-
Notifications
You must be signed in to change notification settings - Fork 1.6k
Standalone cinder #368
Standalone cinder #368
Conversation
@j-griffith @humblec @dims FYI Also, I tried to follow convention when updating the vendor code by using 'glide up -v ; glide-vc --use-lock-file'. Please advise if I should do this differently. Thanks! |
@aglitke need to resolve the conflict |
gofmt and golint
|
feel free to add directories to .golintignore.... imo menial task of fixing golint should not block merging of the PR, it is something we can fix later as we did with snapshots. |
config, err = rest.InClusterConfig() | ||
} | ||
prId := string(uuid.NewUUID()) | ||
if *id != "" { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
// By default, we use provisioner name as provisioner identity.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok. I'll change it to use the provisionerName
return ret, nil | ||
} | ||
|
||
func (m *iscsiMapper) AuthSetup(ctx provisionCtx) error { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
iSCSI CHAP is only in 1.7+, check server git version
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How should I handle the kubernetes version dependencies for this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
server git version should help, see
https://github.com/kubernetes-incubator/external-storage/blob/master/lib/controller/controller.go#L370
glog.Errorf("Failed to connect volume: %v", err) | ||
return nil, err | ||
} | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
reserve the volume
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would like to add TODOs in the code for this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sgtm
} | ||
|
||
mapper.AuthTeardown(ctx) | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
unreserve the volume
also need to import blockstorage extensions github.com/gophercloud/gophercloud/openstack/extensions/volumeactions |
return nil, errors.New("No monitors could be parsed from connection info") | ||
} | ||
splitName := strings.SplitN(ctx.connection.Data.Name, "/", 2) | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
validate len(splitName)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Will do
please also provide a deployment and docker file |
/approve |
Sorry guys. A bit new to the github PR process and the code validation tools for this project. |
build error
|
To resolve that build error I think I am going to have to close this PR and start over. I resolved some vendor dependencies using the github merge ui and I think that broke things. |
b7671e6
to
68b8404
Compare
Thanks for your pull request. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). 📝 Please follow instructions at https://github.com/kubernetes/kubernetes/wiki/CLA-FAQ to sign the CLA. It may take a couple minutes for the CLA signature to be fully registered; after that, please reply here with a new comment and we'll verify. Thanks.
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
3c3d083
to
766662c
Compare
@aglitke add a Makefile in openstack/standalone-cinder and update top level Makefile (when vendor is updated) |
766662c
to
2d8326f
Compare
I think this is ready now? |
openstack/standalone-cinder/Makefile
Outdated
.PHONY: all provisoner | ||
|
||
all: provisioner | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
also add a container target
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
d4dfc1c
to
531b24c
Compare
In this patch, we introduce a basic cinder provisioner that will dynamically provision cinder volumes and expose them as PVs with native k8s support (such as iscsi). This initial commit introduces the basic structure but does not yet populate iscsi connection parameters into the PV. Signed-off-by: Huamin Chen <hchen@redhat.com> Signed-off-by: Adam Litke <alitke@redhat.com>
Gather connection information by calling cinder InitializeConnection and populate a PV so that it will work with k8s native iscsi PV support. Also support deleting volumes from cinder when requested. Signed-off-by: Adam Litke <alitke@redhat.com>
In order to prepare to support other volume types such as rbd, separate the type-specific logic into an interface. Now, new types can be added by creating a new implementation of the interface as now exists in iscsi.go. Signed-off-by: Adam Litke <alitke@redhat.com>
Interfaces cannot contain fields and the code previously attempted to approximate inheritance from other languages by using a base struct with an embedded interface and then embedding that base struct into the actual volume types. This does not work. Do it in a more idiomatic way by making the volume types pure interfaces and then passing a context struct into methods that need inputs. Signed-off-by: Adam Litke <alitke@redhat.com>
Create a new rbdMapper that implements the volumeMapper interface. We currently assume that the cluster uses cephx authentication. We configure the PV to look for a secret named <storage class name>-cephx-secret of type "kubernetes.io/rbd" that contains the appropriate key. Signed-off-by: Adam Litke <alitke@redhat.com>
Since this provisioner is designed to work outside of the cloudprovider context we should not be using that infrastructure. Instead, use the gophercloud openstack SDK directly. This also allows us to support noauth authentication strategy in a to be delivered gophercloud enhancement[1]. [1] https://github.com/tchughesiv/gophercloud/commits/cinder-noauth Signed-off-by: Adam Litke <alitke@redhat.com>
Signed-off-by: Adam Litke <alitke@redhat.com>
When we receive connection information without CHAP authentication, we do not need a chap secret and chap auth should be disabled in the created PV. Signed-off-by: Adam Litke <alitke@redhat.com>
VolumeId is not returned by all cinder volume drivers when connecting the volume. Pass the Id received when we created the volume to BuildPV. Signed-off-by: Adam Litke <alitke@redhat.com>
Document the design of the cinder provisioner
Kubernetes already has a cinder provisioner which is designed to work with the openstack cloud provider for clusters which are deployed on openstack instances. To avoid confusion, rename this provisioner to standalone-cinder. Signed-off-by: Adam Litke <alitke@redhat.com>
Signed-off-by: Adam Litke <alitke@redhat.com>
By default, external provisioners are using their name as the provisioner ID. Adopt this convention. Signed-off-by: Adam Litke <alitke@redhat.com>
We split the name field in the connection info to get the pool and image. Make sure splitting on '/' yields two components. Signed-off-by: Adam Litke <alitke@redhat.com>
In order to prevent other cinder users from clobbering volumes that we have created for kubernetes we reserve volumes before connecting them and unreserve them after disconnect (before deletion). Signed-off-by: Adam Litke <alitke@redhat.com>
- Add make targets for standalone-cinder - Update the standalone-cinder provisioner to support podified deployments: - Update the build to produce a docker image - Build the provisioner with static flags - Allow openstack parameters to be specified in the environment - Provide sample deployment.yaml TODO: Acquire OS_PASSWORD from secret Signed-off-by: Adam Litke <alitke@redhat.com>
Signed-off-by: Adam Litke <alitke@redhat.com>
Signed-off-by: Adam Litke <alitke@redhat.com>
531b24c
to
35777c5
Compare
I fixed the gophercloud/snapshot vendor issue by specifying today's gophercloud HEAD as the requested version in glide.yaml. For some reason glide was choosing an older version implicitly. |
The provisioner works by mapping cinder volume connections | ||
(iscsi, rbd, fc, etc) to the corresponding native/raw kubernetes | ||
volume types. New cinder types can be supported in the provisioner | ||
by creating a new implementation of the volunmeMapper interface. The |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s/volunmeMapper/volumeMapper
providing the service catalog, and a standalone configuration where | ||
cinder is accessed directly. | ||
|
||
Conventional cinder deployments can be used by supplying a clound |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s/clound/cloud
merging: please fix typos in a follow-up! thanks all! |
This PR adds a new provisioner called standalone-cinder. The provisioner works by creating a cinder volume and mapping that volume's connection details to a PV using a natively supported VolumeSource. Currently iscsi and rbd volumes are supported. See README.md for more details on the architecture and flow.
The status of the code is a working prototype and I plan to actively collaborate with the community on further improvements.
Please see Issue 317 for the initial discussions about adding this provisioner.
#317