/wekafs/csi-wekafs/pkg/wekafs/apiclient" + "k8s.io/mount-utils" + "os" + "path/filepath" + "sync" + "time" +) + +type nfsMount struct { + fsName string + mountPoint string + refCount int + lock sync.Mutex + kMounter mount.Interface + debugPath string + mountOptions MountOptions + lastUsed time.Time + mountIpAddress string +} + +func (m *nfsMount) getMountPoint() string { + return m.mountPoint +} + +func (m *nfsMount) getRefCount() int { + return m.refCount +} + +func (m *nfsMount) getMountOptions() MountOptions { + return m.mountOptions +} + +func (m *nfsMount) getLastUsed() time.Time { + return m.lastUsed +} + +func (m *nfsMount) isInDevMode() bool { + return m.debugPath != "" +} + +func (m *nfsMount) isMounted() bool { + return PathExists(m.mountPoint) && PathIsWekaMount(context.Background(), m.mountPoint) +} + +func (m *nfsMount) incRef(ctx context.Context, apiClient *apiclient.ApiClient) error { + logger := log.Ctx(ctx) + m.lock.Lock() + defer m.lock.Unlock() + if m.refCount < 0 { + logger.Error().Str("mount_point", m.mountPoint).Int("refcount", m.refCount).Msg("During incRef negative refcount encountered") + m.refCount = 0 // to make sure that we don't have negative refcount later + } + if m.refCount == 0 { + if err := m.doMount(ctx, apiClient, m.mountOptions); err != nil { + return err + } + } else if !m.isMounted() { + logger.Warn().Str("mount_point", m.mountPoint).Int("refcount", m.refCount).Msg("Mount not exists although should!") + if err := m.doMount(ctx, apiClient, m.mountOptions); err != nil { + return err + } + + } + m.refCount++ + logger.Trace().Int("refcount", m.refCount).Strs("mount_options", m.mountOptions.Strings()).Str("filesystem_name", m.fsName).Msg("RefCount increased") + return nil +} + +func (m *nfsMount) decRef(ctx context.Context) error { + logger := log.Ctx(ctx) + m.lock.Lock() + defer m.lock.Unlock() + m.refCount-- + m.lastUsed = time.Now() + logger.Trace().Int("refcount", m.refCount).Strs("mount_options", m.mountOptions.Strings()).Str("filesystem_name", m.fsName).Msg("RefCount decreased") + if m.refCount < 0 { + logger.Error().Int("refcount", m.refCount).Msg("During decRef negative refcount encountered") + m.refCount = 0 // to make sure that we don't have negative refcount later + } + if m.refCount == 0 { + if err := m.doUnmount(ctx); err != nil { + return err + } + } + return nil +} + +func (m *nfsMount) doUnmount(ctx context.Context) error { + logger := log.Ctx(ctx).With().Str("mount_point", m.mountPoint).Str("filesystem", m.fsName).Logger() + logger.Trace().Strs("mount_options", m.mountOptions.Strings()).Msg("Performing umount via k8s native mounter") + err := m.kMounter.Unmount(m.mountPoint) + if err != nil { + logger.Error().Err(err).Msg("Failed to unmount") + } else { + logger.Trace().Msg("Unmounted successfully") + } + return err +} + +func (m *nfsMount) ensureMountIpAddress(ctx context.Context, apiClient *apiclient.ApiClient) error { + if m.mountIpAddress == "" { + ip, err := apiClient.GetNfsMountIp(ctx) + if err != nil { + return err + } + m.mountIpAddress = ip + } + return nil +} + +func (m *nfsMount) doMount(ctx context.Context, apiClient *apiclient.ApiClient, mountOptions MountOptions) error { + logger := log.Ctx(ctx).With().Str("mount_point", m.mountPoint).Str("filesystem", m.fsName).Logger() + var mountOptionsSensitive []string + if err := os.MkdirAll(m.mountPoint, DefaultVolumePermissions); err != nil { + return err + } + if !m.isInDevMode() { + if apiClient == nil { + // this flow is relevant only for legacy volumes, will not work with SCMC + logger.Trace().Msg("No API client for mount, cannot proceed") + return errors.New("no API client for mount, cannot do NFS mount") + } + + if err := m.ensureMountIpAddress(ctx, apiClient); err != nil { + logger.Error().Err(err).Msg("Failed to get mount IP address") + return err + } + + mountTarget := m.mountIpAddress + ":/" + m.fsName + logger.Trace(). + Strs("mount_options", m.mountOptions.Strings()). + Str("mount_target", mountTarget). + Fields(mountOptions). + Msg("Performing mount") + return m.kMounter.MountSensitive(mountTarget, m.mountPoint, "nfs", mountOptions.Strings(), mountOptionsSensitive) + } else { + fakePath := filepath.Join(m.debugPath, m.fsName) + if err := os.MkdirAll(fakePath, DefaultVolumePermissions); err != nil { + Die(fmt.Sprintf("Failed to create directory %s, while running in debug mode", fakePath)) + } + logger.Trace().Strs("mount_options", m.mountOptions.Strings()).Str("debug_path", m.debugPath).Msg("Performing mount") + + return m.kMounter.Mount(fakePath, m.mountPoint, "", []string{"bind"}) + } +} diff --git a/pkg/wekafs/nfsmounter.go b/pkg/wekafs/nfsmounter.go new file mode 100644 index 000000000..5ca8e4ac1 --- /dev/null +++ b/pkg/wekafs/nfsmounter.go @@ -0,0 +1,152 @@ +package wekafs + +import ( + "context" + "github.com/rs/zerolog/log" + "github.com/wekafs/csi-wekafs/pkg/wekafs/apiclient" + "k8s.io/mount-utils" + "sync" + "time" +) + +type nfsMounter struct { + mountMap mountsMap + lock sync.Mutex + kMounter mount.Interface + debugPath string + selinuxSupport bool + gc *innerPathVolGc +} + +func (m *nfsMounter) getGarbageCollector() *innerPathVolGc { + return m.gc +} + +func newNfsMounter(driver *WekaFsDriver) *nfsMounter { + mounter := &nfsMounter{mountMap: mountsMap{}, debugPath: driver.debugPath, selinuxSupport: driver.selinuxSupport} + mounter.gc = initInnerPathVolumeGc(mounter) + mounter.schedulePeriodicMountGc() + + return mounter +} + +func (m *nfsMounter) NewMount(fsName string, options MountOptions) AnyMount { + m.lock.Lock() + if m.kMounter == nil { + m.kMounter = mount.New("") + } + if _, ok := m.mountMap[fsName]; !ok { + m.mountMap[fsName] = mountsMapPerFs{} + } + if _, ok := m.mountMap[fsName][options.String()]; !ok { + uniqueId := getStringSha1AsB32(fsName + ":" + options.String()) + wMount := &nfsMount{ + kMounter: m.kMounter, + fsName: fsName, + debugPath: m.debugPath, + mountPoint: "/run/weka-fs-mounts/" + getAsciiPart(fsName, 64) + "-" + uniqueId, + mountOptions: options, + } + m.mountMap[fsName][options.String()] = wMount + } + m.lock.Unlock() + return m.mountMap[fsName][options.String()] +} + +func (m *nfsMounter) mountWithOptions(ctx context.Context, fsName string, mountOptions MountOptions, apiClient *apiclient.ApiClient) (string, error, UnmountFunc) { + mountOptions.setSelinux(m.selinuxSupport) + mountObj := m.NewMount(fsName, mountOptions) + mountErr := mountObj.incRef(ctx, apiClient) + + if mountErr != nil { + log.Ctx(ctx).Error().Err(mountErr).Msg("Failed mounting") + return "", mountErr, func() {} + } + return mountObj.getMountPoint(), nil, func() { + if mountErr == nil { + _ = mountObj.decRef(ctx) + } + } +} + +func (m *nfsMounter) Mount(ctx context.Context, fs string, apiClient *apiclient.ApiClient) (string, error, UnmountFunc) { + return m.mountWithOptions(ctx, fs, getDefaultMountOptions(), apiClient) +} + +func (m *nfsMounter) unmountWithOptions(ctx context.Context, fsName string, options MountOptions) error { + opts := options + options.setSelinux(m.selinuxSupport) + + log.Ctx(ctx).Trace().Strs("mount_options", opts.Strings()).Str("filesystem", fsName).Msg("Received an unmount request") + if mnt, ok := m.mountMap[fsName][options.String()]; ok { + err := mnt.decRef(ctx) + if err == nil { + if m.mountMap[fsName][options.String()].getRefCount() <= 0 { + log.Ctx(ctx).Trace().Str("filesystem", fsName).Strs("mount_options", options.Strings()).Msg("This is a last use of this mount, removing from map") + delete(m.mountMap[fsName], options.String()) + } + if len(m.mountMap[fsName]) == 0 { + log.Ctx(ctx).Trace().Str("filesystem", fsName).Msg("No more mounts to filesystem, removing from map") + delete(m.mountMap, fsName) + } + } + return err + + } else { + log.Ctx(ctx).Warn().Msg("Attempted to access mount point which is not known to the system") + return nil + } +} + +func (m *nfsMounter) LogActiveMounts() { + if len(m.mountMap) > 0 { + count := 0 + for fsName := range m.mountMap { + for mnt := range m.mountMap[fsName] { + mapEntry := m.mountMap[fsName][mnt] + if mapEntry.getRefCount() > 0 { + log.Trace().Str("filesystem", fsName).Int("refcount", mapEntry.getRefCount()).Strs("mount_options", mapEntry.getMountOptions().Strings()).Msg("Mount is active") + count++ + } else { + log.Trace().Str("filesystem", fsName).Int("refcount", mapEntry.getRefCount()).Strs("mount_options", mapEntry.getMountOptions().Strings()).Msg("Mount is not active") + } + + } + } + log.Debug().Int("total", len(m.mountMap)).Int("active", count).Msg("Periodic checkup on mount map") + } +} + +func (m *nfsMounter) gcInactiveMounts() { + if len(m.mountMap) > 0 { + for fsName := range m.mountMap { + for uniqueId, wekaMount := range m.mountMap[fsName] { + if wekaMount.getRefCount() == 0 { + if wekaMount.getLastUsed().Before(time.Now().Add(-inactiveMountGcPeriod)) { + m.lock.Lock() + if wekaMount.getRefCount() == 0 { + log.Trace().Str("filesystem", fsName).Strs("mount_options", wekaMount.getMountOptions().Strings()). + Time("last_used", wekaMount.getLastUsed()).Msg("Removing stale mount from map") + delete(m.mountMap[fsName], uniqueId) + } + m.lock.Unlock() + } + } + } + if len(m.mountMap[fsName]) == 0 { + delete(m.mountMap, fsName) + } + } + } +} + +func (m *nfsMounter) schedulePeriodicMountGc() { + go func() { + log.Debug().Msg("Initializing periodic mount GC") + for true { + m.LogActiveMounts() + m.gcInactiveMounts() + time.Sleep(10 * time.Minute) + } + }() +} diff --git a/pkg/wekafs/nodeserver.go b/pkg/wekafs/nodeserver.go index 630a1ade0..6580dac77 100644 --- a/pkg/wekafs/nodeserver.go +++ b/pkg/wekafs/nodeserver.go @@ -48,7 +48,7 @@ type NodeServer struct { caps []*csi.NodeServiceCapability nodeID string maxVolumesPerNode int64 - mounter *wekaMounter + mounter AnyMounter api *ApiStore config *DriverConfig semaphores map[string]*semaphore.Weighted @@ -75,7 +75,7 @@ func (ns *NodeServer) getApiStore() *ApiStore { return ns.api } -func (ns *NodeServer) getMounter() *wekaMounter { +func (ns *NodeServer) getMounter() AnyMounter { return ns.mounter } @@ -89,7 +89,7 @@ func (ns *NodeServer) NodeGetVolumeStats(ctx context.Context, request *csi.NodeG panic("implement me") } -func NewNodeServer(nodeId string, maxVolumesPerNode int64, api *ApiStore, mounter *wekaMounter, config *DriverConfig) *NodeServer { +func NewNodeServer(nodeId string, maxVolumesPerNode int64, api *ApiStore, mounter AnyMounter, config *DriverConfig) *NodeServer { //goland:noinspection GoBoolExpressions return &NodeServer{ caps: getNodeServiceCapabilities( diff --git a/pkg/wekafs/volume.go b/pkg/wekafs/volume.go index 44135f543..d21d54961 100644 --- a/pkg/wekafs/volume.go +++ b/pkg/wekafs/volume.go @@ -628,7 +628,7 @@ func (v *Volume) updateCapacityXattr(ctx context.Context, enforceCapacity *bool, func (v *Volume) Trash(ctx context.Context) error { if v.requiresGc() { - v.server.getMounter().gc.triggerGcVolume(ctx, v) + v.server.getMounter().getGarbageCollector().triggerGcVolume(ctx, v) return nil } return v.Delete(ctx) diff --git a/pkg/wekafs/wekafs.go b/pkg/wekafs/wekafs.go index 38b624574..6f1d00123 100644 --- a/pkg/wekafs/wekafs.go +++ b/pkg/wekafs/wekafs.go @@ -264,8 +264,9 @@ func NewWekaFsDriver( } func (driver *WekaFsDriver) Run() { + mounter := driver.NewMounter() + // Create GRPC servers - mounter := newWekaMounter(driver) // identity server runs always log.Info().Msg("Loading IdentityServer") @@ -322,3 +323,21 @@ func GetCsiPluginMode(mode *string) CsiPluginMode { return "" } } + +func (driver *WekaFsDriver) NewMounter() AnyMounter { + log.Info().Msg("Configuring Mounter") + if driver.config.useNfs { + log.Warn().Msg("Enforcing NFS transport due to configuration") + return newNfsMounter(driver) + } + if driver.config.allowNfsFailback && !isWekaInstalled() { + if driver.config.isInDevMode() { + log.Info().Msg("Not Enforcing NFS transport due to dev mode") + } else { + log.Warn().Msg("Weka Driver not found. Failing back to NFS transport") + return newNfsMounter(driver) + } + } + log.Info().Msg("Enforcing WekaFS transport") + return newWekafsMounter(driver) +} diff --git a/pkg/wekafs/mount.go b/pkg/wekafs/wekafsmount.go similarity index 83% rename from pkg/wekafs/mount.go rename to pkg/wekafs/wekafsmount.go index cf02f2d55..82b570ccd 100644 --- a/pkg/wekafs/mount.go +++ b/pkg/wekafs/wekafsmount.go @@ -13,7 +13,7 @@ import ( "time" ) -type wekaMount struct { +type wekafsMount struct { fsName string mountPoint string refCount int @@ -25,15 +25,30 @@ type wekaMount struct { allowProtocolContainers bool } -func (m *wekaMount) isInDevMode() bool { +func (m *wekafsMount) getMountPoint() string { + return m.mountPoint +} + +func (m *wekafsMount) getRefCount() int { + return m.refCount +} + +func (m *wekafsMount) getMountOptions() MountOptions { + return m.mountOptions +} +func (m *wekafsMount) getLastUsed() time.Time { + return m.lastUsed +} + +func (m *wekafsMount) isInDevMode() bool { return m.debugPath != "" } -func (m *wekaMount) isMounted() bool { +func (m *wekafsMount) isMounted() bool { return PathExists(m.mountPoint) && PathIsWekaMount(context.Background(), m.mountPoint) } -func (m *wekaMount) incRef(ctx context.Context, apiClient *apiclient.ApiClient) error { +func (m *wekafsMount) incRef(ctx context.Context, apiClient *apiclient.ApiClient) error { logger := log.Ctx(ctx) m.lock.Lock() defer m.lock.Unlock() @@ -57,7 +72,7 @@ func (m *wekaMount) incRef(ctx context.Context, apiClient *apiclient.ApiClient) return nil } -func (m *wekaMount) decRef(ctx context.Context) error { +func (m *wekafsMount) decRef(ctx context.Context) error { logger := log.Ctx(ctx) m.lock.Lock() defer m.lock.Unlock() @@ -76,7 +91,7 @@ func (m *wekaMount) decRef(ctx context.Context) error { return nil } -func (m *wekaMount) doUnmount(ctx context.Context) error { +func (m *wekafsMount) doUnmount(ctx context.Context) error { logger := log.Ctx(ctx).With().Str("mount_point", m.mountPoint).Str("filesystem", m.fsName).Logger() logger.Trace().Strs("mount_options", m.mountOptions.Strings()).Msg("Performing umount via k8s native mounter") err := m.kMounter.Unmount(m.mountPoint) @@ -88,7 +103,7 @@ func (m *wekaMount) doUnmount(ctx context.Context) error { return err } -func (m *wekaMount) doMount(ctx context.Context, apiClient *apiclient.ApiClient, mountOptions MountOptions) error { +func (m *wekafsMount) doMount(ctx context.Context, apiClient *apiclient.ApiClient, mountOptions MountOptions) error { logger := log.Ctx(ctx).With().Str("mount_point", m.mountPoint).Str("filesystem", m.fsName).Logger() mountToken := "" var mountOptionsSensitive []string @@ -119,10 +134,10 @@ func (m *wekaMount) doMount(ctx context.Context, apiClient *apiclient.ApiClient, // if needed, add containerName to the mount string if apiClient != nil && len(containerPaths) > 1 { + localContainerName = apiClient.Credentials.LocalContainerName if apiClient.SupportsMultipleClusters() { - localContainerName = apiClient.Credentials.LocalContainerName if localContainerName != "" { - logger.Info().Str("local_container_name", localContainerName).Msg("Local container name set by secret") + logger.Info().Str("local_container_name", localContainerName).Msg("Local container name set by secrets") } else { container, err := apiClient.GetLocalContainer(ctx, m.allowProtocolContainers) if err != nil || container == nil { @@ -140,14 +155,13 @@ func (m *wekaMount) doMount(ctx context.Context, apiClient *apiclient.ApiClient, option: "container_name", value: localContainerName, } + break } } } else { - err = errors.New("mount failed, local container name not specified and could not be determined automatically, refer to documentation on handling multiple clusters clients with Kubernetes") - logger.Error().Err(err).Msg("Failed to mount") - return err + logger.Error().Err(errors.New("Could not determine container name, refer to documentation on handling multiple clusters clients with Kubernetes")).Msg("Failed to mount") } } } diff --git a/pkg/wekafs/mounter.go b/pkg/wekafs/wekafsmounter.go similarity index 71% rename from pkg/wekafs/mounter.go rename to pkg/wekafs/wekafsmounter.go index 3d76ad700..bbb3e230f 100644 --- a/pkg/wekafs/mounter.go +++ b/pkg/wekafs/wekafsmounter.go @@ -16,10 +16,7 @@ const ( inactiveMountGcPeriod = time.Minute * 10 ) -type mountsMapPerFs map[string]*wekaMount -type mountsMap map[string]mountsMapPerFs - -type wekaMounter struct { +type wekafsMounter struct { mountMap mountsMap lock sync.Mutex kMounter mount.Interface @@ -29,15 +26,19 @@ type wekaMounter struct { allowProtocolContainers bool } -func newWekaMounter(driver *WekaFsDriver) *wekaMounter { - mounter := &wekaMounter{mountMap: mountsMap{}, debugPath: driver.debugPath, selinuxSupport: driver.selinuxSupport, allowProtocolContainers: driver.config.allowProtocolContainers} +func (m *wekafsMounter) getGarbageCollector() *innerPathVolGc { + return m.gc +} + +func newWekafsMounter(driver *WekaFsDriver) *wekafsMounter { + mounter := &wekafsMounter{mountMap: mountsMap{}, debugPath: driver.debugPath, selinuxSupport: driver.selinuxSupport} mounter.gc = initInnerPathVolumeGc(mounter) mounter.schedulePeriodicMountGc() return mounter } -func (m *wekaMounter) NewMount(fsName string, options MountOptions) *wekaMount { +func (m *wekafsMounter) NewMount(fsName string, options MountOptions) AnyMount { m.lock.Lock() if m.kMounter == nil { m.kMounter = mount.New("") @@ -47,7 +48,7 @@ func (m *wekaMounter) NewMount(fsName string, options MountOptions) *wekaMount { } if _, ok := m.mountMap[fsName][options.AsMapKey()]; !ok { uniqueId := getStringSha1AsB32(fsName + ":" + options.String()) - wMount := &wekaMount{ + wMount := &wekafsMount{ kMounter: m.kMounter, fsName: fsName, debugPath: m.debugPath, @@ -61,9 +62,7 @@ func (m *wekaMounter) NewMount(fsName string, options MountOptions) *wekaMount { return m.mountMap[fsName][options.AsMapKey()] } -type UnmountFunc func() - -func (m *wekaMounter) getSelinuxStatus(ctx context.Context) bool { +func (m *wekafsMounter) getSelinuxStatus(ctx context.Context) bool { logger := log.Ctx(ctx) if m.selinuxSupport { logger.Trace().Msg("SELinux support is forced") @@ -94,7 +93,7 @@ func (m *wekaMounter) getSelinuxStatus(ctx context.Context) bool { return false } -func (m *wekaMounter) mountWithOptions(ctx context.Context, fsName string, mountOptions MountOptions, apiClient *apiclient.ApiClient) (string, error, UnmountFunc) { +func (m *wekafsMounter) mountWithOptions(ctx context.Context, fsName string, mountOptions MountOptions, apiClient *apiclient.ApiClient) (string, error, UnmountFunc) { mountOptions.setSelinux(m.getSelinuxStatus(ctx)) mountObj := m.NewMount(fsName, mountOptions) mountErr := mountObj.incRef(ctx, apiClient) @@ -103,18 +102,18 @@ func (m *wekaMounter) mountWithOptions(ctx context.Context, fsName string, mount log.Ctx(ctx).Error().Err(mountErr).Msg("Failed mounting") return "", mountErr, func() {} } - return mountObj.mountPoint, nil, func() { + return mountObj.getMountPoint(), nil, func() { if mountErr == nil { _ = mountObj.decRef(ctx) } } } -func (m *wekaMounter) Mount(ctx context.Context, fs string, apiClient *apiclient.ApiClient) (string, error, UnmountFunc) { +func (m *wekafsMounter) Mount(ctx context.Context, fs string, apiClient *apiclient.ApiClient) (string, error, UnmountFunc) { return m.mountWithOptions(ctx, fs, getDefaultMountOptions(), apiClient) } -func (m *wekaMounter) unmountWithOptions(ctx context.Context, fsName string, options MountOptions) error { +func (m *wekafsMounter) unmountWithOptions(ctx context.Context, fsName string, options MountOptions) error { opts := options options.setSelinux(m.getSelinuxStatus(ctx)) @@ -122,7 +121,7 @@ func (m *wekaMounter) unmountWithOptions(ctx context.Context, fsName string, opt if mnt, ok := m.mountMap[fsName][options.AsMapKey()]; ok { err := mnt.decRef(ctx) if err == nil { - if m.mountMap[fsName][options.AsMapKey()].refCount <= 0 { + if m.mountMap[fsName][options.AsMapKey()].getRefCount() <= 0 { log.Ctx(ctx).Trace().Str("filesystem", fsName).Strs("mount_options", options.Strings()).Msg("This is a last use of this mount, removing from map") delete(m.mountMap[fsName], options.String()) } @@ -139,17 +138,17 @@ func (m *wekaMounter) unmountWithOptions(ctx context.Context, fsName string, opt } } -func (m *wekaMounter) LogActiveMounts() { +func (m *wekafsMounter) LogActiveMounts() { if len(m.mountMap) > 0 { count := 0 for fsName := range m.mountMap { for mnt := range m.mountMap[fsName] { mapEntry := m.mountMap[fsName][mnt] - if mapEntry.refCount > 0 { - log.Trace().Str("filesystem", fsName).Int("refcount", mapEntry.refCount).Strs("mount_options", mapEntry.mountOptions.Strings()).Msg("Mount is active") + if mapEntry.getRefCount() > 0 { + log.Trace().Str("filesystem", fsName).Int("refcount", mapEntry.getRefCount()).Strs("mount_options", mapEntry.getMountOptions().Strings()).Msg("Mount is active") count++ } else { - log.Trace().Str("filesystem", fsName).Int("refcount", mapEntry.refCount).Strs("mount_options", mapEntry.mountOptions.Strings()).Msg("Mount is not active") + log.Trace().Str("filesystem", fsName).Int("refcount", mapEntry.getRefCount()).Strs("mount_options", mapEntry.getMountOptions().Strings()).Msg("Mount is not active") } } @@ -158,16 +157,16 @@ func (m *wekaMounter) LogActiveMounts() { } } -func (m *wekaMounter) gcInactiveMounts() { +func (m *wekafsMounter) gcInactiveMounts() { if len(m.mountMap) > 0 { for fsName := range m.mountMap { for uniqueId, wekaMount := range m.mountMap[fsName] { - if wekaMount.refCount == 0 { - if wekaMount.lastUsed.Before(time.Now().Add(-inactiveMountGcPeriod)) { + if wekaMount.getRefCount() == 0 { + if wekaMount.getLastUsed().Before(time.Now().Add(-inactiveMountGcPeriod)) { m.lock.Lock() - if wekaMount.refCount == 0 { - log.Trace().Str("filesystem", fsName).Strs("mount_options", wekaMount.mountOptions.Strings()). - Time("last_used", wekaMount.lastUsed).Msg("Removing stale mount from map") + if wekaMount.getRefCount() == 0 { + log.Trace().Str("filesystem", fsName).Strs("mount_options", wekaMount.getMountOptions().Strings()). + Time("last_used", wekaMount.getLastUsed()).Msg("Removing stale mount from map") delete(m.mountMap[fsName], uniqueId) } m.lock.Unlock() @@ -181,7 +180,7 @@ func (m *wekaMounter) gcInactiveMounts() { } } -func (m *wekaMounter) schedulePeriodicMountGc() { +func (m *wekafsMounter) schedulePeriodicMountGc() { go func() { log.Debug().Msg("Initializing periodic mount GC") for true { From b86ac989dae059fa63bc57c9404169facd225d28 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Sun, 4 Aug 2024 14:08:22 +0300 Subject: [PATCH 08/75] fix(CSI-213): pathIsWekaMount also recognizes nfs --- pkg/wekafs/utilities.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/pkg/wekafs/utilities.go b/pkg/wekafs/utilities.go index 7dd36f3ca..90f5bda35 100644 --- a/pkg/wekafs/utilities.go +++ b/pkg/wekafs/utilities.go @@ -294,6 +294,10 @@ func PathIsWekaMount(ctx context.Context, path string) bool { if len(fields) >= 3 && fields[2] == "wekafs" && fields[1] == path { return true } + // TODO: better protect against false positives + if len(fields) >= 3 && fields[2] == "nfs" && fields[1] == path { + return true + } } return false From 8c7e57dc831d09aa41a340549e49c94fa299cd67 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Sun, 4 Aug 2024 14:25:05 +0300 Subject: [PATCH 09/75] fix(CSI-213): support SELinux for NFS and WekaFS --- pkg/wekafs/nfsmounter.go | 22 ++++++++++++++---- pkg/wekafs/utilities.go | 26 +++++++++++++++++++++ pkg/wekafs/wekafsmounter.go | 46 +++++++++++-------------------------- 3 files changed, 57 insertions(+), 37 deletions(-) diff --git a/pkg/wekafs/nfsmounter.go b/pkg/wekafs/nfsmounter.go index 5ca8e4ac1..bad509b16 100644 --- a/pkg/wekafs/nfsmounter.go +++ b/pkg/wekafs/nfsmounter.go @@ -14,7 +14,7 @@ type nfsMounter struct { lock sync.Mutex kMounter mount.Interface debugPath string - selinuxSupport bool + selinuxSupport *bool gc *innerPathVolGc } @@ -23,7 +23,12 @@ func (m *nfsMounter) getGarbageCollector() *innerPathVolGc { } func newNfsMounter(driver *WekaFsDriver) *nfsMounter { - mounter := &nfsMounter{mountMap: mountsMap{}, debugPath: driver.debugPath, selinuxSupport: driver.selinuxSupport} + var selinuxSupport *bool + if driver.selinuxSupport { + log.Debug().Msg("SELinux support is forced") + selinuxSupport = &[]bool{true}[0] + } + mounter := &nfsMounter{mountMap: mountsMap{}, debugPath: driver.debugPath, selinuxSupport: selinuxSupport} mounter.gc = initInnerPathVolumeGc(mounter) mounter.schedulePeriodicMountGc() @@ -53,8 +58,17 @@ func (m *nfsMounter) NewMount(fsName string, options MountOptions) AnyMount { return m.mountMap[fsName][options.String()] } +func (m *nfsMounter) getSelinuxStatus(ctx context.Context) bool { + if m.selinuxSupport != nil && *m.selinuxSupport { + return true + } + selinuxSupport := getSelinuxStatus(ctx) + m.selinuxSupport = &selinuxSupport + return *m.selinuxSupport +} + func (m *nfsMounter) mountWithOptions(ctx context.Context, fsName string, mountOptions MountOptions, apiClient *apiclient.ApiClient) (string, error, UnmountFunc) { - mountOptions.setSelinux(m.selinuxSupport) + mountOptions.setSelinux(m.getSelinuxStatus(ctx), MountProtocolNfs) mountObj := m.NewMount(fsName, mountOptions) mountErr := mountObj.incRef(ctx, apiClient) @@ -75,7 +89,7 @@ func (m *nfsMounter) Mount(ctx context.Context, fs string, apiClient *apiclient. func (m *nfsMounter) unmountWithOptions(ctx context.Context, fsName string, options MountOptions) error { opts := options - options.setSelinux(m.selinuxSupport) + options.setSelinux(m.getSelinuxStatus(ctx), MountProtocolNfs) log.Ctx(ctx).Trace().Strs("mount_options", opts.Strings()).Str("filesystem", fsName).Msg("Received an unmount request") if mnt, ok := m.mountMap[fsName][options.String()]; ok { diff --git a/pkg/wekafs/utilities.go b/pkg/wekafs/utilities.go index 90f5bda35..53d32fac1 100644 --- a/pkg/wekafs/utilities.go +++ b/pkg/wekafs/utilities.go @@ -513,3 +513,29 @@ func isWekaInstalled() bool { } return false } + +func getSelinuxStatus(ctx context.Context) bool { + logger := log.Ctx(ctx) + // check if we have /etc/selinux/config + // if it exists, we can check if selinux is enforced or not + selinuxConf := "/etc/selinux/config" + file, err := os.Open(selinuxConf) + if err != nil { + return false + } + defer func() { _ = file.Close() }() + + scanner := bufio.NewScanner(file) + for scanner.Scan() { + line := scanner.Text() + if strings.Contains(line, "SELINUX=enforcing") { + // no need to repeat each time, just set the selinuxSupport to true + return true + } + } + + if err := scanner.Err(); err != nil { + logger.Error().Err(err).Str("filename", selinuxConf).Msg("Failed to read SELinux config file") + } + return false +} diff --git a/pkg/wekafs/wekafsmounter.go b/pkg/wekafs/wekafsmounter.go index bbb3e230f..615d9d8f6 100644 --- a/pkg/wekafs/wekafsmounter.go +++ b/pkg/wekafs/wekafsmounter.go @@ -1,13 +1,10 @@ package wekafs import ( - "bufio" "context" "github.com/rs/zerolog/log" "github.com/wekafs/csi-wekafs/pkg/wekafs/apiclient" "k8s.io/mount-utils" - "os" - "strings" "sync" "time" ) @@ -21,7 +18,7 @@ type wekafsMounter struct { lock sync.Mutex kMounter mount.Interface debugPath string - selinuxSupport bool + selinuxSupport *bool gc *innerPathVolGc allowProtocolContainers bool } @@ -31,7 +28,12 @@ func (m *wekafsMounter) getGarbageCollector() *innerPathVolGc { } func newWekafsMounter(driver *WekaFsDriver) *wekafsMounter { - mounter := &wekafsMounter{mountMap: mountsMap{}, debugPath: driver.debugPath, selinuxSupport: driver.selinuxSupport} + var selinuxSupport *bool + if driver.selinuxSupport { + log.Debug().Msg("SELinux support is forced") + selinuxSupport = &[]bool{true}[0] + } + mounter := &wekafsMounter{mountMap: mountsMap{}, debugPath: driver.debugPath, selinuxSupport: selinuxSupport} mounter.gc = initInnerPathVolumeGc(mounter) mounter.schedulePeriodicMountGc() @@ -63,38 +65,16 @@ func (m *wekafsMounter) NewMount(fsName string, options MountOptions) AnyMount { } func (m *wekafsMounter) getSelinuxStatus(ctx context.Context) bool { - logger := log.Ctx(ctx) - if m.selinuxSupport { - logger.Trace().Msg("SELinux support is forced") + if m.selinuxSupport != nil && *m.selinuxSupport { return true } - // check if we have /etc/selinux/config - // if it exists, we can check if selinux is enforced or not - selinuxConf := "/etc/selinux/config" - file, err := os.Open(selinuxConf) - if err != nil { - return false - } - defer func() { _ = file.Close() }() - - scanner := bufio.NewScanner(file) - for scanner.Scan() { - line := scanner.Text() - if strings.Contains(line, "SELINUX=enforcing") { - // no need to repeat each time, just set the selinuxSupport to true - m.selinuxSupport = true - return true - } - } - - if err := scanner.Err(); err != nil { - logger.Error().Err(err).Str("filename", selinuxConf).Msg("Failed to read SELinux config file") - } - return false + selinuxSupport := getSelinuxStatus(ctx) + m.selinuxSupport = &selinuxSupport + return *m.selinuxSupport } func (m *wekafsMounter) mountWithOptions(ctx context.Context, fsName string, mountOptions MountOptions, apiClient *apiclient.ApiClient) (string, error, UnmountFunc) { - mountOptions.setSelinux(m.getSelinuxStatus(ctx)) + mountOptions.setSelinux(m.getSelinuxStatus(ctx), MountProtocolWekafs) mountObj := m.NewMount(fsName, mountOptions) mountErr := mountObj.incRef(ctx, apiClient) @@ -115,7 +95,7 @@ func (m *wekafsMounter) Mount(ctx context.Context, fs string, apiClient *apiclie func (m *wekafsMounter) unmountWithOptions(ctx context.Context, fsName string, options MountOptions) error { opts := options - options.setSelinux(m.getSelinuxStatus(ctx)) + options.setSelinux(m.getSelinuxStatus(ctx), MountProtocolWekafs) log.Ctx(ctx).Trace().Strs("mount_options", opts.Strings()).Str("filesystem", fsName).Msg("Received an unmount request") if mnt, ok := m.mountMap[fsName][options.AsMapKey()]; ok { From 100270c802dbeaa6abbf458333fd198183c02f60 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Sun, 4 Aug 2024 14:49:01 +0300 Subject: [PATCH 10/75] fix(CSI-213): allow plugin to run if useNfs --- pkg/wekafs/identityserver.go | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/pkg/wekafs/identityserver.go b/pkg/wekafs/identityserver.go index 898347c80..a849a69b9 100644 --- a/pkg/wekafs/identityserver.go +++ b/pkg/wekafs/identityserver.go @@ -79,7 +79,15 @@ func (ids *identityServer) getConfig() *DriverConfig { } func (ids *identityServer) Probe(ctx context.Context, req *csi.ProbeRequest) (*csi.ProbeResponse, error) { + logger := log.Ctx(ctx) + isReady := ids.getConfig().isInDevMode() || isWekaInstalled() + if !isReady { + if ids.getConfig().useNfs || ids.getConfig().allowNfsFailback { + logger.Info().Str("op", "Probe").Msg("Weka driver not running on host, but NFS is available") + isReady = true + } + } if !isReady { logger := log.Ctx(ctx) logger.Error().Msg("Weka driver not running on host, not ready to perform operations") From 5ffd1d89228cfbc2e0a512ac2d2beb88eab374e4 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Sun, 4 Aug 2024 21:39:21 +0300 Subject: [PATCH 11/75] fix(CSI-213): convert mount options to NFS compatibility --- pkg/wekafs/mountoptions.go | 35 +++++++++++++++++++++++++++++++++++ pkg/wekafs/nfsmounter.go | 1 + 2 files changed, 36 insertions(+) diff --git a/pkg/wekafs/mountoptions.go b/pkg/wekafs/mountoptions.go index 1f06e61c1..8e1103f19 100644 --- a/pkg/wekafs/mountoptions.go +++ b/pkg/wekafs/mountoptions.go @@ -177,6 +177,41 @@ func (opts MountOptions) setSelinux(selinuxSupport bool, mountProtocol string) { } } +func (opts MountOptions) AsNfs() MountOptions { + ret := NewMountOptionsFromString("hard,rdirplus") + for _, o := range opts.getOpts() { + switch o.option { + case "writecache": + ret.AddOption("async") + case "coherent": + ret.AddOption("sync") + case "forcedirect": + ret.AddOption("sync") + case "readcache": + ret.AddOption("noac") + case "dentry_max_age_positive": + ret.AddOption(fmt.Sprintf("acdirmax=%s", o.value)) + ret.AddOption(fmt.Sprintf("acregmax=%s", o.value)) + case "inode_bits": + continue + case "verbose": + continue + case "quiet": + continue + case "acl": + ret.AddOption("user_xattr") + ret.AddOption("acl") + case "obs_direct": + continue + case "sync_on_close": + ret.AddOption("sync") + default: + continue + } + } + return ret +} + func NewMountOptionsFromString(optsString string) MountOptions { if optsString == "" { return NewMountOptions([]string{}) diff --git a/pkg/wekafs/nfsmounter.go b/pkg/wekafs/nfsmounter.go index bad509b16..04963267b 100644 --- a/pkg/wekafs/nfsmounter.go +++ b/pkg/wekafs/nfsmounter.go @@ -69,6 +69,7 @@ func (m *nfsMounter) getSelinuxStatus(ctx context.Context) bool { func (m *nfsMounter) mountWithOptions(ctx context.Context, fsName string, mountOptions MountOptions, apiClient *apiclient.ApiClient) (string, error, UnmountFunc) { mountOptions.setSelinux(m.getSelinuxStatus(ctx), MountProtocolNfs) + mountOptions = mountOptions.AsNfs() mountObj := m.NewMount(fsName, mountOptions) mountErr := mountObj.incRef(ctx, apiClient) From b3103963e7f509e4531c6cd2dc7678bbafb2a037 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Mon, 5 Aug 2024 12:03:53 +0300 Subject: [PATCH 12/75] fix(CSI-213): install necessary components for NFS mount --- Dockerfile | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/Dockerfile b/Dockerfile index 1391ff267..6549db795 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,6 @@ FROM golang:1.22-alpine as go-builder # https://stackoverflow.com/questions/36279253/go-compiled-binary-wont-run-in-an-alpine-docker-container-on-ubuntu-host -RUN apk add --no-cache libc6-compat gcc -RUN apk add musl-dev +RUN apk add --no-cache libc6-compat gcc musl-dev COPY go.mod /src/go.mod COPY go.sum /src/go.sum WORKDIR /src @@ -26,13 +25,14 @@ RUN CGO_ENABLED=0 GOOS="linux" GOARCH="amd64" go build -a -ldflags '-X main.vers FROM alpine:3.18 LABEL maintainers="WekaIO, LTD" LABEL description="Weka CSI Driver" -# Add util-linux to get a new version of losetup. -RUN apk add util-linux libselinux libselinux-utils util-linux pciutils usbutils coreutils binutils findutils grep bash -# Update CA certificates -RUN apk add ca-certificates -RUN update-ca-certificates ADD https://github.com/tigrawap/locar/releases/download/0.4.0/locar_linux_amd64 /locar RUN chmod +x /locar +RUN apk add --no-cache util-linux libselinux libselinux-utils util-linux \ + pciutils usbutils coreutils binutils findutils \ + grep bash nfs-utils rpcbind ca-certificates +# Update CA certificates +RUN update-ca-certificates COPY --from=go-builder /bin/wekafsplugin /wekafsplugin ARG binary=/bin/wekafsplugin +EXPOSE 2049 111/tcp 111/udp ENTRYPOINT ["/wekafsplugin"] From c499ca2857fcc6566ece266f9821baaa8e7a6df5 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Mon, 5 Aug 2024 17:03:33 +0300 Subject: [PATCH 13/75] fix(CSI-213): remove unsupported user_xattr nfs option --- pkg/wekafs/mountoptions.go | 3 --- 1 file changed, 3 deletions(-) diff --git a/pkg/wekafs/mountoptions.go b/pkg/wekafs/mountoptions.go index 8e1103f19..9e7f3568f 100644 --- a/pkg/wekafs/mountoptions.go +++ b/pkg/wekafs/mountoptions.go @@ -198,9 +198,6 @@ func (opts MountOptions) AsNfs() MountOptions { continue case "quiet": continue - case "acl": - ret.AddOption("user_xattr") - ret.AddOption("acl") case "obs_direct": continue case "sync_on_close": From f2decc74ef58ac7d83c3866772c01f59688dd57e Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Tue, 6 Aug 2024 10:15:09 +0300 Subject: [PATCH 14/75] fix(CSI-213): take care of nfs vs nfs4 mounts in /proc/mounts --- pkg/wekafs/utilities.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/wekafs/utilities.go b/pkg/wekafs/utilities.go index 53d32fac1..e8a0ea8dd 100644 --- a/pkg/wekafs/utilities.go +++ b/pkg/wekafs/utilities.go @@ -295,7 +295,7 @@ func PathIsWekaMount(ctx context.Context, path string) bool { return true } // TODO: better protect against false positives - if len(fields) >= 3 && fields[2] == "nfs" && fields[1] == path { + if len(fields) >= 3 && strings.HasPrefix(fields[2], "nfs") && fields[1] == path { return true } } From 3bb13de316724b5a43f3ec151ae050c6b636721b Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Sat, 10 Aug 2024 12:36:02 +0300 Subject: [PATCH 15/75] feat(CSI-213): automatically handle NFS exports and permissions during doMount --- .../controllerserver-statefulset.yaml | 4 + .../templates/nodeserver-daemonset.yaml | 4 + pkg/wekafs/apiclient/nfs.go | 585 ++++++++++++++++++ pkg/wekafs/apiclient/utils.go | 64 ++ pkg/wekafs/nfsmount.go | 7 + 5 files changed, 664 insertions(+) create mode 100644 pkg/wekafs/apiclient/nfs.go diff --git a/charts/csi-wekafsplugin/templates/controllerserver-statefulset.yaml b/charts/csi-wekafsplugin/templates/controllerserver-statefulset.yaml index 40340c642..f67ff983a 100755 --- a/charts/csi-wekafsplugin/templates/controllerserver-statefulset.yaml +++ b/charts/csi-wekafsplugin/templates/controllerserver-statefulset.yaml @@ -255,6 +255,10 @@ spec: valueFrom: fieldRef: fieldPath: spec.nodeName + - name: KUBE_NODE_IP_ADDRESS + valueFrom: + fieldRef: + fieldPath: status.hostIP volumeMounts: - mountPath: /csi name: socket-dir diff --git a/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml b/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml index d12d2cbf3..ac7db2d8f 100644 --- a/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml +++ b/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml @@ -142,6 +142,10 @@ spec: value: {{ required "Provide CSI Driver Dynamic Volume Creation Path" .Values.dynamicProvisionPath }} - name: X_CSI_MODE value: node + - name: NODE_IP_ADDRESS + valueFrom: + fieldRef: + fieldPath: status.hostIP volumeMounts: - mountPath: /csi name: socket-dir diff --git a/pkg/wekafs/apiclient/nfs.go b/pkg/wekafs/apiclient/nfs.go new file mode 100644 index 000000000..13a84844f --- /dev/null +++ b/pkg/wekafs/apiclient/nfs.go @@ -0,0 +1,585 @@ +package apiclient + +import ( + "context" + "encoding/json" + "errors" + "fmt" + qs "github.com/google/go-querystring/query" + "github.com/google/uuid" + "github.com/rs/zerolog/log" + "go.opentelemetry.io/otel" + "golang.org/x/exp/slices" + "k8s.io/helm/pkg/urlutil" +) + +type NfsVersionString string +type NfsAuthType string + +const ( + NfsPermissionTypeReadWrite = "RW" + NfsPermissionTypeReadOnly = "RO" + NfsPermissionSquashModeNone = "none" + NfsPermissionSquashModeRoot = "root" + NfsPermissionSquashModeAll = "all" + NfsClientGroupRuleTypeDNS = "DNS" + NfsClientGroupRuleTypeIP = "IP" + NfsClientGroupName = "WekaCSIPluginClients" + NfsVersionV3 NfsVersionString = "V3" + NfsVersionV4 NfsVersionString = "V4" + NfsAuthTypeNone NfsAuthType = "NONE" + NfsAuthTypeSys NfsAuthType = "SYS" + NfsAuthTypeKerberos5 NfsAuthType = "KRB5" +) + +type NfsPermission struct { + GroupId *string `json:"group_id,omitempty"` + PrivilegedPort *bool `json:"privileged_port,omitempty"` + SupportedVersions *[]NfsVersionString `json:"supported_versions,omitempty"` + Id *string `json:"id,omitempty"` + ObsDirect *bool `json:"obs_direct,omitempty"` + AnonUid *string `json:"anon_uid,omitempty"` + ManageGids *bool `json:"manage_gids,omitempty"` + CustomOptions *string `json:"custom_options,omitempty"` + Filesystem string `json:"filesystem"` + Uid *uuid.UUID `json:"uid,omitempty"` + Group string `json:"group"` + NfsClientGroupId *string `json:"NfsClientGroup_id,omitempty"` + PermissionType string `json:"permission_type,omitempty"` + MountOptions *string `json:"mount_options,omitempty"` + Path string `json:"path,omitempty"` + SquashMode string `json:"squash_mode,omitempty"` + RootSquashing *bool `json:"root_squashing,omitempty"` + AnonGid *string `json:"anon_gid,omitempty"` + EnableAuthTypes []NfsAuthType `json:"enable_auth_types,omitempty"` +} + +func (n *NfsPermission) GetType() string { + return "nfsPermission" +} + +func (n *NfsPermission) GetBasePath(a *ApiClient) string { + return "nfs/permissions" +} + +func (n *NfsPermission) GetApiUrl(a *ApiClient) string { + url, err := urlutil.URLJoin(n.GetBasePath(a), n.Uid.String()) + if err != nil { + return url + } + return "" +} + +func (n *NfsPermission) EQ(other ApiObject) bool { + return ObjectsAreEqual(n, other) +} + +func (n *NfsPermission) getImmutableFields() []string { + return []string{"Id", "Uid", "NfsClientGroup", "NfsClientGroupId", "GroupId", "Group", "PrivilegedPort", "ManageGids", + "CustomOptions", "RootSquashing"} +} + +func (n *NfsPermission) String() string { + return fmt.Sprintln("NfsPermission Uid:", n.Uid.String(), "NfsClientGroup:", n.Group, "path:", n.Path) +} + +func (n *NfsPermission) IsEligibleForCsi() bool { + return n.RootSquashing != nil && *n.RootSquashing == false && + n.SupportedVersions != nil && slices.Contains(*n.SupportedVersions, "V4") && + n.PermissionType == NfsPermissionTypeReadWrite && + n.SquashMode == NfsPermissionSquashModeNone +} + +func (a *ApiClient) GetNfsPermissions(ctx context.Context, permissions *[]NfsPermission) error { + n := &NfsPermission{} + + err := a.Get(ctx, n.GetBasePath(a), nil, permissions) + if err != nil { + return err + } + return nil +} + +func (a *ApiClient) FindNfsPermissionsByFilter(ctx context.Context, query *NfsPermission, resultSet *[]NfsPermission) error { + op := "FindNfsPermissionsByFilter" + ctx, span := otel.Tracer(TracerName).Start(ctx, op) + defer span.End() + ctx = log.With().Str("trace_id", span.SpanContext().TraceID().String()).Str("span_id", span.SpanContext().SpanID().String()).Str("op", op).Logger().WithContext(ctx) + ret := &[]NfsPermission{} + q, _ := qs.Values(query) + err := a.Get(ctx, query.GetBasePath(a), q, ret) + if err != nil { + return err + } + for _, r := range *ret { + if r.EQ(query) { + *resultSet = append(*resultSet, r) + } + } + return nil +} + +// GetNfsPermissionByFilter expected to return exactly one result of FindNfsPermissionsByFilter (error) +func (a *ApiClient) GetNfsPermissionByFilter(ctx context.Context, query *NfsPermission) (*NfsPermission, error) { + rs := &[]NfsPermission{} + err := a.FindNfsPermissionsByFilter(ctx, query, rs) + if err != nil { + return &NfsPermission{}, err + } + if *rs == nil || len(*rs) == 0 { + return &NfsPermission{}, ObjectNotFoundError + } + if len(*rs) > 1 { + return &NfsPermission{}, MultipleObjectsFoundError + } + result := &(*rs)[0] + return result, nil +} + +func (a *ApiClient) GetNfsPermissionsByFilesystemName(ctx context.Context, fsName string, permissions *[]NfsPermission) error { + query := &NfsPermission{Path: fsName} + return a.FindNfsPermissionsByFilter(ctx, query, permissions) +} + +func (a *ApiClient) GetNfsPermissionByUid(ctx context.Context, uid uuid.UUID) (*NfsPermission, error) { + query := &NfsPermission{Uid: &uid} + return a.GetNfsPermissionByFilter(ctx, query) +} + +type NfsPermissionCreateRequest struct { + Filesystem string `json:"filesystem"` + Group string `json:"group"` + Path string `json:"path"` + PermissionType string `json:"permission_type"` + SquashMode string `json:"squash_mode"` + AnonUid int `json:"anon_uid"` + AnonGid int `json:"anon_gid"` + ObsDirect *bool `json:"obs_direct,omitempty"` + SupportedVersions *[]string `json:"supported_versions,omitempty"` + Priority int `json:"priority"` + EnableAuthTypes []string `json:"enable_auth_types"` +} + +func (qc *NfsPermissionCreateRequest) getApiUrl(a *ApiClient) string { + return qc.getRelatedObject().GetApiUrl(a) +} +func (qc *NfsPermissionCreateRequest) getRelatedObject() ApiObject { + return &NfsPermission{ + GroupId: &qc.Group, + } +} + +func (qc *NfsPermissionCreateRequest) getRequiredFields() []string { + return []string{"filesystem", "group"} +} +func (qc *NfsPermissionCreateRequest) hasRequiredFields() bool { + return ObjectRequestHasRequiredFields(qc) +} + +func (qc *NfsPermissionCreateRequest) String() string { + return fmt.Sprintln("NfsPermissionCreateRequest(FS:", qc.Filesystem) +} + +func (a *ApiClient) CreateNfsPermission(ctx context.Context, r *NfsPermissionCreateRequest, fs *NfsPermission) error { + op := "CreateNfsPermission" + ctx, span := otel.Tracer(TracerName).Start(ctx, op) + defer span.End() + ctx = log.With().Str("trace_id", span.SpanContext().TraceID().String()).Str("span_id", span.SpanContext().SpanID().String()).Str("op", op).Logger().WithContext(ctx) + if !r.hasRequiredFields() { + return RequestMissingParams + } + payload, err := json.Marshal(r) + if err != nil { + return err + } + + err = a.Post(ctx, r.getRelatedObject().GetBasePath(a), &payload, nil, fs) + return err +} + +func EnsureNfsPermission(ctx context.Context, fsName string, group string, apiClient *ApiClient) error { + perm := &NfsPermission{ + Filesystem: fsName, + SupportedVersions: &[]NfsVersionString{NfsVersionV4}, + ObsDirect: &[]bool{false}[0], + Group: group, + PermissionType: NfsPermissionTypeReadWrite, + Path: "/", + SquashMode: NfsPermissionSquashModeNone, + } + _, err := apiClient.GetNfsPermissionByFilter(ctx, perm) + if err == ObjectNotFoundError { + req := &NfsPermissionCreateRequest{ + Filesystem: fsName, + Group: group, + SquashMode: NfsPermissionSquashModeNone, + } + return apiClient.CreateNfsPermission(ctx, req, perm) + } + return err +} + +type NfsClientGroup struct { + Uid *uuid.UUID `json:"uid,omitempty" url:"-"` + Rules *[]NfsClientGroupRule `json:"rules,omitempty" url:"-"` + Id string `json:"id" url:"-"` + Name string `json:"name" url:"name"` +} + +func (g *NfsClientGroup) GetType() string { + return "clientGroup" +} + +func (g *NfsClientGroup) GetBasePath(a *ApiClient) string { + return "nfs/clientGroups" +} + +func (g *NfsClientGroup) GetApiUrl(a *ApiClient) string { + url, err := urlutil.URLJoin(g.GetBasePath(a), g.Uid.String()) + if err != nil { + return url + } + return "" +} + +func (g *NfsClientGroup) EQ(other ApiObject) bool { + return ObjectsAreEqual(g, other) +} + +func (g *NfsClientGroup) getImmutableFields() []string { + return []string{"Id", "Uid", "NfsClientGroup", "NfsClientGroupId", "GroupId", "Group", "PrivilegedPort", "ManageGids", + "CustomOptions", "RootSquashing"} +} + +func (g *NfsClientGroup) String() string { + return fmt.Sprintln("NfsClientGroup name:", g.Name, "Uid:", g.Uid.String()) +} + +func (a *ApiClient) GetNfsClientGroups(ctx context.Context, clientGroups *[]NfsClientGroup) error { + cg := &NfsClientGroup{} + + err := a.Get(ctx, cg.GetBasePath(a), nil, clientGroups) + if err != nil { + return err + } + return nil +} + +func (a *ApiClient) FindNfsClientGroupsByFilter(ctx context.Context, query *NfsClientGroup, resultSet *[]NfsClientGroup) error { + op := "FindNfsClientGroupsByFilter" + ctx, span := otel.Tracer(TracerName).Start(ctx, op) + defer span.End() + ctx = log.With().Str("trace_id", span.SpanContext().TraceID().String()).Str("span_id", span.SpanContext().SpanID().String()).Str("op", op).Logger().WithContext(ctx) + ret := &[]NfsClientGroup{} + q, _ := qs.Values(query) + err := a.Get(ctx, query.GetBasePath(a), q, ret) + if err != nil { + return err + } + for _, r := range *ret { + if r.EQ(query) { + *resultSet = append(*resultSet, r) + } + } + return nil +} + +// GetNfsClientGroupByFilter expected to return exactly one result of FindNfsClientGroupsByFilter (error) +func (a *ApiClient) GetNfsClientGroupByFilter(ctx context.Context, query *NfsClientGroup) (*NfsClientGroup, error) { + rs := &[]NfsClientGroup{} + err := a.FindNfsClientGroupsByFilter(ctx, query, rs) + if err != nil { + return &NfsClientGroup{}, err + } + if *rs == nil || len(*rs) == 0 { + return &NfsClientGroup{}, ObjectNotFoundError + } + if len(*rs) > 1 { + return &NfsClientGroup{}, MultipleObjectsFoundError + } + result := &(*rs)[0] + return result, nil +} + +func (a *ApiClient) GetNfsClientGroupByName(ctx context.Context, name string) (*NfsClientGroup, error) { + query := &NfsClientGroup{Name: name} + return a.GetNfsClientGroupByFilter(ctx, query) +} + +func (a *ApiClient) GetNfsClientGroupByUid(ctx context.Context, uid uuid.UUID) (*NfsClientGroup, error) { + query := &NfsClientGroup{Uid: &uid} + return a.GetNfsClientGroupByFilter(ctx, query) +} + +func (a *ApiClient) CreateNfsClientGroup(ctx context.Context, r *NfsClientGroupCreateRequest, fs *NfsClientGroup) error { + op := "CreateNfsClientGroup" + ctx, span := otel.Tracer(TracerName).Start(ctx, op) + defer span.End() + ctx = log.With().Str("trace_id", span.SpanContext().TraceID().String()).Str("span_id", span.SpanContext().SpanID().String()).Str("op", op).Logger().WithContext(ctx) + if !r.hasRequiredFields() { + return RequestMissingParams + } + payload, err := json.Marshal(r) + if err != nil { + return err + } + + err = a.Post(ctx, r.getRelatedObject().GetBasePath(a), &payload, nil, fs) + return err +} + +func (a *ApiClient) EnsureCsiPluginNfsClientGroup(ctx context.Context) (*NfsClientGroup, error) { + var ret *NfsClientGroup + ret, err := a.GetNfsClientGroupByName(ctx, NfsClientGroupName) + if err == nil { + return ret, nil + } + if err != ObjectNotFoundError { + return ret, err + } + err = a.CreateNfsClientGroup(ctx, NewNfsClientGroupCreateRequest(NfsClientGroupName), ret) + return ret, err +} + +type NfsClientGroupCreateRequest struct { + Name string `json:"name"` +} + +func (fsc *NfsClientGroupCreateRequest) getApiUrl(a *ApiClient) string { + return fsc.getRelatedObject().GetBasePath(a) +} + +func (fsc *NfsClientGroupCreateRequest) getRequiredFields() []string { + return []string{"Name"} +} + +func (fsc *NfsClientGroupCreateRequest) hasRequiredFields() bool { + return ObjectRequestHasRequiredFields(fsc) +} +func (fsc *NfsClientGroupCreateRequest) getRelatedObject() ApiObject { + return &NfsClientGroup{} +} + +func (fsc *NfsClientGroupCreateRequest) String() string { + return fmt.Sprintln("NfsClientGroupCreateRequest(name:", fsc.Name) +} + +func NewNfsClientGroupCreateRequest(name string) *NfsClientGroupCreateRequest { + return &NfsClientGroupCreateRequest{ + Name: name, + } +} + +type NfsClientGroupRuleType string + +type NfsClientGroupRule struct { + NfsClientGroupUid uuid.UUID `json:"-"` + Type NfsClientGroupRuleType `json:"type"` + Uid uuid.UUID `json:"uid"` + Rule string `json:"rule"` + Id string `json:"id"` +} + +func (r *NfsClientGroupRule) GetType() string { + return "rules" +} + +func (r *NfsClientGroupRule) GetBasePath(a *ApiClient) string { + ncgUrl := (&NfsClientGroup{Uid: &r.Uid}).GetApiUrl(a) + url, err := urlutil.URLJoin(ncgUrl, r.GetType()) + if err != nil { + return "" + } + return url +} + +func (r *NfsClientGroupRule) GetApiUrl(a *ApiClient) string { + url, err := urlutil.URLJoin(r.GetBasePath(a), r.Uid.String()) + if err != nil { + return url + } + return "" +} + +func (r *NfsClientGroupRule) EQ(other ApiObject) bool { + return ObjectsAreEqual(r, other) +} + +func (r *NfsClientGroupRule) getImmutableFields() []string { + return []string{"Id", "Uid", "NfsClientGroup", "NfsClientGroupId", "GroupId", "Group", "PrivilegedPort", "ManageGids", + "CustomOptions", "RootSquashing"} +} + +func (r *NfsClientGroupRule) String() string { + return fmt.Sprintln("NfsClientGroupRule Uid:", r.Uid.String(), "clientGroupUid:", r.NfsClientGroupUid.String(), + "type:", r.Type, "rule", r.Rule) +} + +func (r *NfsClientGroupRule) IsIPRule() bool { + return r.Type == NfsClientGroupRuleTypeIP +} + +func (r *NfsClientGroupRule) IsDNSRule() bool { + return r.Type == NfsClientGroupRuleTypeDNS +} + +func (r *NfsClientGroupRule) GetNetwork() *Network { + if !r.IsIPRule() { + return nil + } + n, err := parseNetworkString(r.Rule) + if err != nil { + return nil + } + return n +} + +func (r *NfsClientGroupRule) IsEligibleForIP(ip string) bool { + network := r.GetNetwork() + if network == nil { + return false + } + return network.ContainsIPAddress(ip) +} + +func (a *ApiClient) GetNfsClientGroupRules(ctx context.Context, rules *[]NfsClientGroupRule) error { + cg, err := a.EnsureCsiPluginNfsClientGroup(ctx) + if err != nil { + return err + } + rules = cg.Rules + return nil +} + +func (a *ApiClient) FindNfsClientGroupRulesByFilter(ctx context.Context, query *NfsClientGroupRule, resultSet *[]NfsClientGroupRule) error { + op := "FindNfsClientGroupRulesByFilter" + ctx, span := otel.Tracer(TracerName).Start(ctx, op) + defer span.End() + ctx = log.With().Str("trace_id", span.SpanContext().TraceID().String()).Str("span_id", span.SpanContext().SpanID().String()).Str("op", op).Logger().WithContext(ctx) + ret := &[]NfsClientGroupRule{} + q, _ := qs.Values(query) + err := a.Get(ctx, query.GetBasePath(a), q, ret) + if err != nil { + return err + } + for _, r := range *ret { + if r.EQ(query) { + *resultSet = append(*resultSet, r) + } + } + return nil +} + +func (a *ApiClient) GetNfsClientGroupRuleByFilter(ctx context.Context, rule *NfsClientGroupRule) (*NfsClientGroupRule, error) { + rs := &[]NfsClientGroupRule{} + err := a.FindNfsClientGroupRulesByFilter(ctx, rule, rs) + if err != nil { + return &NfsClientGroupRule{}, err + } + if *rs == nil || len(*rs) == 0 { + return &NfsClientGroupRule{}, ObjectNotFoundError + } + if len(*rs) > 1 { + return &NfsClientGroupRule{}, MultipleObjectsFoundError + } + result := &(*rs)[0] + return result, nil +} + +type NfsClientGroupRuleCreateRequest struct { + NfsClientGroupUid uuid.UUID `json:"-"` + Type NfsClientGroupRuleType `json:"type"` + Hostname *string `json:"dns,omitempty"` + Ip *string `json:"ip,omitempty"` +} + +func (r *NfsClientGroupRuleCreateRequest) getType() string { + return "rules" +} + +func (r *NfsClientGroupRuleCreateRequest) getApiUrl(a *ApiClient) string { + ret, err := urlutil.URLJoin(r.getRelatedObject().GetApiUrl(a), r.getType()) + if err != nil { + return "" + } + return ret +} + +func (r *NfsClientGroupRuleCreateRequest) getRequiredFields() []string { + return []string{"NfsClientGroupUid", "Type"} +} + +func (r *NfsClientGroupRuleCreateRequest) hasRequiredFields() bool { + return ObjectRequestHasRequiredFields(r) +} + +func (r *NfsClientGroupRuleCreateRequest) getRelatedObject() ApiObject { + return &NfsClientGroup{Uid: &r.NfsClientGroupUid} +} + +func (r *NfsClientGroupRuleCreateRequest) String() string { + return fmt.Sprintln("NfsClientGroupRuleCreateRequest(NfsClientGroupUid:", r.NfsClientGroupUid, "Type:", r.Type) +} + +func NewNfsClientGroupRuleCreateRequest(cgUid uuid.UUID, ruleType NfsClientGroupRuleType, rule string) *NfsClientGroupRuleCreateRequest { + + ret := &NfsClientGroupRuleCreateRequest{ + NfsClientGroupUid: cgUid, + Type: ruleType, + } + if ruleType == NfsClientGroupRuleTypeDNS { + ret.Hostname = &rule + } else if ruleType == NfsClientGroupRuleTypeIP { + ret.Ip = &rule + } + return ret +} + +func (a *ApiClient) CreateNfsClientGroupRule(ctx context.Context, r *NfsClientGroupRuleCreateRequest, rule *NfsClientGroupRule) error { + op := "CreateNfsClientGroupRule" + ctx, span := otel.Tracer(TracerName).Start(ctx, op) + defer span.End() + ctx = log.With().Str("trace_id", span.SpanContext().TraceID().String()).Str("span_id", span.SpanContext().SpanID().String()).Str("op", op).Logger().WithContext(ctx) + if !r.hasRequiredFields() { + return RequestMissingParams + } + payload, err := json.Marshal(r) + if err != nil { + return err + } + + err = a.Post(ctx, r.getApiUrl(a), &payload, nil, rule) + return err +} + +func (a *ApiClient) EnsureNfsClientGroupRuleForIp(ctx context.Context, cg *NfsClientGroup, ip string) error { + if cg == nil { + return errors.New("NfsClientGroup is nil") + } + q := &NfsClientGroupRule{Type: NfsClientGroupRuleTypeIP, Rule: ip, NfsClientGroupUid: *cg.Uid} + + rule, err := a.GetNfsClientGroupRuleByFilter(ctx, q) + if err == ObjectNotFoundError { + req := NewNfsClientGroupRuleCreateRequest(*cg.Uid, rule.Type, rule.Rule) + err = a.CreateNfsClientGroupRule(ctx, req, rule) + } + + return err +} + +func (a *ApiClient) EnsureNfsPermissions(ctx context.Context, ip string, fsName string) error { + // Ensure client group + cg, err := a.EnsureCsiPluginNfsClientGroup(ctx) + if err != nil { + return err + } + + // Ensure client group rule + err = a.EnsureNfsClientGroupRuleForIp(ctx, cg, ip) + if err != nil { + return err + } + // Ensure NFS permission + err = EnsureNfsPermission(ctx, fsName, cg.Name, a) + return err +} diff --git a/pkg/wekafs/apiclient/utils.go b/pkg/wekafs/apiclient/utils.go index 5b0d7d723..3b4cbde29 100644 --- a/pkg/wekafs/apiclient/utils.go +++ b/pkg/wekafs/apiclient/utils.go @@ -1,8 +1,12 @@ package apiclient import ( + "fmt" "github.com/rs/zerolog/log" + "net" + "os" "reflect" + "strings" ) // ObjectsAreEqual returns true if both ApiObject have same immutable fields (other fields and nil fields are disregarded) @@ -49,3 +53,63 @@ func hashString(s string, n int) int { } return hash % n } + +type Network struct { + IP net.IP + Subnet *net.IP + IsCIDR bool +} + +func parseNetworkString(s string) (*Network, error) { + var ip, subnet net.IP + var isCIDR bool + + if strings.Contains(s, "/") { + parts := strings.Split(s, "/") + if len(parts) != 2 { + return nil, fmt.Errorf("invalid CIDR notation: %s", s) + } + ip = net.ParseIP(parts[0]) + subnet = net.ParseIP(parts[1]) + isCIDR = true + } else { + ip = net.ParseIP(s) + subnet = nil + isCIDR = false + } + + if ip == nil { + return nil, fmt.Errorf("invalid IP address: %s", s) + } + + return &Network{ + IP: ip, + Subnet: &subnet, + IsCIDR: isCIDR, + }, nil +} + +func (n *Network) ContainsIPAddress(ipStr string) bool { + ip := net.ParseIP(ipStr) + if ip == nil { + return false + } + + if n.IsCIDR { + _, ipNet, err := net.ParseCIDR(fmt.Sprintf("%s/%s", n.IP.String(), n.Subnet.String())) + if err != nil { + return false + } + return ipNet.Contains(ip) + } + + return n.IP.Equal(ip) +} + +func GetNodeIpAddress() string { + ret := os.Getenv("KUBE_NODE_IP_ADDRESS") + if ret != "" { + return ret + } + return "127.0.0.1" +} diff --git a/pkg/wekafs/nfsmount.go b/pkg/wekafs/nfsmount.go index daa3888c0..317c0ba30 100644 --- a/pkg/wekafs/nfsmount.go +++ b/pkg/wekafs/nfsmount.go @@ -128,6 +128,13 @@ func (m *nfsMount) doMount(ctx context.Context, apiClient *apiclient.ApiClient, return errors.New("no API client for mount, cannot do NFS mount") } + nodeIP := apiclient.GetNodeIpAddress() + nodeIpNetString := fmt.Sprintf("%s/32", nodeIP) + if apiClient.EnsureNfsPermissions(ctx, nodeIpNetString, m.fsName) != nil { + logger.Error().Msg("Failed to ensure NFS permissions") + return errors.New("failed to ensure NFS permissions") + } + if err := m.ensureMountIpAddress(ctx, apiClient); err != nil { logger.Error().Err(err).Msg("Failed to get mount IP address") return err From cb92cfbac18b3911ff1e3df94a4bb4969ad5ddd0 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Sat, 10 Aug 2024 14:39:28 +0300 Subject: [PATCH 16/75] fix(CSI-213): wrong implementation of FindNfsClientGroupRulesByFilter --- pkg/wekafs/apiclient/nfs.go | 56 +++++++++++++++++++++++++++---------- 1 file changed, 41 insertions(+), 15 deletions(-) diff --git a/pkg/wekafs/apiclient/nfs.go b/pkg/wekafs/apiclient/nfs.go index 13a84844f..424b10255 100644 --- a/pkg/wekafs/apiclient/nfs.go +++ b/pkg/wekafs/apiclient/nfs.go @@ -223,7 +223,7 @@ type NfsClientGroup struct { Uid *uuid.UUID `json:"uid,omitempty" url:"-"` Rules *[]NfsClientGroupRule `json:"rules,omitempty" url:"-"` Id string `json:"id" url:"-"` - Name string `json:"name" url:"name"` + Name string `json:"name,omitempty" url:"name,omitempty"` } func (g *NfsClientGroup) GetType() string { @@ -247,8 +247,7 @@ func (g *NfsClientGroup) EQ(other ApiObject) bool { } func (g *NfsClientGroup) getImmutableFields() []string { - return []string{"Id", "Uid", "NfsClientGroup", "NfsClientGroupId", "GroupId", "Group", "PrivilegedPort", "ManageGids", - "CustomOptions", "RootSquashing"} + return []string{"Name", "Id", "Uid"} } func (g *NfsClientGroup) String() string { @@ -286,6 +285,10 @@ func (a *ApiClient) FindNfsClientGroupsByFilter(ctx context.Context, query *NfsC // GetNfsClientGroupByFilter expected to return exactly one result of FindNfsClientGroupsByFilter (error) func (a *ApiClient) GetNfsClientGroupByFilter(ctx context.Context, query *NfsClientGroup) (*NfsClientGroup, error) { + op := "GetNfsClientGroupByFilter" + ctx, span := otel.Tracer(TracerName).Start(ctx, op) + defer span.End() + ctx = log.With().Str("trace_id", span.SpanContext().TraceID().String()).Str("span_id", span.SpanContext().SpanID().String()).Str("op", op).Logger().WithContext(ctx) rs := &[]NfsClientGroup{} err := a.FindNfsClientGroupsByFilter(ctx, query, rs) if err != nil { @@ -329,6 +332,10 @@ func (a *ApiClient) CreateNfsClientGroup(ctx context.Context, r *NfsClientGroupC } func (a *ApiClient) EnsureCsiPluginNfsClientGroup(ctx context.Context) (*NfsClientGroup, error) { + op := "EnsureCsiPluginNfsClientGroup" + ctx, span := otel.Tracer(TracerName).Start(ctx, op) + defer span.End() + ctx = log.With().Str("trace_id", span.SpanContext().TraceID().String()).Str("span_id", span.SpanContext().SpanID().String()).Str("op", op).Logger().WithContext(ctx) var ret *NfsClientGroup ret, err := a.GetNfsClientGroupByName(ctx, NfsClientGroupName) if err == nil { @@ -373,11 +380,11 @@ func NewNfsClientGroupCreateRequest(name string) *NfsClientGroupCreateRequest { type NfsClientGroupRuleType string type NfsClientGroupRule struct { - NfsClientGroupUid uuid.UUID `json:"-"` - Type NfsClientGroupRuleType `json:"type"` - Uid uuid.UUID `json:"uid"` - Rule string `json:"rule"` - Id string `json:"id"` + NfsClientGroupUid uuid.UUID `json:"-" url:"-"` + Type NfsClientGroupRuleType `json:"type" url:"-"` + Uid uuid.UUID `json:"uid" url:"-"` + Rule string `json:"rule" url:"-"` + Id string `json:"id" url:"-"` } func (r *NfsClientGroupRule) GetType() string { @@ -406,8 +413,7 @@ func (r *NfsClientGroupRule) EQ(other ApiObject) bool { } func (r *NfsClientGroupRule) getImmutableFields() []string { - return []string{"Id", "Uid", "NfsClientGroup", "NfsClientGroupId", "GroupId", "Group", "PrivilegedPort", "ManageGids", - "CustomOptions", "RootSquashing"} + return []string{"Type", "Rule"} } func (r *NfsClientGroupRule) String() string { @@ -443,6 +449,10 @@ func (r *NfsClientGroupRule) IsEligibleForIP(ip string) bool { } func (a *ApiClient) GetNfsClientGroupRules(ctx context.Context, rules *[]NfsClientGroupRule) error { + op := "GetNfsClientGroupRules" + ctx, span := otel.Tracer(TracerName).Start(ctx, op) + defer span.End() + ctx = log.With().Str("trace_id", span.SpanContext().TraceID().String()).Str("span_id", span.SpanContext().SpanID().String()).Str("op", op).Logger().WithContext(ctx) cg, err := a.EnsureCsiPluginNfsClientGroup(ctx) if err != nil { return err @@ -456,13 +466,18 @@ func (a *ApiClient) FindNfsClientGroupRulesByFilter(ctx context.Context, query * ctx, span := otel.Tracer(TracerName).Start(ctx, op) defer span.End() ctx = log.With().Str("trace_id", span.SpanContext().TraceID().String()).Str("span_id", span.SpanContext().SpanID().String()).Str("op", op).Logger().WithContext(ctx) - ret := &[]NfsClientGroupRule{} - q, _ := qs.Values(query) - err := a.Get(ctx, query.GetBasePath(a), q, ret) - if err != nil { + logger := log.Ctx(ctx) + + // this is different that in other functions since we don't have /rules entry point for GET + // so we need to get the client group first + logger.Trace().Str("client_group_uid", query.NfsClientGroupUid.String()).Msg("Getting client group") + cg, err := a.GetNfsClientGroupByUid(ctx, query.NfsClientGroupUid) + if cg == nil || err != nil { return err } - for _, r := range *ret { + ret := *cg.Rules + + for _, r := range ret { if r.EQ(query) { *resultSet = append(*resultSet, r) } @@ -471,6 +486,10 @@ func (a *ApiClient) FindNfsClientGroupRulesByFilter(ctx context.Context, query * } func (a *ApiClient) GetNfsClientGroupRuleByFilter(ctx context.Context, rule *NfsClientGroupRule) (*NfsClientGroupRule, error) { + op := "GetNfsClientGroupRuleByFilter" + ctx, span := otel.Tracer(TracerName).Start(ctx, op) + defer span.End() + ctx = log.With().Str("trace_id", span.SpanContext().TraceID().String()).Str("span_id", span.SpanContext().SpanID().String()).Str("op", op).Logger().WithContext(ctx) rs := &[]NfsClientGroupRule{} err := a.FindNfsClientGroupRulesByFilter(ctx, rule, rs) if err != nil { @@ -568,9 +587,16 @@ func (a *ApiClient) EnsureNfsClientGroupRuleForIp(ctx context.Context, cg *NfsCl } func (a *ApiClient) EnsureNfsPermissions(ctx context.Context, ip string, fsName string) error { + op := "EnsureNfsPermissions" + ctx, span := otel.Tracer(TracerName).Start(ctx, op) + defer span.End() + ctx = log.With().Str("trace_id", span.SpanContext().TraceID().String()).Str("span_id", span.SpanContext().SpanID().String()).Str("op", op).Logger().WithContext(ctx) + logger := log.Ctx(ctx) // Ensure client group + logger.Debug().Msg("Ensuring CSI Plugin NFS Client Group") cg, err := a.EnsureCsiPluginNfsClientGroup(ctx) if err != nil { + logger.Error().Err(err).Msg("Failed to ensure NFS client group") return err } From 3bf841fa5cd1b4ed3498dced7ada7dd46bb9672e Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Sat, 10 Aug 2024 15:38:56 +0300 Subject: [PATCH 17/75] fix(CSI-213): define custom types for NFS objects --- pkg/wekafs/apiclient/nfs.go | 91 +++++++++++++++++++------------------ 1 file changed, 46 insertions(+), 45 deletions(-) diff --git a/pkg/wekafs/apiclient/nfs.go b/pkg/wekafs/apiclient/nfs.go index 424b10255..bcf93044e 100644 --- a/pkg/wekafs/apiclient/nfs.go +++ b/pkg/wekafs/apiclient/nfs.go @@ -13,45 +13,48 @@ import ( "k8s.io/helm/pkg/urlutil" ) +type NfsPermissionType string +type NfsPermissionSquashMode string +type NfsClientGroupRuleType string type NfsVersionString string type NfsAuthType string const ( - NfsPermissionTypeReadWrite = "RW" - NfsPermissionTypeReadOnly = "RO" - NfsPermissionSquashModeNone = "none" - NfsPermissionSquashModeRoot = "root" - NfsPermissionSquashModeAll = "all" - NfsClientGroupRuleTypeDNS = "DNS" - NfsClientGroupRuleTypeIP = "IP" - NfsClientGroupName = "WekaCSIPluginClients" - NfsVersionV3 NfsVersionString = "V3" - NfsVersionV4 NfsVersionString = "V4" - NfsAuthTypeNone NfsAuthType = "NONE" - NfsAuthTypeSys NfsAuthType = "SYS" - NfsAuthTypeKerberos5 NfsAuthType = "KRB5" + NfsPermissionTypeReadWrite NfsPermissionType = "RW" + NfsPermissionTypeReadOnly NfsPermissionType = "RO" + NfsPermissionSquashModeNone NfsPermissionSquashMode = "none" + NfsPermissionSquashModeRoot NfsPermissionSquashMode = "root" + NfsPermissionSquashModeAll NfsPermissionSquashMode = "all" + NfsClientGroupRuleTypeDNS NfsClientGroupRuleType = "DNS" + NfsClientGroupRuleTypeIP NfsClientGroupRuleType = "IP" + NfsVersionV3 NfsVersionString = "V3" + NfsVersionV4 NfsVersionString = "V4" + NfsAuthTypeNone NfsAuthType = "NONE" + NfsAuthTypeSys NfsAuthType = "SYS" + NfsAuthTypeKerberos5 NfsAuthType = "KRB5" + NfsClientGroupName = "WekaCSIPluginClients" ) type NfsPermission struct { - GroupId *string `json:"group_id,omitempty"` - PrivilegedPort *bool `json:"privileged_port,omitempty"` - SupportedVersions *[]NfsVersionString `json:"supported_versions,omitempty"` - Id *string `json:"id,omitempty"` - ObsDirect *bool `json:"obs_direct,omitempty"` - AnonUid *string `json:"anon_uid,omitempty"` - ManageGids *bool `json:"manage_gids,omitempty"` - CustomOptions *string `json:"custom_options,omitempty"` - Filesystem string `json:"filesystem"` - Uid *uuid.UUID `json:"uid,omitempty"` - Group string `json:"group"` - NfsClientGroupId *string `json:"NfsClientGroup_id,omitempty"` - PermissionType string `json:"permission_type,omitempty"` - MountOptions *string `json:"mount_options,omitempty"` - Path string `json:"path,omitempty"` - SquashMode string `json:"squash_mode,omitempty"` - RootSquashing *bool `json:"root_squashing,omitempty"` - AnonGid *string `json:"anon_gid,omitempty"` - EnableAuthTypes []NfsAuthType `json:"enable_auth_types,omitempty"` + GroupId *string `json:"group_id,omitempty"` + PrivilegedPort *bool `json:"privileged_port,omitempty"` + SupportedVersions *[]NfsVersionString `json:"supported_versions,omitempty"` + Id *string `json:"id,omitempty"` + ObsDirect *bool `json:"obs_direct,omitempty"` + AnonUid *string `json:"anon_uid,omitempty"` + ManageGids *bool `json:"manage_gids,omitempty"` + CustomOptions *string `json:"custom_options,omitempty"` + Filesystem string `json:"filesystem"` + Uid *uuid.UUID `json:"uid,omitempty"` + Group string `json:"group"` + NfsClientGroupId *string `json:"NfsClientGroup_id,omitempty"` + PermissionType NfsPermissionType `json:"permission_type,omitempty"` + MountOptions *string `json:"mount_options,omitempty"` + Path string `json:"path,omitempty"` + SquashMode NfsPermissionSquashMode `json:"squash_mode,omitempty"` + RootSquashing *bool `json:"root_squashing,omitempty"` + AnonGid *string `json:"anon_gid,omitempty"` + EnableAuthTypes []NfsAuthType `json:"enable_auth_types,omitempty"` } func (n *NfsPermission) GetType() string { @@ -147,17 +150,17 @@ func (a *ApiClient) GetNfsPermissionByUid(ctx context.Context, uid uuid.UUID) (* } type NfsPermissionCreateRequest struct { - Filesystem string `json:"filesystem"` - Group string `json:"group"` - Path string `json:"path"` - PermissionType string `json:"permission_type"` - SquashMode string `json:"squash_mode"` - AnonUid int `json:"anon_uid"` - AnonGid int `json:"anon_gid"` - ObsDirect *bool `json:"obs_direct,omitempty"` - SupportedVersions *[]string `json:"supported_versions,omitempty"` - Priority int `json:"priority"` - EnableAuthTypes []string `json:"enable_auth_types"` + Filesystem string `json:"filesystem"` + Group string `json:"group"` + Path string `json:"path"` + PermissionType NfsPermissionType `json:"permission_type"` + SquashMode NfsPermissionSquashMode `json:"squash_mode"` + AnonUid int `json:"anon_uid"` + AnonGid int `json:"anon_gid"` + ObsDirect *bool `json:"obs_direct,omitempty"` + SupportedVersions *[]string `json:"supported_versions,omitempty"` + Priority int `json:"priority"` + EnableAuthTypes []NfsAuthType `json:"enable_auth_types"` } func (qc *NfsPermissionCreateRequest) getApiUrl(a *ApiClient) string { @@ -377,8 +380,6 @@ func NewNfsClientGroupCreateRequest(name string) *NfsClientGroupCreateRequest { } } -type NfsClientGroupRuleType string - type NfsClientGroupRule struct { NfsClientGroupUid uuid.UUID `json:"-" url:"-"` Type NfsClientGroupRuleType `json:"type" url:"-"` From e6c795a29c1254d0ce37baf8fdaa79f8c39c4f33 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Sat, 10 Aug 2024 15:48:33 +0300 Subject: [PATCH 18/75] fix(CSI-213): low level bug fixes in APIclient NFS --- .../templates/nodeserver-daemonset.yaml | 2 +- go.mod | 5 + go.sum | 14 +- pkg/wekafs/apiclient/apiclient.go | 22 +- pkg/wekafs/apiclient/interfacegroup.go | 8 +- pkg/wekafs/apiclient/nfs.go | 261 ++++++++++----- pkg/wekafs/apiclient/nfs_test.go | 314 ++++++++++++++++++ pkg/wekafs/apiclient/utils.go | 35 +- pkg/wekafs/nfsmount.go | 3 +- 9 files changed, 551 insertions(+), 113 deletions(-) create mode 100644 pkg/wekafs/apiclient/nfs_test.go diff --git a/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml b/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml index ac7db2d8f..5e6ae96f9 100644 --- a/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml +++ b/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml @@ -142,7 +142,7 @@ spec: value: {{ required "Provide CSI Driver Dynamic Volume Creation Path" .Values.dynamicProvisionPath }} - name: X_CSI_MODE value: node - - name: NODE_IP_ADDRESS + - name: KUBE_NODE_IP_ADDRESS valueFrom: fieldRef: fieldPath: status.hostIP diff --git a/go.mod b/go.mod index 6b6766c91..ae6928226 100644 --- a/go.mod +++ b/go.mod @@ -14,6 +14,7 @@ require ( github.com/prometheus/client_golang v1.19.1 github.com/rs/zerolog v1.33.0 github.com/showa-93/go-mask v0.6.2 + github.com/stretchr/testify v1.9.0 go.opentelemetry.io/otel v1.28.0 go.opentelemetry.io/otel/exporters/jaeger v1.17.0 go.opentelemetry.io/otel/sdk v1.28.0 @@ -30,13 +31,16 @@ require ( require ( github.com/beorn7/perks v1.0.1 // indirect github.com/cespare/xxhash/v2 v2.3.0 // indirect + github.com/davecgh/go-spew v1.1.1 // indirect github.com/go-logr/logr v1.4.2 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/golang/protobuf v1.5.4 // indirect + github.com/kr/text v0.2.0 // indirect github.com/mattn/go-colorable v0.1.13 // indirect github.com/mattn/go-isatty v0.0.20 // indirect github.com/moby/sys/mountinfo v0.7.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect + github.com/pmezard/go-difflib v1.0.0 // indirect github.com/prometheus/client_model v0.6.1 // indirect github.com/prometheus/common v0.55.0 // indirect github.com/prometheus/procfs v0.15.1 // indirect @@ -45,6 +49,7 @@ require ( golang.org/x/sys v0.22.0 // indirect golang.org/x/text v0.16.0 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20240730163845-b1a4ccb954bf // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect k8s.io/klog/v2 v2.130.1 // indirect k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 // indirect ) diff --git a/go.sum b/go.sum index e7a564d21..1fe56df78 100644 --- a/go.sum +++ b/go.sum @@ -5,6 +5,7 @@ github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XL github.com/container-storage-interface/spec v1.10.0 h1:YkzWPV39x+ZMTa6Ax2czJLLwpryrQ+dPesB34mrRMXA= github.com/container-storage-interface/spec v1.10.0/go.mod h1:DtUvaQszPml1YJfIK7c00mlv6/g4wNMLanLgiUbKFRI= github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= @@ -24,6 +25,10 @@ github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/hashicorp/go-version v1.7.0 h1:5tqGy27NaOTB8yJKUZELlFAS/LTKJkrmONwQKeRZfjY= github.com/hashicorp/go-version v1.7.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= +github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/kubernetes-csi/csi-lib-utils v0.18.1 h1:vpg1kbQ6lFVCz7mY71zcqVE7W0GAQXXBoFfHvbW3gdw= github.com/kubernetes-csi/csi-lib-utils v0.18.1/go.mod h1:PIcn27zmbY0KBue4JDdZVfDF56tjcS3jKroZPi+pMoY= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= @@ -49,13 +54,15 @@ github.com/prometheus/common v0.55.0 h1:KEi6DK7lXW/m7Ig5i47x0vRzuBsHuvJdi5ee6Y3G github.com/prometheus/common v0.55.0/go.mod h1:2SECS4xJG1kd8XF9IcM1gMX6510RAEL65zxzNImwdc8= github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc= github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk= +github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= +github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg= github.com/rs/zerolog v1.33.0 h1:1cU2KZkvPxNyfgEmhHAz/1A9Bz+llsdYzklWFzgp0r8= github.com/rs/zerolog v1.33.0/go.mod h1:/7mN4D5sKwJLZQ2b/znpjC3/GQWY/xaDXUM0kKWRHss= github.com/showa-93/go-mask v0.6.2 h1:sJEUQRpbxUoMTfBKey5K9hCg+eSx5KIAZFT7pa1LXbM= github.com/showa-93/go-mask v0.6.2/go.mod h1:aswIj007gm0EPAzOGES9ACy1jDm3QT08/LPSClMp410= -github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= +github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= go.opentelemetry.io/otel v1.28.0 h1:/SqNcYk+idO0CxKEUOtKQClMK/MimZihKYMruSMViUo= @@ -89,6 +96,9 @@ google.golang.org/grpc v1.65.0 h1:bs/cUb4lp1G5iImFFd3u5ixQzweKizoZJAwBNLR42lc= google.golang.org/grpc v1.65.0/go.mod h1:WgYC2ypjlB0EiQi6wdKixMqukr6lBc0Vo+oOgjrM5ZQ= google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= k8s.io/apimachinery v0.30.3 h1:q1laaWCmrszyQuSQCfNB8cFgCuDAoPszKY4ucAjDwHc= diff --git a/pkg/wekafs/apiclient/apiclient.go b/pkg/wekafs/apiclient/apiclient.go index f0e21c9dd..8fe64db26 100644 --- a/pkg/wekafs/apiclient/apiclient.go +++ b/pkg/wekafs/apiclient/apiclient.go @@ -746,21 +746,21 @@ type ApiResponse struct { // ApiObject generic interface of API object of any type (FileSystem, Quota, etc.) type ApiObject interface { - GetType() string - GetBasePath(a *ApiClient) string - GetApiUrl(a *ApiClient) string - EQ(other ApiObject) bool - getImmutableFields() []string - String() string + GetType() string // returns the type of the object + GetBasePath(a *ApiClient) string // returns the base path of objects of this type (plural) + GetApiUrl(a *ApiClient) string // returns the full URL of the object consisting of base path and object UID + EQ(other ApiObject) bool // a way to compare objects and check if they are the same + getImmutableFields() []string // provides a list of fields that are used for comparison in EQ() + String() string // returns a string representation of the object } // ApiObjectRequest interface that describes a request for an ApiObject CRUD operation type ApiObjectRequest interface { - getRequiredFields() []string - hasRequiredFields() bool - getRelatedObject() ApiObject - getApiUrl(a *ApiClient) string - String() string + getRequiredFields() []string // returns a list of fields that are mandatory for the object for creation + hasRequiredFields() bool // checks if all mandatory fields are filled in + getRelatedObject() ApiObject // returns the type of object that is being requested + getApiUrl(a *ApiClient) string // returns the full URL of the object consisting of base path and object UID + String() string // returns a string representation of the object request } type Credentials struct { diff --git a/pkg/wekafs/apiclient/interfacegroup.go b/pkg/wekafs/apiclient/interfacegroup.go index 604f8b538..747edd9c6 100644 --- a/pkg/wekafs/apiclient/interfacegroup.go +++ b/pkg/wekafs/apiclient/interfacegroup.go @@ -33,7 +33,7 @@ func (i *InterfaceGroup) String() string { } func (i *InterfaceGroup) getImmutableFields() []string { - return []string{"Id", "Uid", "Slot"} + return []string{"Name", "Gateway", "SubnetMask", "Type"} } func (i *InterfaceGroup) GetType() string { @@ -46,7 +46,7 @@ func (i *InterfaceGroup) GetBasePath(client *ApiClient) string { func (i *InterfaceGroup) GetApiUrl(client *ApiClient) string { url, err := urlutil.URLJoin(i.GetBasePath(client), i.Uid.String()) - if err != nil { + if err == nil { return url } return "" @@ -162,5 +162,9 @@ func (a *ApiClient) GetNfsMountIp(ctx context.Context) (string, error) { if ig == nil { return "", errors.New("no NFS interface group found") } + if ig.Ips == nil || len(ig.Ips) == 0 { + return "", errors.New("no IP addresses found for NFS interface group") + } + return ig.GetIpAddress() } diff --git a/pkg/wekafs/apiclient/nfs.go b/pkg/wekafs/apiclient/nfs.go index bcf93044e..ec2f9612f 100644 --- a/pkg/wekafs/apiclient/nfs.go +++ b/pkg/wekafs/apiclient/nfs.go @@ -11,6 +11,7 @@ import ( "go.opentelemetry.io/otel" "golang.org/x/exp/slices" "k8s.io/helm/pkg/urlutil" + "strconv" ) type NfsPermissionType string @@ -36,25 +37,25 @@ const ( ) type NfsPermission struct { - GroupId *string `json:"group_id,omitempty"` - PrivilegedPort *bool `json:"privileged_port,omitempty"` - SupportedVersions *[]NfsVersionString `json:"supported_versions,omitempty"` - Id *string `json:"id,omitempty"` - ObsDirect *bool `json:"obs_direct,omitempty"` - AnonUid *string `json:"anon_uid,omitempty"` - ManageGids *bool `json:"manage_gids,omitempty"` - CustomOptions *string `json:"custom_options,omitempty"` - Filesystem string `json:"filesystem"` - Uid *uuid.UUID `json:"uid,omitempty"` - Group string `json:"group"` - NfsClientGroupId *string `json:"NfsClientGroup_id,omitempty"` - PermissionType NfsPermissionType `json:"permission_type,omitempty"` - MountOptions *string `json:"mount_options,omitempty"` - Path string `json:"path,omitempty"` - SquashMode NfsPermissionSquashMode `json:"squash_mode,omitempty"` - RootSquashing *bool `json:"root_squashing,omitempty"` - AnonGid *string `json:"anon_gid,omitempty"` - EnableAuthTypes []NfsAuthType `json:"enable_auth_types,omitempty"` + GroupId string `json:"group_id,omitempty" url:"-"` + PrivilegedPort bool `json:"privileged_port,omitempty" url:"-"` + SupportedVersions []NfsVersionString `json:"supported_versions,omitempty" url:"-"` + Id string `json:"id,omitempty" url:"-"` + ObsDirect bool `json:"obs_direct,omitempty" url:"-"` + AnonUid string `json:"anon_uid,omitempty" url:"-"` + ManageGids bool `json:"manage_gids,omitempty" url:"-"` + CustomOptions string `json:"custom_options,omitempty" url:"-"` + Filesystem string `json:"filesystem" url:"-"` + Uid uuid.UUID `json:"uid,omitempty" url:"-"` + Group string `json:"group" url:"-"` + NfsClientGroupId string `json:"NfsClientGroup_id,omitempty" url:"-"` + PermissionType NfsPermissionType `json:"permission_type,omitempty" url:"-"` + MountOptions string `json:"mount_options,omitempty" url:"-"` + Path string `json:"path,omitempty" url:"-"` + SquashMode NfsPermissionSquashMode `json:"squash_mode,omitempty" url:"-"` + RootSquashing bool `json:"root_squashing,omitempty" url:"-"` + AnonGid string `json:"anon_gid,omitempty" url:"-"` + EnableAuthTypes []NfsAuthType `json:"enable_auth_types,omitempty" url:"-"` } func (n *NfsPermission) GetType() string { @@ -78,8 +79,7 @@ func (n *NfsPermission) EQ(other ApiObject) bool { } func (n *NfsPermission) getImmutableFields() []string { - return []string{"Id", "Uid", "NfsClientGroup", "NfsClientGroupId", "GroupId", "Group", "PrivilegedPort", "ManageGids", - "CustomOptions", "RootSquashing"} + return []string{"Group", "Filesystem", "SupportedVersions", "PermissionType", "Path", "SquashMode"} } func (n *NfsPermission) String() string { @@ -87,13 +87,12 @@ func (n *NfsPermission) String() string { } func (n *NfsPermission) IsEligibleForCsi() bool { - return n.RootSquashing != nil && *n.RootSquashing == false && - n.SupportedVersions != nil && slices.Contains(*n.SupportedVersions, "V4") && + return n.RootSquashing == false && slices.Contains(n.SupportedVersions, "V4") && n.PermissionType == NfsPermissionTypeReadWrite && n.SquashMode == NfsPermissionSquashModeNone } -func (a *ApiClient) GetNfsPermissions(ctx context.Context, permissions *[]NfsPermission) error { +func (a *ApiClient) GetNfsPermissions(ctx context.Context, fsUid uuid.UUID, permissions *[]NfsPermission) error { n := &NfsPermission{} err := a.Get(ctx, n.GetBasePath(a), nil, permissions) @@ -145,7 +144,7 @@ func (a *ApiClient) GetNfsPermissionsByFilesystemName(ctx context.Context, fsNam } func (a *ApiClient) GetNfsPermissionByUid(ctx context.Context, uid uuid.UUID) (*NfsPermission, error) { - query := &NfsPermission{Uid: &uid} + query := &NfsPermission{Uid: uid} return a.GetNfsPermissionByFilter(ctx, query) } @@ -168,12 +167,12 @@ func (qc *NfsPermissionCreateRequest) getApiUrl(a *ApiClient) string { } func (qc *NfsPermissionCreateRequest) getRelatedObject() ApiObject { return &NfsPermission{ - GroupId: &qc.Group, + GroupId: qc.Group, } } func (qc *NfsPermissionCreateRequest) getRequiredFields() []string { - return []string{"filesystem", "group"} + return []string{"Filesystem", "Group", "Path", "PermissionType", "SquashMode", "SupportedVersions"} } func (qc *NfsPermissionCreateRequest) hasRequiredFields() bool { return ObjectRequestHasRequiredFields(qc) @@ -183,7 +182,7 @@ func (qc *NfsPermissionCreateRequest) String() string { return fmt.Sprintln("NfsPermissionCreateRequest(FS:", qc.Filesystem) } -func (a *ApiClient) CreateNfsPermission(ctx context.Context, r *NfsPermissionCreateRequest, fs *NfsPermission) error { +func (a *ApiClient) CreateNfsPermission(ctx context.Context, r *NfsPermissionCreateRequest, p *NfsPermission) error { op := "CreateNfsPermission" ctx, span := otel.Tracer(TracerName).Start(ctx, op) defer span.End() @@ -196,37 +195,45 @@ func (a *ApiClient) CreateNfsPermission(ctx context.Context, r *NfsPermissionCre return err } - err = a.Post(ctx, r.getRelatedObject().GetBasePath(a), &payload, nil, fs) + err = a.Post(ctx, r.getRelatedObject().GetBasePath(a), &payload, nil, p) return err } func EnsureNfsPermission(ctx context.Context, fsName string, group string, apiClient *ApiClient) error { perm := &NfsPermission{ + SupportedVersions: []NfsVersionString{NfsVersionV4}, + AnonUid: strconv.Itoa(65534), + AnonGid: strconv.Itoa(65534), Filesystem: fsName, - SupportedVersions: &[]NfsVersionString{NfsVersionV4}, - ObsDirect: &[]bool{false}[0], Group: group, PermissionType: NfsPermissionTypeReadWrite, Path: "/", SquashMode: NfsPermissionSquashModeNone, } _, err := apiClient.GetNfsPermissionByFilter(ctx, perm) - if err == ObjectNotFoundError { - req := &NfsPermissionCreateRequest{ - Filesystem: fsName, - Group: group, - SquashMode: NfsPermissionSquashModeNone, + if err != nil { + if err == ObjectNotFoundError { + req := &NfsPermissionCreateRequest{ + Filesystem: fsName, + Group: group, + Path: "/", + PermissionType: NfsPermissionTypeReadWrite, + SquashMode: NfsPermissionSquashModeNone, + AnonGid: 65534, + AnonUid: 65534, + SupportedVersions: &[]string{string(NfsVersionV4)}, + } + return apiClient.CreateNfsPermission(ctx, req, perm) } - return apiClient.CreateNfsPermission(ctx, req, perm) } return err } type NfsClientGroup struct { - Uid *uuid.UUID `json:"uid,omitempty" url:"-"` - Rules *[]NfsClientGroupRule `json:"rules,omitempty" url:"-"` - Id string `json:"id" url:"-"` - Name string `json:"name,omitempty" url:"name,omitempty"` + Uid uuid.UUID `json:"uid,omitempty" url:"-"` + Rules []NfsClientGroupRule `json:"rules,omitempty" url:"-"` + Id string `json:"id,omitempty" url:"-"` + Name string `json:"name,omitempty" url:"name,omitempty"` } func (g *NfsClientGroup) GetType() string { @@ -239,7 +246,7 @@ func (g *NfsClientGroup) GetBasePath(a *ApiClient) string { func (g *NfsClientGroup) GetApiUrl(a *ApiClient) string { url, err := urlutil.URLJoin(g.GetBasePath(a), g.Uid.String()) - if err != nil { + if err == nil { return url } return "" @@ -250,11 +257,11 @@ func (g *NfsClientGroup) EQ(other ApiObject) bool { } func (g *NfsClientGroup) getImmutableFields() []string { - return []string{"Name", "Id", "Uid"} + return []string{"Name"} } func (g *NfsClientGroup) String() string { - return fmt.Sprintln("NfsClientGroup name:", g.Name, "Uid:", g.Uid.String()) + return fmt.Sprintln("NfsClientGroup name:", g.Name) } func (a *ApiClient) GetNfsClientGroups(ctx context.Context, clientGroups *[]NfsClientGroup) error { @@ -272,6 +279,8 @@ func (a *ApiClient) FindNfsClientGroupsByFilter(ctx context.Context, query *NfsC ctx, span := otel.Tracer(TracerName).Start(ctx, op) defer span.End() ctx = log.With().Str("trace_id", span.SpanContext().TraceID().String()).Str("span_id", span.SpanContext().SpanID().String()).Str("op", op).Logger().WithContext(ctx) + logger := log.Ctx(ctx) + logger.Trace().Str("client_group_query", query.String()).Msg("Finding client groups by filter") ret := &[]NfsClientGroup{} q, _ := qs.Values(query) err := a.Get(ctx, query.GetBasePath(a), q, ret) @@ -292,8 +301,10 @@ func (a *ApiClient) GetNfsClientGroupByFilter(ctx context.Context, query *NfsCli ctx, span := otel.Tracer(TracerName).Start(ctx, op) defer span.End() ctx = log.With().Str("trace_id", span.SpanContext().TraceID().String()).Str("span_id", span.SpanContext().SpanID().String()).Str("op", op).Logger().WithContext(ctx) + logger := log.Ctx(ctx) rs := &[]NfsClientGroup{} err := a.FindNfsClientGroupsByFilter(ctx, query, rs) + logger.Trace().Str("client_group", query.String()).Msg("Getting client group by filter") if err != nil { return &NfsClientGroup{}, err } @@ -312,9 +323,27 @@ func (a *ApiClient) GetNfsClientGroupByName(ctx context.Context, name string) (* return a.GetNfsClientGroupByFilter(ctx, query) } -func (a *ApiClient) GetNfsClientGroupByUid(ctx context.Context, uid uuid.UUID) (*NfsClientGroup, error) { - query := &NfsClientGroup{Uid: &uid} - return a.GetNfsClientGroupByFilter(ctx, query) +func (a *ApiClient) GetNfsClientGroupByUid(ctx context.Context, uid uuid.UUID, cg *NfsClientGroup) error { + ret := &NfsClientGroup{ + Uid: uid, + } + err := a.Get(ctx, ret.GetApiUrl(a), nil, cg) + if err != nil { + switch t := err.(type) { + case *ApiNotFoundError: + return ObjectNotFoundError + case *ApiBadRequestError: + for _, c := range t.ApiResponse.ErrorCodes { + if c == "ClientGroupDoesNotExistException" { + return ObjectNotFoundError + } + } + default: + return err + } + } + return nil + } func (a *ApiClient) CreateNfsClientGroup(ctx context.Context, r *NfsClientGroupCreateRequest, fs *NfsClientGroup) error { @@ -339,16 +368,20 @@ func (a *ApiClient) EnsureCsiPluginNfsClientGroup(ctx context.Context) (*NfsClie ctx, span := otel.Tracer(TracerName).Start(ctx, op) defer span.End() ctx = log.With().Str("trace_id", span.SpanContext().TraceID().String()).Str("span_id", span.SpanContext().SpanID().String()).Str("op", op).Logger().WithContext(ctx) + logger := log.Ctx(ctx) var ret *NfsClientGroup + logger.Trace().Str("client_group_name", NfsClientGroupName).Msg("Getting client group by name") ret, err := a.GetNfsClientGroupByName(ctx, NfsClientGroupName) - if err == nil { - return ret, nil - } - if err != ObjectNotFoundError { - return ret, err + if err != nil { + if err != ObjectNotFoundError { + logger.Error().Err(err).Msg("Failed to get client group by name") + return ret, err + } else { + logger.Trace().Str("client_group_name", NfsClientGroupName).Msg("Existing client group not found, creating client group") + err = a.CreateNfsClientGroup(ctx, NewNfsClientGroupCreateRequest(NfsClientGroupName), ret) + } } - err = a.CreateNfsClientGroup(ctx, NewNfsClientGroupCreateRequest(NfsClientGroupName), ret) - return ret, err + return ret, nil } type NfsClientGroupCreateRequest struct { @@ -380,12 +413,61 @@ func NewNfsClientGroupCreateRequest(name string) *NfsClientGroupCreateRequest { } } +type NfsClientGroupDeleteRequest struct { + Uid uuid.UUID `json:"-"` +} + +func (cgd *NfsClientGroupDeleteRequest) getApiUrl(a *ApiClient) string { + return cgd.getRelatedObject().GetApiUrl(a) +} + +func (cgd *NfsClientGroupDeleteRequest) getRelatedObject() ApiObject { + return &NfsClientGroup{Uid: cgd.Uid} +} + +func (cgd *NfsClientGroupDeleteRequest) getRequiredFields() []string { + return []string{"Uid"} +} + +func (cgd *NfsClientGroupDeleteRequest) hasRequiredFields() bool { + return ObjectRequestHasRequiredFields(cgd) +} + +func (cgd *NfsClientGroupDeleteRequest) String() string { + return fmt.Sprintln("NfsClientGroupDeleteRequest(uid:", cgd.Uid) +} + +func (a *ApiClient) DeleteNfsClientGroup(ctx context.Context, r *NfsClientGroupDeleteRequest) error { + op := "DeleteNfsClientGroup" + ctx, span := otel.Tracer(TracerName).Start(ctx, op) + defer span.End() + ctx = log.With().Str("trace_id", span.SpanContext().TraceID().String()).Str("span_id", span.SpanContext().SpanID().String()).Str("op", op).Logger().WithContext(ctx) + if !r.hasRequiredFields() { + return RequestMissingParams + } + apiResponse := &ApiResponse{} + err := a.Delete(ctx, r.getApiUrl(a), nil, nil, apiResponse) + if err != nil { + switch t := err.(type) { + case *ApiNotFoundError: + return ObjectNotFoundError + case *ApiBadRequestError: + for _, c := range t.ApiResponse.ErrorCodes { + if c == "FilesystemDoesNotExistException" { + return ObjectNotFoundError + } + } + } + } + return nil +} + type NfsClientGroupRule struct { NfsClientGroupUid uuid.UUID `json:"-" url:"-"` - Type NfsClientGroupRuleType `json:"type" url:"-"` - Uid uuid.UUID `json:"uid" url:"-"` - Rule string `json:"rule" url:"-"` - Id string `json:"id" url:"-"` + Type NfsClientGroupRuleType `json:"type,omitempty" url:"-"` + Uid uuid.UUID `json:"uid,omitempty" url:"-"` + Rule string `json:"rule,omitempty" url:"-"` + Id string `json:"id,omitempty" url:"-"` } func (r *NfsClientGroupRule) GetType() string { @@ -393,7 +475,7 @@ func (r *NfsClientGroupRule) GetType() string { } func (r *NfsClientGroupRule) GetBasePath(a *ApiClient) string { - ncgUrl := (&NfsClientGroup{Uid: &r.Uid}).GetApiUrl(a) + ncgUrl := (&NfsClientGroup{Uid: r.Uid}).GetApiUrl(a) url, err := urlutil.URLJoin(ncgUrl, r.GetType()) if err != nil { return "" @@ -414,7 +496,7 @@ func (r *NfsClientGroupRule) EQ(other ApiObject) bool { } func (r *NfsClientGroupRule) getImmutableFields() []string { - return []string{"Type", "Rule"} + return []string{"Rule"} } func (r *NfsClientGroupRule) String() string { @@ -458,7 +540,9 @@ func (a *ApiClient) GetNfsClientGroupRules(ctx context.Context, rules *[]NfsClie if err != nil { return err } - rules = cg.Rules + copiedRules := make([]NfsClientGroupRule, len(cg.Rules)) + copy(copiedRules, cg.Rules) + *rules = copiedRules return nil } @@ -472,11 +556,12 @@ func (a *ApiClient) FindNfsClientGroupRulesByFilter(ctx context.Context, query * // this is different that in other functions since we don't have /rules entry point for GET // so we need to get the client group first logger.Trace().Str("client_group_uid", query.NfsClientGroupUid.String()).Msg("Getting client group") - cg, err := a.GetNfsClientGroupByUid(ctx, query.NfsClientGroupUid) + cg := &NfsClientGroup{} + err := a.GetNfsClientGroupByUid(ctx, query.NfsClientGroupUid, cg) if cg == nil || err != nil { return err } - ret := *cg.Rules + ret := cg.Rules for _, r := range ret { if r.EQ(query) { @@ -508,9 +593,9 @@ func (a *ApiClient) GetNfsClientGroupRuleByFilter(ctx context.Context, rule *Nfs type NfsClientGroupRuleCreateRequest struct { NfsClientGroupUid uuid.UUID `json:"-"` - Type NfsClientGroupRuleType `json:"type"` - Hostname *string `json:"dns,omitempty"` - Ip *string `json:"ip,omitempty"` + Type NfsClientGroupRuleType `json:"-"` + Hostname string `json:"dns,omitempty"` + Ip string `json:"ip,omitempty"` } func (r *NfsClientGroupRuleCreateRequest) getType() string { @@ -526,7 +611,7 @@ func (r *NfsClientGroupRuleCreateRequest) getApiUrl(a *ApiClient) string { } func (r *NfsClientGroupRuleCreateRequest) getRequiredFields() []string { - return []string{"NfsClientGroupUid", "Type"} + return []string{"Type"} } func (r *NfsClientGroupRuleCreateRequest) hasRequiredFields() bool { @@ -534,13 +619,20 @@ func (r *NfsClientGroupRuleCreateRequest) hasRequiredFields() bool { } func (r *NfsClientGroupRuleCreateRequest) getRelatedObject() ApiObject { - return &NfsClientGroup{Uid: &r.NfsClientGroupUid} + return &NfsClientGroup{Uid: r.NfsClientGroupUid} } func (r *NfsClientGroupRuleCreateRequest) String() string { return fmt.Sprintln("NfsClientGroupRuleCreateRequest(NfsClientGroupUid:", r.NfsClientGroupUid, "Type:", r.Type) } +func (r *NfsClientGroupRuleCreateRequest) AsRule() string { + if r.Type == NfsClientGroupRuleTypeDNS { + return r.Hostname + } + return r.Ip +} + func NewNfsClientGroupRuleCreateRequest(cgUid uuid.UUID, ruleType NfsClientGroupRuleType, rule string) *NfsClientGroupRuleCreateRequest { ret := &NfsClientGroupRuleCreateRequest{ @@ -548,9 +640,13 @@ func NewNfsClientGroupRuleCreateRequest(cgUid uuid.UUID, ruleType NfsClientGroup Type: ruleType, } if ruleType == NfsClientGroupRuleTypeDNS { - ret.Hostname = &rule + ret.Hostname = rule } else if ruleType == NfsClientGroupRuleTypeIP { - ret.Ip = &rule + net, err := parseNetworkString(rule) + if err != nil { + return nil + } + ret.Ip = net.AsNfsRule() } return ret } @@ -560,9 +656,13 @@ func (a *ApiClient) CreateNfsClientGroupRule(ctx context.Context, r *NfsClientGr ctx, span := otel.Tracer(TracerName).Start(ctx, op) defer span.End() ctx = log.With().Str("trace_id", span.SpanContext().TraceID().String()).Str("span_id", span.SpanContext().SpanID().String()).Str("op", op).Logger().WithContext(ctx) + logger := log.Ctx(ctx) + logger.Trace().Str("client_group_rule", r.String()).Msg("Creating client group rule") + if !r.hasRequiredFields() { return RequestMissingParams } + payload, err := json.Marshal(r) if err != nil { return err @@ -576,14 +676,20 @@ func (a *ApiClient) EnsureNfsClientGroupRuleForIp(ctx context.Context, cg *NfsCl if cg == nil { return errors.New("NfsClientGroup is nil") } - q := &NfsClientGroupRule{Type: NfsClientGroupRuleTypeIP, Rule: ip, NfsClientGroupUid: *cg.Uid} + r, err := parseNetworkString(ip) + if err != nil { + return err + } + + q := &NfsClientGroupRule{Type: NfsClientGroupRuleTypeIP, Rule: r.AsNfsRule(), NfsClientGroupUid: cg.Uid} rule, err := a.GetNfsClientGroupRuleByFilter(ctx, q) - if err == ObjectNotFoundError { - req := NewNfsClientGroupRuleCreateRequest(*cg.Uid, rule.Type, rule.Rule) - err = a.CreateNfsClientGroupRule(ctx, req, rule) + if err != nil { + if err == ObjectNotFoundError { + req := NewNfsClientGroupRuleCreateRequest(cg.Uid, q.Type, q.Rule) + return a.CreateNfsClientGroupRule(ctx, req, rule) + } } - return err } @@ -593,8 +699,9 @@ func (a *ApiClient) EnsureNfsPermissions(ctx context.Context, ip string, fsName defer span.End() ctx = log.With().Str("trace_id", span.SpanContext().TraceID().String()).Str("span_id", span.SpanContext().SpanID().String()).Str("op", op).Logger().WithContext(ctx) logger := log.Ctx(ctx) + logger.Debug().Str("ip", ip).Str("filesystem", fsName).Msg("Ensuring NFS permissions") // Ensure client group - logger.Debug().Msg("Ensuring CSI Plugin NFS Client Group") + logger.Trace().Msg("Ensuring CSI Plugin NFS Client Group") cg, err := a.EnsureCsiPluginNfsClientGroup(ctx) if err != nil { logger.Error().Err(err).Msg("Failed to ensure NFS client group") @@ -602,11 +709,13 @@ func (a *ApiClient) EnsureNfsPermissions(ctx context.Context, ip string, fsName } // Ensure client group rule + logger.Trace().Str("ip_address", ip).Msg("Ensuring NFS Client Group Rule for IP") err = a.EnsureNfsClientGroupRuleForIp(ctx, cg, ip) if err != nil { return err } // Ensure NFS permission + logger.Trace().Str("filesystem", fsName).Str("client_group", cg.Name).Msg("Ensuring NFS Export for client group") err = EnsureNfsPermission(ctx, fsName, cg.Name, a) return err } diff --git a/pkg/wekafs/apiclient/nfs_test.go b/pkg/wekafs/apiclient/nfs_test.go new file mode 100644 index 000000000..8dd41e2ea --- /dev/null +++ b/pkg/wekafs/apiclient/nfs_test.go @@ -0,0 +1,314 @@ +package apiclient + +import ( + "context" + "flag" + "github.com/google/uuid" + "github.com/stretchr/testify/assert" + "k8s.io/apimachinery/pkg/util/rand" + "testing" +) + +var creds Credentials +var endpoint string +var fsName string + +var client *ApiClient + +func TestMain(m *testing.M) { + flag.StringVar(&endpoint, "api-endpoint", "vm49-1723969301909816-0.lan:14000", "API endpoint for tests") + flag.StringVar(&creds.Username, "api-username", "admin", "API username for tests") + flag.StringVar(&creds.Password, "api-password", "AAbb1234", "API password for tests") + flag.StringVar(&creds.Organization, "api-org", "Root", "API org for tests") + flag.StringVar(&creds.HttpScheme, "api-scheme", "https", "API scheme for tests") + flag.StringVar(&fsName, "fs-name", "default", "Filesystem name for tests") + flag.Parse() + m.Run() +} + +func GetApiClientForTest(t *testing.T) *ApiClient { + creds.Endpoints = []string{endpoint} + if client == nil { + apiClient, err := NewApiClient(context.Background(), creds, true, "test") + if err != nil { + t.Fatalf("Failed to create API client: %v", err) + } + if apiClient == nil { + t.Fatalf("Failed to create API client") + } + if err := apiClient.Login(context.Background()); err != nil { + t.Fatalf("Failed to login: %v", err) + } + client = apiClient + } + return client +} + +// +//func TestGetNfsPermissions(t *testing.T) { +// apiClient := GetApiClientForTest(t) +// +// var permissions []NfsPermission +// +// req := &NfsPermissionCreateRequest{ +// Filesystem: fsName, +// Group: "group1", +// } +// p := &NfsPermission{} +// err := apiClient.CreateNfsPermission(context.Background(), &NfsPermissionCreateRequest{}, p) +// assert.NoError(t, err) +// assert.NotZero(t, p.Uid) +// +// err := apiClient.GetNfsPermissions(context.Background(), &permissions) +// assert.NoError(t, err) +// assert.NotEmpty(t, permissions) +//} +// +//func TestFindNfsPermissionsByFilter(t *testing.T) { +// apiClient := GetApiClientForTest(t) +// query := &NfsPermission{Filesystem: "fs1"} +// var resultSet []NfsPermission +// err := apiClient.FindNfsPermissionsByFilter(context.Background(), query, &resultSet) +// assert.NoError(t, err) +// assert.NotEmpty(t, resultSet) +//} +// +//func TestGetNfsPermissionByFilter(t *testing.T) { +// apiClient := GetApiClientForTest(t) +// +// query := &NfsPermission{Filesystem: "fs1"} +// result, err := apiClient.GetNfsPermissionByFilter(context.Background(), query) +// assert.NoError(t, err) +// assert.NotNil(t, result) +//} +// +//func TestGetNfsPermissionsByFilesystemName(t *testing.T) { +// apiClient := GetApiClientForTest(t) +// +// +// var permissions []NfsPermission +// err := apiClient.GetNfsPermissionsByFilesystemName(context.Background(), "fs1", &permissions) +// assert.NoError(t, err) +// assert.NotEmpty(t, permissions) +//} +// +//func TestGetNfsPermissionByUid(t *testing.T) { +// apiClient := GetApiClientForTest(t) +// server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { +// w.WriteHeader(http.StatusOK) +// w.Write([]byte(`{"filesystem": "fs1", "group": "group1"}`)) +// })) +// defer server.Close() +// +// +// uid := uuid.New() +// result, err := apiClient.GetNfsPermissionByUid(context.Background(), uid) +// assert.NoError(t, err) +// assert.NotNil(t, result) +//} +// +//func TestCreateNfsPermission(t *testing.T) { +// apiClient := GetApiClientForTest(t) +// +// req := &NfsPermissionCreateRequest{ +// Filesystem: "fs1", +// Group: "group1", +// SquashMode: NfsPermissionSquashModeNone, +// AnonUid: 1000, +// AnonGid: 1000, +// EnableAuthTypes: []NfsAuthType{NfsAuthTypeSys}, +// } +// var perm NfsPermission +// err := apiClient.CreateNfsPermission(context.Background(), req, &perm) +// assert.NoError(t, err) +// assert.NotNil(t, perm) +//} +// +//func TestEnsureNfsPermission(t *testing.T) { +// apiClient := GetApiClientForTest(t) +// server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { +// w.WriteHeader(http.StatusOK) +// w.Write([]byte(`{"filesystem": "fs1", "group": "group1"}`)) +// })) +// defer server.Close() +// +// +// err := EnsureNfsPermission(context.Background(), "fs1", "group1", apiClient) +// assert.NoError(t, err) +//} + +func TestNfsClientGroup(t *testing.T) { + apiClient := GetApiClientForTest(t) + + var clientGroups []NfsClientGroup + var cg = &NfsClientGroup{ + Uid: uuid.New(), + } + // Test GetApiUrl + assert.NotEmpty(t, cg.GetApiUrl(apiClient)) + assert.Contains(t, cg.GetApiUrl(apiClient), cg.Uid.String()) + + // Test EQ + cg1 := &NfsClientGroup{ + Name: "test", + } + + cg2 := &NfsClientGroup{ + Name: "test", + } + assert.True(t, cg1.EQ(cg2)) + + // Test GetBasePath + assert.NotEmpty(t, cg.GetBasePath(apiClient)) + + // Test Create + cgName := rand.String(10) + err := apiClient.CreateNfsClientGroup(context.Background(), &NfsClientGroupCreateRequest{Name: cgName}, cg) + assert.NotEmpty(t, cg.Uid) + assert.NoError(t, err) + assert.Equal(t, cgName, cg.Name) + assert.Empty(t, cg.Rules) + + // Test GetGroups + err = apiClient.GetNfsClientGroups(context.Background(), &clientGroups) + assert.NoError(t, err) + assert.NotEmpty(t, clientGroups) + + // Test GetGroupByUid + uid := cg.Uid + err = apiClient.GetNfsClientGroupByUid(context.Background(), uid, cg) + assert.NoError(t, err) + assert.Equal(t, cgName, cg.Name) + assert.NotEmpty(t, cg.Uid) + + // Test GetGroupByName + name := cg.Name + cg, err = apiClient.GetNfsClientGroupByName(context.Background(), name) + assert.NoError(t, err) + assert.Equal(t, cgName, cg.Name) + assert.NotEmpty(t, cg.Uid) + + // Test Delete + r := &NfsClientGroupDeleteRequest{Uid: cg.Uid} + err = apiClient.DeleteNfsClientGroup(context.Background(), r) + assert.NoError(t, err) + err = apiClient.GetNfsClientGroups(context.Background(), &clientGroups) + assert.NoError(t, err) + for _, r := range clientGroups { + if r.Uid == cg.Uid { + t.Errorf("Failed to delete group") + } + } +} + +func TestEnsureCsiPluginNfsClientGroup(t *testing.T) { + apiClient := GetApiClientForTest(t) + result, err := apiClient.EnsureCsiPluginNfsClientGroup(context.Background()) + assert.NoError(t, err) + assert.NotNil(t, result) +} + +func TestNfsClientGroupRules(t *testing.T) { + apiClient := GetApiClientForTest(t) + cg, err := apiClient.EnsureCsiPluginNfsClientGroup(context.Background()) + assert.NoError(t, err) + assert.NotNil(t, cg) + + // Test Create + r := &NfsClientGroupRule{} + //r2 := &NfsClientGroupRule{} + + req1 := NewNfsClientGroupRuleCreateRequest(cg.Uid, NfsClientGroupRuleTypeIP, "192.168.1.1") + req2 := NewNfsClientGroupRuleCreateRequest(cg.Uid, NfsClientGroupRuleTypeIP, "192.168.2.0/24") + req3 := NewNfsClientGroupRuleCreateRequest(cg.Uid, NfsClientGroupRuleTypeIP, "192.168.3.0/255.255.255.255") + req4 := NewNfsClientGroupRuleCreateRequest(cg.Uid, NfsClientGroupRuleTypeDNS, "test-hostname") +outerLoop: + for _, req := range []*NfsClientGroupRuleCreateRequest{req1, req2, req3, req4} { + for _, rule := range cg.Rules { + if rule.Type == req.Type && rule.Rule == req.AsRule() { + continue outerLoop + } + } + assert.NotNil(t, req) + //req2 := &NfsClientGroupRuleCreateRequest{Type: NfsClientGroupRuleTypeDNS, Hostname: "test-hostname", NfsClientGroupUid: cg.Uid} + + err = apiClient.CreateNfsClientGroupRule(context.Background(), req, r) + assert.NoError(t, err) + } + rules := &[]NfsClientGroupRule{} + err = apiClient.GetNfsClientGroupRules(context.Background(), rules) + assert.NoError(t, err) + assert.NotEmpty(t, rules) + for _, rule := range *rules { + assert.NotEmpty(t, rule.Uid) + assert.NotEmpty(t, rule.Type) + assert.NotEmpty(t, rule.Rule) + assert.NotEmpty(t, rule.Id) + } +} + +func TestNfsEnsureNfsPermissions(t *testing.T) { + apiClient := GetApiClientForTest(t) + + // Test EnsureNfsPermission + err := apiClient.EnsureNfsPermissions(context.Background(), "172.16.5.147", "default") + assert.NoError(t, err) +} + +func TestInterfaceGroup(t *testing.T) { + apiClient := GetApiClientForTest(t) + + var igs []InterfaceGroup + var ig = &InterfaceGroup{ + Uid: uuid.New(), + } + // Test GetApiUrl + assert.NotEmpty(t, ig.GetApiUrl(apiClient)) + assert.Contains(t, ig.GetApiUrl(apiClient), ig.Uid.String()) + + // Test EQ + ig1 := &InterfaceGroup{ + Name: "test", + } + + ig2 := &InterfaceGroup{ + Name: "test", + } + assert.True(t, ig1.EQ(ig2)) + + // Test GetBasePath + assert.NotEmpty(t, ig.GetBasePath(apiClient)) + + // Test Create + // Test GetGroups + err := apiClient.GetInterfaceGroups(context.Background(), &igs) + assert.NoError(t, err) + assert.NotEmpty(t, igs) + assert.NotEmpty(t, igs[0].Ips) + // + //// Test GetGroupByUid + //uid := ig.Uid + //err = apiClient.GetInterfaceGroupByUid(context.Background(), uid, ig) + //assert.NoError(t, err) + //assert.Equal(t, igName, ig.Name) + //assert.NotEmpty(t, ig.Uid) + // + //// Test GetGroupByName + //name := ig.Name + //ig, err = apiClient.GetInterfaceGroupByName(context.Background(), name) + //assert.NoError(t, err) + //assert.Equal(t, igName, ig.Name) + //assert.NotEmpty(t, ig.Uid) + // + //// Test Delete + //r := &InterfaceGroupDeleteRequest{Uid: ig.Uid} + //err = apiClient.DeleteInterfaceGroup(context.Background(), r) + //assert.NoError(t, err) + //err = apiClient.GetInterfaceGroups(context.Background(), &igs) + //assert.NoError(t, err) + //for _, r := range igs { + // if r.Uid == ig.Uid { + // t.Errorf("Failed to delete group") + // } + //} +} diff --git a/pkg/wekafs/apiclient/utils.go b/pkg/wekafs/apiclient/utils.go index 3b4cbde29..481beac8c 100644 --- a/pkg/wekafs/apiclient/utils.go +++ b/pkg/wekafs/apiclient/utils.go @@ -57,13 +57,14 @@ func hashString(s string, n int) int { type Network struct { IP net.IP Subnet *net.IP - IsCIDR bool +} + +func (n *Network) AsNfsRule() string { + return fmt.Sprintf("%s/%s", n.IP.String(), n.Subnet.String()) } func parseNetworkString(s string) (*Network, error) { var ip, subnet net.IP - var isCIDR bool - if strings.Contains(s, "/") { parts := strings.Split(s, "/") if len(parts) != 2 { @@ -71,21 +72,21 @@ func parseNetworkString(s string) (*Network, error) { } ip = net.ParseIP(parts[0]) subnet = net.ParseIP(parts[1]) - isCIDR = true + if subnet == nil { + _, ipNet, err := net.ParseCIDR(s) + if err != nil { + return nil, fmt.Errorf("invalid CIDR notation: %s", s) + } + subnet = net.IP(ipNet.Mask) + } } else { ip = net.ParseIP(s) - subnet = nil - isCIDR = false - } - - if ip == nil { - return nil, fmt.Errorf("invalid IP address: %s", s) + subnet = net.ParseIP("255.255.255.255") } return &Network{ IP: ip, Subnet: &subnet, - IsCIDR: isCIDR, }, nil } @@ -95,15 +96,11 @@ func (n *Network) ContainsIPAddress(ipStr string) bool { return false } - if n.IsCIDR { - _, ipNet, err := net.ParseCIDR(fmt.Sprintf("%s/%s", n.IP.String(), n.Subnet.String())) - if err != nil { - return false - } - return ipNet.Contains(ip) + _, ipNet, err := net.ParseCIDR(fmt.Sprintf("%s/%s", n.IP.String(), n.Subnet.String())) + if err != nil { + return false } - - return n.IP.Equal(ip) + return ipNet.Contains(ip) } func GetNodeIpAddress() string { diff --git a/pkg/wekafs/nfsmount.go b/pkg/wekafs/nfsmount.go index 317c0ba30..284dbceed 100644 --- a/pkg/wekafs/nfsmount.go +++ b/pkg/wekafs/nfsmount.go @@ -129,8 +129,7 @@ func (m *nfsMount) doMount(ctx context.Context, apiClient *apiclient.ApiClient, } nodeIP := apiclient.GetNodeIpAddress() - nodeIpNetString := fmt.Sprintf("%s/32", nodeIP) - if apiClient.EnsureNfsPermissions(ctx, nodeIpNetString, m.fsName) != nil { + if apiClient.EnsureNfsPermissions(ctx, nodeIP, m.fsName) != nil { logger.Error().Msg("Failed to ensure NFS permissions") return errors.New("failed to ensure NFS permissions") } From 0d45b554ac738838fe77cebcec1eef0d7079aaf3 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Sun, 1 Sep 2024 10:35:44 +0300 Subject: [PATCH 19/75] feat(CSI-213): provide interface group name in helm chart --- .../controllerserver-statefulset.yaml | 3 ++ .../nodeserver-daemonset-selinux.yaml | 0 .../templates/nodeserver-daemonset.yaml | 3 ++ charts/csi-wekafsplugin/values.yaml | 2 + cmd/wekafsplugin/main.go | 2 + pkg/wekafs/apiclient/apiclient.go | 3 +- pkg/wekafs/apiclient/interfacegroup.go | 39 ++++++++++++++----- pkg/wekafs/driverconfig.go | 13 +++++++ pkg/wekafs/nfsmount.go | 21 +++++----- pkg/wekafs/nfsmounter.go | 25 ++++++------ 10 files changed, 79 insertions(+), 32 deletions(-) delete mode 100644 charts/csi-wekafsplugin/templates/nodeserver-daemonset-selinux.yaml diff --git a/charts/csi-wekafsplugin/templates/controllerserver-statefulset.yaml b/charts/csi-wekafsplugin/templates/controllerserver-statefulset.yaml index f67ff983a..ba6e27e01 100755 --- a/charts/csi-wekafsplugin/templates/controllerserver-statefulset.yaml +++ b/charts/csi-wekafsplugin/templates/controllerserver-statefulset.yaml @@ -221,6 +221,9 @@ spec: {{- if .Values.pluginConfig.mountProtocol.allowNfsFailback | default false }} - "--allownfsfailback" {{- end }} + {{- if .Values.pluginConfig.mountProtocol.interfaceGroupName }} + - "--interfacegroupname={{ .Values.pluginConfig.mountProtocol.interfaceGroupName }}" + {{- end }} ports: - containerPort: 9898 name: healthz diff --git a/charts/csi-wekafsplugin/templates/nodeserver-daemonset-selinux.yaml b/charts/csi-wekafsplugin/templates/nodeserver-daemonset-selinux.yaml deleted file mode 100644 index e69de29bb..000000000 diff --git a/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml b/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml index 5e6ae96f9..77fab804b 100644 --- a/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml +++ b/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml @@ -112,6 +112,9 @@ spec: {{- if .Values.pluginConfig.mountProtocol.allowNfsFailback | default false }} - "--allownfsfailback" {{- end }} + {{- if .Values.pluginConfig.mountProtocol.interfaceGroupName }} + - "--interfacegroupname={{ .Values.pluginConfig.mountProtocol.interfaceGroupName }}" + {{- end }} ports: - containerPort: 9899 name: healthz diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index a520c7ad5..57c6248b7 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -145,5 +145,7 @@ pluginConfig: useNfs: false # -- Allow Failback to NFS transport if Weka client fails to mount filesystem using native protocol allowNfsFailback: false + # -- Specify name of NFS interface group to use for mounting Weka filesystems. If not set, first NFS interface group will be used + interfaceGroupName: "" diff --git a/cmd/wekafsplugin/main.go b/cmd/wekafsplugin/main.go index 05c7cba37..df393ee2e 100644 --- a/cmd/wekafsplugin/main.go +++ b/cmd/wekafsplugin/main.go @@ -93,6 +93,7 @@ var ( allowProtocolContainers = flag.Bool("allowprotocolcontainers", false, "Allow protocol containers to be used for mounting filesystems") allowNfsFailback = flag.Bool("allownfsfailback", false, "Allow NFS failback") useNfs = flag.Bool("usenfs", false, "Use NFS for mounting volumes") + interfaceGroupName = flag.String("interfacegroupname", "", "Name of the NFS interface group to use for mounting volumes") // Set by the build process version = "" ) @@ -221,6 +222,7 @@ func handle() { *allowProtocolContainers, *allowNfsFailback, *useNfs, + *interfaceGroupName, ) driver, err := wekafs.NewWekaFsDriver( *driverName, *nodeID, *endpoint, *maxVolumesPerNode, version, *debugPath, csiMode, *selinuxSupport, config) diff --git a/pkg/wekafs/apiclient/apiclient.go b/pkg/wekafs/apiclient/apiclient.go index 8fe64db26..5aff66973 100644 --- a/pkg/wekafs/apiclient/apiclient.go +++ b/pkg/wekafs/apiclient/apiclient.go @@ -64,7 +64,7 @@ type ApiClient struct { CompatibilityMap *WekaCompatibilityMap clientHash uint32 hostname string - NfsInterfaceGroup *InterfaceGroup + NfsInterfaceGroups map[string]*InterfaceGroup } type ApiEndPoint struct { @@ -120,6 +120,7 @@ func NewApiClient(ctx context.Context, credentials Credentials, allowInsecureHtt CompatibilityMap: &WekaCompatibilityMap{}, hostname: hostname, actualApiEndpoints: make(map[string]*ApiEndPoint), + NfsInterfaceGroups: make(map[string]*InterfaceGroup), } a.resetDefaultEndpoints(ctx) diff --git a/pkg/wekafs/apiclient/interfacegroup.go b/pkg/wekafs/apiclient/interfacegroup.go index 747edd9c6..02ae12299 100644 --- a/pkg/wekafs/apiclient/interfacegroup.go +++ b/pkg/wekafs/apiclient/interfacegroup.go @@ -134,31 +134,50 @@ func (a *ApiClient) fetchNfsInterfaceGroup(ctx context.Context, name *string, us if name != nil { for _, ig := range *igs { if ig.Name == *name { - a.NfsInterfaceGroup = &ig + a.NfsInterfaceGroups[*name] = &ig } } } else if useDefault { - a.NfsInterfaceGroup = &(*igs)[0] + a.NfsInterfaceGroups["default"] = &(*igs)[0] } - if len(a.NfsInterfaceGroup.Ips) == 0 { + + ig := &InterfaceGroup{} + if name != nil { + ig = a.NfsInterfaceGroups[*name] + } else { + ig = a.NfsInterfaceGroups["default"] + } + if ig == nil { + return errors.New("no nfs interface group found") + } + + if len(ig.Ips) == 0 { return errors.New("no IP addresses found for nfs interface group") } // Make sure the IPs are always sorted - sort.Strings(a.NfsInterfaceGroup.Ips) + sort.Strings(ig.Ips) return nil } -func (a *ApiClient) GetNfsInterfaceGroup(ctx context.Context) *InterfaceGroup { - if a.NfsInterfaceGroup == nil { - _ = a.fetchNfsInterfaceGroup(ctx, nil, true) +func (a *ApiClient) GetNfsInterfaceGroup(ctx context.Context, name *string) *InterfaceGroup { + igName := "default" + if name != nil { + igName = *name + } + _, ok := a.NfsInterfaceGroups[igName] + if !ok { + err := a.fetchNfsInterfaceGroup(ctx, name, true) + if err != nil { + return nil + } } - return a.NfsInterfaceGroup + return a.NfsInterfaceGroups[igName] } // GetNfsMountIp returns the IP address of the NFS interface group to be used for NFS mount // TODO: need to do it much more sophisticated way to distribute load -func (a *ApiClient) GetNfsMountIp(ctx context.Context) (string, error) { - ig := a.GetNfsInterfaceGroup(ctx) +func (a *ApiClient) GetNfsMountIp(ctx context.Context, interfaceGroupName *string) (string, error) { + ig := a.GetNfsInterfaceGroup(ctx, interfaceGroupName) if ig == nil { return "", errors.New("no NFS interface group found") } diff --git a/pkg/wekafs/driverconfig.go b/pkg/wekafs/driverconfig.go index d96f68201..d88391830 100644 --- a/pkg/wekafs/driverconfig.go +++ b/pkg/wekafs/driverconfig.go @@ -35,9 +35,14 @@ type DriverConfig struct { allowProtocolContainers bool allowNfsFailback bool useNfs bool + interfaceGroupName *string } func (dc *DriverConfig) Log() { + igName := "<>" + if dc.interfaceGroupName != nil { + igName = *dc.interfaceGroupName + } log.Info().Str("dynamic_vol_path", dc.DynamicVolPath). Str("volume_prefix", dc.VolumePrefix).Str("snapshot_prefix", dc.SnapshotPrefix).Str("seed_snapshot_prefix", dc.SnapshotPrefix). Bool("allow_auto_fs_creation", dc.allowAutoFsCreation).Bool("allow_auto_fs_expansion", dc.allowAutoFsExpansion). @@ -55,6 +60,7 @@ func (dc *DriverConfig) Log() { Bool("allow_protocol_containers", dc.allowProtocolContainers). Bool("allow_nfs_failback", dc.allowNfsFailback). Bool("use_nfs", dc.useNfs). + Str("interface_group_name", igName). Msg("Starting driver with the following configuration") } @@ -66,6 +72,7 @@ func NewDriverConfig(dynamicVolPath, VolumePrefix, SnapshotPrefix, SeedSnapshotP grpcRequestTimeoutSeconds int, allowProtocolContainers bool, allowNfsFailback, useNfs bool, + interfaceGroupName string, ) *DriverConfig { var MutuallyExclusiveMountOptions []mutuallyExclusiveMountOptionSet @@ -88,6 +95,11 @@ func NewDriverConfig(dynamicVolPath, VolumePrefix, SnapshotPrefix, SeedSnapshotP concurrency["NodePublishVolume"] = maxNodePublishVolumeReqs concurrency["NodeUnpublishVolume"] = maxNodeUnpublishVolumeReqs + igName := &[]string{interfaceGroupName}[0] + if interfaceGroupName == "" { + igName = nil + } + return &DriverConfig{ DynamicVolPath: dynamicVolPath, VolumePrefix: VolumePrefix, @@ -107,6 +119,7 @@ func NewDriverConfig(dynamicVolPath, VolumePrefix, SnapshotPrefix, SeedSnapshotP allowProtocolContainers: allowProtocolContainers, allowNfsFailback: allowNfsFailback, useNfs: useNfs, + interfaceGroupName: igName, } } diff --git a/pkg/wekafs/nfsmount.go b/pkg/wekafs/nfsmount.go index 284dbceed..a57266374 100644 --- a/pkg/wekafs/nfsmount.go +++ b/pkg/wekafs/nfsmount.go @@ -14,15 +14,16 @@ import ( ) type nfsMount struct { - fsName string - mountPoint string - refCount int - lock sync.Mutex - kMounter mount.Interface - debugPath string - mountOptions MountOptions - lastUsed time.Time - mountIpAddress string + fsName string + mountPoint string + refCount int + lock sync.Mutex + kMounter mount.Interface + debugPath string + mountOptions MountOptions + lastUsed time.Time + mountIpAddress string + interfaceGroupName *string } func (m *nfsMount) getMountPoint() string { @@ -106,7 +107,7 @@ func (m *nfsMount) doUnmount(ctx context.Context) error { func (m *nfsMount) ensureMountIpAddress(ctx context.Context, apiClient *apiclient.ApiClient) error { if m.mountIpAddress == "" { - ip, err := apiClient.GetNfsMountIp(ctx) + ip, err := apiClient.GetNfsMountIp(ctx, m.interfaceGroupName) if err != nil { return err } diff --git a/pkg/wekafs/nfsmounter.go b/pkg/wekafs/nfsmounter.go index 04963267b..d969c1989 100644 --- a/pkg/wekafs/nfsmounter.go +++ b/pkg/wekafs/nfsmounter.go @@ -10,12 +10,13 @@ import ( ) type nfsMounter struct { - mountMap mountsMap - lock sync.Mutex - kMounter mount.Interface - debugPath string - selinuxSupport *bool - gc *innerPathVolGc + mountMap mountsMap + lock sync.Mutex + kMounter mount.Interface + debugPath string + selinuxSupport *bool + gc *innerPathVolGc + interfaceGroupName *string } func (m *nfsMounter) getGarbageCollector() *innerPathVolGc { @@ -31,6 +32,7 @@ func newNfsMounter(driver *WekaFsDriver) *nfsMounter { mounter := &nfsMounter{mountMap: mountsMap{}, debugPath: driver.debugPath, selinuxSupport: selinuxSupport} mounter.gc = initInnerPathVolumeGc(mounter) mounter.schedulePeriodicMountGc() + mounter.interfaceGroupName = driver.config.interfaceGroupName return mounter } @@ -46,11 +48,12 @@ func (m *nfsMounter) NewMount(fsName string, options MountOptions) AnyMount { if _, ok := m.mountMap[fsName][options.String()]; !ok { uniqueId := getStringSha1AsB32(fsName + ":" + options.String()) wMount := &nfsMount{ - kMounter: m.kMounter, - fsName: fsName, - debugPath: m.debugPath, - mountPoint: "/run/weka-fs-mounts/" + getAsciiPart(fsName, 64) + "-" + uniqueId, - mountOptions: options, + kMounter: m.kMounter, + fsName: fsName, + debugPath: m.debugPath, + mountPoint: "/run/weka-fs-mounts/" + getAsciiPart(fsName, 64) + "-" + uniqueId, + mountOptions: options, + interfaceGroupName: m.interfaceGroupName, } m.mountMap[fsName][options.String()] = wMount } From ca438ab7899c610bdd7b6c95ba24ec712e9692e6 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Mon, 2 Sep 2024 11:58:13 +0300 Subject: [PATCH 20/75] fix(CSI-213): distinguish mount failures by error type. --- pkg/wekafs/nfsmount.go | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/pkg/wekafs/nfsmount.go b/pkg/wekafs/nfsmount.go index a57266374..170a2ba3e 100644 --- a/pkg/wekafs/nfsmount.go +++ b/pkg/wekafs/nfsmount.go @@ -9,6 +9,7 @@ import ( "k8s.io/mount-utils" "os" "path/filepath" + "strings" "sync" "time" ) @@ -144,9 +145,24 @@ func (m *nfsMount) doMount(ctx context.Context, apiClient *apiclient.ApiClient, logger.Trace(). Strs("mount_options", m.mountOptions.Strings()). Str("mount_target", mountTarget). - Fields(mountOptions). Msg("Performing mount") - return m.kMounter.MountSensitive(mountTarget, m.mountPoint, "nfs", mountOptions.Strings(), mountOptionsSensitive) + err := m.kMounter.MountSensitive(mountTarget, m.mountPoint, "nfs", mountOptions.Strings(), mountOptionsSensitive) + if err != nil { + if os.IsNotExist(err) { + logger.Error().Err(err).Msg("Mount target not found") + } else if os.IsPermission(err) { + logger.Error().Err(err).Msg("Mount failed due to permissions issue") + return err + } else if strings.Contains(err.Error(), "invalid argument") { + logger.Error().Err(err).Msg("Mount failed due to invalid argument") + return err + } else { + logger.Error().Err(err).Msg("Mount failed due to unknown issue") + } + return err + } + logger.Trace().Msg("Mounted successfully") + return nil } else { fakePath := filepath.Join(m.debugPath, m.fsName) if err := os.MkdirAll(fakePath, DefaultVolumePermissions); err != nil { From d2e2477a4af99e4c622bae63d639c83fec138b0c Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Mon, 2 Sep 2024 15:12:19 +0300 Subject: [PATCH 21/75] fix(CSI-213): enforce hostNetwork on node when using NFS incl SCC --- .../templates/nodeserver-daemonset.yaml | 4 ++-- .../nodeserver-security-context-constraint.yaml | 2 +- charts/csi-wekafsplugin/values.yaml | 2 +- pkg/wekafs/apiclient/interfacegroup.go | 14 ++++++++++---- 4 files changed, 14 insertions(+), 8 deletions(-) diff --git a/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml b/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml index 77fab804b..240d6f944 100644 --- a/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml +++ b/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml @@ -39,8 +39,8 @@ spec: {{- if .Values.priorityClassName }} priorityClassName: {{ .Values.priorityClassName }} {{- end }} - {{- if .Values.hostNetwork }} - hostNetwork: {{ .Values.hostNetwork }} + {{- if or .Values.hostNetwork .Values.pluginConfig.mountProtocol.useNfs .Values.pluginConfig.mountProtocol.allowNfsFailback}} + hostNetwork: true {{- end }} initContainers: - name: init diff --git a/charts/csi-wekafsplugin/templates/nodeserver-security-context-constraint.yaml b/charts/csi-wekafsplugin/templates/nodeserver-security-context-constraint.yaml index 1334e7c9d..153a3c4db 100644 --- a/charts/csi-wekafsplugin/templates/nodeserver-security-context-constraint.yaml +++ b/charts/csi-wekafsplugin/templates/nodeserver-security-context-constraint.yaml @@ -6,7 +6,7 @@ metadata: allowPrivilegedContainer: true allowHostDirVolumePlugin: true -{{- if .Values.hostNetwork }} +{{- if or .Values.hostNetwork .Values.pluginConfig.mountProtocol.allowNfsFailback .Values.pluginConfig.mountProtocol.useNfs }} allowHostNetwork: true {{- end }} allowedVolumeTypes: diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index 57c6248b7..1aa3befd2 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -107,7 +107,7 @@ metrics: # -- Tracing URL (For Jaeger tracing engine / OpenTelemetry), optional # @ignore tracingUrl: "" -# -- Set to true to use host networking +# -- Set to true to use host networking. Will be always set to true when using NFS mount protocol hostNetwork: false pluginConfig: # -- CSI Driver support for fsGroupPolicy, may be either "File" or "None". Default is "File" diff --git a/pkg/wekafs/apiclient/interfacegroup.go b/pkg/wekafs/apiclient/interfacegroup.go index 02ae12299..c4c181abe 100644 --- a/pkg/wekafs/apiclient/interfacegroup.go +++ b/pkg/wekafs/apiclient/interfacegroup.go @@ -5,6 +5,7 @@ import ( "errors" "fmt" "github.com/google/uuid" + "github.com/rs/zerolog/log" "k8s.io/helm/pkg/urlutil" "os" "sort" @@ -72,7 +73,11 @@ func (i *InterfaceGroup) isSmb() bool { // This is useful for NFS mount, where we need to have same IP address for same server // TODO: this could be further optimized in future to avoid a situation where multiple servers are not evenly distributed // and some IPs are getting more load than others. Could be done, for example, by random selection of IP address etc. -func (i *InterfaceGroup) GetIpAddress() (string, error) { +func (i *InterfaceGroup) GetIpAddress(ctx context.Context) (string, error) { + logger := log.Ctx(ctx) + if i == nil { + return "", errors.New("interface group is nil") + } if len(i.Ips) == 0 { return "", errors.New("no IP addresses found for interface group") } @@ -83,8 +88,9 @@ func (i *InterfaceGroup) GetIpAddress() (string, error) { if hostname == "" { hostname = "localhost" } - - return i.Ips[hashString(hostname, len(i.Ips))], nil + idx := hashString(hostname, len(i.Ips)) + logger.Debug().Int("index", idx).Str("hostname", hostname).Int("ips", len(i.Ips)).Msg("Selected IP address based on hostname") + return i.Ips[idx], nil } func (a *ApiClient) GetInterfaceGroups(ctx context.Context, interfaceGroups *[]InterfaceGroup) error { @@ -185,5 +191,5 @@ func (a *ApiClient) GetNfsMountIp(ctx context.Context, interfaceGroupName *strin return "", errors.New("no IP addresses found for NFS interface group") } - return ig.GetIpAddress() + return ig.GetIpAddress(ctx) } From 14f1701910daeccc85ca6eb2484789ae87e5fc7d Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Mon, 2 Sep 2024 17:21:09 +0300 Subject: [PATCH 22/75] fix(CSI-213): refactor hashing function to always return positive numbers --- pkg/wekafs/apiclient/utils.go | 20 +++++++++++++++----- pkg/wekafs/apiclient/utils_test.go | 29 +++++++++++++++++++++++++++++ 2 files changed, 44 insertions(+), 5 deletions(-) create mode 100644 pkg/wekafs/apiclient/utils_test.go diff --git a/pkg/wekafs/apiclient/utils.go b/pkg/wekafs/apiclient/utils.go index 481beac8c..a96cedf0d 100644 --- a/pkg/wekafs/apiclient/utils.go +++ b/pkg/wekafs/apiclient/utils.go @@ -3,6 +3,7 @@ package apiclient import ( "fmt" "github.com/rs/zerolog/log" + "hash/fnv" "net" "os" "reflect" @@ -46,12 +47,21 @@ func ObjectRequestHasRequiredFields(o ApiObjectRequest) bool { // hashString is a simple hash function that takes a string and returns a hash value in the range [0, n) func hashString(s string, n int) int { - const prime = 31 - hash := 0 - for _, char := range s { - hash = hash*prime + int(char) + if n == 0 { + return 0 } - return hash % n + + // Create a new FNV-1a hash + h := fnv.New32a() + + // Write the string to the hash + _, _ = h.Write([]byte(s)) + + // Get the hash sum as a uint32 + hashValue := h.Sum32() + + // Return the hash value in the range of [0, n) + return int(hashValue % uint32(n)) } type Network struct { diff --git a/pkg/wekafs/apiclient/utils_test.go b/pkg/wekafs/apiclient/utils_test.go new file mode 100644 index 000000000..ede39534c --- /dev/null +++ b/pkg/wekafs/apiclient/utils_test.go @@ -0,0 +1,29 @@ +package apiclient + +import ( + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestHashString(t *testing.T) { + testCases := []struct { + input string + n int + expected int + }{ + {"test", 10, 5}, + {"example", 10, 9}, + {"hash", 10, 1}, + {"string", 10, 8}, + {"", 10, 1}, + {"osi415-zbjgk-worker-0-t6g55", 10, 5}, + } + + for _, tc := range testCases { + t.Run(tc.input, func(t *testing.T) { + result := hashString(tc.input, tc.n) + assert.Equal(t, tc.expected, result) + }) + } +} From 9e3a315bbfffcef5855f9031239172126e031a16 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Mon, 2 Sep 2024 18:05:28 +0300 Subject: [PATCH 23/75] fix(CSI-213): minimize logs for ids.Probe() --- pkg/wekafs/identityserver.go | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/pkg/wekafs/identityserver.go b/pkg/wekafs/identityserver.go index a849a69b9..132cf746d 100644 --- a/pkg/wekafs/identityserver.go +++ b/pkg/wekafs/identityserver.go @@ -80,17 +80,14 @@ func (ids *identityServer) getConfig() *DriverConfig { func (ids *identityServer) Probe(ctx context.Context, req *csi.ProbeRequest) (*csi.ProbeResponse, error) { logger := log.Ctx(ctx) - isReady := ids.getConfig().isInDevMode() || isWekaInstalled() if !isReady { if ids.getConfig().useNfs || ids.getConfig().allowNfsFailback { - logger.Info().Str("op", "Probe").Msg("Weka driver not running on host, but NFS is available") isReady = true } } if !isReady { - logger := log.Ctx(ctx) - logger.Error().Msg("Weka driver not running on host, not ready to perform operations") + logger.Error().Msg("Weka driver not running on host and NFS transport is not configured, not ready to perform operations") } return &csi.ProbeResponse{ Ready: &wrapperspb.BoolValue{ From 10034379edec60418107920ec61c1c2e6c17a8c8 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Sun, 1 Sep 2024 15:01:12 +0300 Subject: [PATCH 24/75] fix(CSI-213): sync_on_close pruning logging improvement --- pkg/wekafs/volume.go | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/pkg/wekafs/volume.go b/pkg/wekafs/volume.go index d21d54961..fe1794d25 100644 --- a/pkg/wekafs/volume.go +++ b/pkg/wekafs/volume.go @@ -88,9 +88,14 @@ func (v *Volume) initMountOptions(ctx context.Context) { func (v *Volume) pruneUnsupportedMountOptions(ctx context.Context) { logger := log.Ctx(ctx) - if v.mountOptions.hasOption(MountOptionSyncOnClose) && (v.apiClient == nil || !v.apiClient.SupportsSyncOnCloseMountOption()) { - logger.Debug().Str("mount_option", MountOptionSyncOnClose).Msg("Mount option not supported by current Weka cluster version and is dropped.") - v.mountOptions = v.mountOptions.RemoveOption(MountOptionSyncOnClose) + if v.mountOptions.hasOption(MountOptionSyncOnClose) { + if v.apiClient != nil && !v.apiClient.SupportsSyncOnCloseMountOption() { + logger.Debug().Str("mount_option", MountOptionSyncOnClose).Msg("Mount option not supported by current Weka cluster version and is dropped.") + v.mountOptions = v.mountOptions.RemoveOption(MountOptionSyncOnClose) + } else if v.apiClient == nil { + logger.Debug().Str("mount_option", MountOptionSyncOnClose).Msg("Cannot determine current Weka cluster version, dropping mount option.") + v.mountOptions = v.mountOptions.RemoveOption(MountOptionSyncOnClose) + } } if v.mountOptions.hasOption(MountOptionReadOnly) { logger.Error().Str("mount_option", MountOptionReadOnly).Msg("Mount option is not supported via custom mount options, use readOnly volume attachments instead") From 1567dbab9be610c19d17e79715a5c08a29e1beb6 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Mon, 2 Sep 2024 12:14:01 +0300 Subject: [PATCH 25/75] fix(CSI-241): add error logging during checking of target path --- pkg/wekafs/nodeserver.go | 1 + 1 file changed, 1 insertion(+) diff --git a/pkg/wekafs/nodeserver.go b/pkg/wekafs/nodeserver.go index 6580dac77..179a62caa 100644 --- a/pkg/wekafs/nodeserver.go +++ b/pkg/wekafs/nodeserver.go @@ -358,6 +358,7 @@ func (ns *NodeServer) NodeUnpublishVolume(ctx context.Context, req *csi.NodeUnpu result = "SUCCESS" return &csi.NodeUnpublishVolumeResponse{}, nil } else { + logger.Error().Err(err).Msg("Failed to check target path") return NodeUnpublishVolumeError(ctx, codes.Internal, "unexpected situation, please contact support") } From 3c574985f99f3fd69ce7a41a9b64584446e37479 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Wed, 11 Sep 2024 14:10:38 +0300 Subject: [PATCH 26/75] fix(CSI-241): make controllerServer also use hostNetwork for NFS --- .../controllerserver-security-context-constraint.yaml | 4 ++-- .../templates/controllerserver-statefulset.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/csi-wekafsplugin/templates/controllerserver-security-context-constraint.yaml b/charts/csi-wekafsplugin/templates/controllerserver-security-context-constraint.yaml index c9bcb02d8..8a463f6cb 100644 --- a/charts/csi-wekafsplugin/templates/controllerserver-security-context-constraint.yaml +++ b/charts/csi-wekafsplugin/templates/controllerserver-security-context-constraint.yaml @@ -6,14 +6,14 @@ metadata: allowPrivilegedContainer: true allowHostDirVolumePlugin: true -{{- if .Values.hostNetwork }} +{{- if or .Values.hostNetwork .Values.pluginConfig.mountProtocol.allowNfsFailback .Values.pluginConfig.mountProtocol.useNfs }} allowHostNetwork: true {{- end }} allowedVolumeTypes: - hostPath - secret readOnlyRootFilesystem: false - +allowHostPorts: true runAsUser: type: RunAsAny seLinuxContext: diff --git a/charts/csi-wekafsplugin/templates/controllerserver-statefulset.yaml b/charts/csi-wekafsplugin/templates/controllerserver-statefulset.yaml index ba6e27e01..fbbdcf93a 100755 --- a/charts/csi-wekafsplugin/templates/controllerserver-statefulset.yaml +++ b/charts/csi-wekafsplugin/templates/controllerserver-statefulset.yaml @@ -30,8 +30,8 @@ spec: nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8}} {{- end }} serviceAccountName: {{ .Release.Name }}-controller - {{- if .Values.hostNetwork }} - hostNetwork: {{ .Values.hostNetwork }} + {{- if or .Values.hostNetwork .Values.pluginConfig.mountProtocol.useNfs .Values.pluginConfig.mountProtocol.allowNfsFailback}} + hostNetwork: true {{- end }} containers: - name: csi-attacher From cc176e44bd6ecf6a047311f6149fc875edb3af40 Mon Sep 17 00:00:00 2001 From: Weka CSI Bot Date: Thu, 12 Sep 2024 10:37:31 +0000 Subject: [PATCH 27/75] chore: autopublish 2024-09-12T10:37:31Z --- README.md | 11 +++++++---- charts/csi-wekafsplugin/Chart.yaml | 4 ++-- charts/csi-wekafsplugin/README.md | 11 +++++++---- charts/csi-wekafsplugin/values.schema.json | 14 ++++++++++++++ charts/csi-wekafsplugin/values.yaml | 4 +--- 5 files changed, 31 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index cc31777e7..9082df3c6 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # CSI WekaFS Driver Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for WekaFS - the world fastest filesystem -![Version: 2.4.2-SNAPSHOT.6.8455a9b](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.6.8455a9b-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.6.8455a9b](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.6.8455a9b-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.28.d581918](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.28.d581918-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.28.d581918](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.28.d581918-informational?style=flat-square) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) @@ -43,7 +43,7 @@ make build |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.6.8455a9b"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.28.d581918"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -52,7 +52,7 @@ make build | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.6.8455a9b"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.28.d581918"` | CSI driver tag | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | | nodePluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI node component only (by default same as global) | @@ -80,7 +80,7 @@ make build | metrics.provisionerPort | int | `9091` | Provisioner metrics port | | metrics.resizerPort | int | `9092` | Resizer metrics port | | metrics.snapshotterPort | int | `9093` | Snapshotter metrics port | -| hostNetwork | bool | `false` | Set to true to use host networking | +| hostNetwork | bool | `false` | Set to true to use host networking. Will be always set to true when using NFS mount protocol | | pluginConfig.fsGroupPolicy | string | `"File"` | WARNING: Changing this value might require uninstall and re-install of the plugin | | pluginConfig.allowInsecureHttps | bool | `false` | Allow insecure HTTPS (skip TLS certificate verification) | | pluginConfig.objectNaming.volumePrefix | string | `"csivol-"` | Prefix that will be added to names of Weka cluster filesystems / snapshots assocciated with CSI volume, must not exceed 7 symbols. | @@ -91,6 +91,9 @@ make build | pluginConfig.allowedOperations.snapshotDirectoryVolumes | bool | `false` | Create snapshots of legacy (dir/v1) volumes. By default disabled. Note: when enabled, for every legacy volume snapshot, a full filesystem snapshot will be created (wasteful) | | pluginConfig.allowedOperations.snapshotVolumesWithoutQuotaEnforcement | bool | `false` | Allow creation of snapshot-backed volumes even on unsupported Weka cluster versions, off by default Note: On versions of Weka < v4.2 snapshot-backed volume capacity cannot be enforced | | pluginConfig.mutuallyExclusiveMountOptions[0] | string | `"readcache,writecache,coherent,forcedirect"` | | +| pluginConfig.mountProtocol.useNfs | bool | `false` | Use NFS transport for mounting Weka filesystems, off by default | +| pluginConfig.mountProtocol.allowNfsFailback | bool | `false` | Allow Failback to NFS transport if Weka client fails to mount filesystem using native protocol | +| pluginConfig.mountProtocol.interfaceGroupName | string | `""` | Specify name of NFS interface group to use for mounting Weka filesystems. If not set, first NFS interface group will be used | ---------------------------------------------- Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/charts/csi-wekafsplugin/Chart.yaml b/charts/csi-wekafsplugin/Chart.yaml index f6eb6c1fa..1244ead76 100644 --- a/charts/csi-wekafsplugin/Chart.yaml +++ b/charts/csi-wekafsplugin/Chart.yaml @@ -10,8 +10,8 @@ sources: home: https://github.com/weka/csi-wekafs icon: https://weka.github.io/csi-wekafs/logo.png type: application -version: 2.4.2-SNAPSHOT.6.8455a9b -appVersion: v2.4.2-SNAPSHOT.6.8455a9b +version: 2.4.2-SNAPSHOT.28.d581918 +appVersion: v2.4.2-SNAPSHOT.28.d581918 keywords: [storage, filesystem, HPC] annotations: artifacthub.io/category: "storage" diff --git a/charts/csi-wekafsplugin/README.md b/charts/csi-wekafsplugin/README.md index 480bd0975..630bb1841 100644 --- a/charts/csi-wekafsplugin/README.md +++ b/charts/csi-wekafsplugin/README.md @@ -3,7 +3,7 @@ Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) -![Version: 2.4.2-SNAPSHOT.6.8455a9b](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.6.8455a9b-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.6.8455a9b](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.6.8455a9b-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.28.d581918](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.28.d581918-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.28.d581918](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.28.d581918-informational?style=flat-square) ## Homepage https://github.com/weka/csi-wekafs @@ -52,7 +52,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.6.8455a9b"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.28.d581918"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -61,7 +61,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.6.8455a9b"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.28.d581918"` | CSI driver tag | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | | nodePluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI node component only (by default same as global) | @@ -89,7 +89,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs | metrics.provisionerPort | int | `9091` | Provisioner metrics port | | metrics.resizerPort | int | `9092` | Resizer metrics port | | metrics.snapshotterPort | int | `9093` | Snapshotter metrics port | -| hostNetwork | bool | `false` | Set to true to use host networking | +| hostNetwork | bool | `false` | Set to true to use host networking. Will be always set to true when using NFS mount protocol | | pluginConfig.fsGroupPolicy | string | `"File"` | WARNING: Changing this value might require uninstall and re-install of the plugin | | pluginConfig.allowInsecureHttps | bool | `false` | Allow insecure HTTPS (skip TLS certificate verification) | | pluginConfig.objectNaming.volumePrefix | string | `"csivol-"` | Prefix that will be added to names of Weka cluster filesystems / snapshots assocciated with CSI volume, must not exceed 7 symbols. | @@ -100,6 +100,9 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs | pluginConfig.allowedOperations.snapshotDirectoryVolumes | bool | `false` | Create snapshots of legacy (dir/v1) volumes. By default disabled. Note: when enabled, for every legacy volume snapshot, a full filesystem snapshot will be created (wasteful) | | pluginConfig.allowedOperations.snapshotVolumesWithoutQuotaEnforcement | bool | `false` | Allow creation of snapshot-backed volumes even on unsupported Weka cluster versions, off by default Note: On versions of Weka < v4.2 snapshot-backed volume capacity cannot be enforced | | pluginConfig.mutuallyExclusiveMountOptions[0] | string | `"readcache,writecache,coherent,forcedirect"` | | +| pluginConfig.mountProtocol.useNfs | bool | `false` | Use NFS transport for mounting Weka filesystems, off by default | +| pluginConfig.mountProtocol.allowNfsFailback | bool | `false` | Allow Failback to NFS transport if Weka client fails to mount filesystem using native protocol | +| pluginConfig.mountProtocol.interfaceGroupName | string | `""` | Specify name of NFS interface group to use for mounting Weka filesystems. If not set, first NFS interface group will be used | ---------------------------------------------- Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/charts/csi-wekafsplugin/values.schema.json b/charts/csi-wekafsplugin/values.schema.json index 28343d061..6dde95417 100644 --- a/charts/csi-wekafsplugin/values.schema.json +++ b/charts/csi-wekafsplugin/values.schema.json @@ -226,6 +226,20 @@ "fsGroupPolicy": { "type": "string" }, + "mountProtocol": { + "type": "object", + "properties": { + "allowNfsFailback": { + "type": "boolean" + }, + "interfaceGroupName": { + "type": "string" + }, + "useNfs": { + "type": "boolean" + } + } + }, "mutuallyExclusiveMountOptions": { "type": "array", "items": { diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index 1aa3befd2..8bc36d647 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -5,7 +5,7 @@ dynamicProvisionPath: "csi-volumes" # -- Name of the driver (and provisioner) csiDriverName: "csi.weka.io" # -- CSI driver version -csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.6.8455a9b +csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.28.d581918 images: # -- CSI liveness probe sidecar image URL livenessprobesidecar: registry.k8s.io/sig-storage/livenessprobe:v2.12.0 @@ -147,5 +147,3 @@ pluginConfig: allowNfsFailback: false # -- Specify name of NFS interface group to use for mounting Weka filesystems. If not set, first NFS interface group will be used interfaceGroupName: "" - - From e819d25fb6e08ccce471d124ae77d1eae23ff437 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Wed, 11 Sep 2024 15:24:39 +0300 Subject: [PATCH 28/75] fix(CSI-241): conflict in metrics between node and controller --- .../templates/controllerserver-statefulset.yaml | 6 +++--- charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml | 6 +++--- charts/csi-wekafsplugin/values.yaml | 6 ++++-- 3 files changed, 10 insertions(+), 8 deletions(-) diff --git a/charts/csi-wekafsplugin/templates/controllerserver-statefulset.yaml b/charts/csi-wekafsplugin/templates/controllerserver-statefulset.yaml index fbbdcf93a..9b1a9170f 100755 --- a/charts/csi-wekafsplugin/templates/controllerserver-statefulset.yaml +++ b/charts/csi-wekafsplugin/templates/controllerserver-statefulset.yaml @@ -23,7 +23,7 @@ spec: annotations: prometheus.io/scrape: 'true' prometheus.io/path: '/metrics' - prometheus.io/port: '{{ .Values.metrics.port | default 9090 }}' + prometheus.io/port: '{{ .Values.metrics.controllerPort | default 9090 }},{{ .Values.metrics.provisionerPort | default 9091 }},{{ .Values.metrics.resizerPort | default 9092 }},{{ .Values.metrics.snapshotterPort | default 9093 }}' {{- end }} spec: {{- if .Values.nodeSelector }} @@ -192,7 +192,7 @@ spec: {{- end }} {{- if .Values.metrics.enabled }} - "--enablemetrics" - - "--metricsport={{ .Values.metrics.port | default 9090 }}" + - "--metricsport={{ .Values.metrics.controllerPort | default 9090 }}" {{- end }} {{- if .Values.pluginConfig.allowInsecureHttps }} - "--allowinsecurehttps" @@ -229,7 +229,7 @@ spec: name: healthz protocol: TCP {{- if .Values.metrics.enabled }} - - containerPort: {{ .Values.metrics.port }} + - containerPort: {{ .Values.metrics.controllerPort | default 9090 }} name: metrics protocol: TCP {{- end }} diff --git a/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml b/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml index 240d6f944..ab5565823 100644 --- a/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml +++ b/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml @@ -17,7 +17,7 @@ spec: annotations: prometheus.io/scrape: 'true' prometheus.io/path: '/metrics' - prometheus.io/port: '{{ .Values.metrics.port | default 9090 }}' + prometheus.io/port: '{{ .Values.metrics.nodePort | default 9090 }}' {{- end }} spec: {{- if (eq .Values.selinuxSupport "mixed")}} @@ -86,7 +86,7 @@ spec: {{- end }} {{- if .Values.metrics.enabled }} - "--enablemetrics" - - "--metricsport={{ .Values.metrics.port | default 9090 }}" + - "--metricsport={{ .Values.metrics.nodePort | default 9090 }}" {{- end }} {{- if .Values.pluginConfig.allowInsecureHttps }} - "--allowinsecurehttps" @@ -120,7 +120,7 @@ spec: name: healthz protocol: TCP {{- if .Values.metrics.enabled }} - - containerPort: {{ .Values.metrics.port }} + - containerPort: {{ .Values.metrics.nodePort }} name: metrics protocol: TCP {{- end }} diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index 8bc36d647..4f4a8997c 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -96,14 +96,16 @@ kubeletPath: "/var/lib/kubelet" metrics: # -- Enable Prometheus Metrics enabled: true - # -- Metrics port - port: 9090 + # -- Metrics port for Controller Server + controllerPort: 9090 # -- Provisioner metrics port provisionerPort: 9091 # -- Resizer metrics port resizerPort: 9092 # -- Snapshotter metrics port snapshotterPort: 9093 + # -- Metrics port for Node Serer + nodePort: 9094 # -- Tracing URL (For Jaeger tracing engine / OpenTelemetry), optional # @ignore tracingUrl: "" From 9f5d1f43549e1da6b94a41e47bd49977d404cc3b Mon Sep 17 00:00:00 2001 From: Weka CSI Bot Date: Thu, 12 Sep 2024 10:56:58 +0000 Subject: [PATCH 29/75] chore: autopublish 2024-09-12T10:56:58Z --- README.md | 9 +++++---- charts/csi-wekafsplugin/Chart.yaml | 4 ++-- charts/csi-wekafsplugin/README.md | 9 +++++---- charts/csi-wekafsplugin/values.schema.json | 5 ++++- charts/csi-wekafsplugin/values.yaml | 2 +- 5 files changed, 17 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index 9082df3c6..6ae898c4f 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # CSI WekaFS Driver Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for WekaFS - the world fastest filesystem -![Version: 2.4.2-SNAPSHOT.28.d581918](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.28.d581918-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.28.d581918](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.28.d581918-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.31.6710087](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.31.6710087-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.31.6710087](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.31.6710087-informational?style=flat-square) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) @@ -43,7 +43,7 @@ make build |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.28.d581918"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.31.6710087"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -52,7 +52,7 @@ make build | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.28.d581918"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.31.6710087"` | CSI driver tag | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | | nodePluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI node component only (by default same as global) | @@ -76,10 +76,11 @@ make build | selinuxNodeLabel | string | `"csi.weka.io/selinux_enabled"` | This label must be set to `"true"` on SELinux-enabled Kubernetes nodes, e.g., to run the node server in secure mode on SELinux-enabled node, the node must have label `csi.weka.io/selinux_enabled="true"` | | kubeletPath | string | `"/var/lib/kubelet"` | kubelet path, in cases Kubernetes is installed not in default folder | | metrics.enabled | bool | `true` | Enable Prometheus Metrics | -| metrics.port | int | `9090` | Metrics port | +| metrics.controllerPort | int | `9090` | Metrics port for Controller Server | | metrics.provisionerPort | int | `9091` | Provisioner metrics port | | metrics.resizerPort | int | `9092` | Resizer metrics port | | metrics.snapshotterPort | int | `9093` | Snapshotter metrics port | +| metrics.nodePort | int | `9094` | Metrics port for Node Serer | | hostNetwork | bool | `false` | Set to true to use host networking. Will be always set to true when using NFS mount protocol | | pluginConfig.fsGroupPolicy | string | `"File"` | WARNING: Changing this value might require uninstall and re-install of the plugin | | pluginConfig.allowInsecureHttps | bool | `false` | Allow insecure HTTPS (skip TLS certificate verification) | diff --git a/charts/csi-wekafsplugin/Chart.yaml b/charts/csi-wekafsplugin/Chart.yaml index 1244ead76..2c86ad814 100644 --- a/charts/csi-wekafsplugin/Chart.yaml +++ b/charts/csi-wekafsplugin/Chart.yaml @@ -10,8 +10,8 @@ sources: home: https://github.com/weka/csi-wekafs icon: https://weka.github.io/csi-wekafs/logo.png type: application -version: 2.4.2-SNAPSHOT.28.d581918 -appVersion: v2.4.2-SNAPSHOT.28.d581918 +version: 2.4.2-SNAPSHOT.31.6710087 +appVersion: v2.4.2-SNAPSHOT.31.6710087 keywords: [storage, filesystem, HPC] annotations: artifacthub.io/category: "storage" diff --git a/charts/csi-wekafsplugin/README.md b/charts/csi-wekafsplugin/README.md index 630bb1841..e7681e12d 100644 --- a/charts/csi-wekafsplugin/README.md +++ b/charts/csi-wekafsplugin/README.md @@ -3,7 +3,7 @@ Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) -![Version: 2.4.2-SNAPSHOT.28.d581918](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.28.d581918-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.28.d581918](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.28.d581918-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.31.6710087](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.31.6710087-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.31.6710087](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.31.6710087-informational?style=flat-square) ## Homepage https://github.com/weka/csi-wekafs @@ -52,7 +52,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.28.d581918"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.31.6710087"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -61,7 +61,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.28.d581918"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.31.6710087"` | CSI driver tag | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | | nodePluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI node component only (by default same as global) | @@ -85,10 +85,11 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs | selinuxNodeLabel | string | `"csi.weka.io/selinux_enabled"` | This label must be set to `"true"` on SELinux-enabled Kubernetes nodes, e.g., to run the node server in secure mode on SELinux-enabled node, the node must have label `csi.weka.io/selinux_enabled="true"` | | kubeletPath | string | `"/var/lib/kubelet"` | kubelet path, in cases Kubernetes is installed not in default folder | | metrics.enabled | bool | `true` | Enable Prometheus Metrics | -| metrics.port | int | `9090` | Metrics port | +| metrics.controllerPort | int | `9090` | Metrics port for Controller Server | | metrics.provisionerPort | int | `9091` | Provisioner metrics port | | metrics.resizerPort | int | `9092` | Resizer metrics port | | metrics.snapshotterPort | int | `9093` | Snapshotter metrics port | +| metrics.nodePort | int | `9094` | Metrics port for Node Serer | | hostNetwork | bool | `false` | Set to true to use host networking. Will be always set to true when using NFS mount protocol | | pluginConfig.fsGroupPolicy | string | `"File"` | WARNING: Changing this value might require uninstall and re-install of the plugin | | pluginConfig.allowInsecureHttps | bool | `false` | Allow insecure HTTPS (skip TLS certificate verification) | diff --git a/charts/csi-wekafsplugin/values.schema.json b/charts/csi-wekafsplugin/values.schema.json index 6dde95417..99cc9166f 100644 --- a/charts/csi-wekafsplugin/values.schema.json +++ b/charts/csi-wekafsplugin/values.schema.json @@ -141,10 +141,13 @@ "metrics": { "type": "object", "properties": { + "controllerPort": { + "type": "integer" + }, "enabled": { "type": "boolean" }, - "port": { + "nodePort": { "type": "integer" }, "provisionerPort": { diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index 4f4a8997c..643c0fe5d 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -5,7 +5,7 @@ dynamicProvisionPath: "csi-volumes" # -- Name of the driver (and provisioner) csiDriverName: "csi.weka.io" # -- CSI driver version -csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.28.d581918 +csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.31.6710087 images: # -- CSI liveness probe sidecar image URL livenessprobesidecar: registry.k8s.io/sig-storage/livenessprobe:v2.12.0 From 2006fdacfedc49044bcd14f3b696f63fca9cc6fb Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Tue, 3 Sep 2024 11:41:08 +0300 Subject: [PATCH 30/75] feat(CSI-244): match subnets if existing in client rule --- pkg/wekafs/apiclient/nfs.go | 12 ++++++++++++ pkg/wekafs/apiclient/nfs_test.go | 30 ++++++++++++++++++++++++++++++ pkg/wekafs/apiclient/utils.go | 26 ++++++++++++++++++++++++-- 3 files changed, 66 insertions(+), 2 deletions(-) diff --git a/pkg/wekafs/apiclient/nfs.go b/pkg/wekafs/apiclient/nfs.go index ec2f9612f..b0617ee38 100644 --- a/pkg/wekafs/apiclient/nfs.go +++ b/pkg/wekafs/apiclient/nfs.go @@ -495,6 +495,15 @@ func (r *NfsClientGroupRule) EQ(other ApiObject) bool { return ObjectsAreEqual(r, other) } +func (r *NfsClientGroupRule) IsSupersetOf(other *NfsClientGroupRule) bool { + if r.IsIPRule() && other.IsIPRule() { + n1 := r.GetNetwork() + n2 := other.GetNetwork() + return n1.ContainsIPAddress(n2.IP.String()) + } + return false +} + func (r *NfsClientGroupRule) getImmutableFields() []string { return []string{"Rule"} } @@ -566,6 +575,9 @@ func (a *ApiClient) FindNfsClientGroupRulesByFilter(ctx context.Context, query * for _, r := range ret { if r.EQ(query) { *resultSet = append(*resultSet, r) + } else if r.IsSupersetOf(query) { + // if we have a rule that covers the IP address by bigger network segment, also add it + *resultSet = append(*resultSet, r) } } return nil diff --git a/pkg/wekafs/apiclient/nfs_test.go b/pkg/wekafs/apiclient/nfs_test.go index 8dd41e2ea..7b363f455 100644 --- a/pkg/wekafs/apiclient/nfs_test.go +++ b/pkg/wekafs/apiclient/nfs_test.go @@ -312,3 +312,33 @@ func TestInterfaceGroup(t *testing.T) { // } //} } + +func TestIsSupersetOf(t *testing.T) { + // Test case 1: IP rule superset + rule1 := &NfsClientGroupRule{ + Type: NfsClientGroupRuleTypeIP, + Rule: "192.168.1.0/24", + } + rule2 := &NfsClientGroupRule{ + Type: NfsClientGroupRuleTypeIP, + Rule: "192.168.1.1", + } + assert.True(t, rule1.IsSupersetOf(rule2)) + + // Test case 2: IP rule not superset + rule3 := &NfsClientGroupRule{ + Type: NfsClientGroupRuleTypeIP, + Rule: "192.168.2.0/24", + } + assert.False(t, rule1.IsSupersetOf(rule3)) + + // Test case 3: Non-IP rule + rule4 := &NfsClientGroupRule{ + Type: NfsClientGroupRuleTypeDNS, + Rule: "example.com", + } + assert.False(t, rule1.IsSupersetOf(rule4)) + + // Test case 4: Same rule + assert.True(t, rule1.IsSupersetOf(rule1)) +} diff --git a/pkg/wekafs/apiclient/utils.go b/pkg/wekafs/apiclient/utils.go index a96cedf0d..56d43376b 100644 --- a/pkg/wekafs/apiclient/utils.go +++ b/pkg/wekafs/apiclient/utils.go @@ -1,6 +1,7 @@ package apiclient import ( + "encoding/binary" "fmt" "github.com/rs/zerolog/log" "hash/fnv" @@ -73,6 +74,24 @@ func (n *Network) AsNfsRule() string { return fmt.Sprintf("%s/%s", n.IP.String(), n.Subnet.String()) } +func (n *Network) GetMaskBits() int { + ip := n.Subnet.To4() + if ip == nil { + return 0 + } + // Count the number of 1 bits + mask := binary.BigEndian.Uint32(ip) + + // Count the number of set bits + cidrBits := 0 + for mask != 0 { + cidrBits += int(mask & 1) + mask >>= 1 + } + + return cidrBits +} + func parseNetworkString(s string) (*Network, error) { var ip, subnet net.IP if strings.Contains(s, "/") { @@ -107,8 +126,11 @@ func (n *Network) ContainsIPAddress(ipStr string) bool { } _, ipNet, err := net.ParseCIDR(fmt.Sprintf("%s/%s", n.IP.String(), n.Subnet.String())) - if err != nil { - return false + if err != nil || ipNet == nil { + _, ipNet, err = net.ParseCIDR(fmt.Sprintf("%s/%d", n.IP.String(), n.GetMaskBits())) + if err != nil || ipNet == nil { + return false + } } return ipNet.Contains(ip) } From 575cb9796a08d883f0bdd99a5740e71dcd812e08 Mon Sep 17 00:00:00 2001 From: Weka CSI Bot Date: Thu, 12 Sep 2024 11:06:58 +0000 Subject: [PATCH 31/75] chore: autopublish 2024-09-12T11:06:58Z --- README.md | 6 +++--- charts/csi-wekafsplugin/Chart.yaml | 4 ++-- charts/csi-wekafsplugin/README.md | 6 +++--- charts/csi-wekafsplugin/values.yaml | 2 +- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 6ae898c4f..ce952b5e8 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # CSI WekaFS Driver Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for WekaFS - the world fastest filesystem -![Version: 2.4.2-SNAPSHOT.31.6710087](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.31.6710087-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.31.6710087](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.31.6710087-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.34.926d473](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.34.926d473-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.34.926d473](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.34.926d473-informational?style=flat-square) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) @@ -43,7 +43,7 @@ make build |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.31.6710087"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.34.926d473"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -52,7 +52,7 @@ make build | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.31.6710087"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.34.926d473"` | CSI driver tag | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | | nodePluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI node component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/Chart.yaml b/charts/csi-wekafsplugin/Chart.yaml index 2c86ad814..5a45e593c 100644 --- a/charts/csi-wekafsplugin/Chart.yaml +++ b/charts/csi-wekafsplugin/Chart.yaml @@ -10,8 +10,8 @@ sources: home: https://github.com/weka/csi-wekafs icon: https://weka.github.io/csi-wekafs/logo.png type: application -version: 2.4.2-SNAPSHOT.31.6710087 -appVersion: v2.4.2-SNAPSHOT.31.6710087 +version: 2.4.2-SNAPSHOT.34.926d473 +appVersion: v2.4.2-SNAPSHOT.34.926d473 keywords: [storage, filesystem, HPC] annotations: artifacthub.io/category: "storage" diff --git a/charts/csi-wekafsplugin/README.md b/charts/csi-wekafsplugin/README.md index e7681e12d..4f22bfe4d 100644 --- a/charts/csi-wekafsplugin/README.md +++ b/charts/csi-wekafsplugin/README.md @@ -3,7 +3,7 @@ Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) -![Version: 2.4.2-SNAPSHOT.31.6710087](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.31.6710087-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.31.6710087](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.31.6710087-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.34.926d473](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.34.926d473-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.34.926d473](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.34.926d473-informational?style=flat-square) ## Homepage https://github.com/weka/csi-wekafs @@ -52,7 +52,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.31.6710087"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.34.926d473"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -61,7 +61,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.31.6710087"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.34.926d473"` | CSI driver tag | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | | nodePluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI node component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index 643c0fe5d..ed99e000b 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -5,7 +5,7 @@ dynamicProvisionPath: "csi-volumes" # -- Name of the driver (and provisioner) csiDriverName: "csi.weka.io" # -- CSI driver version -csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.31.6710087 +csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.34.926d473 images: # -- CSI liveness probe sidecar image URL livenessprobesidecar: registry.k8s.io/sig-storage/livenessprobe:v2.12.0 From 5ef42042edfbba80c26b347c76088e642563f088 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Mon, 2 Sep 2024 11:53:46 +0300 Subject: [PATCH 32/75] fix(CSI-243): service accounts for CSI plugin assume ImagePullSecret and cause error messages. --- .../templates/controllerserver-serviceaccount.yaml | 4 +++- .../csi-wekafsplugin/templates/nodeserver-serviceaccount.yaml | 4 +++- charts/csi-wekafsplugin/values.yaml | 4 ++++ 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/charts/csi-wekafsplugin/templates/controllerserver-serviceaccount.yaml b/charts/csi-wekafsplugin/templates/controllerserver-serviceaccount.yaml index 26a9794bf..aad9fd923 100644 --- a/charts/csi-wekafsplugin/templates/controllerserver-serviceaccount.yaml +++ b/charts/csi-wekafsplugin/templates/controllerserver-serviceaccount.yaml @@ -1,7 +1,9 @@ apiVersion: v1 kind: ServiceAccount +{{- if .Values.imagePullSecret}} imagePullSecrets: - - name: {{ .Release.Name }}-creds + - name: {{ .Values.imagePullSecret }} +{{- end }} metadata: name: {{ .Release.Name }}-controller namespace: {{ .Release.Namespace }} diff --git a/charts/csi-wekafsplugin/templates/nodeserver-serviceaccount.yaml b/charts/csi-wekafsplugin/templates/nodeserver-serviceaccount.yaml index 0e89c8443..c6b620b4d 100644 --- a/charts/csi-wekafsplugin/templates/nodeserver-serviceaccount.yaml +++ b/charts/csi-wekafsplugin/templates/nodeserver-serviceaccount.yaml @@ -1,7 +1,9 @@ apiVersion: v1 kind: ServiceAccount +{{- if .Values.imagePullSecret}} imagePullSecrets: - - name: {{ .Release.Name }}-creds + - name: {{ .Values.imagePullSecret }} +{{- end }} metadata: name: {{ .Release.Name }}-node namespace: {{ .Release.Namespace }} diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index ed99e000b..faa957831 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -25,6 +25,10 @@ images: csidriver: quay.io/weka.io/csi-wekafs # -- CSI driver tag csidriverTag: *csiDriverVersion +# -- image pull secret required for image download. Must have permissions to access all images above. +# Should be used in case of private registry that requires authentication +imagePullSecret: "" + # -- Tolerations for all CSI driver components globalPluginTolerations: &globalPluginTolerations - key: node-role.kubernetes.io/master From 08fc758bb6f8ffeb760169ed862c8ddf0dc3596b Mon Sep 17 00:00:00 2001 From: Weka CSI Bot Date: Thu, 12 Sep 2024 11:17:19 +0000 Subject: [PATCH 33/75] chore: autopublish 2024-09-12T11:17:19Z --- README.md | 7 ++++--- charts/csi-wekafsplugin/Chart.yaml | 4 ++-- charts/csi-wekafsplugin/README.md | 7 ++++--- charts/csi-wekafsplugin/values.schema.json | 3 +++ charts/csi-wekafsplugin/values.yaml | 3 +-- 5 files changed, 14 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index ce952b5e8..721826b94 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # CSI WekaFS Driver Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for WekaFS - the world fastest filesystem -![Version: 2.4.2-SNAPSHOT.34.926d473](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.34.926d473-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.34.926d473](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.34.926d473-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.37.996c623](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.37.996c623-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.37.996c623](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.37.996c623-informational?style=flat-square) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) @@ -43,7 +43,7 @@ make build |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.34.926d473"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.37.996c623"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -52,7 +52,8 @@ make build | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.34.926d473"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.37.996c623"` | CSI driver tag | +| imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | | nodePluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI node component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/Chart.yaml b/charts/csi-wekafsplugin/Chart.yaml index 5a45e593c..ca0ebbed0 100644 --- a/charts/csi-wekafsplugin/Chart.yaml +++ b/charts/csi-wekafsplugin/Chart.yaml @@ -10,8 +10,8 @@ sources: home: https://github.com/weka/csi-wekafs icon: https://weka.github.io/csi-wekafs/logo.png type: application -version: 2.4.2-SNAPSHOT.34.926d473 -appVersion: v2.4.2-SNAPSHOT.34.926d473 +version: 2.4.2-SNAPSHOT.37.996c623 +appVersion: v2.4.2-SNAPSHOT.37.996c623 keywords: [storage, filesystem, HPC] annotations: artifacthub.io/category: "storage" diff --git a/charts/csi-wekafsplugin/README.md b/charts/csi-wekafsplugin/README.md index 4f22bfe4d..2baa7ea90 100644 --- a/charts/csi-wekafsplugin/README.md +++ b/charts/csi-wekafsplugin/README.md @@ -3,7 +3,7 @@ Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) -![Version: 2.4.2-SNAPSHOT.34.926d473](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.34.926d473-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.34.926d473](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.34.926d473-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.37.996c623](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.37.996c623-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.37.996c623](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.37.996c623-informational?style=flat-square) ## Homepage https://github.com/weka/csi-wekafs @@ -52,7 +52,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.34.926d473"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.37.996c623"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -61,7 +61,8 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.34.926d473"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.37.996c623"` | CSI driver tag | +| imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | | nodePluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI node component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/values.schema.json b/charts/csi-wekafsplugin/values.schema.json index 99cc9166f..3f06cdb6e 100644 --- a/charts/csi-wekafsplugin/values.schema.json +++ b/charts/csi-wekafsplugin/values.schema.json @@ -91,6 +91,9 @@ "hostNetwork": { "type": "boolean" }, + "imagePullSecret": { + "type": "string" + }, "images": { "type": "object", "properties": { diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index faa957831..4f958b402 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -5,7 +5,7 @@ dynamicProvisionPath: "csi-volumes" # -- Name of the driver (and provisioner) csiDriverName: "csi.weka.io" # -- CSI driver version -csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.34.926d473 +csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.37.996c623 images: # -- CSI liveness probe sidecar image URL livenessprobesidecar: registry.k8s.io/sig-storage/livenessprobe:v2.12.0 @@ -28,7 +28,6 @@ images: # -- image pull secret required for image download. Must have permissions to access all images above. # Should be used in case of private registry that requires authentication imagePullSecret: "" - # -- Tolerations for all CSI driver components globalPluginTolerations: &globalPluginTolerations - key: node-role.kubernetes.io/master From abefc0fe49d261fd90c568a856f2936a865918da Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Sat, 10 Aug 2024 14:18:58 +0300 Subject: [PATCH 34/75] feat(CSI-239): moveToTrash does not return error to upper layers --- pkg/wekafs/gc.go | 10 ++++++---- pkg/wekafs/volume.go | 3 +-- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/pkg/wekafs/gc.go b/pkg/wekafs/gc.go index 604799207..49c2de494 100644 --- a/pkg/wekafs/gc.go +++ b/pkg/wekafs/gc.go @@ -31,17 +31,17 @@ func initInnerPathVolumeGc(mounter AnyMounter) *innerPathVolGc { return &gc } -func (gc *innerPathVolGc) triggerGcVolume(ctx context.Context, volume *Volume) { +func (gc *innerPathVolGc) triggerGcVolume(ctx context.Context, volume *Volume) error { op := "triggerGcVolume" ctx, span := otel.Tracer(TracerName).Start(ctx, op) defer span.End() ctx = log.With().Str("trace_id", span.SpanContext().TraceID().String()).Str("span_id", span.SpanContext().SpanID().String()).Str("op", op).Logger().WithContext(ctx) logger := log.Ctx(ctx).With().Str("volume_id", volume.GetId()).Logger() logger.Info().Msg("Triggering garbage collection of volume") - gc.moveVolumeToTrash(ctx, volume) // always do it synchronously + return gc.moveVolumeToTrash(ctx, volume) } -func (gc *innerPathVolGc) moveVolumeToTrash(ctx context.Context, volume *Volume) { +func (gc *innerPathVolGc) moveVolumeToTrash(ctx context.Context, volume *Volume) error { op := "moveVolumeToTrash" ctx, span := otel.Tracer(TracerName).Start(ctx, op) defer span.End() @@ -54,7 +54,7 @@ func (gc *innerPathVolGc) moveVolumeToTrash(ctx context.Context, volume *Volume) defer unmount() if err != nil { logger.Error().Err(err).Msg("Failed to mount filesystem for GC processing") - return + return err } volumeTrashLoc := filepath.Join(path, garbagePath) if err := os.MkdirAll(volumeTrashLoc, DefaultVolumePermissions); err != nil { @@ -68,6 +68,7 @@ func (gc *innerPathVolGc) moveVolumeToTrash(ctx context.Context, volume *Volume) if err := os.Rename(fullPath, newPath); err != nil { logger.Error().Err(err).Str("full_path", fullPath). Str("volume_trash_location", volumeTrashLoc).Msg("Failed to move volume contents to volumeTrashLoc") + return err } // NOTE: there is a problem of directory leaks here. If the volume innerPath is deeper than /csi-volumes/vol-name, // e.g. if using statically provisioned volume, we move only the deepest directory @@ -77,6 +78,7 @@ func (gc *innerPathVolGc) moveVolumeToTrash(ctx context.Context, volume *Volume) // 2024-07-29: apparently seems this is not a real problem since static volumes are not deleted this way // and dynamic volumes are always created inside the /csi-volumes logger.Debug().Str("full_path", fullPath).Str("volume_trash_location", volumeTrashLoc).Msg("Volume contents moved to trash") + return nil } func (gc *innerPathVolGc) purgeLeftovers(ctx context.Context, fs string, apiClient *apiclient.ApiClient) { diff --git a/pkg/wekafs/volume.go b/pkg/wekafs/volume.go index fe1794d25..d807d52ab 100644 --- a/pkg/wekafs/volume.go +++ b/pkg/wekafs/volume.go @@ -633,8 +633,7 @@ func (v *Volume) updateCapacityXattr(ctx context.Context, enforceCapacity *bool, func (v *Volume) Trash(ctx context.Context) error { if v.requiresGc() { - v.server.getMounter().getGarbageCollector().triggerGcVolume(ctx, v) - return nil + return v.server.getMounter().getGarbageCollector().triggerGcVolume(ctx, v) } return v.Delete(ctx) } From 4ec7145f24a83d15f7ee4c6542e14137089b7955 Mon Sep 17 00:00:00 2001 From: Weka CSI Bot Date: Thu, 12 Sep 2024 11:26:03 +0000 Subject: [PATCH 35/75] chore: autopublish 2024-09-12T11:26:03Z --- README.md | 6 +++--- charts/csi-wekafsplugin/Chart.yaml | 4 ++-- charts/csi-wekafsplugin/README.md | 6 +++--- charts/csi-wekafsplugin/values.yaml | 2 +- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 721826b94..4e446333a 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # CSI WekaFS Driver Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for WekaFS - the world fastest filesystem -![Version: 2.4.2-SNAPSHOT.37.996c623](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.37.996c623-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.37.996c623](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.37.996c623-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.40.ded86a2](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.40.ded86a2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.40.ded86a2](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.40.ded86a2-informational?style=flat-square) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) @@ -43,7 +43,7 @@ make build |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.37.996c623"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.40.ded86a2"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -52,7 +52,7 @@ make build | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.37.996c623"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.40.ded86a2"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/Chart.yaml b/charts/csi-wekafsplugin/Chart.yaml index ca0ebbed0..429adf75d 100644 --- a/charts/csi-wekafsplugin/Chart.yaml +++ b/charts/csi-wekafsplugin/Chart.yaml @@ -10,8 +10,8 @@ sources: home: https://github.com/weka/csi-wekafs icon: https://weka.github.io/csi-wekafs/logo.png type: application -version: 2.4.2-SNAPSHOT.37.996c623 -appVersion: v2.4.2-SNAPSHOT.37.996c623 +version: 2.4.2-SNAPSHOT.40.ded86a2 +appVersion: v2.4.2-SNAPSHOT.40.ded86a2 keywords: [storage, filesystem, HPC] annotations: artifacthub.io/category: "storage" diff --git a/charts/csi-wekafsplugin/README.md b/charts/csi-wekafsplugin/README.md index 2baa7ea90..8009c13aa 100644 --- a/charts/csi-wekafsplugin/README.md +++ b/charts/csi-wekafsplugin/README.md @@ -3,7 +3,7 @@ Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) -![Version: 2.4.2-SNAPSHOT.37.996c623](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.37.996c623-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.37.996c623](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.37.996c623-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.40.ded86a2](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.40.ded86a2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.40.ded86a2](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.40.ded86a2-informational?style=flat-square) ## Homepage https://github.com/weka/csi-wekafs @@ -52,7 +52,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.37.996c623"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.40.ded86a2"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -61,7 +61,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.37.996c623"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.40.ded86a2"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index 4f958b402..a5b05155f 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -5,7 +5,7 @@ dynamicProvisionPath: "csi-volumes" # -- Name of the driver (and provisioner) csiDriverName: "csi.weka.io" # -- CSI driver version -csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.37.996c623 +csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.40.ded86a2 images: # -- CSI liveness probe sidecar image URL livenessprobesidecar: registry.k8s.io/sig-storage/livenessprobe:v2.12.0 From 795ce1266ea1304ab55bc145db60410d50117a7f Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Sun, 1 Sep 2024 14:02:39 +0300 Subject: [PATCH 36/75] chore(deps): combine chmod with ADD in Dockerfile --- Dockerfile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 6549db795..5c891b327 100644 --- a/Dockerfile +++ b/Dockerfile @@ -25,8 +25,7 @@ RUN CGO_ENABLED=0 GOOS="linux" GOARCH="amd64" go build -a -ldflags '-X main.vers FROM alpine:3.18 LABEL maintainers="WekaIO, LTD" LABEL description="Weka CSI Driver" -ADD https://github.com/tigrawap/locar/releases/download/0.4.0/locar_linux_amd64 /locar -RUN chmod +x /locar +ADD --chmod=777 https://github.com/tigrawap/locar/releases/download/0.4.0/locar_linux_amd64 /locar RUN apk add --no-cache util-linux libselinux libselinux-utils util-linux \ pciutils usbutils coreutils binutils findutils \ grep bash nfs-utils rpcbind ca-certificates From 173f49a11037f87e4010fcda9ca6a6b3769f2ae3 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Sat, 10 Aug 2024 15:41:21 +0300 Subject: [PATCH 37/75] chore(deps): fix Dockerfile warning for FROM as --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 5c891b327..a2ee1d7f9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.22-alpine as go-builder +FROM golang:1.22-alpine AS go-builder # https://stackoverflow.com/questions/36279253/go-compiled-binary-wont-run-in-an-alpine-docker-container-on-ubuntu-host RUN apk add --no-cache libc6-compat gcc musl-dev COPY go.mod /src/go.mod From cc1e7d8c36880c1a6b7176383dc577fbd33d5cd6 Mon Sep 17 00:00:00 2001 From: Weka CSI Bot Date: Thu, 12 Sep 2024 11:35:01 +0000 Subject: [PATCH 38/75] chore: autopublish 2024-09-12T11:35:01Z --- README.md | 6 +++--- charts/csi-wekafsplugin/Chart.yaml | 4 ++-- charts/csi-wekafsplugin/README.md | 6 +++--- charts/csi-wekafsplugin/values.yaml | 2 +- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 4e446333a..50408171e 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # CSI WekaFS Driver Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for WekaFS - the world fastest filesystem -![Version: 2.4.2-SNAPSHOT.40.ded86a2](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.40.ded86a2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.40.ded86a2](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.40.ded86a2-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.44.443bd67](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.44.443bd67-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.44.443bd67](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.44.443bd67-informational?style=flat-square) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) @@ -43,7 +43,7 @@ make build |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.40.ded86a2"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.44.443bd67"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -52,7 +52,7 @@ make build | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.40.ded86a2"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.44.443bd67"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/Chart.yaml b/charts/csi-wekafsplugin/Chart.yaml index 429adf75d..b02a35eda 100644 --- a/charts/csi-wekafsplugin/Chart.yaml +++ b/charts/csi-wekafsplugin/Chart.yaml @@ -10,8 +10,8 @@ sources: home: https://github.com/weka/csi-wekafs icon: https://weka.github.io/csi-wekafs/logo.png type: application -version: 2.4.2-SNAPSHOT.40.ded86a2 -appVersion: v2.4.2-SNAPSHOT.40.ded86a2 +version: 2.4.2-SNAPSHOT.44.443bd67 +appVersion: v2.4.2-SNAPSHOT.44.443bd67 keywords: [storage, filesystem, HPC] annotations: artifacthub.io/category: "storage" diff --git a/charts/csi-wekafsplugin/README.md b/charts/csi-wekafsplugin/README.md index 8009c13aa..c4c5fac68 100644 --- a/charts/csi-wekafsplugin/README.md +++ b/charts/csi-wekafsplugin/README.md @@ -3,7 +3,7 @@ Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) -![Version: 2.4.2-SNAPSHOT.40.ded86a2](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.40.ded86a2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.40.ded86a2](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.40.ded86a2-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.44.443bd67](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.44.443bd67-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.44.443bd67](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.44.443bd67-informational?style=flat-square) ## Homepage https://github.com/weka/csi-wekafs @@ -52,7 +52,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.40.ded86a2"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.44.443bd67"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -61,7 +61,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.40.ded86a2"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.44.443bd67"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index a5b05155f..2d36e4089 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -5,7 +5,7 @@ dynamicProvisionPath: "csi-volumes" # -- Name of the driver (and provisioner) csiDriverName: "csi.weka.io" # -- CSI driver version -csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.40.ded86a2 +csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.44.443bd67 images: # -- CSI liveness probe sidecar image URL livenessprobesidecar: registry.k8s.io/sig-storage/livenessprobe:v2.12.0 From f41c4857c9c978accdf0cfde0c66b61d67d41827 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Mon, 2 Sep 2024 18:41:34 +0300 Subject: [PATCH 39/75] chore(deps): update packages to latest versions and Go to 1.22.5 --- go.mod | 48 +++++++++++++++-------------- go.sum | 96 +++++++++++++++++++++++++++++++++++----------------------- 2 files changed, 84 insertions(+), 60 deletions(-) diff --git a/go.mod b/go.mod index ae6928226..406c632ff 100644 --- a/go.mod +++ b/go.mod @@ -1,55 +1,59 @@ module github.com/wekafs/csi-wekafs -go 1.22.0 - -toolchain go1.22.4 +go 1.22.5 require ( github.com/container-storage-interface/spec v1.10.0 github.com/google/go-querystring v1.1.0 github.com/google/uuid v1.6.0 github.com/hashicorp/go-version v1.7.0 - github.com/kubernetes-csi/csi-lib-utils v0.18.1 + github.com/kubernetes-csi/csi-lib-utils v0.19.0 github.com/pkg/xattr v0.4.10 - github.com/prometheus/client_golang v1.19.1 + github.com/prometheus/client_golang v1.20.2 github.com/rs/zerolog v1.33.0 github.com/showa-93/go-mask v0.6.2 github.com/stretchr/testify v1.9.0 - go.opentelemetry.io/otel v1.28.0 + go.opentelemetry.io/otel v1.29.0 go.opentelemetry.io/otel/exporters/jaeger v1.17.0 - go.opentelemetry.io/otel/sdk v1.28.0 - go.opentelemetry.io/otel/trace v1.28.0 - golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 - golang.org/x/sync v0.7.0 - google.golang.org/grpc v1.65.0 + go.opentelemetry.io/otel/sdk v1.29.0 + go.opentelemetry.io/otel/trace v1.29.0 + golang.org/x/exp v0.0.0-20240823005443-9b4947da3948 + golang.org/x/sync v0.8.0 + google.golang.org/grpc v1.66.0 google.golang.org/protobuf v1.34.2 - k8s.io/apimachinery v0.30.3 + k8s.io/apimachinery v0.31.0 k8s.io/helm v2.17.0+incompatible - k8s.io/mount-utils v0.30.3 + k8s.io/mount-utils v0.31.0 ) require ( github.com/beorn7/perks v1.0.1 // indirect github.com/cespare/xxhash/v2 v2.3.0 // indirect - github.com/davecgh/go-spew v1.1.1 // indirect + github.com/coreos/go-systemd/v22 v22.5.0 // indirect + github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/go-logr/logr v1.4.2 // indirect github.com/go-logr/stdr v1.2.2 // indirect + github.com/godbus/dbus/v5 v5.1.0 // indirect github.com/golang/protobuf v1.5.4 // indirect + github.com/klauspost/compress v1.17.9 // indirect github.com/kr/text v0.2.0 // indirect github.com/mattn/go-colorable v0.1.13 // indirect github.com/mattn/go-isatty v0.0.20 // indirect github.com/moby/sys/mountinfo v0.7.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect - github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/opencontainers/runc v1.1.13 // indirect + github.com/opencontainers/runtime-spec v1.2.0 // indirect + github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect github.com/prometheus/client_model v0.6.1 // indirect - github.com/prometheus/common v0.55.0 // indirect + github.com/prometheus/common v0.57.0 // indirect github.com/prometheus/procfs v0.15.1 // indirect - go.opentelemetry.io/otel/metric v1.28.0 // indirect - golang.org/x/net v0.27.0 // indirect - golang.org/x/sys v0.22.0 // indirect - golang.org/x/text v0.16.0 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20240730163845-b1a4ccb954bf // indirect + github.com/sirupsen/logrus v1.9.3 // indirect + go.opentelemetry.io/otel/metric v1.29.0 // indirect + golang.org/x/net v0.28.0 // indirect + golang.org/x/sys v0.24.0 // indirect + golang.org/x/text v0.17.0 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20240827150818-7e3bb234dfed // indirect gopkg.in/yaml.v3 v3.0.1 // indirect k8s.io/klog/v2 v2.130.1 // indirect - k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 // indirect + k8s.io/utils v0.0.0-20240821151609-f90d01438635 // indirect ) diff --git a/go.sum b/go.sum index 1fe56df78..ece93c7da 100644 --- a/go.sum +++ b/go.sum @@ -4,16 +4,21 @@ github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UF github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/container-storage-interface/spec v1.10.0 h1:YkzWPV39x+ZMTa6Ax2czJLLwpryrQ+dPesB34mrRMXA= github.com/container-storage-interface/spec v1.10.0/go.mod h1:DtUvaQszPml1YJfIK7c00mlv6/g4wNMLanLgiUbKFRI= +github.com/coreos/go-systemd/v22 v22.5.0 h1:RrqgGjYQKalulkV8NGVIfkXQf6YYmOyiJKk8iXXhfZs= github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= +github.com/godbus/dbus/v5 v5.1.0 h1:4KLkAxT3aOY8Li4FRJe/KvhoNFFxo0m6fNuFUO8QJUk= +github.com/godbus/dbus/v5 v5.1.0/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= @@ -25,12 +30,16 @@ github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/hashicorp/go-version v1.7.0 h1:5tqGy27NaOTB8yJKUZELlFAS/LTKJkrmONwQKeRZfjY= github.com/hashicorp/go-version v1.7.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= +github.com/klauspost/compress v1.17.9 h1:6KIumPrER1LHsvBVuDa0r5xaG0Es51mhhB9BQB2qeMA= +github.com/klauspost/compress v1.17.9/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/kubernetes-csi/csi-lib-utils v0.18.1 h1:vpg1kbQ6lFVCz7mY71zcqVE7W0GAQXXBoFfHvbW3gdw= -github.com/kubernetes-csi/csi-lib-utils v0.18.1/go.mod h1:PIcn27zmbY0KBue4JDdZVfDF56tjcS3jKroZPi+pMoY= +github.com/kubernetes-csi/csi-lib-utils v0.19.0 h1:3sT8mL9+St2acyrEtuR7CQ5L78GR4lgsb+sfon9tGfA= +github.com/kubernetes-csi/csi-lib-utils v0.19.0/go.mod h1:lBuMKvoyd8c3EG+itmnVWApLDHnLkU7ibxxZSPuOw0M= +github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= +github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= @@ -41,73 +50,84 @@ github.com/moby/sys/mountinfo v0.7.2 h1:1shs6aH5s4o5H2zQLn796ADW1wMrIwHsyJ2v9Kou github.com/moby/sys/mountinfo v0.7.2/go.mod h1:1YOa8w8Ih7uW0wALDUgT1dTTSBrZ+HiBLGws92L2RU4= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= +github.com/opencontainers/runc v1.1.13 h1:98S2srgG9vw0zWcDpFMn5TRrh8kLxa/5OFUstuUhmRs= +github.com/opencontainers/runc v1.1.13/go.mod h1:R016aXacfp/gwQBYw2FDGa9m+n6atbLWrYY8hNMT/sA= +github.com/opencontainers/runtime-spec v1.2.0 h1:z97+pHb3uELt/yiAWD691HNHQIF07bE7dzrbT927iTk= +github.com/opencontainers/runtime-spec v1.2.0/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/xattr v0.4.10 h1:Qe0mtiNFHQZ296vRgUjRCoPHPqH7VdTOrZx3g0T+pGA= github.com/pkg/xattr v0.4.10/go.mod h1:di8WF84zAKk8jzR1UBTEWh9AUlIZZ7M/JNt8e9B6ktU= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v1.19.1 h1:wZWJDwK+NameRJuPGDhlnFgx8e8HN3XHQeLaYJFJBOE= -github.com/prometheus/client_golang v1.19.1/go.mod h1:mP78NwGzrVks5S2H6ab8+ZZGJLZUq1hoULYBAYBw1Ho= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_golang v1.20.2 h1:5ctymQzZlyOON1666svgwn3s6IKWgfbjsejTMiXIyjg= +github.com/prometheus/client_golang v1.20.2/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE= github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= -github.com/prometheus/common v0.55.0 h1:KEi6DK7lXW/m7Ig5i47x0vRzuBsHuvJdi5ee6Y3G1dc= -github.com/prometheus/common v0.55.0/go.mod h1:2SECS4xJG1kd8XF9IcM1gMX6510RAEL65zxzNImwdc8= +github.com/prometheus/common v0.57.0 h1:Ro/rKjwdq9mZn1K5QPctzh+MA4Lp0BuYk5ZZEVhoNcY= +github.com/prometheus/common v0.57.0/go.mod h1:7uRPFSUTbfZWsJ7MHY56sqt7hLQu3bxXHDnNhl8E9qI= github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc= github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk= -github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= -github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= +github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= +github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg= github.com/rs/zerolog v1.33.0 h1:1cU2KZkvPxNyfgEmhHAz/1A9Bz+llsdYzklWFzgp0r8= github.com/rs/zerolog v1.33.0/go.mod h1:/7mN4D5sKwJLZQ2b/znpjC3/GQWY/xaDXUM0kKWRHss= github.com/showa-93/go-mask v0.6.2 h1:sJEUQRpbxUoMTfBKey5K9hCg+eSx5KIAZFT7pa1LXbM= github.com/showa-93/go-mask v0.6.2/go.mod h1:aswIj007gm0EPAzOGES9ACy1jDm3QT08/LPSClMp410= +github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= +github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= +github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= -go.opentelemetry.io/otel v1.28.0 h1:/SqNcYk+idO0CxKEUOtKQClMK/MimZihKYMruSMViUo= -go.opentelemetry.io/otel v1.28.0/go.mod h1:q68ijF8Fc8CnMHKyzqL6akLO46ePnjkgfIMIjUIX9z4= +go.opentelemetry.io/otel v1.29.0 h1:PdomN/Al4q/lN6iBJEN3AwPvUiHPMlt93c8bqTG5Llw= +go.opentelemetry.io/otel v1.29.0/go.mod h1:N/WtXPs1CNCUEx+Agz5uouwCba+i+bJGFicT8SR4NP8= go.opentelemetry.io/otel/exporters/jaeger v1.17.0 h1:D7UpUy2Xc2wsi1Ras6V40q806WM07rqoCWzXu7Sqy+4= go.opentelemetry.io/otel/exporters/jaeger v1.17.0/go.mod h1:nPCqOnEH9rNLKqH/+rrUjiMzHJdV1BlpKcTwRTyKkKI= -go.opentelemetry.io/otel/metric v1.28.0 h1:f0HGvSl1KRAU1DLgLGFjrwVyismPlnuU6JD6bOeuA5Q= -go.opentelemetry.io/otel/metric v1.28.0/go.mod h1:Fb1eVBFZmLVTMb6PPohq3TO9IIhUisDsbJoL/+uQW4s= -go.opentelemetry.io/otel/sdk v1.28.0 h1:b9d7hIry8yZsgtbmM0DKyPWMMUMlK9NEKuIG4aBqWyE= -go.opentelemetry.io/otel/sdk v1.28.0/go.mod h1:oYj7ClPUA7Iw3m+r7GeEjz0qckQRJK2B8zjcZEfu7Pg= -go.opentelemetry.io/otel/trace v1.28.0 h1:GhQ9cUuQGmNDd5BTCP2dAvv75RdMxEfTmYejp+lkx9g= -go.opentelemetry.io/otel/trace v1.28.0/go.mod h1:jPyXzNPg6da9+38HEwElrQiHlVMTnVfM3/yv2OlIHaI= -golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 h1:2dVuKD2vS7b0QIHQbpyTISPd0LeHDbnYEryqj5Q1ug8= -golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56/go.mod h1:M4RDyNAINzryxdtnbRXRL/OHtkFuWGRjvuhBJpk2IlY= -golang.org/x/net v0.27.0 h1:5K3Njcw06/l2y9vpGCSdcxWOYHOUk3dVNGDXN+FvAys= -golang.org/x/net v0.27.0/go.mod h1:dDi0PyhWNoiUOrAS8uXv/vnScO4wnHQO4mj9fn/RytE= -golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M= -golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +go.opentelemetry.io/otel/metric v1.29.0 h1:vPf/HFWTNkPu1aYeIsc98l4ktOQaL6LeSoeV2g+8YLc= +go.opentelemetry.io/otel/metric v1.29.0/go.mod h1:auu/QWieFVWx+DmQOUMgj0F8LHWdgalxXqvp7BII/W8= +go.opentelemetry.io/otel/sdk v1.29.0 h1:vkqKjk7gwhS8VaWb0POZKmIEDimRCMsopNYnriHyryo= +go.opentelemetry.io/otel/sdk v1.29.0/go.mod h1:pM8Dx5WKnvxLCb+8lG1PRNIDxu9g9b9g59Qr7hfAAok= +go.opentelemetry.io/otel/trace v1.29.0 h1:J/8ZNK4XgR7a21DZUAsbF8pZ5Jcw1VhACmnYt39JTi4= +go.opentelemetry.io/otel/trace v1.29.0/go.mod h1:eHl3w0sp3paPkYstJOmAimxhiFXPg+MMTlEh3nsQgWQ= +golang.org/x/exp v0.0.0-20240823005443-9b4947da3948 h1:kx6Ds3MlpiUHKj7syVnbp57++8WpuKPcR5yjLBjvLEA= +golang.org/x/exp v0.0.0-20240823005443-9b4947da3948/go.mod h1:akd2r19cwCdwSwWeIdzYQGa/EZZyqcOdwWiwj5L5eKQ= +golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE= +golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg= +golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ= +golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20220408201424-a24fb2fb8a0f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI= -golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4= -golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI= +golang.org/x/sys v0.24.0 h1:Twjiwq9dn6R1fQcyiK+wQyHWfaz/BJB+YIpzU/Cv3Xg= +golang.org/x/sys v0.24.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc= +golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240730163845-b1a4ccb954bf h1:liao9UHurZLtiEwBgT9LMOnKYsHze6eA6w1KQCMVN2Q= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240730163845-b1a4ccb954bf/go.mod h1:Ue6ibwXGpU+dqIcODieyLOcgj7z8+IcskoNIgZxtrFY= -google.golang.org/grpc v1.65.0 h1:bs/cUb4lp1G5iImFFd3u5ixQzweKizoZJAwBNLR42lc= -google.golang.org/grpc v1.65.0/go.mod h1:WgYC2ypjlB0EiQi6wdKixMqukr6lBc0Vo+oOgjrM5ZQ= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240827150818-7e3bb234dfed h1:J6izYgfBXAI3xTKLgxzTmUltdYaLsuBxFCgDHWJ/eXg= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240827150818-7e3bb234dfed/go.mod h1:UqMtugtsSgubUsoxbuAoiCXvqvErP7Gf0so0mK9tHxU= +google.golang.org/grpc v1.66.0 h1:DibZuoBznOxbDQxRINckZcUvnCEvrW9pcWIE2yF9r1c= +google.golang.org/grpc v1.66.0/go.mod h1:s3/l6xSSCURdVfAnL+TqCNMyTDAGN6+lZeVxnZR128Y= google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/apimachinery v0.30.3 h1:q1laaWCmrszyQuSQCfNB8cFgCuDAoPszKY4ucAjDwHc= -k8s.io/apimachinery v0.30.3/go.mod h1:iexa2somDaxdnj7bha06bhb43Zpa6eWH8N8dbqVjTUc= +k8s.io/apimachinery v0.31.0 h1:m9jOiSr3FoSSL5WO9bjm1n6B9KROYYgNZOb4tyZ1lBc= +k8s.io/apimachinery v0.31.0/go.mod h1:rsPdaZJfTfLsNJSQzNHQvYoTmxhoOEofxtOsF3rtsMo= k8s.io/helm v2.17.0+incompatible h1:Bpn6o1wKLYqKM3+Osh8e+1/K2g/GsQJ4F4yNF2+deao= k8s.io/helm v2.17.0+incompatible/go.mod h1:LZzlS4LQBHfciFOurYBFkCMTaZ0D1l+p0teMg7TSULI= k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= -k8s.io/mount-utils v0.30.3 h1:8Z3wSW5+GSvGNtlDhtoZrBCKLMIf5z/9tf8pie+G06s= -k8s.io/mount-utils v0.30.3/go.mod h1:9sCVmwGLcV1MPvbZ+rToMDnl1QcGozy+jBPd0MsQLIo= -k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 h1:pUdcCO1Lk/tbT5ztQWOBi5HBgbBP1J8+AsQnQCKsi8A= -k8s.io/utils v0.0.0-20240711033017-18e509b52bc8/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/mount-utils v0.31.0 h1:o+a+n6gyZ7MGc6bIERU3LeFTHbLDBiVReaDpWlJotUE= +k8s.io/mount-utils v0.31.0/go.mod h1:HV/VYBUGqYUj4vt82YltzpWvgv8FPg0G9ItyInT3NPU= +k8s.io/utils v0.0.0-20240821151609-f90d01438635 h1:2wThSvJoW/Ncn9TmQEYXRnevZXi2duqHWf5OX9S3zjI= +k8s.io/utils v0.0.0-20240821151609-f90d01438635/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= From 0da3da44864d5565c6d468a2d1370fa4b840a89b Mon Sep 17 00:00:00 2001 From: Weka CSI Bot Date: Thu, 12 Sep 2024 11:43:57 +0000 Subject: [PATCH 40/75] chore: autopublish 2024-09-12T11:43:57Z --- README.md | 6 +++--- charts/csi-wekafsplugin/Chart.yaml | 4 ++-- charts/csi-wekafsplugin/README.md | 6 +++--- charts/csi-wekafsplugin/values.yaml | 2 +- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 50408171e..be47fda1a 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # CSI WekaFS Driver Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for WekaFS - the world fastest filesystem -![Version: 2.4.2-SNAPSHOT.44.443bd67](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.44.443bd67-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.44.443bd67](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.44.443bd67-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.47.404f4ec](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.47.404f4ec-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.47.404f4ec](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.47.404f4ec-informational?style=flat-square) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) @@ -43,7 +43,7 @@ make build |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.44.443bd67"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.47.404f4ec"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -52,7 +52,7 @@ make build | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.44.443bd67"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.47.404f4ec"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/Chart.yaml b/charts/csi-wekafsplugin/Chart.yaml index b02a35eda..c9b3a5cd9 100644 --- a/charts/csi-wekafsplugin/Chart.yaml +++ b/charts/csi-wekafsplugin/Chart.yaml @@ -10,8 +10,8 @@ sources: home: https://github.com/weka/csi-wekafs icon: https://weka.github.io/csi-wekafs/logo.png type: application -version: 2.4.2-SNAPSHOT.44.443bd67 -appVersion: v2.4.2-SNAPSHOT.44.443bd67 +version: 2.4.2-SNAPSHOT.47.404f4ec +appVersion: v2.4.2-SNAPSHOT.47.404f4ec keywords: [storage, filesystem, HPC] annotations: artifacthub.io/category: "storage" diff --git a/charts/csi-wekafsplugin/README.md b/charts/csi-wekafsplugin/README.md index c4c5fac68..99727a1ea 100644 --- a/charts/csi-wekafsplugin/README.md +++ b/charts/csi-wekafsplugin/README.md @@ -3,7 +3,7 @@ Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) -![Version: 2.4.2-SNAPSHOT.44.443bd67](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.44.443bd67-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.44.443bd67](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.44.443bd67-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.47.404f4ec](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.47.404f4ec-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.47.404f4ec](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.47.404f4ec-informational?style=flat-square) ## Homepage https://github.com/weka/csi-wekafs @@ -52,7 +52,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.44.443bd67"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.47.404f4ec"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -61,7 +61,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.44.443bd67"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.47.404f4ec"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index 2d36e4089..6657a0198 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -5,7 +5,7 @@ dynamicProvisionPath: "csi-volumes" # -- Name of the driver (and provisioner) csiDriverName: "csi.weka.io" # -- CSI driver version -csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.44.443bd67 +csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.47.404f4ec images: # -- CSI liveness probe sidecar image URL livenessprobesidecar: registry.k8s.io/sig-storage/livenessprobe:v2.12.0 From 21810f0893b5768f13008854ac105c61b0c19323 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Tue, 3 Sep 2024 12:59:17 +0300 Subject: [PATCH 41/75] feat(CSI-245): allow specifying client group for NFS --- .../controllerserver-statefulset.yaml | 3 +++ .../templates/nodeserver-daemonset.yaml | 3 +++ charts/csi-wekafsplugin/values.yaml | 2 ++ cmd/wekafsplugin/main.go | 2 ++ pkg/wekafs/apiclient/nfs.go | 23 +++++++++++-------- pkg/wekafs/apiclient/nfs_test.go | 8 +++---- pkg/wekafs/driverconfig.go | 20 ++++++---------- pkg/wekafs/nfsmount.go | 3 ++- pkg/wekafs/nfsmounter.go | 5 +++- 9 files changed, 40 insertions(+), 29 deletions(-) diff --git a/charts/csi-wekafsplugin/templates/controllerserver-statefulset.yaml b/charts/csi-wekafsplugin/templates/controllerserver-statefulset.yaml index 9b1a9170f..1948df98e 100755 --- a/charts/csi-wekafsplugin/templates/controllerserver-statefulset.yaml +++ b/charts/csi-wekafsplugin/templates/controllerserver-statefulset.yaml @@ -224,6 +224,9 @@ spec: {{- if .Values.pluginConfig.mountProtocol.interfaceGroupName }} - "--interfacegroupname={{ .Values.pluginConfig.mountProtocol.interfaceGroupName }}" {{- end }} + {{- if .Values.pluginConfig.mountProtocol.clientGroupName }} + - "--clientgroupname={{ .Values.pluginConfig.mountProtocol.clientGroupName }}" + {{- end }} ports: - containerPort: 9898 name: healthz diff --git a/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml b/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml index ab5565823..d3f2aed26 100644 --- a/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml +++ b/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml @@ -115,6 +115,9 @@ spec: {{- if .Values.pluginConfig.mountProtocol.interfaceGroupName }} - "--interfacegroupname={{ .Values.pluginConfig.mountProtocol.interfaceGroupName }}" {{- end }} + {{- if .Values.pluginConfig.mountProtocol.clientGroupName }} + - "--clientgroupname={{ .Values.pluginConfig.mountProtocol.clientGroupName }}" + {{- end }} ports: - containerPort: 9899 name: healthz diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index 6657a0198..28254cdcf 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -152,3 +152,5 @@ pluginConfig: allowNfsFailback: false # -- Specify name of NFS interface group to use for mounting Weka filesystems. If not set, first NFS interface group will be used interfaceGroupName: "" + # -- Specify existing client group name for NFS configuration. If not set, "WekaCSIPluginClients" group will be created + clientGroupName: "" diff --git a/cmd/wekafsplugin/main.go b/cmd/wekafsplugin/main.go index df393ee2e..63660efcf 100644 --- a/cmd/wekafsplugin/main.go +++ b/cmd/wekafsplugin/main.go @@ -94,6 +94,7 @@ var ( allowNfsFailback = flag.Bool("allownfsfailback", false, "Allow NFS failback") useNfs = flag.Bool("usenfs", false, "Use NFS for mounting volumes") interfaceGroupName = flag.String("interfacegroupname", "", "Name of the NFS interface group to use for mounting volumes") + clientGroupName = flag.String("clientgroupname", "", "Name of the NFS client group to use for managing NFS permissions") // Set by the build process version = "" ) @@ -223,6 +224,7 @@ func handle() { *allowNfsFailback, *useNfs, *interfaceGroupName, + *clientGroupName, ) driver, err := wekafs.NewWekaFsDriver( *driverName, *nodeID, *endpoint, *maxVolumesPerNode, version, *debugPath, csiMode, *selinuxSupport, config) diff --git a/pkg/wekafs/apiclient/nfs.go b/pkg/wekafs/apiclient/nfs.go index b0617ee38..3b1870ed7 100644 --- a/pkg/wekafs/apiclient/nfs.go +++ b/pkg/wekafs/apiclient/nfs.go @@ -363,22 +363,25 @@ func (a *ApiClient) CreateNfsClientGroup(ctx context.Context, r *NfsClientGroupC return err } -func (a *ApiClient) EnsureCsiPluginNfsClientGroup(ctx context.Context) (*NfsClientGroup, error) { +func (a *ApiClient) EnsureCsiPluginNfsClientGroup(ctx context.Context, clientGroupName string) (*NfsClientGroup, error) { op := "EnsureCsiPluginNfsClientGroup" ctx, span := otel.Tracer(TracerName).Start(ctx, op) defer span.End() ctx = log.With().Str("trace_id", span.SpanContext().TraceID().String()).Str("span_id", span.SpanContext().SpanID().String()).Str("op", op).Logger().WithContext(ctx) logger := log.Ctx(ctx) var ret *NfsClientGroup - logger.Trace().Str("client_group_name", NfsClientGroupName).Msg("Getting client group by name") - ret, err := a.GetNfsClientGroupByName(ctx, NfsClientGroupName) + if clientGroupName == "" { + clientGroupName = NfsClientGroupName + } + logger.Trace().Str("client_group_name", clientGroupName).Msg("Getting client group by name") + ret, err := a.GetNfsClientGroupByName(ctx, clientGroupName) if err != nil { if err != ObjectNotFoundError { logger.Error().Err(err).Msg("Failed to get client group by name") return ret, err } else { - logger.Trace().Str("client_group_name", NfsClientGroupName).Msg("Existing client group not found, creating client group") - err = a.CreateNfsClientGroup(ctx, NewNfsClientGroupCreateRequest(NfsClientGroupName), ret) + logger.Trace().Str("client_group_name", clientGroupName).Msg("Existing client group not found, creating client group") + err = a.CreateNfsClientGroup(ctx, NewNfsClientGroupCreateRequest(clientGroupName), ret) } } return ret, nil @@ -540,12 +543,12 @@ func (r *NfsClientGroupRule) IsEligibleForIP(ip string) bool { return network.ContainsIPAddress(ip) } -func (a *ApiClient) GetNfsClientGroupRules(ctx context.Context, rules *[]NfsClientGroupRule) error { +func (a *ApiClient) GetNfsClientGroupRules(ctx context.Context, clientGroupName string, rules *[]NfsClientGroupRule) error { op := "GetNfsClientGroupRules" ctx, span := otel.Tracer(TracerName).Start(ctx, op) defer span.End() ctx = log.With().Str("trace_id", span.SpanContext().TraceID().String()).Str("span_id", span.SpanContext().SpanID().String()).Str("op", op).Logger().WithContext(ctx) - cg, err := a.EnsureCsiPluginNfsClientGroup(ctx) + cg, err := a.EnsureCsiPluginNfsClientGroup(ctx, clientGroupName) if err != nil { return err } @@ -705,16 +708,16 @@ func (a *ApiClient) EnsureNfsClientGroupRuleForIp(ctx context.Context, cg *NfsCl return err } -func (a *ApiClient) EnsureNfsPermissions(ctx context.Context, ip string, fsName string) error { +func (a *ApiClient) EnsureNfsPermissions(ctx context.Context, ip string, fsName string, clientGroupName string) error { op := "EnsureNfsPermissions" ctx, span := otel.Tracer(TracerName).Start(ctx, op) defer span.End() ctx = log.With().Str("trace_id", span.SpanContext().TraceID().String()).Str("span_id", span.SpanContext().SpanID().String()).Str("op", op).Logger().WithContext(ctx) logger := log.Ctx(ctx) - logger.Debug().Str("ip", ip).Str("filesystem", fsName).Msg("Ensuring NFS permissions") + logger.Debug().Str("ip", ip).Str("filesystem", fsName).Str("client_group_name", clientGroupName).Msg("Ensuring NFS permissions") // Ensure client group logger.Trace().Msg("Ensuring CSI Plugin NFS Client Group") - cg, err := a.EnsureCsiPluginNfsClientGroup(ctx) + cg, err := a.EnsureCsiPluginNfsClientGroup(ctx, clientGroupName) if err != nil { logger.Error().Err(err).Msg("Failed to ensure NFS client group") return err diff --git a/pkg/wekafs/apiclient/nfs_test.go b/pkg/wekafs/apiclient/nfs_test.go index 7b363f455..3ce86ea58 100644 --- a/pkg/wekafs/apiclient/nfs_test.go +++ b/pkg/wekafs/apiclient/nfs_test.go @@ -203,14 +203,14 @@ func TestNfsClientGroup(t *testing.T) { func TestEnsureCsiPluginNfsClientGroup(t *testing.T) { apiClient := GetApiClientForTest(t) - result, err := apiClient.EnsureCsiPluginNfsClientGroup(context.Background()) + result, err := apiClient.EnsureCsiPluginNfsClientGroup(context.Background(), NfsClientGroupName) assert.NoError(t, err) assert.NotNil(t, result) } func TestNfsClientGroupRules(t *testing.T) { apiClient := GetApiClientForTest(t) - cg, err := apiClient.EnsureCsiPluginNfsClientGroup(context.Background()) + cg, err := apiClient.EnsureCsiPluginNfsClientGroup(context.Background(), NfsClientGroupName) assert.NoError(t, err) assert.NotNil(t, cg) @@ -236,7 +236,7 @@ outerLoop: assert.NoError(t, err) } rules := &[]NfsClientGroupRule{} - err = apiClient.GetNfsClientGroupRules(context.Background(), rules) + err = apiClient.GetNfsClientGroupRules(context.Background(), NfsClientGroupName, rules) assert.NoError(t, err) assert.NotEmpty(t, rules) for _, rule := range *rules { @@ -251,7 +251,7 @@ func TestNfsEnsureNfsPermissions(t *testing.T) { apiClient := GetApiClientForTest(t) // Test EnsureNfsPermission - err := apiClient.EnsureNfsPermissions(context.Background(), "172.16.5.147", "default") + err := apiClient.EnsureNfsPermissions(context.Background(), "172.16.5.147", "default", NfsClientGroupName) assert.NoError(t, err) } diff --git a/pkg/wekafs/driverconfig.go b/pkg/wekafs/driverconfig.go index d88391830..53e901a18 100644 --- a/pkg/wekafs/driverconfig.go +++ b/pkg/wekafs/driverconfig.go @@ -35,14 +35,11 @@ type DriverConfig struct { allowProtocolContainers bool allowNfsFailback bool useNfs bool - interfaceGroupName *string + interfaceGroupName string + clientGroupName string } func (dc *DriverConfig) Log() { - igName := "<>" - if dc.interfaceGroupName != nil { - igName = *dc.interfaceGroupName - } log.Info().Str("dynamic_vol_path", dc.DynamicVolPath). Str("volume_prefix", dc.VolumePrefix).Str("snapshot_prefix", dc.SnapshotPrefix).Str("seed_snapshot_prefix", dc.SnapshotPrefix). Bool("allow_auto_fs_creation", dc.allowAutoFsCreation).Bool("allow_auto_fs_expansion", dc.allowAutoFsExpansion). @@ -60,7 +57,8 @@ func (dc *DriverConfig) Log() { Bool("allow_protocol_containers", dc.allowProtocolContainers). Bool("allow_nfs_failback", dc.allowNfsFailback). Bool("use_nfs", dc.useNfs). - Str("interface_group_name", igName). + Str("interface_group_name", dc.interfaceGroupName). + Str("client_group_name", dc.clientGroupName). Msg("Starting driver with the following configuration") } @@ -72,7 +70,7 @@ func NewDriverConfig(dynamicVolPath, VolumePrefix, SnapshotPrefix, SeedSnapshotP grpcRequestTimeoutSeconds int, allowProtocolContainers bool, allowNfsFailback, useNfs bool, - interfaceGroupName string, + interfaceGroupName, clientGroupName string, ) *DriverConfig { var MutuallyExclusiveMountOptions []mutuallyExclusiveMountOptionSet @@ -95,11 +93,6 @@ func NewDriverConfig(dynamicVolPath, VolumePrefix, SnapshotPrefix, SeedSnapshotP concurrency["NodePublishVolume"] = maxNodePublishVolumeReqs concurrency["NodeUnpublishVolume"] = maxNodeUnpublishVolumeReqs - igName := &[]string{interfaceGroupName}[0] - if interfaceGroupName == "" { - igName = nil - } - return &DriverConfig{ DynamicVolPath: dynamicVolPath, VolumePrefix: VolumePrefix, @@ -119,7 +112,8 @@ func NewDriverConfig(dynamicVolPath, VolumePrefix, SnapshotPrefix, SeedSnapshotP allowProtocolContainers: allowProtocolContainers, allowNfsFailback: allowNfsFailback, useNfs: useNfs, - interfaceGroupName: igName, + interfaceGroupName: interfaceGroupName, + clientGroupName: clientGroupName, } } diff --git a/pkg/wekafs/nfsmount.go b/pkg/wekafs/nfsmount.go index 170a2ba3e..edb7c5e94 100644 --- a/pkg/wekafs/nfsmount.go +++ b/pkg/wekafs/nfsmount.go @@ -25,6 +25,7 @@ type nfsMount struct { lastUsed time.Time mountIpAddress string interfaceGroupName *string + clientGroupName string } func (m *nfsMount) getMountPoint() string { @@ -131,7 +132,7 @@ func (m *nfsMount) doMount(ctx context.Context, apiClient *apiclient.ApiClient, } nodeIP := apiclient.GetNodeIpAddress() - if apiClient.EnsureNfsPermissions(ctx, nodeIP, m.fsName) != nil { + if apiClient.EnsureNfsPermissions(ctx, nodeIP, m.fsName, m.clientGroupName) != nil { logger.Error().Msg("Failed to ensure NFS permissions") return errors.New("failed to ensure NFS permissions") } diff --git a/pkg/wekafs/nfsmounter.go b/pkg/wekafs/nfsmounter.go index d969c1989..fdf689888 100644 --- a/pkg/wekafs/nfsmounter.go +++ b/pkg/wekafs/nfsmounter.go @@ -17,6 +17,7 @@ type nfsMounter struct { selinuxSupport *bool gc *innerPathVolGc interfaceGroupName *string + clientGroupName string } func (m *nfsMounter) getGarbageCollector() *innerPathVolGc { @@ -32,7 +33,8 @@ func newNfsMounter(driver *WekaFsDriver) *nfsMounter { mounter := &nfsMounter{mountMap: mountsMap{}, debugPath: driver.debugPath, selinuxSupport: selinuxSupport} mounter.gc = initInnerPathVolumeGc(mounter) mounter.schedulePeriodicMountGc() - mounter.interfaceGroupName = driver.config.interfaceGroupName + mounter.interfaceGroupName = &driver.config.interfaceGroupName + mounter.clientGroupName = driver.config.clientGroupName return mounter } @@ -54,6 +56,7 @@ func (m *nfsMounter) NewMount(fsName string, options MountOptions) AnyMount { mountPoint: "/run/weka-fs-mounts/" + getAsciiPart(fsName, 64) + "-" + uniqueId, mountOptions: options, interfaceGroupName: m.interfaceGroupName, + clientGroupName: m.clientGroupName, } m.mountMap[fsName][options.String()] = wMount } From 50a5d3bfa86d09b7d75a59bc32f99bdf000ab1b5 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Tue, 3 Sep 2024 13:06:17 +0300 Subject: [PATCH 42/75] fix(CSI-241): fix unmountWithOptions to use map key rather than options.String() --- pkg/wekafs/nfsmounter.go | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkg/wekafs/nfsmounter.go b/pkg/wekafs/nfsmounter.go index fdf689888..219d4510f 100644 --- a/pkg/wekafs/nfsmounter.go +++ b/pkg/wekafs/nfsmounter.go @@ -47,7 +47,7 @@ func (m *nfsMounter) NewMount(fsName string, options MountOptions) AnyMount { if _, ok := m.mountMap[fsName]; !ok { m.mountMap[fsName] = mountsMapPerFs{} } - if _, ok := m.mountMap[fsName][options.String()]; !ok { + if _, ok := m.mountMap[fsName][options.AsMapKey()]; !ok { uniqueId := getStringSha1AsB32(fsName + ":" + options.String()) wMount := &nfsMount{ kMounter: m.kMounter, @@ -58,10 +58,10 @@ func (m *nfsMounter) NewMount(fsName string, options MountOptions) AnyMount { interfaceGroupName: m.interfaceGroupName, clientGroupName: m.clientGroupName, } - m.mountMap[fsName][options.String()] = wMount + m.mountMap[fsName][options.AsMapKey()] = wMount } m.lock.Unlock() - return m.mountMap[fsName][options.String()] + return m.mountMap[fsName][options.AsMapKey()] } func (m *nfsMounter) getSelinuxStatus(ctx context.Context) bool { @@ -99,10 +99,10 @@ func (m *nfsMounter) unmountWithOptions(ctx context.Context, fsName string, opti options.setSelinux(m.getSelinuxStatus(ctx), MountProtocolNfs) log.Ctx(ctx).Trace().Strs("mount_options", opts.Strings()).Str("filesystem", fsName).Msg("Received an unmount request") - if mnt, ok := m.mountMap[fsName][options.String()]; ok { + if mnt, ok := m.mountMap[fsName][options.AsMapKey()]; ok { err := mnt.decRef(ctx) if err == nil { - if m.mountMap[fsName][options.String()].getRefCount() <= 0 { + if m.mountMap[fsName][options.AsMapKey()].getRefCount() <= 0 { log.Ctx(ctx).Trace().Str("filesystem", fsName).Strs("mount_options", options.Strings()).Msg("This is a last use of this mount, removing from map") delete(m.mountMap[fsName], options.String()) } From 32826627bafc8e9c33a24ae6087ae0be736ff982 Mon Sep 17 00:00:00 2001 From: Weka CSI Bot Date: Thu, 12 Sep 2024 12:46:31 +0000 Subject: [PATCH 43/75] chore: autopublish 2024-09-12T12:46:31Z --- README.md | 7 ++++--- charts/csi-wekafsplugin/Chart.yaml | 4 ++-- charts/csi-wekafsplugin/README.md | 7 ++++--- charts/csi-wekafsplugin/values.schema.json | 3 +++ charts/csi-wekafsplugin/values.yaml | 2 +- 5 files changed, 14 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index be47fda1a..1da30f294 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # CSI WekaFS Driver Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for WekaFS - the world fastest filesystem -![Version: 2.4.2-SNAPSHOT.47.404f4ec](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.47.404f4ec-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.47.404f4ec](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.47.404f4ec-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.50.cb40896](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.50.cb40896-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.50.cb40896](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.50.cb40896-informational?style=flat-square) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) @@ -43,7 +43,7 @@ make build |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.47.404f4ec"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.50.cb40896"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -52,7 +52,7 @@ make build | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.47.404f4ec"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.50.cb40896"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | @@ -96,6 +96,7 @@ make build | pluginConfig.mountProtocol.useNfs | bool | `false` | Use NFS transport for mounting Weka filesystems, off by default | | pluginConfig.mountProtocol.allowNfsFailback | bool | `false` | Allow Failback to NFS transport if Weka client fails to mount filesystem using native protocol | | pluginConfig.mountProtocol.interfaceGroupName | string | `""` | Specify name of NFS interface group to use for mounting Weka filesystems. If not set, first NFS interface group will be used | +| pluginConfig.mountProtocol.clientGroupName | string | `""` | Specify existing client group name for NFS configuration. If not set, "WekaCSIPluginClients" group will be created | ---------------------------------------------- Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/charts/csi-wekafsplugin/Chart.yaml b/charts/csi-wekafsplugin/Chart.yaml index c9b3a5cd9..261eb2ffb 100644 --- a/charts/csi-wekafsplugin/Chart.yaml +++ b/charts/csi-wekafsplugin/Chart.yaml @@ -10,8 +10,8 @@ sources: home: https://github.com/weka/csi-wekafs icon: https://weka.github.io/csi-wekafs/logo.png type: application -version: 2.4.2-SNAPSHOT.47.404f4ec -appVersion: v2.4.2-SNAPSHOT.47.404f4ec +version: 2.4.2-SNAPSHOT.50.cb40896 +appVersion: v2.4.2-SNAPSHOT.50.cb40896 keywords: [storage, filesystem, HPC] annotations: artifacthub.io/category: "storage" diff --git a/charts/csi-wekafsplugin/README.md b/charts/csi-wekafsplugin/README.md index 99727a1ea..1d6b95c18 100644 --- a/charts/csi-wekafsplugin/README.md +++ b/charts/csi-wekafsplugin/README.md @@ -3,7 +3,7 @@ Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) -![Version: 2.4.2-SNAPSHOT.47.404f4ec](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.47.404f4ec-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.47.404f4ec](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.47.404f4ec-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.50.cb40896](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.50.cb40896-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.50.cb40896](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.50.cb40896-informational?style=flat-square) ## Homepage https://github.com/weka/csi-wekafs @@ -52,7 +52,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.47.404f4ec"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.50.cb40896"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -61,7 +61,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.47.404f4ec"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.50.cb40896"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | @@ -105,6 +105,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs | pluginConfig.mountProtocol.useNfs | bool | `false` | Use NFS transport for mounting Weka filesystems, off by default | | pluginConfig.mountProtocol.allowNfsFailback | bool | `false` | Allow Failback to NFS transport if Weka client fails to mount filesystem using native protocol | | pluginConfig.mountProtocol.interfaceGroupName | string | `""` | Specify name of NFS interface group to use for mounting Weka filesystems. If not set, first NFS interface group will be used | +| pluginConfig.mountProtocol.clientGroupName | string | `""` | Specify existing client group name for NFS configuration. If not set, "WekaCSIPluginClients" group will be created | ---------------------------------------------- Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/charts/csi-wekafsplugin/values.schema.json b/charts/csi-wekafsplugin/values.schema.json index 3f06cdb6e..916cc575b 100644 --- a/charts/csi-wekafsplugin/values.schema.json +++ b/charts/csi-wekafsplugin/values.schema.json @@ -238,6 +238,9 @@ "allowNfsFailback": { "type": "boolean" }, + "clientGroupName": { + "type": "string" + }, "interfaceGroupName": { "type": "string" }, diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index 28254cdcf..5ea1e5871 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -5,7 +5,7 @@ dynamicProvisionPath: "csi-volumes" # -- Name of the driver (and provisioner) csiDriverName: "csi.weka.io" # -- CSI driver version -csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.47.404f4ec +csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.50.cb40896 images: # -- CSI liveness probe sidecar image URL livenessprobesidecar: registry.k8s.io/sig-storage/livenessprobe:v2.12.0 From f0d12914cf0320888e3d98c9e23bd9b1c32517cb Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Thu, 5 Sep 2024 09:50:26 +0300 Subject: [PATCH 44/75] refactor(CSI-249): identify source address for NFS target connection --- pkg/wekafs/apiclient/utils.go | 36 ++++++++++++++++++++++++++++++ pkg/wekafs/apiclient/utils_test.go | 20 +++++++++++++++++ pkg/wekafs/nfsmount.go | 21 +++++++++++------ 3 files changed, 70 insertions(+), 7 deletions(-) diff --git a/pkg/wekafs/apiclient/utils.go b/pkg/wekafs/apiclient/utils.go index 56d43376b..9eede7da8 100644 --- a/pkg/wekafs/apiclient/utils.go +++ b/pkg/wekafs/apiclient/utils.go @@ -2,6 +2,7 @@ package apiclient import ( "encoding/binary" + "errors" "fmt" "github.com/rs/zerolog/log" "hash/fnv" @@ -9,6 +10,7 @@ import ( "os" "reflect" "strings" + "time" ) // ObjectsAreEqual returns true if both ApiObject have same immutable fields (other fields and nil fields are disregarded) @@ -142,3 +144,37 @@ func GetNodeIpAddress() string { } return "127.0.0.1" } + +func GetNodeIpAddressByRouting(targetHost string) (string, error) { + rAddr, err := net.ResolveUDPAddr("udp", targetHost+":80") + if err != nil { + return "", err + } + + // Create a UDP connection to the resolved IP address + conn, err := net.DialUDP("udp", nil, rAddr) + if err != nil { + return "", err + } + defer conn.Close() + + // Set a deadline for the connection + err = conn.SetDeadline(time.Now().Add(1 * time.Second)) + if err != nil { + return "", err + } + + // Get the local address from the UDP connection + localAddr := conn.LocalAddr() + if localAddr == nil { + return "", errors.New("failed to get local address") + } + + // Extract the IP address from the local address + localIP, _, err := net.SplitHostPort(localAddr.String()) + if err != nil { + return "", err + } + + return localIP, nil +} diff --git a/pkg/wekafs/apiclient/utils_test.go b/pkg/wekafs/apiclient/utils_test.go index ede39534c..d15814dd9 100644 --- a/pkg/wekafs/apiclient/utils_test.go +++ b/pkg/wekafs/apiclient/utils_test.go @@ -1,6 +1,7 @@ package apiclient import ( + "github.com/rs/zerolog/log" "testing" "github.com/stretchr/testify/assert" @@ -27,3 +28,22 @@ func TestHashString(t *testing.T) { }) } } + +func TestGetNodeIpAddressByRouting(t *testing.T) { + testCases := []struct { + targetHost string + }{ + {"8.8.8.8"}, + {"1.1.1.1"}, + {"localhost"}, + } + + for _, tc := range testCases { + t.Run(tc.targetHost, func(t *testing.T) { + ip, err := GetNodeIpAddressByRouting(tc.targetHost) + assert.NoError(t, err) + assert.NotEmpty(t, ip) + log.Info().Str("ip", ip).Msg("Node IP address") + }) + } +} diff --git a/pkg/wekafs/nfsmount.go b/pkg/wekafs/nfsmount.go index edb7c5e94..f14a35c62 100644 --- a/pkg/wekafs/nfsmount.go +++ b/pkg/wekafs/nfsmount.go @@ -131,23 +131,30 @@ func (m *nfsMount) doMount(ctx context.Context, apiClient *apiclient.ApiClient, return errors.New("no API client for mount, cannot do NFS mount") } - nodeIP := apiclient.GetNodeIpAddress() - if apiClient.EnsureNfsPermissions(ctx, nodeIP, m.fsName, m.clientGroupName) != nil { - logger.Error().Msg("Failed to ensure NFS permissions") - return errors.New("failed to ensure NFS permissions") - } - if err := m.ensureMountIpAddress(ctx, apiClient); err != nil { logger.Error().Err(err).Msg("Failed to get mount IP address") return err } + nodeIP, err := apiclient.GetNodeIpAddressByRouting(m.mountIpAddress) + if err != nil { + logger.Error().Err(err).Msg("Failed to get routed node IP address, relying on node IP") + nodeIP = apiclient.GetNodeIpAddress() + } + + if apiClient.EnsureNfsPermissions(ctx, nodeIP, m.fsName, m.clientGroupName) != nil { + logger.Error().Msg("Failed to ensure NFS permissions") + return errors.New("failed to ensure NFS permissions") + } + mountTarget := m.mountIpAddress + ":/" + m.fsName logger.Trace(). Strs("mount_options", m.mountOptions.Strings()). Str("mount_target", mountTarget). + Str("mount_ip_address", m.mountIpAddress). Msg("Performing mount") - err := m.kMounter.MountSensitive(mountTarget, m.mountPoint, "nfs", mountOptions.Strings(), mountOptionsSensitive) + + err = m.kMounter.MountSensitive(mountTarget, m.mountPoint, "nfs", mountOptions.Strings(), mountOptionsSensitive) if err != nil { if os.IsNotExist(err) { logger.Error().Err(err).Msg("Mount target not found") From 7d9ba1135a67c40a260edc50e52126c473b7df97 Mon Sep 17 00:00:00 2001 From: Weka CSI Bot Date: Thu, 12 Sep 2024 12:50:04 +0000 Subject: [PATCH 45/75] chore: autopublish 2024-09-12T12:50:04Z --- README.md | 6 +++--- charts/csi-wekafsplugin/Chart.yaml | 4 ++-- charts/csi-wekafsplugin/README.md | 6 +++--- charts/csi-wekafsplugin/values.yaml | 2 +- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 1da30f294..0328ba8e8 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # CSI WekaFS Driver Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for WekaFS - the world fastest filesystem -![Version: 2.4.2-SNAPSHOT.50.cb40896](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.50.cb40896-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.50.cb40896](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.50.cb40896-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.53.09fd3a2](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.53.09fd3a2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.53.09fd3a2](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.53.09fd3a2-informational?style=flat-square) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) @@ -43,7 +43,7 @@ make build |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.50.cb40896"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.53.09fd3a2"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -52,7 +52,7 @@ make build | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.50.cb40896"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.53.09fd3a2"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/Chart.yaml b/charts/csi-wekafsplugin/Chart.yaml index 261eb2ffb..3c8b53490 100644 --- a/charts/csi-wekafsplugin/Chart.yaml +++ b/charts/csi-wekafsplugin/Chart.yaml @@ -10,8 +10,8 @@ sources: home: https://github.com/weka/csi-wekafs icon: https://weka.github.io/csi-wekafs/logo.png type: application -version: 2.4.2-SNAPSHOT.50.cb40896 -appVersion: v2.4.2-SNAPSHOT.50.cb40896 +version: 2.4.2-SNAPSHOT.53.09fd3a2 +appVersion: v2.4.2-SNAPSHOT.53.09fd3a2 keywords: [storage, filesystem, HPC] annotations: artifacthub.io/category: "storage" diff --git a/charts/csi-wekafsplugin/README.md b/charts/csi-wekafsplugin/README.md index 1d6b95c18..0101cc49c 100644 --- a/charts/csi-wekafsplugin/README.md +++ b/charts/csi-wekafsplugin/README.md @@ -3,7 +3,7 @@ Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) -![Version: 2.4.2-SNAPSHOT.50.cb40896](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.50.cb40896-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.50.cb40896](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.50.cb40896-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.53.09fd3a2](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.53.09fd3a2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.53.09fd3a2](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.53.09fd3a2-informational?style=flat-square) ## Homepage https://github.com/weka/csi-wekafs @@ -52,7 +52,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.50.cb40896"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.53.09fd3a2"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -61,7 +61,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.50.cb40896"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.53.09fd3a2"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index 5ea1e5871..3350ea077 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -5,7 +5,7 @@ dynamicProvisionPath: "csi-volumes" # -- Name of the driver (and provisioner) csiDriverName: "csi.weka.io" # -- CSI driver version -csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.50.cb40896 +csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.53.09fd3a2 images: # -- CSI liveness probe sidecar image URL livenessprobesidecar: registry.k8s.io/sig-storage/livenessprobe:v2.12.0 From 462ae6a405ea626523e5a0afe18c88723add3638 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Tue, 3 Sep 2024 17:40:24 +0300 Subject: [PATCH 46/75] feat(CSI-247): implement InterfaceGroup.GetRandomIpAddress() --- pkg/wekafs/apiclient/interfacegroup.go | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/pkg/wekafs/apiclient/interfacegroup.go b/pkg/wekafs/apiclient/interfacegroup.go index c4c181abe..09b75e7dd 100644 --- a/pkg/wekafs/apiclient/interfacegroup.go +++ b/pkg/wekafs/apiclient/interfacegroup.go @@ -6,6 +6,7 @@ import ( "fmt" "github.com/google/uuid" "github.com/rs/zerolog/log" + "k8s.io/apimachinery/pkg/util/rand" "k8s.io/helm/pkg/urlutil" "os" "sort" @@ -93,6 +94,20 @@ func (i *InterfaceGroup) GetIpAddress(ctx context.Context) (string, error) { return i.Ips[idx], nil } +func (i *InterfaceGroup) GetRandomIpAddress(ctx context.Context) (string, error) { + logger := log.Ctx(ctx) + if i == nil { + return "", errors.New("interface group is nil") + } + if len(i.Ips) == 0 { + return "", errors.New("no IP addresses found for interface group") + } + idx := rand.Intn(len(i.Ips)) + ip := i.Ips[idx] + logger.Debug().Str("ip", ip).Msg("Selected random IP address") + return ip, nil +} + func (a *ApiClient) GetInterfaceGroups(ctx context.Context, interfaceGroups *[]InterfaceGroup) error { ig := &InterfaceGroup{} @@ -191,5 +206,5 @@ func (a *ApiClient) GetNfsMountIp(ctx context.Context, interfaceGroupName *strin return "", errors.New("no IP addresses found for NFS interface group") } - return ig.GetIpAddress(ctx) + return ig.GetRandomIpAddress(ctx) } From 43c8d6ac80448dcef16cdb680242e613a08d412a Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Thu, 5 Sep 2024 09:51:04 +0300 Subject: [PATCH 47/75] feat(CSI-247): optimize NFS by utilizing multiple targets --- pkg/wekafs/nfsmount.go | 42 +++++------------------------------------- 1 file changed, 5 insertions(+), 37 deletions(-) diff --git a/pkg/wekafs/nfsmount.go b/pkg/wekafs/nfsmount.go index f14a35c62..25496263e 100644 --- a/pkg/wekafs/nfsmount.go +++ b/pkg/wekafs/nfsmount.go @@ -10,15 +10,12 @@ import ( "os" "path/filepath" "strings" - "sync" "time" ) type nfsMount struct { fsName string mountPoint string - refCount int - lock sync.Mutex kMounter mount.Interface debugPath string mountOptions MountOptions @@ -33,7 +30,7 @@ func (m *nfsMount) getMountPoint() string { } func (m *nfsMount) getRefCount() int { - return m.refCount + return 0 } func (m *nfsMount) getMountOptions() MountOptions { @@ -53,44 +50,15 @@ func (m *nfsMount) isMounted() bool { } func (m *nfsMount) incRef(ctx context.Context, apiClient *apiclient.ApiClient) error { - logger := log.Ctx(ctx) - m.lock.Lock() - defer m.lock.Unlock() - if m.refCount < 0 { - logger.Error().Str("mount_point", m.mountPoint).Int("refcount", m.refCount).Msg("During incRef negative refcount encountered") - m.refCount = 0 // to make sure that we don't have negative refcount later - } - if m.refCount == 0 { - if err := m.doMount(ctx, apiClient, m.mountOptions); err != nil { - return err - } - } else if !m.isMounted() { - logger.Warn().Str("mount_point", m.mountPoint).Int("refcount", m.refCount).Msg("Mount not exists although should!") - if err := m.doMount(ctx, apiClient, m.mountOptions); err != nil { - return err - } - + if err := m.doMount(ctx, apiClient, m.mountOptions); err != nil { + return err } - m.refCount++ - logger.Trace().Int("refcount", m.refCount).Strs("mount_options", m.mountOptions.Strings()).Str("filesystem_name", m.fsName).Msg("RefCount increased") return nil } func (m *nfsMount) decRef(ctx context.Context) error { - logger := log.Ctx(ctx) - m.lock.Lock() - defer m.lock.Unlock() - m.refCount-- - m.lastUsed = time.Now() - logger.Trace().Int("refcount", m.refCount).Strs("mount_options", m.mountOptions.Strings()).Str("filesystem_name", m.fsName).Msg("RefCount decreased") - if m.refCount < 0 { - logger.Error().Int("refcount", m.refCount).Msg("During decRef negative refcount encountered") - m.refCount = 0 // to make sure that we don't have negative refcount later - } - if m.refCount == 0 { - if err := m.doUnmount(ctx); err != nil { - return err - } + if err := m.doUnmount(ctx); err != nil { + return err } return nil } From 3b53994d25b2691f64084c186fe752bd42d4dfc6 Mon Sep 17 00:00:00 2001 From: Weka CSI Bot Date: Thu, 12 Sep 2024 13:14:22 +0000 Subject: [PATCH 48/75] chore: autopublish 2024-09-12T13:14:22Z --- README.md | 6 +++--- charts/csi-wekafsplugin/Chart.yaml | 4 ++-- charts/csi-wekafsplugin/README.md | 6 +++--- charts/csi-wekafsplugin/values.yaml | 2 +- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 0328ba8e8..899290f2c 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # CSI WekaFS Driver Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for WekaFS - the world fastest filesystem -![Version: 2.4.2-SNAPSHOT.53.09fd3a2](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.53.09fd3a2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.53.09fd3a2](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.53.09fd3a2-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.56.2bb177e](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.56.2bb177e-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.56.2bb177e](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.56.2bb177e-informational?style=flat-square) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) @@ -43,7 +43,7 @@ make build |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.53.09fd3a2"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.56.2bb177e"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -52,7 +52,7 @@ make build | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.53.09fd3a2"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.56.2bb177e"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/Chart.yaml b/charts/csi-wekafsplugin/Chart.yaml index 3c8b53490..fbacf72fc 100644 --- a/charts/csi-wekafsplugin/Chart.yaml +++ b/charts/csi-wekafsplugin/Chart.yaml @@ -10,8 +10,8 @@ sources: home: https://github.com/weka/csi-wekafs icon: https://weka.github.io/csi-wekafs/logo.png type: application -version: 2.4.2-SNAPSHOT.53.09fd3a2 -appVersion: v2.4.2-SNAPSHOT.53.09fd3a2 +version: 2.4.2-SNAPSHOT.56.2bb177e +appVersion: v2.4.2-SNAPSHOT.56.2bb177e keywords: [storage, filesystem, HPC] annotations: artifacthub.io/category: "storage" diff --git a/charts/csi-wekafsplugin/README.md b/charts/csi-wekafsplugin/README.md index 0101cc49c..8234fe4a5 100644 --- a/charts/csi-wekafsplugin/README.md +++ b/charts/csi-wekafsplugin/README.md @@ -3,7 +3,7 @@ Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) -![Version: 2.4.2-SNAPSHOT.53.09fd3a2](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.53.09fd3a2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.53.09fd3a2](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.53.09fd3a2-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.56.2bb177e](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.56.2bb177e-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.56.2bb177e](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.56.2bb177e-informational?style=flat-square) ## Homepage https://github.com/weka/csi-wekafs @@ -52,7 +52,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.53.09fd3a2"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.56.2bb177e"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -61,7 +61,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.53.09fd3a2"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.56.2bb177e"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index 3350ea077..cba756b69 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -5,7 +5,7 @@ dynamicProvisionPath: "csi-volumes" # -- Name of the driver (and provisioner) csiDriverName: "csi.weka.io" # -- CSI driver version -csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.53.09fd3a2 +csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.56.2bb177e images: # -- CSI liveness probe sidecar image URL livenessprobesidecar: registry.k8s.io/sig-storage/livenessprobe:v2.12.0 From 6698684a0e5e711e001bae606f1c1b6079bc4a32 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Thu, 5 Sep 2024 09:54:54 +0300 Subject: [PATCH 49/75] refactor(CSI-250): do not maintain redundant active mounts from node server after publishing volume --- pkg/wekafs/nodeserver.go | 22 +++++----------------- 1 file changed, 5 insertions(+), 17 deletions(-) diff --git a/pkg/wekafs/nodeserver.go b/pkg/wekafs/nodeserver.go index 179a62caa..4190666ff 100644 --- a/pkg/wekafs/nodeserver.go +++ b/pkg/wekafs/nodeserver.go @@ -251,9 +251,11 @@ func (ns *NodeServer) NodePublishVolume(ctx context.Context, req *csi.NodePublis err, unmount := volume.MountUnderlyingFS(ctx) if err != nil { - unmount() + logger.Error().Err(err).Msg("Failed to mount underlying filesystem") return NodePublishVolumeError(ctx, codes.Internal, "Failed to mount a parent filesystem, check Authentication: "+err.Error()) } + defer unmount() // unmount the parent mount since there is a bind mount anyway + fullPath := volume.GetFullPath(ctx) targetPathDir := filepath.Dir(targetPath) @@ -294,10 +296,8 @@ func (ns *NodeServer) NodePublishVolume(ctx context.Context, req *csi.NodePublis // if we run in K8s isolated environment, 2nd mount must be done using mapped volume path if err := mounter.Mount(fullPath, targetPath, "", innerMountOpts); err != nil { - var errList strings.Builder - errList.WriteString(err.Error()) - unmount() // unmount only if mount bind failed - return NodePublishVolumeError(ctx, codes.Internal, fmt.Sprintf("failed to Mount device: %s at %s: %s", fullPath, targetPath, errList.String())) + logger.Error().Err(err).Str("full_path", fullPath).Str("target_path", targetPath).Msg("Failed to perform mount") + return NodePublishVolumeError(ctx, codes.Internal, fmt.Sprintf("failed to Mount device: %s at %s: %s", fullPath, targetPath, err.Error())) } result = "SUCCESS" // Not doing unmount, NodePublish should do unmount but only when it unmounts bind successfully @@ -314,7 +314,6 @@ func NodeUnpublishVolumeError(ctx context.Context, errorCode codes.Code, errorMe func (ns *NodeServer) NodeUnpublishVolume(ctx context.Context, req *csi.NodeUnpublishVolumeRequest) (*csi.NodeUnpublishVolumeResponse, error) { op := "NodeUnpublishVolume" result := "FAILURE" - volumeID := req.GetVolumeId() ctx, span := otel.Tracer(TracerName).Start(ctx, op, trace.WithNewRoot()) defer span.End() ctx = log.With().Str("trace_id", span.SpanContext().TraceID().String()).Str("span_id", span.SpanContext().SpanID().String()).Str("op", op).Logger().WithContext(ctx) @@ -337,12 +336,6 @@ func (ns *NodeServer) NodeUnpublishVolume(ctx context.Context, req *csi.NodeUnpu return NodeUnpublishVolumeError(ctx, codes.Unavailable, "Too many concurrent requests, please retry") } - // Check arguments - volume, err := NewVolumeFromId(ctx, req.GetVolumeId(), nil, ns) - if err != nil { - return &csi.NodeUnpublishVolumeResponse{}, err - } - if len(req.GetTargetPath()) == 0 { return NodeUnpublishVolumeError(ctx, codes.InvalidArgument, "Target path missing in request") } @@ -387,11 +380,6 @@ func (ns *NodeServer) NodeUnpublishVolume(ctx context.Context, req *csi.NodeUnpu return NodeUnpublishVolumeError(ctx, codes.Internal, err.Error()) } - logger.Trace().Str("volume_id", volumeID).Msg("Unmounting") - err = volume.UnmountUnderlyingFS(ctx) - if err != nil { - logger.Error().Str("volume_id", volumeID).Err(err).Msg("Post-unpublish task failed") - } result = "SUCCESS" return &csi.NodeUnpublishVolumeResponse{}, nil } From 1596b197720e4c764e3416111e974e11682eec8f Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Thu, 5 Sep 2024 13:55:38 +0300 Subject: [PATCH 50/75] refactor(CSI-250): remove mountMap ref for NFS --- pkg/wekafs/nfsmounter.go | 126 ++++++++++++++++----------------------- 1 file changed, 50 insertions(+), 76 deletions(-) diff --git a/pkg/wekafs/nfsmounter.go b/pkg/wekafs/nfsmounter.go index 219d4510f..ac59d10d3 100644 --- a/pkg/wekafs/nfsmounter.go +++ b/pkg/wekafs/nfsmounter.go @@ -5,13 +5,10 @@ import ( "github.com/rs/zerolog/log" "github.com/wekafs/csi-wekafs/pkg/wekafs/apiclient" "k8s.io/mount-utils" - "sync" "time" ) type nfsMounter struct { - mountMap mountsMap - lock sync.Mutex kMounter mount.Interface debugPath string selinuxSupport *bool @@ -30,7 +27,7 @@ func newNfsMounter(driver *WekaFsDriver) *nfsMounter { log.Debug().Msg("SELinux support is forced") selinuxSupport = &[]bool{true}[0] } - mounter := &nfsMounter{mountMap: mountsMap{}, debugPath: driver.debugPath, selinuxSupport: selinuxSupport} + mounter := &nfsMounter{debugPath: driver.debugPath, selinuxSupport: selinuxSupport} mounter.gc = initInnerPathVolumeGc(mounter) mounter.schedulePeriodicMountGc() mounter.interfaceGroupName = &driver.config.interfaceGroupName @@ -40,28 +37,20 @@ func newNfsMounter(driver *WekaFsDriver) *nfsMounter { } func (m *nfsMounter) NewMount(fsName string, options MountOptions) AnyMount { - m.lock.Lock() if m.kMounter == nil { m.kMounter = mount.New("") } - if _, ok := m.mountMap[fsName]; !ok { - m.mountMap[fsName] = mountsMapPerFs{} + uniqueId := getStringSha1AsB32(fsName + ":" + options.String()) + wMount := &nfsMount{ + kMounter: m.kMounter, + fsName: fsName, + debugPath: m.debugPath, + mountPoint: "/run/weka-fs-mounts/" + getAsciiPart(fsName, 64) + "-" + uniqueId, + mountOptions: options, + interfaceGroupName: m.interfaceGroupName, + clientGroupName: m.clientGroupName, } - if _, ok := m.mountMap[fsName][options.AsMapKey()]; !ok { - uniqueId := getStringSha1AsB32(fsName + ":" + options.String()) - wMount := &nfsMount{ - kMounter: m.kMounter, - fsName: fsName, - debugPath: m.debugPath, - mountPoint: "/run/weka-fs-mounts/" + getAsciiPart(fsName, 64) + "-" + uniqueId, - mountOptions: options, - interfaceGroupName: m.interfaceGroupName, - clientGroupName: m.clientGroupName, - } - m.mountMap[fsName][options.AsMapKey()] = wMount - } - m.lock.Unlock() - return m.mountMap[fsName][options.AsMapKey()] + return wMount } func (m *nfsMounter) getSelinuxStatus(ctx context.Context) bool { @@ -97,68 +86,53 @@ func (m *nfsMounter) Mount(ctx context.Context, fs string, apiClient *apiclient. func (m *nfsMounter) unmountWithOptions(ctx context.Context, fsName string, options MountOptions) error { opts := options options.setSelinux(m.getSelinuxStatus(ctx), MountProtocolNfs) + options = options.AsNfs() + mnt := m.NewMount(fsName, options) log.Ctx(ctx).Trace().Strs("mount_options", opts.Strings()).Str("filesystem", fsName).Msg("Received an unmount request") - if mnt, ok := m.mountMap[fsName][options.AsMapKey()]; ok { - err := mnt.decRef(ctx) - if err == nil { - if m.mountMap[fsName][options.AsMapKey()].getRefCount() <= 0 { - log.Ctx(ctx).Trace().Str("filesystem", fsName).Strs("mount_options", options.Strings()).Msg("This is a last use of this mount, removing from map") - delete(m.mountMap[fsName], options.String()) - } - if len(m.mountMap[fsName]) == 0 { - log.Ctx(ctx).Trace().Str("filesystem", fsName).Msg("No more mounts to filesystem, removing from map") - delete(m.mountMap, fsName) - } - } - return err - - } else { - log.Ctx(ctx).Warn().Msg("Attempted to access mount point which is not known to the system") - return nil - } + return mnt.decRef(ctx) } func (m *nfsMounter) LogActiveMounts() { - if len(m.mountMap) > 0 { - count := 0 - for fsName := range m.mountMap { - for mnt := range m.mountMap[fsName] { - mapEntry := m.mountMap[fsName][mnt] - if mapEntry.getRefCount() > 0 { - log.Trace().Str("filesystem", fsName).Int("refcount", mapEntry.getRefCount()).Strs("mount_options", mapEntry.getMountOptions().Strings()).Msg("Mount is active") - count++ - } else { - log.Trace().Str("filesystem", fsName).Int("refcount", mapEntry.getRefCount()).Strs("mount_options", mapEntry.getMountOptions().Strings()).Msg("Mount is not active") - } - - } - } - log.Debug().Int("total", len(m.mountMap)).Int("active", count).Msg("Periodic checkup on mount map") - } + //if len(m.mountMap) > 0 { + // count := 0 + // for fsName := range m.mountMap { + // for mnt := range m.mountMap[fsName] { + // mapEntry := m.mountMap[fsName][mnt] + // if mapEntry.getRefCount() > 0 { + // log.Trace().Str("filesystem", fsName).Int("refcount", mapEntry.getRefCount()).Strs("mount_options", mapEntry.getMountOptions().Strings()).Msg("Mount is active") + // count++ + // } else { + // log.Trace().Str("filesystem", fsName).Int("refcount", mapEntry.getRefCount()).Strs("mount_options", mapEntry.getMountOptions().Strings()).Msg("Mount is not active") + // } + // + // } + // } + // log.Debug().Int("total", len(m.mountMap)).Int("active", count).Msg("Periodic checkup on mount map") + //} } func (m *nfsMounter) gcInactiveMounts() { - if len(m.mountMap) > 0 { - for fsName := range m.mountMap { - for uniqueId, wekaMount := range m.mountMap[fsName] { - if wekaMount.getRefCount() == 0 { - if wekaMount.getLastUsed().Before(time.Now().Add(-inactiveMountGcPeriod)) { - m.lock.Lock() - if wekaMount.getRefCount() == 0 { - log.Trace().Str("filesystem", fsName).Strs("mount_options", wekaMount.getMountOptions().Strings()). - Time("last_used", wekaMount.getLastUsed()).Msg("Removing stale mount from map") - delete(m.mountMap[fsName], uniqueId) - } - m.lock.Unlock() - } - } - } - if len(m.mountMap[fsName]) == 0 { - delete(m.mountMap, fsName) - } - } - } + //if len(m.mountMap) > 0 { + // for fsName := range m.mountMap { + // for uniqueId, wekaMount := range m.mountMap[fsName] { + // if wekaMount.getRefCount() == 0 { + // if wekaMount.getLastUsed().Before(time.Now().Add(-inactiveMountGcPeriod)) { + // m.lock.Lock() + // if wekaMount.getRefCount() == 0 { + // log.Trace().Str("filesystem", fsName).Strs("mount_options", wekaMount.getMountOptions().Strings()). + // Time("last_used", wekaMount.getLastUsed()).Msg("Removing stale mount from map") + // delete(m.mountMap[fsName], uniqueId) + // } + // m.lock.Unlock() + // } + // } + // } + // if len(m.mountMap[fsName]) == 0 { + // delete(m.mountMap, fsName) + // } + // } + //} } func (m *nfsMounter) schedulePeriodicMountGc() { From c3cae429caedde2f920dd05ab9f0ef65c81dae82 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Thu, 5 Sep 2024 14:07:47 +0300 Subject: [PATCH 51/75] refactor(CSI-250): add NFS mutually exclusive options for NFS --- charts/csi-wekafsplugin/values.yaml | 1 + pkg/wekafs/nfsmounter.go | 17 ++++++++++------- 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index cba756b69..f669afe05 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -145,6 +145,7 @@ pluginConfig: snapshotVolumesWithoutQuotaEnforcement: false mutuallyExclusiveMountOptions: - "readcache,writecache,coherent,forcedirect" + - "sync,async" mountProtocol: # -- Use NFS transport for mounting Weka filesystems, off by default useNfs: false diff --git a/pkg/wekafs/nfsmounter.go b/pkg/wekafs/nfsmounter.go index ac59d10d3..90b692304 100644 --- a/pkg/wekafs/nfsmounter.go +++ b/pkg/wekafs/nfsmounter.go @@ -9,12 +9,13 @@ import ( ) type nfsMounter struct { - kMounter mount.Interface - debugPath string - selinuxSupport *bool - gc *innerPathVolGc - interfaceGroupName *string - clientGroupName string + kMounter mount.Interface + debugPath string + selinuxSupport *bool + gc *innerPathVolGc + interfaceGroupName *string + clientGroupName string + exclusiveMountOptions []mutuallyExclusiveMountOptionSet } func (m *nfsMounter) getGarbageCollector() *innerPathVolGc { @@ -27,7 +28,7 @@ func newNfsMounter(driver *WekaFsDriver) *nfsMounter { log.Debug().Msg("SELinux support is forced") selinuxSupport = &[]bool{true}[0] } - mounter := &nfsMounter{debugPath: driver.debugPath, selinuxSupport: selinuxSupport} + mounter := &nfsMounter{debugPath: driver.debugPath, selinuxSupport: selinuxSupport, exclusiveMountOptions: driver.config.mutuallyExclusiveOptions} mounter.gc = initInnerPathVolumeGc(mounter) mounter.schedulePeriodicMountGc() mounter.interfaceGroupName = &driver.config.interfaceGroupName @@ -65,6 +66,7 @@ func (m *nfsMounter) getSelinuxStatus(ctx context.Context) bool { func (m *nfsMounter) mountWithOptions(ctx context.Context, fsName string, mountOptions MountOptions, apiClient *apiclient.ApiClient) (string, error, UnmountFunc) { mountOptions.setSelinux(m.getSelinuxStatus(ctx), MountProtocolNfs) mountOptions = mountOptions.AsNfs() + mountOptions.Merge(mountOptions, m.exclusiveMountOptions) mountObj := m.NewMount(fsName, mountOptions) mountErr := mountObj.incRef(ctx, apiClient) @@ -87,6 +89,7 @@ func (m *nfsMounter) unmountWithOptions(ctx context.Context, fsName string, opti opts := options options.setSelinux(m.getSelinuxStatus(ctx), MountProtocolNfs) options = options.AsNfs() + options.Merge(options, m.exclusiveMountOptions) mnt := m.NewMount(fsName, options) log.Ctx(ctx).Trace().Strs("mount_options", opts.Strings()).Str("filesystem", fsName).Msg("Received an unmount request") From 06a779036b3788ed0a81392a8616e86e1679b77d Mon Sep 17 00:00:00 2001 From: Weka CSI Bot Date: Thu, 12 Sep 2024 13:22:59 +0000 Subject: [PATCH 52/75] chore: autopublish 2024-09-12T13:22:59Z --- README.md | 6 +++--- charts/csi-wekafsplugin/Chart.yaml | 4 ++-- charts/csi-wekafsplugin/README.md | 6 +++--- charts/csi-wekafsplugin/values.yaml | 2 +- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 899290f2c..5a60e7242 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # CSI WekaFS Driver Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for WekaFS - the world fastest filesystem -![Version: 2.4.2-SNAPSHOT.56.2bb177e](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.56.2bb177e-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.56.2bb177e](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.56.2bb177e-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.60.286aac6](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.60.286aac6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.60.286aac6](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.60.286aac6-informational?style=flat-square) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) @@ -43,7 +43,7 @@ make build |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.56.2bb177e"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.60.286aac6"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -52,7 +52,7 @@ make build | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.56.2bb177e"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.60.286aac6"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/Chart.yaml b/charts/csi-wekafsplugin/Chart.yaml index fbacf72fc..d8f0d4186 100644 --- a/charts/csi-wekafsplugin/Chart.yaml +++ b/charts/csi-wekafsplugin/Chart.yaml @@ -10,8 +10,8 @@ sources: home: https://github.com/weka/csi-wekafs icon: https://weka.github.io/csi-wekafs/logo.png type: application -version: 2.4.2-SNAPSHOT.56.2bb177e -appVersion: v2.4.2-SNAPSHOT.56.2bb177e +version: 2.4.2-SNAPSHOT.60.286aac6 +appVersion: v2.4.2-SNAPSHOT.60.286aac6 keywords: [storage, filesystem, HPC] annotations: artifacthub.io/category: "storage" diff --git a/charts/csi-wekafsplugin/README.md b/charts/csi-wekafsplugin/README.md index 8234fe4a5..be9d92268 100644 --- a/charts/csi-wekafsplugin/README.md +++ b/charts/csi-wekafsplugin/README.md @@ -3,7 +3,7 @@ Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) -![Version: 2.4.2-SNAPSHOT.56.2bb177e](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.56.2bb177e-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.56.2bb177e](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.56.2bb177e-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.60.286aac6](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.60.286aac6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.60.286aac6](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.60.286aac6-informational?style=flat-square) ## Homepage https://github.com/weka/csi-wekafs @@ -52,7 +52,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.56.2bb177e"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.60.286aac6"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -61,7 +61,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.56.2bb177e"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.60.286aac6"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index cba756b69..ac33cddbc 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -5,7 +5,7 @@ dynamicProvisionPath: "csi-volumes" # -- Name of the driver (and provisioner) csiDriverName: "csi.weka.io" # -- CSI driver version -csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.56.2bb177e +csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.60.286aac6 images: # -- CSI liveness probe sidecar image URL livenessprobesidecar: registry.k8s.io/sig-storage/livenessprobe:v2.12.0 From 5fe801f1ca9d0ac2a13d4c5ac051e791a2a66328 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Mon, 9 Sep 2024 13:26:46 +0300 Subject: [PATCH 53/75] feat(CSI-252): implement kubelet PVC stats --- go.mod | 1 + go.sum | 1 + pkg/wekafs/nodeserver.go | 96 ++++++++++++++++++++++++++++++++++++++-- 3 files changed, 95 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 406c632ff..18f44402b 100644 --- a/go.mod +++ b/go.mod @@ -8,6 +8,7 @@ require ( github.com/google/uuid v1.6.0 github.com/hashicorp/go-version v1.7.0 github.com/kubernetes-csi/csi-lib-utils v0.19.0 + github.com/pkg/errors v0.9.1 github.com/pkg/xattr v0.4.10 github.com/prometheus/client_golang v1.20.2 github.com/rs/zerolog v1.33.0 diff --git a/go.sum b/go.sum index ece93c7da..c36b7427c 100644 --- a/go.sum +++ b/go.sum @@ -54,6 +54,7 @@ github.com/opencontainers/runc v1.1.13 h1:98S2srgG9vw0zWcDpFMn5TRrh8kLxa/5OFUstu github.com/opencontainers/runc v1.1.13/go.mod h1:R016aXacfp/gwQBYw2FDGa9m+n6atbLWrYY8hNMT/sA= github.com/opencontainers/runtime-spec v1.2.0 h1:z97+pHb3uELt/yiAWD691HNHQIF07bE7dzrbT927iTk= github.com/opencontainers/runtime-spec v1.2.0/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= +github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/xattr v0.4.10 h1:Qe0mtiNFHQZ296vRgUjRCoPHPqH7VdTOrZx3g0T+pGA= github.com/pkg/xattr v0.4.10/go.mod h1:di8WF84zAKk8jzR1UBTEWh9AUlIZZ7M/JNt8e9B6ktU= diff --git a/pkg/wekafs/nodeserver.go b/pkg/wekafs/nodeserver.go index 4190666ff..c8ec97065 100644 --- a/pkg/wekafs/nodeserver.go +++ b/pkg/wekafs/nodeserver.go @@ -20,6 +20,7 @@ import ( "context" "fmt" "github.com/container-storage-interface/spec/lib/go/csi" + "github.com/pkg/errors" "github.com/rs/zerolog" "github.com/rs/zerolog/log" "go.opentelemetry.io/otel" @@ -32,6 +33,7 @@ import ( "path/filepath" "strings" "sync" + "syscall" "time" ) @@ -84,9 +86,94 @@ func (ns *NodeServer) NodeExpandVolume(ctx context.Context, request *csi.NodeExp panic("implement me") } -//goland:noinspection GoUnusedParameter -func (ns *NodeServer) NodeGetVolumeStats(ctx context.Context, request *csi.NodeGetVolumeStatsRequest) (*csi.NodeGetVolumeStatsResponse, error) { - panic("implement me") +func (ns *NodeServer) NodeGetVolumeStats(ctx context.Context, req *csi.NodeGetVolumeStatsRequest) (*csi.NodeGetVolumeStatsResponse, error) { + volumeID := req.GetVolumeId() + volumePath := req.GetVolumePath() + + // Validate request fields + if volumeID == "" || volumePath == "" { + return nil, status.Error(codes.InvalidArgument, "Volume ID and path must be provided") + } + + // Check if the volume path exists + if ns.getConfig().isInDevMode() { + // In dev mode, we don't have the actual Weka mount, so we just check if the path exists + if _, err := os.Stat(volumePath); err != nil { + return nil, status.Error(codes.NotFound, "Volume path not found") + } + + } else { + // In production mode, we check if the path is indeed a Weka mount (Either NFS or WekaFS) + if !PathIsWekaMount(ctx, volumePath) { + return nil, status.Error(codes.NotFound, "Volume path not found") + } + } + + // Validate Weka volume ID + if err := validateVolumeId(volumeID); err != nil { + return nil, status.Error(codes.InvalidArgument, errors.Wrap(err, "invalid volume ID").Error()) + } + + stats, err := getVolumeStats(volumePath) + if err != nil || stats == nil { + return &csi.NodeGetVolumeStatsResponse{ + Usage: nil, + VolumeCondition: &csi.VolumeCondition{ + Abnormal: true, + Message: "Failed to fetch volume stats for volume", + }, + }, status.Errorf(codes.Internal, "Failed to get stats for volume %s: %v", volumeID, err) + } + // Prepare response + return &csi.NodeGetVolumeStatsResponse{ + Usage: []*csi.VolumeUsage{ + { + Unit: csi.VolumeUsage_BYTES, + Total: stats.TotalBytes, + Used: stats.UsedBytes, + Available: stats.AvailableBytes, + }, + { + Unit: csi.VolumeUsage_INODES, + Total: stats.TotalInodes, + Used: stats.UsedInodes, + Available: stats.AvailableInodes, + }, + }, + VolumeCondition: &csi.VolumeCondition{ + Abnormal: false, + Message: "volume is healthy", + }, + }, nil +} + +type VolumeStats struct { + TotalBytes int64 + UsedBytes int64 + AvailableBytes int64 + TotalInodes int64 + UsedInodes int64 + AvailableInodes int64 +} + +// getVolumeStats fetches filesystem statistics for the mounted volume path. +func getVolumeStats(volumePath string) (volumeStats *VolumeStats, err error) { + var stat syscall.Statfs_t + + // Use Statfs to get filesystem statistics for the volume path + err = syscall.Statfs(volumePath, &stat) + if err != nil { + return nil, err + } + + // Calculate capacity, available, and used space in bytes + capacityBytes := int64(stat.Blocks) * int64(stat.Bsize) + availableBytes := int64(stat.Bavail) * int64(stat.Bsize) + usedBytes := capacityBytes - availableBytes + inodes := int64(stat.Files) + inodesFree := int64(stat.Ffree) + inodesUsed := inodes - inodesFree + return &VolumeStats{capacityBytes, usedBytes, availableBytes, inodes, inodesUsed, inodesFree}, nil } func NewNodeServer(nodeId string, maxVolumesPerNode int64, api *ApiStore, mounter AnyMounter, config *DriverConfig) *NodeServer { @@ -94,6 +181,9 @@ func NewNodeServer(nodeId string, maxVolumesPerNode int64, api *ApiStore, mounte return &NodeServer{ caps: getNodeServiceCapabilities( []csi.NodeServiceCapability_RPC_Type{ + csi.NodeServiceCapability_RPC_SINGLE_NODE_MULTI_WRITER, + csi.NodeServiceCapability_RPC_GET_VOLUME_STATS, + csi.NodeServiceCapability_RPC_VOLUME_CONDITION, //csi.NodeServiceCapability_RPC_EXPAND_VOLUME, }, ), From 733e6ae20314c7f585e319342532d6ce8fd40fe3 Mon Sep 17 00:00:00 2001 From: Weka CSI Bot Date: Thu, 12 Sep 2024 13:30:26 +0000 Subject: [PATCH 54/75] chore: autopublish 2024-09-12T13:30:26Z --- README.md | 7 ++++--- charts/csi-wekafsplugin/Chart.yaml | 4 ++-- charts/csi-wekafsplugin/README.md | 7 ++++--- charts/csi-wekafsplugin/values.yaml | 2 +- 4 files changed, 11 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 5a60e7242..3e23ded9f 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # CSI WekaFS Driver Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for WekaFS - the world fastest filesystem -![Version: 2.4.2-SNAPSHOT.60.286aac6](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.60.286aac6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.60.286aac6](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.60.286aac6-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.65.5b2404c](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.65.5b2404c-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.65.5b2404c](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.65.5b2404c-informational?style=flat-square) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) @@ -43,7 +43,7 @@ make build |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.60.286aac6"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.65.5b2404c"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -52,7 +52,7 @@ make build | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.60.286aac6"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.65.5b2404c"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | @@ -93,6 +93,7 @@ make build | pluginConfig.allowedOperations.snapshotDirectoryVolumes | bool | `false` | Create snapshots of legacy (dir/v1) volumes. By default disabled. Note: when enabled, for every legacy volume snapshot, a full filesystem snapshot will be created (wasteful) | | pluginConfig.allowedOperations.snapshotVolumesWithoutQuotaEnforcement | bool | `false` | Allow creation of snapshot-backed volumes even on unsupported Weka cluster versions, off by default Note: On versions of Weka < v4.2 snapshot-backed volume capacity cannot be enforced | | pluginConfig.mutuallyExclusiveMountOptions[0] | string | `"readcache,writecache,coherent,forcedirect"` | | +| pluginConfig.mutuallyExclusiveMountOptions[1] | string | `"sync,async"` | | | pluginConfig.mountProtocol.useNfs | bool | `false` | Use NFS transport for mounting Weka filesystems, off by default | | pluginConfig.mountProtocol.allowNfsFailback | bool | `false` | Allow Failback to NFS transport if Weka client fails to mount filesystem using native protocol | | pluginConfig.mountProtocol.interfaceGroupName | string | `""` | Specify name of NFS interface group to use for mounting Weka filesystems. If not set, first NFS interface group will be used | diff --git a/charts/csi-wekafsplugin/Chart.yaml b/charts/csi-wekafsplugin/Chart.yaml index d8f0d4186..cc39fed79 100644 --- a/charts/csi-wekafsplugin/Chart.yaml +++ b/charts/csi-wekafsplugin/Chart.yaml @@ -10,8 +10,8 @@ sources: home: https://github.com/weka/csi-wekafs icon: https://weka.github.io/csi-wekafs/logo.png type: application -version: 2.4.2-SNAPSHOT.60.286aac6 -appVersion: v2.4.2-SNAPSHOT.60.286aac6 +version: 2.4.2-SNAPSHOT.65.5b2404c +appVersion: v2.4.2-SNAPSHOT.65.5b2404c keywords: [storage, filesystem, HPC] annotations: artifacthub.io/category: "storage" diff --git a/charts/csi-wekafsplugin/README.md b/charts/csi-wekafsplugin/README.md index be9d92268..c2ebd9c60 100644 --- a/charts/csi-wekafsplugin/README.md +++ b/charts/csi-wekafsplugin/README.md @@ -3,7 +3,7 @@ Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) -![Version: 2.4.2-SNAPSHOT.60.286aac6](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.60.286aac6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.60.286aac6](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.60.286aac6-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.65.5b2404c](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.65.5b2404c-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.65.5b2404c](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.65.5b2404c-informational?style=flat-square) ## Homepage https://github.com/weka/csi-wekafs @@ -52,7 +52,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.60.286aac6"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.65.5b2404c"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -61,7 +61,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.60.286aac6"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.65.5b2404c"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | @@ -102,6 +102,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs | pluginConfig.allowedOperations.snapshotDirectoryVolumes | bool | `false` | Create snapshots of legacy (dir/v1) volumes. By default disabled. Note: when enabled, for every legacy volume snapshot, a full filesystem snapshot will be created (wasteful) | | pluginConfig.allowedOperations.snapshotVolumesWithoutQuotaEnforcement | bool | `false` | Allow creation of snapshot-backed volumes even on unsupported Weka cluster versions, off by default Note: On versions of Weka < v4.2 snapshot-backed volume capacity cannot be enforced | | pluginConfig.mutuallyExclusiveMountOptions[0] | string | `"readcache,writecache,coherent,forcedirect"` | | +| pluginConfig.mutuallyExclusiveMountOptions[1] | string | `"sync,async"` | | | pluginConfig.mountProtocol.useNfs | bool | `false` | Use NFS transport for mounting Weka filesystems, off by default | | pluginConfig.mountProtocol.allowNfsFailback | bool | `false` | Allow Failback to NFS transport if Weka client fails to mount filesystem using native protocol | | pluginConfig.mountProtocol.interfaceGroupName | string | `""` | Specify name of NFS interface group to use for mounting Weka filesystems. If not set, first NFS interface group will be used | diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index 92f345381..f47f65d7f 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -5,7 +5,7 @@ dynamicProvisionPath: "csi-volumes" # -- Name of the driver (and provisioner) csiDriverName: "csi.weka.io" # -- CSI driver version -csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.60.286aac6 +csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.65.5b2404c images: # -- CSI liveness probe sidecar image URL livenessprobesidecar: registry.k8s.io/sig-storage/livenessprobe:v2.12.0 From 9ec15b288dd88cd35ba17626a7d37d03531e7353 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Wed, 11 Sep 2024 10:43:15 +0300 Subject: [PATCH 55/75] docs(CSI-254): update official docs link in Helm templates and README --- README.md | 2 +- README.md.gotmpl | 2 +- charts/csi-wekafsplugin/README.md | 4 ++-- charts/csi-wekafsplugin/README.md.gotmpl | 4 ++-- charts/csi-wekafsplugin/templates/NOTES.txt | 4 ++-- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 3e23ded9f..7356268af 100644 --- a/README.md +++ b/README.md @@ -28,7 +28,7 @@ https://github.com/weka/csi-wekafs - [SELinux Support & Installation Notes](selinux/README.md) ## Additional Documentation -- [Official Weka CSI Plugin documentation](https://docs.weka.io/appendix/weka-csi-plugin) +- [Official Weka CSI Plugin documentation](https://docs.weka.io/appendices/weka-csi-plugin) ## Building the binaries If you want to build the driver yourself, you can do so with the following command from the root directory: diff --git a/README.md.gotmpl b/README.md.gotmpl index 7b7d6e559..f5f949e1c 100644 --- a/README.md.gotmpl +++ b/README.md.gotmpl @@ -24,7 +24,7 @@ - [SELinux Support & Installation Notes](selinux/README.md) ## Additional Documentation -- [Official Weka CSI Plugin documentation](https://docs.weka.io/appendix/weka-csi-plugin) +- [Official Weka CSI Plugin documentation](https://docs.weka.io/appendices/weka-csi-plugin) ## Building the binaries If you want to build the driver yourself, you can do so with the following command from the root directory: diff --git a/charts/csi-wekafsplugin/README.md b/charts/csi-wekafsplugin/README.md index c2ebd9c60..1d96b2e65 100644 --- a/charts/csi-wekafsplugin/README.md +++ b/charts/csi-wekafsplugin/README.md @@ -37,14 +37,14 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs > However, for sake of more convenient migration, a `legacySecretName` parameter can be set that will > bind existing legacy volumes to a Weka cluster API and allow volume expansion. > -> For further information, refer [Official Weka CSI Plugin documentation](https://docs.weka.io/appendix/weka-csi-plugin) +> For further information, refer [Official Weka CSI Plugin documentation](https://docs.weka.io/appendices/weka-csi-plugin) ## Usage - [Deploy an Example application](https://github.com/weka/csi-wekafs/blob/master/docs/usage.md) - [SELinux Support & Installation Notes](https://github.com/weka/csi-wekafs/blob/master/selinux/README.md) ## Additional Documentation -- [Official Weka CSI Plugin documentation](https://docs.weka.io/appendix/weka-csi-plugin) +- [Official Weka CSI Plugin documentation](https://docs.weka.io/appendices/weka-csi-plugin) ## Values diff --git a/charts/csi-wekafsplugin/README.md.gotmpl b/charts/csi-wekafsplugin/README.md.gotmpl index b7bcc02ec..1bae930df 100644 --- a/charts/csi-wekafsplugin/README.md.gotmpl +++ b/charts/csi-wekafsplugin/README.md.gotmpl @@ -33,14 +33,14 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs > However, for sake of more convenient migration, a `legacySecretName` parameter can be set that will > bind existing legacy volumes to a Weka cluster API and allow volume expansion. > -> For further information, refer [Official Weka CSI Plugin documentation](https://docs.weka.io/appendix/weka-csi-plugin) +> For further information, refer [Official Weka CSI Plugin documentation](https://docs.weka.io/appendices/weka-csi-plugin) ## Usage - [Deploy an Example application](https://github.com/weka/csi-wekafs/blob/master/docs/usage.md) - [SELinux Support & Installation Notes](https://github.com/weka/csi-wekafs/blob/master/selinux/README.md) ## Additional Documentation -- [Official Weka CSI Plugin documentation](https://docs.weka.io/appendix/weka-csi-plugin) +- [Official Weka CSI Plugin documentation](https://docs.weka.io/appendices/weka-csi-plugin) {{ template "chart.requirementsSection" . }} diff --git a/charts/csi-wekafsplugin/templates/NOTES.txt b/charts/csi-wekafsplugin/templates/NOTES.txt index 039e6e00e..c1a798107 100644 --- a/charts/csi-wekafsplugin/templates/NOTES.txt +++ b/charts/csi-wekafsplugin/templates/NOTES.txt @@ -8,7 +8,7 @@ To learn more about the release, try: $ helm status -n {{ .Release.Namespace}} {{ .Release.Name }} $ helm get all -n {{ .Release.Namespace}} {{ .Release.Name }} -Official Weka CSI Plugin documentation can be found here: https://docs.weka.io/appendix/weka-csi-plugin +Official Weka CSI Plugin documentation can be found here: https://docs.weka.io/appendices/weka-csi-plugin Examples on how to configure a storage class and start using the driver are here: https://github.com/weka/csi-wekafs/tree/master/examples @@ -42,4 +42,4 @@ https://github.com/weka/csi-wekafs/tree/master/examples | REFER TO THE DOCUMENTATION ABOVE FOR MORE INFORMATION ON NFS INTERFACE GROUP CONFIGURATION. | | REFER TO WEKA CUSTOMER SUCCESS TEAM FOR RECOMMENDED CONFIGURATION AND BEST PRACTICES | ------------------------------------------------------------------------------------------------------------ -{{- end }} \ No newline at end of file +{{- end }} From f1264a7b63dcb0a3585ef0e6215ca1cd3d249e22 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Wed, 11 Sep 2024 12:44:30 +0300 Subject: [PATCH 56/75] docs(CSI-254): add NFS documentation --- README.md | 1 + README.md.gotmpl | 1 + docs/NFS.md | 151 +++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 153 insertions(+) create mode 100644 docs/NFS.md diff --git a/README.md b/README.md index 7356268af..d9a3180f1 100644 --- a/README.md +++ b/README.md @@ -26,6 +26,7 @@ https://github.com/weka/csi-wekafs ## Usage - [Deploy an Example application](docs/usage.md) - [SELinux Support & Installation Notes](selinux/README.md) +- [Using Weka CSI Plugin with NFS transport](docs/NFS.md) ## Additional Documentation - [Official Weka CSI Plugin documentation](https://docs.weka.io/appendices/weka-csi-plugin) diff --git a/README.md.gotmpl b/README.md.gotmpl index f5f949e1c..c0de89c10 100644 --- a/README.md.gotmpl +++ b/README.md.gotmpl @@ -22,6 +22,7 @@ ## Usage - [Deploy an Example application](docs/usage.md) - [SELinux Support & Installation Notes](selinux/README.md) +- [Using Weka CSI Plugin with NFS transport](docs/NFS.md) ## Additional Documentation - [Official Weka CSI Plugin documentation](https://docs.weka.io/appendices/weka-csi-plugin) diff --git a/docs/NFS.md b/docs/NFS.md new file mode 100644 index 000000000..40fddfbf2 --- /dev/null +++ b/docs/NFS.md @@ -0,0 +1,151 @@ +# Weka CSI Plugin with NFS transport + +## Overview +Although using native WekaFS driver as the underlying storage connectivity layer is recommended way to use WekaFS with Kubernetes, +it is also possible to use the Weka CSI Plugin over NFS transport. +This allows you to use WekaFS as a storage backend for your Kubernetes cluster without the need to install the Weka client on each Kubernetes node. + +### Benefits of using Weka CSI Plugin with NFS transport +- **Simplified deployment**: No need to install the Weka client on each Kubernetes node +- **Interoperability**: Use Weka CSI Plugin on nodes where the Weka client is not yet installed, or is not currently supported +- **Flexibility**: Use Weka CSI Plugin with NFS transport for specific use-cases, while using the native WekaFS driver for other use-cases +- **Performance**: Pods are mounted across multiple IPs on the same NFS interface group, maximizing performance and simplifying management +- **Ease of migration**: Use Weka CSI Plugin with NFS transport as a stepping stone to migrate to the native WekaFS driver. + After deployment of the Weka client on all nodes, you can switch to the native WekaFS driver without changing the storage configuration + by simply rebooting the node. + +### Limitations and Constraints +- **Performance**: NFS transport is not as performant as the native WekaFS driver and it is not recommended for high-performance workloads +- **Feature Parity**: Some features and capabilities of the native WekaFS driver are not available when using the Weka CSI Plugin with NFS transport +- **Complexity**: NFS transport requires additional configuration on the Weka cluster, and may require additional networking configuration on the Kubernetes cluster +- **Interoperability**: Same Kubernetes node cannot use both NFS and WekaFS transport at the same time +- **Migration**: Migrating from NFS transport to WekaFS transport requires rebooting the Kubernetes nodes (after Weka client deployment) +- **Network Configuration**: NFS interface group IP addresses must be accessible from the Kubernetes cluster nodes +- **Security**: NFS transport is less secure than the native WekaFS driver, and may require additional security considerations +- **QoS**: QoS is not supported for NFS transport + +### Host Network Mode +Weka CSI Plugin will automatically install in `hostNetwork` mode when using NFS transport. +Since hostNetwork mode is required for NFS transport, the `hostNetwork` parameter in the `values.yaml` file is ignored in such case. + +### Security Considerations +- The Weka CSI Plugin with NFS transport uses NFSv4.1 protocol to connect to the Weka cluster. +- Support for Kerberos authentication is not available in this version of Weka CSI Plugin. +- It is recommended to use NFS transport only in secure and trusted networks. + +## Interoperability with WekaFS driver +The Weka CSI Plugin with NFS transport is fully interoperable with the native WekaFS driver. + +This means that you can use both WekaFS transport and NFS in the same Kubernetes cluster, +and even for publishing the same volume to different pods using different transport layers (from different nodes). +However, only one transport layer can be used on a single node at a time. + +### Mount options +Mount options for the NFS transport are set automatically by the Weka CSI Plugin. When custom mount options are used in storage class, +the Weka CSI Plugin will translate them to NFS alternatives. Unknown or unsupported mount options will be ignored. + +### QoS and Performance +QoS is not supported for NFS transport. Performance is limited by the NFS protocol and the network configuration. + +### Switching from NFS to WekaFS transport +To switch between NFS and WekaFS transport, you need to: +1. Install the Weka client on Kubernetes node +2. Reboot the Kubernetes node + +After the node is rebooted, the Weka CSI Plugin will automatically switch to using the WekaFS transport. +Existing volumes can be reattached to the pods without any changes. + +## Prerequisites +Those are the minimum prerequisites for using Weka CSI Plugin with NFS transport: + +- Weka cluster must be installed and configured +- NFS protocol must be configured on the Weka cluster +- NFS interface group must be created on the Weka cluster +- NFS interface group IP addresses must be accessible from the Kubernetes cluster nodes + +> **WARNING:** When multiple NFS interface groups are defined on Weka clusters, +> the `pluginConfig.mountProtocol.interfaceGroupName` parameter must be set to the desired NFS interface group name in the `values.yaml` file. +> If the parameter is not set, an arbitrary NFS interface group will be used, that could potentially cause performance or networking issues. + +> **NOTE**: NFS Client group called `WekaCSIPluginClients` is created automatically by the Weka CSI Plugin. +> Then, upon each volume creation or publishing, the Kubernetes node IP address is added to the NFS Client group automatically. +> +> Although, adding the node IP addresses one by one is the most secure way to configure the NFS Client group, this could become cumbersome in large deployments. +> In such case, using a network range (CIDR) is recommended. +> You may predefine the NFS Client group with a network range (CIDR) in the Weka cluster, and then use the `pluginConfig.mountProtocol.nfsClientGroupName` +> parameter in the `values.yaml` file to specify the NFS Client group name. + +## Way of Operation +The Weka CSI Plugin with NFS transport operates in the following way: +Upon start of the Weka CSI Plugin, the plugin will: +1. Check if the Weka client is installed on the Kubernetes node +2. If client is not set up, the plugin will check whether NFS failback is enabled +3. If NFS failback is enabled, the plugin will use NFS transport for volume provisioning and publishing +4. If NFS failback is disabled, the plugin will not start and will log an error message. + Refer to the [Installation](#installation) section for enabling NFS failback. + +Once NFS mode is enabled, the Weka CSI Plugin will use NFS transport for all volume operations. +In such case, upon any volume create or publish request, the Weka CSI Plugin will: +1. Connect to Weka cluster API and fetch interface groups (and their IP addresses) + If interface group name is specified in the `values.yaml` file, + the plugin will use the specified interface group, otherwise an arbitraty interface group will be used. +2. Ensure that Client Group is created on the Weka cluster. + If the Client Group is not created, the plugin will create it. + > **NOTE:** If client group name is specified in the `values.yaml` file, the plugin will use the specified client group name, + > otherwise `WekaCSIPluginClients` client group will be used. +3. Determine the node IP address facing the inteface group IP addresses. This will be done by checking the network configuration of the node + Then, the Weka CSI plugin will issue a UDP connection towards one of the IP addresses of the interface group, + The source IP address of the connection will be determined by the plugin and will be used as the `node IP address`. +4. Ensure that the `node IP address` is added to the Client Group. + If the node IP address is not added, the plugin will add it to the Client Group. + If client group already has the node IP address (or it has a matching CIDR definition), the plugin will skip this step. + > **EXAMPLE:** If the node IP address is `192.168.100.1` and the client group is defined with a network range `192.168.100.0/255.255.255.0`, + > node IP address will not be added +5. Identify the filesystem name to be mounted, either from StorageClass parameters (provisioning), + or from Volume Handle (for publishing an existing volume). +6. Ensure that NFS permission exists for the Client Group to access the filesystem. + If the permission is not set, the plugin will set it. If the permission is already set, the plugin will skip this step. +7. Pick up a random IP address from the selected NFS interface group. + This IP address will be used for mounting the filesystem. +8. Perform NFS mount operation on the Kubernetes node using the selected IP address and the filesystem name. +9. Rest of the operations will be performed in a similar way as with the native WekaFS driver. + +## NFS Permissions Required for Weka CSI Plugin +The Weka CSI Plugin requires AND will set the following NFS permissions on the Weka cluster: +1. **Client Group**: `WekaCSIPluginClients` (or custom client group name if set in the `values.yaml` file) +2. **Filesystem**: The filesystem name to be mounted +3. **Path**: `/` (root of the filesystem) +4. **Type**: `RW` +5. **Priority**: No priority set +6. **Supported Versions**: `V4` +7. **User Squash**: `None` +8. **Authentication Types**: `NONE`, `SYS` + +> **WARNING:** Weka NFS servers will evaluate permissions based on the order of the permissions list. +> If multiple permissions matching the IP address of the Kubernetes node and the filesystem are set, a conflict might occur. +> Hence, it is **highly recommended** not creating additional permissions for the same filesystem +> Also, if multiple client groups are used, it is highly recommended to make sure that IP addresses are not overlapping between client groups. + +## Installation +By default, Weka CSI Plugin components will not start unless Weka driver is not detected on Kubernetes node. +This is to prevent a potential misconfiguration where volumes are attempted to be provisioned or published on node while no Weka client is installed. + +To enable NFS transport, Weka CSI plugin must be explicitly configured for using NFS failback. +This is done by setting the `pluginConfig.mountProtocol.allowNfsFailback` parameter to `true` in the `values.yaml` file. + +The parameter `pluginConfig.mountProtocol.useNfs` enforces the use of NFS transport even if Weka client is installed on the node, +and recommended to be set to `true` ONLY for testing. + +Follow the [Helm installation instructions](./charts/csi-wekafsplugin/README.md) to install the Weka CSI Plugin. +Most of the installation steps are the same as for the native WekaFS driver, however, additional parameters should be set in the `values.yaml` file, +or passed as command line arguments to the `helm install` command. + +This is the example Helm install command for using NFS transport: +```console +helm upgrade csi-wekafs -n csi-wekafs --create-namespace --install csi-wekafs/csi-wekafsplugin csi-wekafs\ +--set logLevel=6 \ +--set pluginConfig.mountProtocol.alloeNfsFailback=true \ +--set pluginConfig.allowInsecureHttps=true \ +[ --set pluginConfig.mountProtocol.interfaceGroupName=MyIntefaceGroup \ ] # optional, recommended if multiple interface groups are defined +[ --set pluginConfig.mountProtocol.clientGroupName=MyClientGroup \ ] # optional, recommended if client group is predefined +``` From 0abb51b17e762dace6aa8a80e336c06c634802c9 Mon Sep 17 00:00:00 2001 From: Weka CSI Bot Date: Thu, 12 Sep 2024 13:38:14 +0000 Subject: [PATCH 57/75] chore: autopublish 2024-09-12T13:38:14Z --- README.md | 6 +++--- charts/csi-wekafsplugin/Chart.yaml | 4 ++-- charts/csi-wekafsplugin/README.md | 6 +++--- charts/csi-wekafsplugin/values.yaml | 2 +- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 3e23ded9f..9f116d9b0 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # CSI WekaFS Driver Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for WekaFS - the world fastest filesystem -![Version: 2.4.2-SNAPSHOT.65.5b2404c](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.65.5b2404c-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.65.5b2404c](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.65.5b2404c-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.68.74cb32a](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.68.74cb32a-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.68.74cb32a](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.68.74cb32a-informational?style=flat-square) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) @@ -43,7 +43,7 @@ make build |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.65.5b2404c"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.68.74cb32a"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -52,7 +52,7 @@ make build | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.65.5b2404c"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.68.74cb32a"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/Chart.yaml b/charts/csi-wekafsplugin/Chart.yaml index cc39fed79..bea499bd1 100644 --- a/charts/csi-wekafsplugin/Chart.yaml +++ b/charts/csi-wekafsplugin/Chart.yaml @@ -10,8 +10,8 @@ sources: home: https://github.com/weka/csi-wekafs icon: https://weka.github.io/csi-wekafs/logo.png type: application -version: 2.4.2-SNAPSHOT.65.5b2404c -appVersion: v2.4.2-SNAPSHOT.65.5b2404c +version: 2.4.2-SNAPSHOT.68.74cb32a +appVersion: v2.4.2-SNAPSHOT.68.74cb32a keywords: [storage, filesystem, HPC] annotations: artifacthub.io/category: "storage" diff --git a/charts/csi-wekafsplugin/README.md b/charts/csi-wekafsplugin/README.md index c2ebd9c60..4dab484e0 100644 --- a/charts/csi-wekafsplugin/README.md +++ b/charts/csi-wekafsplugin/README.md @@ -3,7 +3,7 @@ Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) -![Version: 2.4.2-SNAPSHOT.65.5b2404c](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.65.5b2404c-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.65.5b2404c](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.65.5b2404c-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.68.74cb32a](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.68.74cb32a-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.68.74cb32a](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.68.74cb32a-informational?style=flat-square) ## Homepage https://github.com/weka/csi-wekafs @@ -52,7 +52,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.65.5b2404c"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.68.74cb32a"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | @@ -61,7 +61,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.65.5b2404c"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.68.74cb32a"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index f47f65d7f..4a45a9113 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -5,7 +5,7 @@ dynamicProvisionPath: "csi-volumes" # -- Name of the driver (and provisioner) csiDriverName: "csi.weka.io" # -- CSI driver version -csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.65.5b2404c +csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.68.74cb32a images: # -- CSI liveness probe sidecar image URL livenessprobesidecar: registry.k8s.io/sig-storage/livenessprobe:v2.12.0 From 2b3a3c6f0ef40e4a1e30d67180a4a6f9e99be3c7 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Thu, 12 Sep 2024 15:21:03 +0300 Subject: [PATCH 58/75] chore(deps): update sidecar versions --- charts/csi-wekafsplugin/values.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index 4a45a9113..fe6f49712 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -8,17 +8,17 @@ csiDriverName: "csi.weka.io" csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.68.74cb32a images: # -- CSI liveness probe sidecar image URL - livenessprobesidecar: registry.k8s.io/sig-storage/livenessprobe:v2.12.0 + livenessprobesidecar: registry.k8s.io/sig-storage/livenessprobe:v2.14.0 # -- CSI attacher sidecar image URL - attachersidecar: registry.k8s.io/sig-storage/csi-attacher:v4.5.0 + attachersidecar: registry.k8s.io/sig-storage/csi-attacher:v4.7.0 # -- CSI provisioner sidecar image URL - provisionersidecar: registry.k8s.io/sig-storage/csi-provisioner:v4.0.0 + provisionersidecar: registry.k8s.io/sig-storage/csi-provisioner:v5.1.0 # -- CSI registrar sidercar - registrarsidecar: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.0 + registrarsidecar: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.12.0 # -- CSI resizer sidecar image URL - resizersidecar: registry.k8s.io/sig-storage/csi-resizer:v1.9.3 + resizersidecar: registry.k8s.io/sig-storage/csi-resizer:v1.12.0 # -- CSI snapshotter sidecar image URL - snapshottersidecar: registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3 + snapshottersidecar: registry.k8s.io/sig-storage/csi-snapshotter:v8.1.0 # -- CSI nodeinfo sidecar image URL, used for reading node metadata nodeinfo: quay.io/weka.io/kubectl-sidecar:v1.29.2-1 # -- CSI driver main image URL From 657373af16630f0fc0e1670811971d8701f1f695 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Thu, 12 Sep 2024 15:25:10 +0300 Subject: [PATCH 59/75] chore(deps): update minimum K8s version to 1.17 --- README.md | 2 +- README.md.gotmpl | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 1eddba6c5..69af23e7c 100644 --- a/README.md +++ b/README.md @@ -15,7 +15,7 @@ https://github.com/weka/csi-wekafs | WekaIO, Inc. | | | ## Pre-requisite -- Kubernetes cluster of version 1.18 or later. Although older versions from 1.13 and up should work, they were not tested +- Kubernetes cluster of version 1.20 or later is recommended. Minimum version is 1.17 - Access to terminal with `kubectl` installed - Weka system pre-configured and Weka client installed and registered in cluster for each Kubernetes node diff --git a/README.md.gotmpl b/README.md.gotmpl index c0de89c10..bb7e87288 100644 --- a/README.md.gotmpl +++ b/README.md.gotmpl @@ -11,7 +11,7 @@ {{ template "chart.maintainersSection" . }} ## Pre-requisite -- Kubernetes cluster of version 1.18 or later. Although older versions from 1.13 and up should work, they were not tested +- Kubernetes cluster of version 1.20 or later is recommended. Minimum version is 1.17 - Access to terminal with `kubectl` installed - Weka system pre-configured and Weka client installed and registered in cluster for each Kubernetes node From ccf2e2ed8427c8e332c97e56521c05538bfc6b54 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Thu, 12 Sep 2024 17:37:41 +0300 Subject: [PATCH 60/75] ci(deps): add credentials and caching for sanity docker/build-push-action --- .github/workflows/sanity.yaml | 29 +++--------- .../csi-statefulset-on-dir-api.yaml | 44 +++++++++++++++++++ 2 files changed, 51 insertions(+), 22 deletions(-) create mode 100644 examples/dynamic_directory/csi-statefulset-on-dir-api.yaml diff --git a/.github/workflows/sanity.yaml b/.github/workflows/sanity.yaml index 4cdc02f88..047098140 100644 --- a/.github/workflows/sanity.yaml +++ b/.github/workflows/sanity.yaml @@ -23,12 +23,17 @@ jobs: steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 - run: echo "${{ secrets.WEKAFS_API_SECRET_YAML }}" > tests/csi-sanity/wekafs-api-secret.yaml - - uses: docker/setup-buildx-action@v3 + - uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_PASSWORD }} - uses: docker/build-push-action@v6 with: context: . file: tests/csi-sanity/ga-Dockerfile + cache-from: type=gha + cache-to: type=gha,mode=max tags: sanity:latest load: true @@ -41,29 +46,9 @@ jobs: env: SANITY_FUNCTION: legacy_sanity - directory_volume_no_snapshots: - if: success() || failure() # always() can't be canceled - needs: legacy_sanity - runs-on: self-hosted - steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 - - run: docker-compose -f tests/csi-sanity/docker-compose-nosnapshotcaps.yaml up $COMPOSE_DEFAULTS - env: - SANITY_FUNCTION: directory_volume_no_snapshots - - fs_volume_no_snapshots: - if: success() || failure() - needs: directory_volume_no_snapshots - runs-on: self-hosted - steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 - - run: docker-compose -f tests/csi-sanity/docker-compose-nosnapshotcaps.yaml up $COMPOSE_DEFAULTS - env: - SANITY_FUNCTION: fs_volume_no_snapshots - directory_volume_and_snapshots: if: success() || failure() - needs: fs_volume_no_snapshots + needs: legacy_sanity runs-on: self-hosted steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 diff --git a/examples/dynamic_directory/csi-statefulset-on-dir-api.yaml b/examples/dynamic_directory/csi-statefulset-on-dir-api.yaml new file mode 100644 index 000000000..b54823fbd --- /dev/null +++ b/examples/dynamic_directory/csi-statefulset-on-dir-api.yaml @@ -0,0 +1,44 @@ +kind: StatefulSet +apiVersion: apps/v1 +metadata: + name: csi-wekafs-test-statefulset-on-dir-api + labels: + app: "csi-wekafs-test-statefulset-on-dir-api" +spec: + persistentVolumeClaimRetentionPolicy: + whenDeleted: Delete + whenScaled: Retain + replicas: 100 + selector: + matchLabels: + kubernetes.io/os: linux + template: + metadata: + labels: + kubernetes.io/os: linux + app: "csi-wekafs-test-statefulset-on-dir-api" + spec: + terminationGracePeriodSeconds: 1 + # make sure that pod is scheduled only on node having weka CSI node running + nodeSelector: + topology.csi.weka.io/global: "true" + containers: + - name: my-frontend + image: busybox + volumeMounts: + - mountPath: "/data" + name: csi-wekafs-dir-api + command: ["/bin/sh"] + args: ["-c", "while true; do echo `date` hello >> /data/`hostname`.txt; sleep 10;done"] + volumeClaimTemplates: + - metadata: + name: csi-wekafs-dir-api + labels: + app: "csi-wekafs-test-statefulset-on-dir-api" + spec: + accessModes: [ "ReadWriteMany" ] + storageClassName: storageclass-wekafs-dir-api + resources: + requests: + storage: 1Gi + serviceName: "csi-wekafs-test-statefulset-on-dir-api" From 74f752b11c2ddc1a8afa51f5d977bf9f20ebd2d3 Mon Sep 17 00:00:00 2001 From: Weka CSI Bot Date: Thu, 12 Sep 2024 15:02:08 +0000 Subject: [PATCH 61/75] chore: autopublish 2024-09-12T15:02:08Z --- README.md | 18 +++++++++--------- charts/csi-wekafsplugin/Chart.yaml | 4 ++-- charts/csi-wekafsplugin/README.md | 18 +++++++++--------- charts/csi-wekafsplugin/values.yaml | 2 +- 4 files changed, 21 insertions(+), 21 deletions(-) diff --git a/README.md b/README.md index 69af23e7c..9be2a9a0e 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # CSI WekaFS Driver Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for WekaFS - the world fastest filesystem -![Version: 2.4.2-SNAPSHOT.68.74cb32a](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.68.74cb32a-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.68.74cb32a](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.68.74cb32a-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.79.acc2006](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.79.acc2006-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.79.acc2006](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.79.acc2006-informational?style=flat-square) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) @@ -44,16 +44,16 @@ make build |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.68.74cb32a"` | CSI driver version | -| images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | -| images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | -| images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | -| images.registrarsidecar | string | `"registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.0"` | CSI registrar sidercar | -| images.resizersidecar | string | `"registry.k8s.io/sig-storage/csi-resizer:v1.9.3"` | CSI resizer sidecar image URL | -| images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.79.acc2006"` | CSI driver version | +| images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.14.0"` | CSI liveness probe sidecar image URL | +| images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.7.0"` | CSI attacher sidecar image URL | +| images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v5.1.0"` | CSI provisioner sidecar image URL | +| images.registrarsidecar | string | `"registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.12.0"` | CSI registrar sidercar | +| images.resizersidecar | string | `"registry.k8s.io/sig-storage/csi-resizer:v1.12.0"` | CSI resizer sidecar image URL | +| images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v8.1.0"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.68.74cb32a"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.79.acc2006"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/Chart.yaml b/charts/csi-wekafsplugin/Chart.yaml index bea499bd1..ee37e2b9b 100644 --- a/charts/csi-wekafsplugin/Chart.yaml +++ b/charts/csi-wekafsplugin/Chart.yaml @@ -10,8 +10,8 @@ sources: home: https://github.com/weka/csi-wekafs icon: https://weka.github.io/csi-wekafs/logo.png type: application -version: 2.4.2-SNAPSHOT.68.74cb32a -appVersion: v2.4.2-SNAPSHOT.68.74cb32a +version: 2.4.2-SNAPSHOT.79.acc2006 +appVersion: v2.4.2-SNAPSHOT.79.acc2006 keywords: [storage, filesystem, HPC] annotations: artifacthub.io/category: "storage" diff --git a/charts/csi-wekafsplugin/README.md b/charts/csi-wekafsplugin/README.md index 73a4f39b9..98fbb843a 100644 --- a/charts/csi-wekafsplugin/README.md +++ b/charts/csi-wekafsplugin/README.md @@ -3,7 +3,7 @@ Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) -![Version: 2.4.2-SNAPSHOT.68.74cb32a](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.68.74cb32a-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.68.74cb32a](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.68.74cb32a-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.79.acc2006](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.79.acc2006-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.79.acc2006](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.79.acc2006-informational?style=flat-square) ## Homepage https://github.com/weka/csi-wekafs @@ -52,16 +52,16 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.68.74cb32a"` | CSI driver version | -| images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.12.0"` | CSI liveness probe sidecar image URL | -| images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.5.0"` | CSI attacher sidecar image URL | -| images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v4.0.0"` | CSI provisioner sidecar image URL | -| images.registrarsidecar | string | `"registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.0"` | CSI registrar sidercar | -| images.resizersidecar | string | `"registry.k8s.io/sig-storage/csi-resizer:v1.9.3"` | CSI resizer sidecar image URL | -| images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3"` | CSI snapshotter sidecar image URL | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.79.acc2006"` | CSI driver version | +| images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.14.0"` | CSI liveness probe sidecar image URL | +| images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.7.0"` | CSI attacher sidecar image URL | +| images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v5.1.0"` | CSI provisioner sidecar image URL | +| images.registrarsidecar | string | `"registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.12.0"` | CSI registrar sidercar | +| images.resizersidecar | string | `"registry.k8s.io/sig-storage/csi-resizer:v1.12.0"` | CSI resizer sidecar image URL | +| images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v8.1.0"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.68.74cb32a"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.79.acc2006"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index fe6f49712..407d6b454 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -5,7 +5,7 @@ dynamicProvisionPath: "csi-volumes" # -- Name of the driver (and provisioner) csiDriverName: "csi.weka.io" # -- CSI driver version -csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.68.74cb32a +csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.79.acc2006 images: # -- CSI liveness probe sidecar image URL livenessprobesidecar: registry.k8s.io/sig-storage/livenessprobe:v2.14.0 From 93f9e66e45c2c0c7f8b784181c2999c4f259239b Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Thu, 12 Sep 2024 18:09:44 +0300 Subject: [PATCH 62/75] ci(deps): add more labels to RN generator --- .github/release.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/release.yaml b/.github/release.yaml index 62e642bef..d6183e671 100644 --- a/.github/release.yaml +++ b/.github/release.yaml @@ -10,8 +10,10 @@ changelog: - title: Bug Fixes labels: - fix + - field issue - title: Miscellaneous labels: - dependencies - ci - documentation + - sidecar From 7ec8e408165ee2a6fb58051c0426dd826ff8c1eb Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Thu, 12 Sep 2024 18:28:04 +0300 Subject: [PATCH 63/75] fix(deps): remove unmaintained kubectl-sidecar image --- Dockerfile | 5 ++++- charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml | 5 +++-- charts/csi-wekafsplugin/values.yaml | 2 +- 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index a2ee1d7f9..7fb187e79 100644 --- a/Dockerfile +++ b/Dockerfile @@ -21,16 +21,19 @@ RUN true RUN echo Building package RUN CGO_ENABLED=0 GOOS="linux" GOARCH="amd64" go build -a -ldflags '-X main.version='$VERSION' -extldflags "-static"' -o "/bin/wekafsplugin" /src/cmd/* +FROM registry.k8s.io/kubernetes/kubectl:v1.31.1 AS kubectl FROM alpine:3.18 LABEL maintainers="WekaIO, LTD" LABEL description="Weka CSI Driver" + ADD --chmod=777 https://github.com/tigrawap/locar/releases/download/0.4.0/locar_linux_amd64 /locar RUN apk add --no-cache util-linux libselinux libselinux-utils util-linux \ pciutils usbutils coreutils binutils findutils \ - grep bash nfs-utils rpcbind ca-certificates + grep bash nfs-utils rpcbind ca-certificates jq # Update CA certificates RUN update-ca-certificates +COPY --from=kubectl /bin/kubectl /bin/kubectl COPY --from=go-builder /bin/wekafsplugin /wekafsplugin ARG binary=/bin/wekafsplugin EXPOSE 2049 111/tcp 111/udp diff --git a/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml b/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml index d3f2aed26..dc1eb0b56 100644 --- a/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml +++ b/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml @@ -47,7 +47,7 @@ spec: volumeMounts: - mountPath: /etc/nodeinfo name: nodeinfo - image: {{ .Values.images.nodeinfo }} + image: "{{ .Values.images.nodeinfo }}:v{{ .Values.images.csidriverTag}}" imagePullPolicy: IfNotPresent securityContext: # This doesn't need to run as root. @@ -58,8 +58,9 @@ spec: valueFrom: fieldRef: fieldPath: spec.nodeName - args: + command: - bash + args: - -c - kubectl get node $NODENAME -o json | jq '.metadata' > /etc/nodeinfo/metadata containers: diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index 407d6b454..c7a805e13 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -20,7 +20,7 @@ images: # -- CSI snapshotter sidecar image URL snapshottersidecar: registry.k8s.io/sig-storage/csi-snapshotter:v8.1.0 # -- CSI nodeinfo sidecar image URL, used for reading node metadata - nodeinfo: quay.io/weka.io/kubectl-sidecar:v1.29.2-1 + nodeinfo: quay.io/weka.io/csi-wekafs # -- CSI driver main image URL csidriver: quay.io/weka.io/csi-wekafs # -- CSI driver tag From 70fc7f8d51cfc4c7943edc7172f6d323049eceef Mon Sep 17 00:00:00 2001 From: Weka CSI Bot Date: Thu, 12 Sep 2024 16:29:57 +0000 Subject: [PATCH 64/75] chore: autopublish 2024-09-12T16:29:57Z --- README.md | 8 ++++---- charts/csi-wekafsplugin/Chart.yaml | 4 ++-- charts/csi-wekafsplugin/README.md | 8 ++++---- charts/csi-wekafsplugin/values.yaml | 2 +- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index 9be2a9a0e..7f513c9aa 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # CSI WekaFS Driver Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for WekaFS - the world fastest filesystem -![Version: 2.4.2-SNAPSHOT.79.acc2006](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.79.acc2006-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.79.acc2006](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.79.acc2006-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.84.d1d7e03](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.84.d1d7e03-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.84.d1d7e03](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.84.d1d7e03-informational?style=flat-square) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) @@ -44,16 +44,16 @@ make build |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.79.acc2006"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.84.d1d7e03"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.14.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.7.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v5.1.0"` | CSI provisioner sidecar image URL | | images.registrarsidecar | string | `"registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.12.0"` | CSI registrar sidercar | | images.resizersidecar | string | `"registry.k8s.io/sig-storage/csi-resizer:v1.12.0"` | CSI resizer sidecar image URL | | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v8.1.0"` | CSI snapshotter sidecar image URL | -| images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | +| images.nodeinfo | string | `"quay.io/weka.io/csi-wekafs"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.79.acc2006"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.84.d1d7e03"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/Chart.yaml b/charts/csi-wekafsplugin/Chart.yaml index ee37e2b9b..d2687dd3b 100644 --- a/charts/csi-wekafsplugin/Chart.yaml +++ b/charts/csi-wekafsplugin/Chart.yaml @@ -10,8 +10,8 @@ sources: home: https://github.com/weka/csi-wekafs icon: https://weka.github.io/csi-wekafs/logo.png type: application -version: 2.4.2-SNAPSHOT.79.acc2006 -appVersion: v2.4.2-SNAPSHOT.79.acc2006 +version: 2.4.2-SNAPSHOT.84.d1d7e03 +appVersion: v2.4.2-SNAPSHOT.84.d1d7e03 keywords: [storage, filesystem, HPC] annotations: artifacthub.io/category: "storage" diff --git a/charts/csi-wekafsplugin/README.md b/charts/csi-wekafsplugin/README.md index 98fbb843a..4fc29c0c2 100644 --- a/charts/csi-wekafsplugin/README.md +++ b/charts/csi-wekafsplugin/README.md @@ -3,7 +3,7 @@ Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) -![Version: 2.4.2-SNAPSHOT.79.acc2006](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.79.acc2006-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.79.acc2006](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.79.acc2006-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.84.d1d7e03](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.84.d1d7e03-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.84.d1d7e03](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.84.d1d7e03-informational?style=flat-square) ## Homepage https://github.com/weka/csi-wekafs @@ -52,16 +52,16 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.79.acc2006"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.84.d1d7e03"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.14.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.7.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v5.1.0"` | CSI provisioner sidecar image URL | | images.registrarsidecar | string | `"registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.12.0"` | CSI registrar sidercar | | images.resizersidecar | string | `"registry.k8s.io/sig-storage/csi-resizer:v1.12.0"` | CSI resizer sidecar image URL | | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v8.1.0"` | CSI snapshotter sidecar image URL | -| images.nodeinfo | string | `"quay.io/weka.io/kubectl-sidecar:v1.29.2-1"` | CSI nodeinfo sidecar image URL, used for reading node metadata | +| images.nodeinfo | string | `"quay.io/weka.io/csi-wekafs"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.79.acc2006"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.84.d1d7e03"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index c7a805e13..0723b4519 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -5,7 +5,7 @@ dynamicProvisionPath: "csi-volumes" # -- Name of the driver (and provisioner) csiDriverName: "csi.weka.io" # -- CSI driver version -csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.79.acc2006 +csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.84.d1d7e03 images: # -- CSI liveness probe sidecar image URL livenessprobesidecar: registry.k8s.io/sig-storage/livenessprobe:v2.14.0 From ba7d1754da790b9b7e73ee4e2fc2c994ed29764d Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Fri, 13 Sep 2024 14:15:56 +0300 Subject: [PATCH 65/75] fix(CSI-256): replace all references of m.mountPoint with m.getMountPoint() --- pkg/wekafs/nfsmount.go | 22 +++++++++++----------- pkg/wekafs/wekafsmount.go | 32 ++++++++++++++++---------------- 2 files changed, 27 insertions(+), 27 deletions(-) diff --git a/pkg/wekafs/nfsmount.go b/pkg/wekafs/nfsmount.go index 25496263e..9c5b2f348 100644 --- a/pkg/wekafs/nfsmount.go +++ b/pkg/wekafs/nfsmount.go @@ -46,11 +46,11 @@ func (m *nfsMount) isInDevMode() bool { } func (m *nfsMount) isMounted() bool { - return PathExists(m.mountPoint) && PathIsWekaMount(context.Background(), m.mountPoint) + return PathExists(m.getMountPoint()) && PathIsWekaMount(context.Background(), m.mountPoint) } func (m *nfsMount) incRef(ctx context.Context, apiClient *apiclient.ApiClient) error { - if err := m.doMount(ctx, apiClient, m.mountOptions); err != nil { + if err := m.doMount(ctx, apiClient, m.getMountOptions()); err != nil { return err } return nil @@ -64,9 +64,9 @@ func (m *nfsMount) decRef(ctx context.Context) error { } func (m *nfsMount) doUnmount(ctx context.Context) error { - logger := log.Ctx(ctx).With().Str("mount_point", m.mountPoint).Str("filesystem", m.fsName).Logger() - logger.Trace().Strs("mount_options", m.mountOptions.Strings()).Msg("Performing umount via k8s native mounter") - err := m.kMounter.Unmount(m.mountPoint) + logger := log.Ctx(ctx).With().Str("mount_point", m.getMountPoint()).Str("filesystem", m.fsName).Logger() + logger.Trace().Strs("mount_options", m.getMountOptions().Strings()).Msg("Performing umount via k8s native mounter") + err := m.kMounter.Unmount(m.getMountPoint()) if err != nil { logger.Error().Err(err).Msg("Failed to unmount") } else { @@ -87,9 +87,9 @@ func (m *nfsMount) ensureMountIpAddress(ctx context.Context, apiClient *apiclien } func (m *nfsMount) doMount(ctx context.Context, apiClient *apiclient.ApiClient, mountOptions MountOptions) error { - logger := log.Ctx(ctx).With().Str("mount_point", m.mountPoint).Str("filesystem", m.fsName).Logger() + logger := log.Ctx(ctx).With().Str("mount_point", m.getMountPoint()).Str("filesystem", m.fsName).Logger() var mountOptionsSensitive []string - if err := os.MkdirAll(m.mountPoint, DefaultVolumePermissions); err != nil { + if err := os.MkdirAll(m.getMountPoint(), DefaultVolumePermissions); err != nil { return err } if !m.isInDevMode() { @@ -117,12 +117,12 @@ func (m *nfsMount) doMount(ctx context.Context, apiClient *apiclient.ApiClient, mountTarget := m.mountIpAddress + ":/" + m.fsName logger.Trace(). - Strs("mount_options", m.mountOptions.Strings()). + Strs("mount_options", m.getMountOptions().Strings()). Str("mount_target", mountTarget). Str("mount_ip_address", m.mountIpAddress). Msg("Performing mount") - err = m.kMounter.MountSensitive(mountTarget, m.mountPoint, "nfs", mountOptions.Strings(), mountOptionsSensitive) + err = m.kMounter.MountSensitive(mountTarget, m.getMountPoint(), "nfs", mountOptions.Strings(), mountOptionsSensitive) if err != nil { if os.IsNotExist(err) { logger.Error().Err(err).Msg("Mount target not found") @@ -144,8 +144,8 @@ func (m *nfsMount) doMount(ctx context.Context, apiClient *apiclient.ApiClient, if err := os.MkdirAll(fakePath, DefaultVolumePermissions); err != nil { Die(fmt.Sprintf("Failed to create directory %s, while running in debug mode", fakePath)) } - logger.Trace().Strs("mount_options", m.mountOptions.Strings()).Str("debug_path", m.debugPath).Msg("Performing mount") + logger.Trace().Strs("mount_options", m.getMountOptions().Strings()).Str("debug_path", m.debugPath).Msg("Performing mount") - return m.kMounter.Mount(fakePath, m.mountPoint, "", []string{"bind"}) + return m.kMounter.Mount(fakePath, m.getMountPoint(), "", []string{"bind"}) } } diff --git a/pkg/wekafs/wekafsmount.go b/pkg/wekafs/wekafsmount.go index 82b570ccd..7d0bc82b9 100644 --- a/pkg/wekafs/wekafsmount.go +++ b/pkg/wekafs/wekafsmount.go @@ -45,7 +45,7 @@ func (m *wekafsMount) isInDevMode() bool { } func (m *wekafsMount) isMounted() bool { - return PathExists(m.mountPoint) && PathIsWekaMount(context.Background(), m.mountPoint) + return PathExists(m.getMountPoint()) && PathIsWekaMount(context.Background(), m.getMountPoint()) } func (m *wekafsMount) incRef(ctx context.Context, apiClient *apiclient.ApiClient) error { @@ -53,22 +53,22 @@ func (m *wekafsMount) incRef(ctx context.Context, apiClient *apiclient.ApiClient m.lock.Lock() defer m.lock.Unlock() if m.refCount < 0 { - logger.Error().Str("mount_point", m.mountPoint).Int("refcount", m.refCount).Msg("During incRef negative refcount encountered") + logger.Error().Str("mount_point", m.getMountPoint()).Int("refcount", m.refCount).Msg("During incRef negative refcount encountered") m.refCount = 0 // to make sure that we don't have negative refcount later } if m.refCount == 0 { - if err := m.doMount(ctx, apiClient, m.mountOptions); err != nil { + if err := m.doMount(ctx, apiClient, m.getMountOptions()); err != nil { return err } } else if !m.isMounted() { - logger.Warn().Str("mount_point", m.mountPoint).Int("refcount", m.refCount).Msg("Mount not exists although should!") - if err := m.doMount(ctx, apiClient, m.mountOptions); err != nil { + logger.Warn().Str("mount_point", m.getMountPoint()).Int("refcount", m.refCount).Msg("Mount not exists although should!") + if err := m.doMount(ctx, apiClient, m.getMountOptions()); err != nil { return err } } m.refCount++ - logger.Trace().Int("refcount", m.refCount).Strs("mount_options", m.mountOptions.Strings()).Str("filesystem_name", m.fsName).Msg("RefCount increased") + logger.Trace().Int("refcount", m.refCount).Strs("mount_options", m.getMountOptions().Strings()).Str("filesystem_name", m.fsName).Msg("RefCount increased") return nil } @@ -78,7 +78,7 @@ func (m *wekafsMount) decRef(ctx context.Context) error { defer m.lock.Unlock() m.refCount-- m.lastUsed = time.Now() - logger.Trace().Int("refcount", m.refCount).Strs("mount_options", m.mountOptions.Strings()).Str("filesystem_name", m.fsName).Msg("RefCount decreased") + logger.Trace().Int("refcount", m.refCount).Strs("mount_options", m.getMountOptions().Strings()).Str("filesystem_name", m.fsName).Msg("RefCount decreased") if m.refCount < 0 { logger.Error().Int("refcount", m.refCount).Msg("During decRef negative refcount encountered") m.refCount = 0 // to make sure that we don't have negative refcount later @@ -92,9 +92,9 @@ func (m *wekafsMount) decRef(ctx context.Context) error { } func (m *wekafsMount) doUnmount(ctx context.Context) error { - logger := log.Ctx(ctx).With().Str("mount_point", m.mountPoint).Str("filesystem", m.fsName).Logger() - logger.Trace().Strs("mount_options", m.mountOptions.Strings()).Msg("Performing umount via k8s native mounter") - err := m.kMounter.Unmount(m.mountPoint) + logger := log.Ctx(ctx).With().Str("mount_point", m.getMountPoint()).Str("filesystem", m.fsName).Logger() + logger.Trace().Strs("mount_options", m.getMountOptions().Strings()).Msg("Performing umount via k8s native mounter") + err := m.kMounter.Unmount(m.getMountPoint()) if err != nil { logger.Error().Err(err).Msg("Failed to unmount") } else { @@ -104,11 +104,11 @@ func (m *wekafsMount) doUnmount(ctx context.Context) error { } func (m *wekafsMount) doMount(ctx context.Context, apiClient *apiclient.ApiClient, mountOptions MountOptions) error { - logger := log.Ctx(ctx).With().Str("mount_point", m.mountPoint).Str("filesystem", m.fsName).Logger() + logger := log.Ctx(ctx).With().Str("mount_point", m.getMountPoint()).Str("filesystem", m.fsName).Logger() mountToken := "" var mountOptionsSensitive []string var localContainerName string - if err := os.MkdirAll(m.mountPoint, DefaultVolumePermissions); err != nil { + if err := os.MkdirAll(m.getMountPoint(), DefaultVolumePermissions); err != nil { return err } if !m.isInDevMode() { @@ -166,16 +166,16 @@ func (m *wekafsMount) doMount(ctx context.Context, apiClient *apiclient.ApiClien } } - logger.Trace().Strs("mount_options", m.mountOptions.Strings()). + logger.Trace().Strs("mount_options", m.getMountOptions().Strings()). Fields(mountOptions).Msg("Performing mount") - return m.kMounter.MountSensitive(m.fsName, m.mountPoint, "wekafs", mountOptions.Strings(), mountOptionsSensitive) + return m.kMounter.MountSensitive(m.fsName, m.getMountPoint(), "wekafs", mountOptions.Strings(), mountOptionsSensitive) } else { fakePath := filepath.Join(m.debugPath, m.fsName) if err := os.MkdirAll(fakePath, DefaultVolumePermissions); err != nil { Die(fmt.Sprintf("Failed to create directory %s, while running in debug mode", fakePath)) } - logger.Trace().Strs("mount_options", m.mountOptions.Strings()).Str("debug_path", m.debugPath).Msg("Performing mount") + logger.Trace().Strs("mount_options", m.getMountOptions().Strings()).Str("debug_path", m.debugPath).Msg("Performing mount") - return m.kMounter.Mount(fakePath, m.mountPoint, "", []string{"bind"}) + return m.kMounter.Mount(fakePath, m.getMountPoint(), "", []string{"bind"}) } } From e5c7a5148511564135b15dca9908adde550a35e6 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Fri, 13 Sep 2024 14:16:23 +0300 Subject: [PATCH 66/75] fix(CSI-256): construct mountPoint to have an IP address --- pkg/wekafs/nfsmount.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/wekafs/nfsmount.go b/pkg/wekafs/nfsmount.go index 9c5b2f348..164cdc80e 100644 --- a/pkg/wekafs/nfsmount.go +++ b/pkg/wekafs/nfsmount.go @@ -26,7 +26,7 @@ type nfsMount struct { } func (m *nfsMount) getMountPoint() string { - return m.mountPoint + return fmt.Sprintf("%s-%s", m.mountPoint, m.mountIpAddress) } func (m *nfsMount) getRefCount() int { From 3261f2ca92906cf84d9cfdf3cdd8d3b1a0e27c1a Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Fri, 13 Sep 2024 14:30:59 +0300 Subject: [PATCH 67/75] fix(CSI-256): implement AnyMount.locateMountIp() --- pkg/wekafs/interfaces.go | 1 + pkg/wekafs/nfsmount.go | 11 +++++++++++ pkg/wekafs/utilities.go | 18 ++++++++++++++++++ pkg/wekafs/wekafsmount.go | 4 ++++ 4 files changed, 34 insertions(+) diff --git a/pkg/wekafs/interfaces.go b/pkg/wekafs/interfaces.go index 13cc44648..e6298e324 100644 --- a/pkg/wekafs/interfaces.go +++ b/pkg/wekafs/interfaces.go @@ -42,4 +42,5 @@ type AnyMount interface { getMountPoint() string getMountOptions() MountOptions getLastUsed() time.Time + locateMountIP() error // used only for NFS } diff --git a/pkg/wekafs/nfsmount.go b/pkg/wekafs/nfsmount.go index 164cdc80e..7949b1982 100644 --- a/pkg/wekafs/nfsmount.go +++ b/pkg/wekafs/nfsmount.go @@ -63,6 +63,17 @@ func (m *nfsMount) decRef(ctx context.Context) error { return nil } +func (m *nfsMount) locateMountIP() error { + if m.mountIpAddress == "" { + ipAddr, err := GetMountIpFromActualMountPoint(m.mountPoint) + if err != nil { + return err + } + m.mountIpAddress = ipAddr + } + return nil +} + func (m *nfsMount) doUnmount(ctx context.Context) error { logger := log.Ctx(ctx).With().Str("mount_point", m.getMountPoint()).Str("filesystem", m.fsName).Logger() logger.Trace().Strs("mount_options", m.getMountOptions().Strings()).Msg("Performing umount via k8s native mounter") diff --git a/pkg/wekafs/utilities.go b/pkg/wekafs/utilities.go index e8a0ea8dd..07b77d315 100644 --- a/pkg/wekafs/utilities.go +++ b/pkg/wekafs/utilities.go @@ -303,6 +303,24 @@ func PathIsWekaMount(ctx context.Context, path string) bool { return false } +func GetMountIpFromActualMountPoint(mountPointBase string) (string, error) { + file, err := os.Open("/proc/mounts") + if err != nil { + return "", errors.New("failed to open /proc/mounts") + } + defer func() { _ = file.Close() }() + var actualMountPoint string + scanner := bufio.NewScanner(file) + for scanner.Scan() { + fields := strings.Fields(scanner.Text()) + if len(fields) >= 3 && strings.HasPrefix(fields[1], fmt.Sprintf("%s-", mountPointBase)) { + actualMountPoint = fields[1] + return strings.TrimLeft(actualMountPoint, mountPointBase+"-"), nil + } + } + return "", errors.New("mount point not found") +} + func validateVolumeId(volumeId string) error { // Volume New format: // VolID format is as following: diff --git a/pkg/wekafs/wekafsmount.go b/pkg/wekafs/wekafsmount.go index 7d0bc82b9..2b15c9877 100644 --- a/pkg/wekafs/wekafsmount.go +++ b/pkg/wekafs/wekafsmount.go @@ -179,3 +179,7 @@ func (m *wekafsMount) doMount(ctx context.Context, apiClient *apiclient.ApiClien return m.kMounter.Mount(fakePath, m.getMountPoint(), "", []string{"bind"}) } } + +func (m *wekafsMount) locateMountIP() error { + return nil +} From 3b0e735a1a435240c1dcbd455551f9ff7c6800be Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Fri, 13 Sep 2024 14:31:55 +0300 Subject: [PATCH 68/75] fix(CSI-256): locate actual mount IP upon unmountWithOptions --- pkg/wekafs/nfsmounter.go | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/pkg/wekafs/nfsmounter.go b/pkg/wekafs/nfsmounter.go index 90b692304..fca463cfc 100644 --- a/pkg/wekafs/nfsmounter.go +++ b/pkg/wekafs/nfsmounter.go @@ -91,6 +91,12 @@ func (m *nfsMounter) unmountWithOptions(ctx context.Context, fsName string, opti options = options.AsNfs() options.Merge(options, m.exclusiveMountOptions) mnt := m.NewMount(fsName, options) + // since we are not aware of the IP address of the mount, we need to find the mount point by listing the mounts + err := mnt.locateMountIP() + if err != nil { + log.Ctx(ctx).Error().Err(err).Msg("Failed to locate mount IP") + return err + } log.Ctx(ctx).Trace().Strs("mount_options", opts.Strings()).Str("filesystem", fsName).Msg("Received an unmount request") return mnt.decRef(ctx) From e08979331ea44fb14774570adb8425cbfe7875ef Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Fri, 13 Sep 2024 14:53:07 +0300 Subject: [PATCH 69/75] fix(CSI-256): add a simple mount refCount logic for NFS --- pkg/wekafs/interfaces.go | 1 + pkg/wekafs/nfsmount.go | 57 +++++++++++++++++++++++++++++++++++++--- pkg/wekafs/nfsmounter.go | 6 ++++- 3 files changed, 59 insertions(+), 5 deletions(-) diff --git a/pkg/wekafs/interfaces.go b/pkg/wekafs/interfaces.go index e6298e324..86fb90fe3 100644 --- a/pkg/wekafs/interfaces.go +++ b/pkg/wekafs/interfaces.go @@ -28,6 +28,7 @@ type AnyMounter interface { type mountsMapPerFs map[string]AnyMount type mountsMap map[string]mountsMapPerFs +type nfsMountsMap map[string]int // we only follow the mountPath and number of references type UnmountFunc func() diff --git a/pkg/wekafs/nfsmount.go b/pkg/wekafs/nfsmount.go index 7949b1982..f08af47bd 100644 --- a/pkg/wekafs/nfsmount.go +++ b/pkg/wekafs/nfsmount.go @@ -14,6 +14,7 @@ import ( ) type nfsMount struct { + mounter *nfsMounter fsName string mountPoint string kMounter mount.Interface @@ -50,15 +51,63 @@ func (m *nfsMount) isMounted() bool { } func (m *nfsMount) incRef(ctx context.Context, apiClient *apiclient.ApiClient) error { - if err := m.doMount(ctx, apiClient, m.getMountOptions()); err != nil { - return err + logger := log.Ctx(ctx) + if m.mounter == nil { + logger.Error().Msg("Mounter is nil") + return errors.New("mounter is nil") + } + m.mounter.lock.Lock() + defer m.mounter.lock.Unlock() + refCount, ok := m.mounter.mountMap[m.getMountPoint()] + if !ok { + refCount = 0 + } + if refCount == 0 { + if err := m.doMount(ctx, apiClient, m.getMountOptions()); err != nil { + return err + } + } else if !m.isMounted() { + logger.Warn().Str("mount_point", m.getMountPoint()).Int("refcount", refCount).Msg("Mount not exists although should!") + if err := m.doMount(ctx, apiClient, m.getMountOptions()); err != nil { + return err + } + } + refCount++ + m.mounter.mountMap[m.getMountPoint()] = refCount + + logger.Trace().Int("refcount", refCount).Strs("mount_options", m.getMountOptions().Strings()).Str("filesystem_name", m.fsName).Msg("RefCount increased") return nil } func (m *nfsMount) decRef(ctx context.Context) error { - if err := m.doUnmount(ctx); err != nil { - return err + logger := log.Ctx(ctx) + if m.mounter == nil { + logger.Error().Msg("Mounter is nil") + return errors.New("mounter is nil") + } + m.mounter.lock.Lock() + defer m.mounter.lock.Unlock() + refCount, ok := m.mounter.mountMap[m.getMountPoint()] + defer func() { + if refCount == 0 { + delete(m.mounter.mountMap, m.getMountPoint()) + } else { + m.mounter.mountMap[m.getMountPoint()] = refCount + } + }() + if !ok { + refCount = 0 + } + if refCount < 0 { + logger.Error().Int("refcount", refCount).Msg("During decRef negative refcount encountered") + refCount = 0 // to make sure that we don't have negative refcount later + } + if refCount == 1 { + if err := m.doUnmount(ctx); err != nil { + return err + } + refCount-- } return nil } diff --git a/pkg/wekafs/nfsmounter.go b/pkg/wekafs/nfsmounter.go index fca463cfc..7ad22cefb 100644 --- a/pkg/wekafs/nfsmounter.go +++ b/pkg/wekafs/nfsmounter.go @@ -5,10 +5,13 @@ import ( "github.com/rs/zerolog/log" "github.com/wekafs/csi-wekafs/pkg/wekafs/apiclient" "k8s.io/mount-utils" + "sync" "time" ) type nfsMounter struct { + mountMap nfsMountsMap + lock sync.Mutex kMounter mount.Interface debugPath string selinuxSupport *bool @@ -28,7 +31,7 @@ func newNfsMounter(driver *WekaFsDriver) *nfsMounter { log.Debug().Msg("SELinux support is forced") selinuxSupport = &[]bool{true}[0] } - mounter := &nfsMounter{debugPath: driver.debugPath, selinuxSupport: selinuxSupport, exclusiveMountOptions: driver.config.mutuallyExclusiveOptions} + mounter := &nfsMounter{mountMap: make(nfsMountsMap), debugPath: driver.debugPath, selinuxSupport: selinuxSupport, exclusiveMountOptions: driver.config.mutuallyExclusiveOptions} mounter.gc = initInnerPathVolumeGc(mounter) mounter.schedulePeriodicMountGc() mounter.interfaceGroupName = &driver.config.interfaceGroupName @@ -43,6 +46,7 @@ func (m *nfsMounter) NewMount(fsName string, options MountOptions) AnyMount { } uniqueId := getStringSha1AsB32(fsName + ":" + options.String()) wMount := &nfsMount{ + mounter: m, kMounter: m.kMounter, fsName: fsName, debugPath: m.debugPath, From 46477b135c6dc40b8ec3c78bb83303d72cb174f6 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Fri, 13 Sep 2024 14:55:19 +0300 Subject: [PATCH 70/75] fix(CSI-257): wekafsmount refcount is decreased even if unmount failed --- pkg/wekafs/wekafsmount.go | 1 + 1 file changed, 1 insertion(+) diff --git a/pkg/wekafs/wekafsmount.go b/pkg/wekafs/wekafsmount.go index 2b15c9877..9e178c87c 100644 --- a/pkg/wekafs/wekafsmount.go +++ b/pkg/wekafs/wekafsmount.go @@ -85,6 +85,7 @@ func (m *wekafsMount) decRef(ctx context.Context) error { } if m.refCount == 0 { if err := m.doUnmount(ctx); err != nil { + m.refCount++ // since we failed to unmount, we need to increase the refcount back to the original value return err } } From b0609c7d3d5d065617237de203c1e8eac1450045 Mon Sep 17 00:00:00 2001 From: Weka CSI Bot Date: Fri, 13 Sep 2024 12:09:58 +0000 Subject: [PATCH 71/75] chore: autopublish 2024-09-13T12:09:58Z --- README.md | 6 +++--- charts/csi-wekafsplugin/Chart.yaml | 4 ++-- charts/csi-wekafsplugin/README.md | 6 +++--- charts/csi-wekafsplugin/values.yaml | 2 +- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 7f513c9aa..b48ec2310 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # CSI WekaFS Driver Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for WekaFS - the world fastest filesystem -![Version: 2.4.2-SNAPSHOT.84.d1d7e03](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.84.d1d7e03-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.84.d1d7e03](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.84.d1d7e03-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.93.54c52a3](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.93.54c52a3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.93.54c52a3](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.93.54c52a3-informational?style=flat-square) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) @@ -44,7 +44,7 @@ make build |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.84.d1d7e03"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.93.54c52a3"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.14.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.7.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v5.1.0"` | CSI provisioner sidecar image URL | @@ -53,7 +53,7 @@ make build | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v8.1.0"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/csi-wekafs"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.84.d1d7e03"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.93.54c52a3"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/Chart.yaml b/charts/csi-wekafsplugin/Chart.yaml index d2687dd3b..50f1b8ddf 100644 --- a/charts/csi-wekafsplugin/Chart.yaml +++ b/charts/csi-wekafsplugin/Chart.yaml @@ -10,8 +10,8 @@ sources: home: https://github.com/weka/csi-wekafs icon: https://weka.github.io/csi-wekafs/logo.png type: application -version: 2.4.2-SNAPSHOT.84.d1d7e03 -appVersion: v2.4.2-SNAPSHOT.84.d1d7e03 +version: 2.4.2-SNAPSHOT.93.54c52a3 +appVersion: v2.4.2-SNAPSHOT.93.54c52a3 keywords: [storage, filesystem, HPC] annotations: artifacthub.io/category: "storage" diff --git a/charts/csi-wekafsplugin/README.md b/charts/csi-wekafsplugin/README.md index 4fc29c0c2..804c3b2a4 100644 --- a/charts/csi-wekafsplugin/README.md +++ b/charts/csi-wekafsplugin/README.md @@ -3,7 +3,7 @@ Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) -![Version: 2.4.2-SNAPSHOT.84.d1d7e03](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.84.d1d7e03-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.84.d1d7e03](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.84.d1d7e03-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.93.54c52a3](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.93.54c52a3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.93.54c52a3](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.93.54c52a3-informational?style=flat-square) ## Homepage https://github.com/weka/csi-wekafs @@ -52,7 +52,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.84.d1d7e03"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.93.54c52a3"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.14.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.7.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v5.1.0"` | CSI provisioner sidecar image URL | @@ -61,7 +61,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v8.1.0"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/csi-wekafs"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.84.d1d7e03"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.93.54c52a3"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index 0723b4519..25da2919e 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -5,7 +5,7 @@ dynamicProvisionPath: "csi-volumes" # -- Name of the driver (and provisioner) csiDriverName: "csi.weka.io" # -- CSI driver version -csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.84.d1d7e03 +csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.93.54c52a3 images: # -- CSI liveness probe sidecar image URL livenessprobesidecar: registry.k8s.io/sig-storage/livenessprobe:v2.14.0 From 240e920a6f72e8780216551d73c596ad62636ef2 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Fri, 13 Sep 2024 17:38:17 +0300 Subject: [PATCH 72/75] fix(CSI-256): mount point is created before fetching NFS mount IP --- pkg/wekafs/nfsmount.go | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/pkg/wekafs/nfsmount.go b/pkg/wekafs/nfsmount.go index f08af47bd..ae69101c0 100644 --- a/pkg/wekafs/nfsmount.go +++ b/pkg/wekafs/nfsmount.go @@ -149,20 +149,21 @@ func (m *nfsMount) ensureMountIpAddress(ctx context.Context, apiClient *apiclien func (m *nfsMount) doMount(ctx context.Context, apiClient *apiclient.ApiClient, mountOptions MountOptions) error { logger := log.Ctx(ctx).With().Str("mount_point", m.getMountPoint()).Str("filesystem", m.fsName).Logger() var mountOptionsSensitive []string + if apiClient == nil { + // this flow is relevant only for legacy volumes, will not work with SCMC + logger.Trace().Msg("No API client for mount, cannot proceed") + return errors.New("no API client for mount, cannot do NFS mount") + } + + if err := m.ensureMountIpAddress(ctx, apiClient); err != nil { + logger.Error().Err(err).Msg("Failed to get mount IP address") + return err + } + if err := os.MkdirAll(m.getMountPoint(), DefaultVolumePermissions); err != nil { return err } if !m.isInDevMode() { - if apiClient == nil { - // this flow is relevant only for legacy volumes, will not work with SCMC - logger.Trace().Msg("No API client for mount, cannot proceed") - return errors.New("no API client for mount, cannot do NFS mount") - } - - if err := m.ensureMountIpAddress(ctx, apiClient); err != nil { - logger.Error().Err(err).Msg("Failed to get mount IP address") - return err - } nodeIP, err := apiclient.GetNodeIpAddressByRouting(m.mountIpAddress) if err != nil { From 976fe686a36f55407a7f7f03904075b70360f4ca Mon Sep 17 00:00:00 2001 From: Weka CSI Bot Date: Fri, 13 Sep 2024 16:03:53 +0000 Subject: [PATCH 73/75] chore: autopublish 2024-09-13T16:03:53Z --- README.md | 6 +++--- charts/csi-wekafsplugin/Chart.yaml | 4 ++-- charts/csi-wekafsplugin/README.md | 6 +++--- charts/csi-wekafsplugin/values.yaml | 2 +- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index b48ec2310..a9e58a7ea 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # CSI WekaFS Driver Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for WekaFS - the world fastest filesystem -![Version: 2.4.2-SNAPSHOT.93.54c52a3](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.93.54c52a3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.93.54c52a3](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.93.54c52a3-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.96.e6d25bc](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.96.e6d25bc-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.96.e6d25bc](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.96.e6d25bc-informational?style=flat-square) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) @@ -44,7 +44,7 @@ make build |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.93.54c52a3"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.96.e6d25bc"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.14.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.7.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v5.1.0"` | CSI provisioner sidecar image URL | @@ -53,7 +53,7 @@ make build | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v8.1.0"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/csi-wekafs"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.93.54c52a3"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.96.e6d25bc"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/Chart.yaml b/charts/csi-wekafsplugin/Chart.yaml index 50f1b8ddf..dc3f5e810 100644 --- a/charts/csi-wekafsplugin/Chart.yaml +++ b/charts/csi-wekafsplugin/Chart.yaml @@ -10,8 +10,8 @@ sources: home: https://github.com/weka/csi-wekafs icon: https://weka.github.io/csi-wekafs/logo.png type: application -version: 2.4.2-SNAPSHOT.93.54c52a3 -appVersion: v2.4.2-SNAPSHOT.93.54c52a3 +version: 2.4.2-SNAPSHOT.96.e6d25bc +appVersion: v2.4.2-SNAPSHOT.96.e6d25bc keywords: [storage, filesystem, HPC] annotations: artifacthub.io/category: "storage" diff --git a/charts/csi-wekafsplugin/README.md b/charts/csi-wekafsplugin/README.md index 804c3b2a4..4a0d7c568 100644 --- a/charts/csi-wekafsplugin/README.md +++ b/charts/csi-wekafsplugin/README.md @@ -3,7 +3,7 @@ Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) -![Version: 2.4.2-SNAPSHOT.93.54c52a3](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.93.54c52a3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.93.54c52a3](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.93.54c52a3-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.96.e6d25bc](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.96.e6d25bc-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.96.e6d25bc](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.96.e6d25bc-informational?style=flat-square) ## Homepage https://github.com/weka/csi-wekafs @@ -52,7 +52,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.93.54c52a3"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.96.e6d25bc"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.14.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.7.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v5.1.0"` | CSI provisioner sidecar image URL | @@ -61,7 +61,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v8.1.0"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/csi-wekafs"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.93.54c52a3"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.96.e6d25bc"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index 25da2919e..92981d278 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -5,7 +5,7 @@ dynamicProvisionPath: "csi-volumes" # -- Name of the driver (and provisioner) csiDriverName: "csi.weka.io" # -- CSI driver version -csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.93.54c52a3 +csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.96.e6d25bc images: # -- CSI liveness probe sidecar image URL livenessprobesidecar: registry.k8s.io/sig-storage/livenessprobe:v2.14.0 From 71c01b4c12f3909f929cd5f16dc9398905d4f26b Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Fri, 13 Sep 2024 18:13:46 +0300 Subject: [PATCH 74/75] fix(CSI-258): make NFS protocol version configurable --- .../controllerserver-statefulset.yaml | 3 +++ .../templates/nodeserver-daemonset.yaml | 3 +++ charts/csi-wekafsplugin/values.yaml | 2 ++ cmd/wekafsplugin/main.go | 2 ++ pkg/wekafs/apiclient/nfs.go | 21 +++++++++++++++---- pkg/wekafs/apiclient/nfs_test.go | 2 +- pkg/wekafs/driverconfig.go | 4 +++- pkg/wekafs/nfsmount.go | 5 +++-- pkg/wekafs/nfsmounter.go | 4 ++++ 9 files changed, 38 insertions(+), 8 deletions(-) diff --git a/charts/csi-wekafsplugin/templates/controllerserver-statefulset.yaml b/charts/csi-wekafsplugin/templates/controllerserver-statefulset.yaml index 1948df98e..8ffd18cfe 100755 --- a/charts/csi-wekafsplugin/templates/controllerserver-statefulset.yaml +++ b/charts/csi-wekafsplugin/templates/controllerserver-statefulset.yaml @@ -227,6 +227,9 @@ spec: {{- if .Values.pluginConfig.mountProtocol.clientGroupName }} - "--clientgroupname={{ .Values.pluginConfig.mountProtocol.clientGroupName }}" {{- end }} + {{- if .Values.pluginConfig.mountProtocol.nfsProtocolVersion }} + - "--nfsprotocolversion={{ .Values.pluginConfig.mountProtocol.nfsProtocolVersion | toString}}" + {{- end }} ports: - containerPort: 9898 name: healthz diff --git a/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml b/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml index dc1eb0b56..d3edd40d8 100644 --- a/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml +++ b/charts/csi-wekafsplugin/templates/nodeserver-daemonset.yaml @@ -119,6 +119,9 @@ spec: {{- if .Values.pluginConfig.mountProtocol.clientGroupName }} - "--clientgroupname={{ .Values.pluginConfig.mountProtocol.clientGroupName }}" {{- end }} + {{- if .Values.pluginConfig.mountProtocol.nfsProtocolVersion }} + - "--nfsprotocolversion={{ .Values.pluginConfig.mountProtocol.nfsProtocolVersion | toString}}" + {{- end }} ports: - containerPort: 9899 name: healthz diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index 92981d278..6e31998bf 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -155,3 +155,5 @@ pluginConfig: interfaceGroupName: "" # -- Specify existing client group name for NFS configuration. If not set, "WekaCSIPluginClients" group will be created clientGroupName: "" + # -- Specify NFS protocol version to use for mounting Weka filesystems. Default is "4.1", consult Weka documentation for supported versions + nfsProtocolVersion: "4.1" diff --git a/cmd/wekafsplugin/main.go b/cmd/wekafsplugin/main.go index 63660efcf..f4ab75b8b 100644 --- a/cmd/wekafsplugin/main.go +++ b/cmd/wekafsplugin/main.go @@ -95,6 +95,7 @@ var ( useNfs = flag.Bool("usenfs", false, "Use NFS for mounting volumes") interfaceGroupName = flag.String("interfacegroupname", "", "Name of the NFS interface group to use for mounting volumes") clientGroupName = flag.String("clientgroupname", "", "Name of the NFS client group to use for managing NFS permissions") + nfsProtocolVersion = flag.String("nfsprotocolversion", "4.1", "NFS protocol version to use for mounting volumes") // Set by the build process version = "" ) @@ -225,6 +226,7 @@ func handle() { *useNfs, *interfaceGroupName, *clientGroupName, + *nfsProtocolVersion, ) driver, err := wekafs.NewWekaFsDriver( *driverName, *nodeID, *endpoint, *maxVolumesPerNode, version, *debugPath, csiMode, *selinuxSupport, config) diff --git a/pkg/wekafs/apiclient/nfs.go b/pkg/wekafs/apiclient/nfs.go index 3b1870ed7..adb74ec37 100644 --- a/pkg/wekafs/apiclient/nfs.go +++ b/pkg/wekafs/apiclient/nfs.go @@ -12,12 +12,25 @@ import ( "golang.org/x/exp/slices" "k8s.io/helm/pkg/urlutil" "strconv" + "strings" ) type NfsPermissionType string type NfsPermissionSquashMode string type NfsClientGroupRuleType string type NfsVersionString string + +func (n NfsVersionString) String() string { + return string(n) +} +func (n NfsVersionString) AsOption() string { + return strings.TrimLeft(n.String(), "V") +} + +func (n NfsVersionString) AsWeka() NfsVersionString { + return NfsVersionString(strings.Split(n.String(), ".")[0]) +} + type NfsAuthType string const ( @@ -199,9 +212,9 @@ func (a *ApiClient) CreateNfsPermission(ctx context.Context, r *NfsPermissionCre return err } -func EnsureNfsPermission(ctx context.Context, fsName string, group string, apiClient *ApiClient) error { +func EnsureNfsPermission(ctx context.Context, fsName string, group string, version NfsVersionString, apiClient *ApiClient) error { perm := &NfsPermission{ - SupportedVersions: []NfsVersionString{NfsVersionV4}, + SupportedVersions: []NfsVersionString{version.AsWeka()}, AnonUid: strconv.Itoa(65534), AnonGid: strconv.Itoa(65534), Filesystem: fsName, @@ -708,7 +721,7 @@ func (a *ApiClient) EnsureNfsClientGroupRuleForIp(ctx context.Context, cg *NfsCl return err } -func (a *ApiClient) EnsureNfsPermissions(ctx context.Context, ip string, fsName string, clientGroupName string) error { +func (a *ApiClient) EnsureNfsPermissions(ctx context.Context, ip string, fsName string, version NfsVersionString, clientGroupName string) error { op := "EnsureNfsPermissions" ctx, span := otel.Tracer(TracerName).Start(ctx, op) defer span.End() @@ -731,6 +744,6 @@ func (a *ApiClient) EnsureNfsPermissions(ctx context.Context, ip string, fsName } // Ensure NFS permission logger.Trace().Str("filesystem", fsName).Str("client_group", cg.Name).Msg("Ensuring NFS Export for client group") - err = EnsureNfsPermission(ctx, fsName, cg.Name, a) + err = EnsureNfsPermission(ctx, fsName, cg.Name, version, a) return err } diff --git a/pkg/wekafs/apiclient/nfs_test.go b/pkg/wekafs/apiclient/nfs_test.go index 3ce86ea58..7067ac2d2 100644 --- a/pkg/wekafs/apiclient/nfs_test.go +++ b/pkg/wekafs/apiclient/nfs_test.go @@ -251,7 +251,7 @@ func TestNfsEnsureNfsPermissions(t *testing.T) { apiClient := GetApiClientForTest(t) // Test EnsureNfsPermission - err := apiClient.EnsureNfsPermissions(context.Background(), "172.16.5.147", "default", NfsClientGroupName) + err := apiClient.EnsureNfsPermissions(context.Background(), "172.16.5.147", "default", NfsVersionV4, NfsClientGroupName) assert.NoError(t, err) } diff --git a/pkg/wekafs/driverconfig.go b/pkg/wekafs/driverconfig.go index 53e901a18..6e9541966 100644 --- a/pkg/wekafs/driverconfig.go +++ b/pkg/wekafs/driverconfig.go @@ -37,6 +37,7 @@ type DriverConfig struct { useNfs bool interfaceGroupName string clientGroupName string + nfsProtocolVersion string } func (dc *DriverConfig) Log() { @@ -70,7 +71,7 @@ func NewDriverConfig(dynamicVolPath, VolumePrefix, SnapshotPrefix, SeedSnapshotP grpcRequestTimeoutSeconds int, allowProtocolContainers bool, allowNfsFailback, useNfs bool, - interfaceGroupName, clientGroupName string, + interfaceGroupName, clientGroupName, nfsProtocolVersion string, ) *DriverConfig { var MutuallyExclusiveMountOptions []mutuallyExclusiveMountOptionSet @@ -114,6 +115,7 @@ func NewDriverConfig(dynamicVolPath, VolumePrefix, SnapshotPrefix, SeedSnapshotP useNfs: useNfs, interfaceGroupName: interfaceGroupName, clientGroupName: clientGroupName, + nfsProtocolVersion: nfsProtocolVersion, } } diff --git a/pkg/wekafs/nfsmount.go b/pkg/wekafs/nfsmount.go index ae69101c0..13a385ade 100644 --- a/pkg/wekafs/nfsmount.go +++ b/pkg/wekafs/nfsmount.go @@ -24,6 +24,7 @@ type nfsMount struct { mountIpAddress string interfaceGroupName *string clientGroupName string + protocolVersion apiclient.NfsVersionString } func (m *nfsMount) getMountPoint() string { @@ -35,7 +36,7 @@ func (m *nfsMount) getRefCount() int { } func (m *nfsMount) getMountOptions() MountOptions { - return m.mountOptions + return m.mountOptions.AddOption(fmt.Sprintf("vers=%s", m.protocolVersion.AsOption())) } func (m *nfsMount) getLastUsed() time.Time { @@ -171,7 +172,7 @@ func (m *nfsMount) doMount(ctx context.Context, apiClient *apiclient.ApiClient, nodeIP = apiclient.GetNodeIpAddress() } - if apiClient.EnsureNfsPermissions(ctx, nodeIP, m.fsName, m.clientGroupName) != nil { + if apiClient.EnsureNfsPermissions(ctx, nodeIP, m.fsName, apiclient.NfsVersionV4, m.clientGroupName) != nil { logger.Error().Msg("Failed to ensure NFS permissions") return errors.New("failed to ensure NFS permissions") } diff --git a/pkg/wekafs/nfsmounter.go b/pkg/wekafs/nfsmounter.go index 7ad22cefb..00e0381eb 100644 --- a/pkg/wekafs/nfsmounter.go +++ b/pkg/wekafs/nfsmounter.go @@ -2,6 +2,7 @@ package wekafs import ( "context" + "fmt" "github.com/rs/zerolog/log" "github.com/wekafs/csi-wekafs/pkg/wekafs/apiclient" "k8s.io/mount-utils" @@ -18,6 +19,7 @@ type nfsMounter struct { gc *innerPathVolGc interfaceGroupName *string clientGroupName string + nfsProtocolVersion string exclusiveMountOptions []mutuallyExclusiveMountOptionSet } @@ -36,6 +38,7 @@ func newNfsMounter(driver *WekaFsDriver) *nfsMounter { mounter.schedulePeriodicMountGc() mounter.interfaceGroupName = &driver.config.interfaceGroupName mounter.clientGroupName = driver.config.clientGroupName + mounter.nfsProtocolVersion = driver.config.nfsProtocolVersion return mounter } @@ -54,6 +57,7 @@ func (m *nfsMounter) NewMount(fsName string, options MountOptions) AnyMount { mountOptions: options, interfaceGroupName: m.interfaceGroupName, clientGroupName: m.clientGroupName, + protocolVersion: apiclient.NfsVersionString(fmt.Sprintf("V%s", m.nfsProtocolVersion)), } return wMount } From 2cc949e320dc98b5447c2ea6751b7092b560455a Mon Sep 17 00:00:00 2001 From: Weka CSI Bot Date: Fri, 13 Sep 2024 16:08:55 +0000 Subject: [PATCH 75/75] chore: autopublish 2024-09-13T16:08:55Z --- README.md | 7 ++++--- charts/csi-wekafsplugin/Chart.yaml | 4 ++-- charts/csi-wekafsplugin/README.md | 7 ++++--- charts/csi-wekafsplugin/values.schema.json | 3 +++ charts/csi-wekafsplugin/values.yaml | 2 +- 5 files changed, 14 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index a9e58a7ea..3ad6adf02 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # CSI WekaFS Driver Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for WekaFS - the world fastest filesystem -![Version: 2.4.2-SNAPSHOT.96.e6d25bc](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.96.e6d25bc-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.96.e6d25bc](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.96.e6d25bc-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.99.90161ea](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.99.90161ea-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.99.90161ea](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.99.90161ea-informational?style=flat-square) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) @@ -44,7 +44,7 @@ make build |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.96.e6d25bc"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.99.90161ea"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.14.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.7.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v5.1.0"` | CSI provisioner sidecar image URL | @@ -53,7 +53,7 @@ make build | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v8.1.0"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/csi-wekafs"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.96.e6d25bc"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.99.90161ea"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | @@ -99,6 +99,7 @@ make build | pluginConfig.mountProtocol.allowNfsFailback | bool | `false` | Allow Failback to NFS transport if Weka client fails to mount filesystem using native protocol | | pluginConfig.mountProtocol.interfaceGroupName | string | `""` | Specify name of NFS interface group to use for mounting Weka filesystems. If not set, first NFS interface group will be used | | pluginConfig.mountProtocol.clientGroupName | string | `""` | Specify existing client group name for NFS configuration. If not set, "WekaCSIPluginClients" group will be created | +| pluginConfig.mountProtocol.nfsProtocolVersion | string | `"4.1"` | Specify NFS protocol version to use for mounting Weka filesystems. Default is "4.1", consult Weka documentation for supported versions | ---------------------------------------------- Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/charts/csi-wekafsplugin/Chart.yaml b/charts/csi-wekafsplugin/Chart.yaml index dc3f5e810..3d006947d 100644 --- a/charts/csi-wekafsplugin/Chart.yaml +++ b/charts/csi-wekafsplugin/Chart.yaml @@ -10,8 +10,8 @@ sources: home: https://github.com/weka/csi-wekafs icon: https://weka.github.io/csi-wekafs/logo.png type: application -version: 2.4.2-SNAPSHOT.96.e6d25bc -appVersion: v2.4.2-SNAPSHOT.96.e6d25bc +version: 2.4.2-SNAPSHOT.99.90161ea +appVersion: v2.4.2-SNAPSHOT.99.90161ea keywords: [storage, filesystem, HPC] annotations: artifacthub.io/category: "storage" diff --git a/charts/csi-wekafsplugin/README.md b/charts/csi-wekafsplugin/README.md index 4a0d7c568..c37c96e2c 100644 --- a/charts/csi-wekafsplugin/README.md +++ b/charts/csi-wekafsplugin/README.md @@ -3,7 +3,7 @@ Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) -![Version: 2.4.2-SNAPSHOT.96.e6d25bc](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.96.e6d25bc-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.96.e6d25bc](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.96.e6d25bc-informational?style=flat-square) +![Version: 2.4.2-SNAPSHOT.99.90161ea](https://img.shields.io/badge/Version-2.4.2--SNAPSHOT.99.90161ea-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.4.2-SNAPSHOT.99.90161ea](https://img.shields.io/badge/AppVersion-v2.4.2--SNAPSHOT.99.90161ea-informational?style=flat-square) ## Homepage https://github.com/weka/csi-wekafs @@ -52,7 +52,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.4.2-SNAPSHOT.96.e6d25bc"` | CSI driver version | +| csiDriverVersion | string | `"2.4.2-SNAPSHOT.99.90161ea"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.14.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.7.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v5.1.0"` | CSI provisioner sidecar image URL | @@ -61,7 +61,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v8.1.0"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/csi-wekafs"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.4.2-SNAPSHOT.96.e6d25bc"` | CSI driver tag | +| images.csidriverTag | string | `"2.4.2-SNAPSHOT.99.90161ea"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | @@ -107,6 +107,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs | pluginConfig.mountProtocol.allowNfsFailback | bool | `false` | Allow Failback to NFS transport if Weka client fails to mount filesystem using native protocol | | pluginConfig.mountProtocol.interfaceGroupName | string | `""` | Specify name of NFS interface group to use for mounting Weka filesystems. If not set, first NFS interface group will be used | | pluginConfig.mountProtocol.clientGroupName | string | `""` | Specify existing client group name for NFS configuration. If not set, "WekaCSIPluginClients" group will be created | +| pluginConfig.mountProtocol.nfsProtocolVersion | string | `"4.1"` | Specify NFS protocol version to use for mounting Weka filesystems. Default is "4.1", consult Weka documentation for supported versions | ---------------------------------------------- Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/charts/csi-wekafsplugin/values.schema.json b/charts/csi-wekafsplugin/values.schema.json index 916cc575b..ab077d062 100644 --- a/charts/csi-wekafsplugin/values.schema.json +++ b/charts/csi-wekafsplugin/values.schema.json @@ -244,6 +244,9 @@ "interfaceGroupName": { "type": "string" }, + "nfsProtocolVersion": { + "type": "string" + }, "useNfs": { "type": "boolean" } diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index 6e31998bf..c14adf2b0 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -5,7 +5,7 @@ dynamicProvisionPath: "csi-volumes" # -- Name of the driver (and provisioner) csiDriverName: "csi.weka.io" # -- CSI driver version -csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.96.e6d25bc +csiDriverVersion: &csiDriverVersion 2.4.2-SNAPSHOT.99.90161ea images: # -- CSI liveness probe sidecar image URL livenessprobesidecar: registry.k8s.io/sig-storage/livenessprobe:v2.14.0