Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for CSI Manila driver deployment #572

Merged
merged 12 commits into from
Apr 4, 2023
Merged

Support for CSI Manila driver deployment #572

merged 12 commits into from
Apr 4, 2023

Conversation

MartinWeindel
Copy link
Member

@MartinWeindel MartinWeindel commented Feb 14, 2023
edited

How to categorize this PR?

/area control-plane
/kind enhancement
/platform openstack

What this PR does / why we need it:
Out-of-the-box support for NFS persistent volumes has been added. If enabled, a share network is created and the CSI Manila driver is deployed to the kube-system namespace on the shoot. The following two additional configuration fields are needed to set. In InfrastructureConfig the field networks.shareNetwork.enabled must be set to true to create the share network used later. In ControlPlaneConfig the field csi.manila.enabled must be set to true to deploy the CSI Manila driver together with the generic CSI NFS driver.

Which issue(s) this PR fixes:
Fixes #153

Special notes for your reviewer:

Release note:

Optional CSI Manila driver deployment to support NFS persistent volumes out-of-the-box.

@MartinWeindel MartinWeindel requested review from a team as code owners February 14, 2023 14:18
@gardener-robot gardener-robot added kind/api-change API change with impact on API users needs/second-opinion Needs second review by someone else area/control-plane Control plane related kind/enhancement Enhancement, improvement, extension platform/openstack OpenStack platform/infrastructure needs/review Needs review size/xl Size of pull request is huge (see gardener-robot robot/bots/size.py) labels Feb 14, 2023
@gardener-robot-ci-3 gardener-robot-ci-3 added reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) needs/ok-to-test Needs approval for testing (check PR in detail before setting this label because PR is run on CI/CD) and removed reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) labels Feb 14, 2023
@kon-angelo kon-angelo mentioned this pull request Feb 15, 2023
Open
@gardener-robot-ci-3 gardener-robot-ci-3 added the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Feb 16, 2023
@gardener-robot-ci-2 gardener-robot-ci-2 removed the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Feb 16, 2023
@gardener-robot-ci-1 gardener-robot-ci-1 added reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) and removed reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) labels Feb 16, 2023
@gardener-robot-ci-3 gardener-robot-ci-3 added the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Mar 17, 2023
@MartinWeindel
Copy link
Member Author

rebased

@gardener-robot-ci-3 gardener-robot-ci-3 removed the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Mar 17, 2023
@gardener-robot-ci-1 gardener-robot-ci-1 added reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) and removed reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) labels Mar 17, 2023
@gardener-robot-ci-3 gardener-robot-ci-3 added reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) and removed reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) labels Mar 17, 2023
@gardener-robot-ci-1 gardener-robot-ci-1 added reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) and removed reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) labels Mar 20, 2023
@gardener-robot gardener-robot added the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Mar 30, 2023
kon-angelo
kon-angelo previously approved these changes Mar 30, 2023
View reviewed changes
Copy link
Contributor

@kon-angelo kon-angelo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@gardener-robot gardener-robot added reviewed/lgtm Has approval for merging and removed needs/review Needs review needs/second-opinion Needs second review by someone else labels Mar 30, 2023
kon-angelo
kon-angelo reviewed Mar 30, 2023
View reviewed changes
docs/usage-as-end-user.md Outdated
@@ -106,6 +112,9 @@ loadBalancerClasses:
cloudControllerManager:
featureGates:
CustomResourceValidation: true
#csi
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this needs to be updated right ? And can we also update the example/{infrastructure,controlplane} files ?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, missed that.

@kon-angelo kon-angelo self-requested a review March 30, 2023 07:56
@gardener-robot gardener-robot added needs/review Needs review needs/second-opinion Needs second review by someone else and removed needs/review Needs review reviewed/lgtm Has approval for merging labels Mar 30, 2023
@gardener-robot-ci-1 gardener-robot-ci-1 removed the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Mar 30, 2023
@gardener-robot-ci-2 gardener-robot-ci-2 added reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) and removed reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) labels Apr 4, 2023
kon-angelo
kon-angelo reviewed Apr 4, 2023
View reviewed changes
...l/seed-controlplane/charts/csi-driver-manila-controller/templates/deployment-controller.yaml Outdated
Comment on lines 103 to 105
add: ["SYS_ADMIN"]
allowPrivilegeEscalation: true
args:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The controller does not need the priviledge escalation or sys_admin

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

addressed

kon-angelo
kon-angelo reviewed Apr 4, 2023
View reviewed changes
...l/seed-controlplane/charts/csi-driver-manila-controller/templates/deployment-controller.yaml Outdated
automountServiceAccountToken: false
priorityClassName: gardener-system-300
containers:
{{- range .Values.shareProtocols }}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am a bit conflicted. For now we only care about NFS but even if we did have more protocols that we want to support, I am not sure if I would prefer to run them in a "mega"-pod rather than its own separate deployments.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

dropped the range over share protocols

...l/seed-controlplane/charts/csi-driver-manila-controller/templates/deployment-controller.yaml Outdated
Comment on lines 45 to 47
capabilities:
add: ["SYS_ADMIN"]
allowPrivilegeEscalation: true
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No hostpath == no need for the extra permissions

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

addressed, thanks

charts/internal/shoot-system-components/charts/csi-driver-manila/templates/daemonset-node.yaml Outdated
- name: {{ .protocolSelector | lower }}-plugin-dir
mountPath: /csi

- name: {{ .protocolSelector | lower }}-nfs-liveness-probe
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Technically not necessary because manila forwards the requests to NFS ref

charts/internal/shoot-system-components/charts/csi-driver-manila/templates/daemonset-node.yaml Outdated Show resolved Hide resolved
charts/internal/shoot-system-components/charts/csi-driver-manila/templates/daemonset-node.yaml Outdated Show resolved Hide resolved
charts/internal/shoot-system-components/charts/csi-driver-manila/templates/daemonset-node.yaml Outdated Show resolved Hide resolved
...l/seed-controlplane/charts/csi-driver-manila-controller/templates/deployment-controller.yaml Outdated Show resolved Hide resolved
@MartinWeindel @kon-angelo
improvements after review
ebf17c9 
Co-authored-by: Angelopoulos, Konstantinos <konstantinos.angelopoulos@sap.com>
@gardener-robot-ci-2 gardener-robot-ci-2 added reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) and removed reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) labels Apr 4, 2023
kon-angelo
kon-angelo approved these changes Apr 4, 2023
View reviewed changes
Copy link
Contributor

@kon-angelo kon-angelo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@gardener-robot gardener-robot added reviewed/lgtm Has approval for merging and removed needs/second-opinion Needs second review by someone else labels Apr 4, 2023
@gardener-robot-ci-2 gardener-robot-ci-2 added the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Apr 4, 2023
@kon-angelo kon-angelo merged commit 0ddaed5 into gardener:master Apr 4, 2023
7 checks passed
@gardener-robot gardener-robot added the status/closed Issue is closed (either delivered or triaged) label Apr 4, 2023
@kon-angelo kon-angelo mentioned this pull request Apr 4, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kon-angelo kon-angelo kon-angelo approved these changes

Assignees
No one assigned
Labels
area/control-plane Control plane related area/ipcei IPCEI (Important Project of Common European Interest) kind/api-change API change with impact on API users kind/enhancement Enhancement, improvement, extension needs/ok-to-test Needs approval for testing (check PR in detail before setting this label because PR is run on CI/CD) platform/openstack OpenStack platform/infrastructure reviewed/lgtm Has approval for merging reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) size/xl Size of pull request is huge (see gardener-robot robot/bots/size.py) status/closed Issue is closed (either delivered or triaged)
Projects
None yet
Milestone
v1.33
Development

Successfully merging this pull request may close these issues.

Out-of-the-box Manila CSI driver support for shoots
6 participants
@MartinWeindel @kon-angelo @gardener-robot-ci-1 @gardener-robot-ci-2 @gardener-robot-ci-3 @gardener-robot