Launch mountpoint in host systemd

.gitignore

@@ -1,2 +1,4 @@
 **/credentials
-bin/
+bin/
+go.work
+go.work.sum

Dockerfile

@@ -32,21 +32,23 @@ RUN gpg --verify mount-s3.rpm.asc
 
 # Build driver
 FROM --platform=$BUILDPLATFORM golang:1.21.1-bullseye as builder
+
 WORKDIR /go/src/github.com/kubernetes-sigs/aws-s3-csi-driver
-ADD . .
-RUN make bin
+COPY . .
+RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg/mod \
+make bin
 
 FROM --platform=$BUILDPLATFORM public.ecr.aws/amazonlinux/amazonlinux:2023 AS linux-amazon
 
 RUN yum install util-linux -y
 
-# Install MP
+# MP Installer
 COPY --from=mp_builder /mount-s3.rpm /mount-s3.rpm
+COPY ./cmd/install-mp.sh /
 
 RUN dnf upgrade -y && \
     dnf install -y ./mount-s3.rpm && \
-    dnf clean all && \
-    rm mount-s3.rpm
+    dnf clean all
 
 RUN echo "user_allow_other" >> /etc/fuse.conf
 

charts/aws-s3-csi-driver/templates/node.yaml

@@ -19,6 +19,7 @@ spec:
     spec:
       nodeSelector:
         kubernetes.io/os: linux
+      hostPID: true
       serviceAccountName: {{ .Values.node.serviceAccount.name }}
       priorityClassName: system-node-critical
       tolerations:
@@ -34,6 +35,17 @@ spec:
         {{- with .Values.node.tolerations }}
         {{- toYaml . | nindent 8 }}
         {{- end }}
+      initContainers:
+        - name: install-mountpoint
+          securityContext:
+            privileged: true
+          image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.image.repository (default (printf "v%s" .Chart.AppVersion) (toString .Values.image.tag)) }}
+          imagePullPolicy: IfNotPresent
+          command:
+            - "/install-mp.sh"
+          volumeMounts:
+            - name: host-usr
+              mountPath: /host/usr
       containers:
         - name: s3-plugin
           image: {{ printf "%s%s:%s" (default "" .Values.image.containerRegistry) .Values.image.repository (default (printf "v%s" .Chart.AppVersion) (toString .Values.image.tag)) }}
@@ -55,6 +67,10 @@ spec:
               mountPropagation: "Bidirectional"
             - name: plugin-dir
               mountPath: /csi
+            - name: host-dbus
+              mountPath: /var/run/dbus
+            - name: host-dev
+              mountPath: /hostdev
           ports:
             - name: healthz
               containerPort: 9808
@@ -107,6 +123,15 @@ spec:
             - name: plugin-dir
               mountPath: /csi
       volumes:
+        - name: host-usr
+          hostPath:
+            path: /usr
+        - name: host-dev
+          hostPath:
+            path: /dev
+        - name: host-dbus
+          hostPath:
+            path: /var/run/dbus
         - name: kubelet-dir
           hostPath:
             path: /var/lib/kubelet

cmd/install-mp.sh

@@ -0,0 +1,11 @@
+#!/bin/sh
+
+NSENTER_HOST="nsenter --target 1 --mount --uts --ipc --net"
+
+cp /mount-s3-wrap /host/usr/bin/mount-s3-wrap
+
+echo 'Installing mountpoint'
+cp /mount-s3.rpm /host/usr/mount-s3.rpm
+$NSENTER_HOST yum install -y /usr/mount-s3.rpm
+$NSENTER_HOST rm -f /usr/mount-s3.rpm
+$NSENTER_HOST mkdir -p /var/run/mountpoint-s3

deploy/kubernetes/base/node-daemonset.yaml

@@ -18,6 +18,7 @@ spec:
     spec:
       nodeSelector:
         kubernetes.io/os: linux
+      hostPID: true
       serviceAccountName: s3-csi-driver-sa
       priorityClassName: system-node-critical
       tolerations:
@@ -26,6 +27,16 @@ spec:
         - operator: Exists
           effect: NoExecute
           tolerationSeconds: 300
+      initContainers:
+        - name: install-mountpoint
+          securityContext:
+            privileged: true
+          image: csi-driver
+          command:
+            - "/install-mp.sh"
+          volumeMounts:
+            - name: host-usr
+              mountPath: /host/usr
       containers:
         - name: s3-plugin
           securityContext:
@@ -46,6 +57,10 @@ spec:
               mountPath: /csi
             - name: aws-credentials
               mountPath: /root/.aws
+            - name: host-dbus
+              mountPath: /var/run/dbus
+            - name: host-dev
+              mountPath: /hostdev
           ports:
             - containerPort: 9810
               name: healthz
@@ -88,6 +103,15 @@ spec:
             - mountPath: /csi
               name: plugin-dir
       volumes:
+        - name: host-usr
+          hostPath:
+            path: /usr
+        - name: host-dev
+          hostPath:
+            path: /dev
+        - name: host-dbus
+          hostPath:
+            path: /var/run/dbus
         - name: kubelet-dir
           hostPath:
             path: /var/lib/kubelet

go.mod

@@ -5,31 +5,35 @@ go 1.21
 require (
 	github.com/aws/aws-sdk-go v1.45.13
 	github.com/container-storage-interface/spec v1.8.0
+	github.com/coreos/go-systemd/v22 v22.5.0
+	github.com/godbus/dbus/v5 v5.1.0
 	github.com/golang/mock v1.6.0
 	github.com/kubernetes-csi/csi-test v2.2.0+incompatible
 	github.com/onsi/ginkgo v1.16.5
 	github.com/onsi/gomega v1.27.6
-	google.golang.org/grpc v1.27.0
+	google.golang.org/grpc v1.59.0
 	k8s.io/klog/v2 v2.100.1
 	k8s.io/mount-utils v0.28.2
 )
 
-require github.com/kr/text v0.2.0 // indirect
+require (
+	github.com/kr/text v0.2.0 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect
+)
 
 require (
 	github.com/fsnotify/fsnotify v1.4.9 // indirect
 	github.com/go-logr/logr v1.2.4 // indirect
 	github.com/golang/protobuf v1.5.3 // indirect
 	github.com/google/go-cmp v0.5.9 // indirect
-	github.com/google/uuid v1.3.1 // indirect
+	github.com/google/uuid v1.3.1
 	github.com/jmespath/go-jmespath v0.4.0 // indirect
 	github.com/moby/sys/mountinfo v0.6.2 // indirect
 	github.com/nxadm/tail v1.4.8 // indirect
-	golang.org/x/net v0.13.0
-	golang.org/x/sys v0.10.0 // indirect
-	golang.org/x/text v0.11.0 // indirect
-	google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55 // indirect
-	google.golang.org/protobuf v1.30.0 // indirect
+	golang.org/x/net v0.14.0
+	golang.org/x/sys v0.11.0
+	golang.org/x/text v0.12.0 // indirect
+	google.golang.org/protobuf v1.31.0
 	gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect