This repository has been archived by the owner on Oct 21, 2020. It is now read-only.
Standalone cinder #368
Merged
Standalone cinder #368
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
k8s-ci-robot
added
cncf-cla: yes
|
@j-griffith @humblec @dims FYI Also, I tried to follow convention when updating the vendor code by using 'glide up -v ; glide-vc --use-lock-file'. Please advise if I should do this differently. Thanks! |
|
@aglitke need to resolve the conflict |
|
gofmt and golint |
|
feel free to add directories to .golintignore.... imo menial task of fixing golint should not block merging of the PR, it is something we can fix later as we did with snapshots. |
rootfs
reviewed
Sep 13, 2017
| config, err = rest.InClusterConfig() | ||
| } | ||
| prId := string(uuid.NewUUID()) | ||
| if *id != "" { |
There was a problem hiding this comment.
// By default, we use provisioner name as provisioner identity.There was a problem hiding this comment.
Ok. I'll change it to use the provisionerName
rootfs
reviewed
Sep 13, 2017
| return ret, nil | ||
| } | ||
|
|
||
| func (m *iscsiMapper) AuthSetup(ctx provisionCtx) error { |
There was a problem hiding this comment.
iSCSI CHAP is only in 1.7+, check server git version
There was a problem hiding this comment.
How should I handle the kubernetes version dependencies for this?
There was a problem hiding this comment.
server git version should help, see
https://github.com/kubernetes-incubator/external-storage/blob/master/lib/controller/controller.go#L370
rootfs
reviewed
Sep 13, 2017
| glog.Errorf("Failed to connect volume: %v", err) | ||
| return nil, err | ||
| } | ||
|
|
There was a problem hiding this comment.
I would like to add TODOs in the code for this.
rootfs
reviewed
Sep 13, 2017
| } | ||
|
|
||
| mapper.AuthTeardown(ctx) | ||
|
|
|
also need to import blockstorage extensions github.com/gophercloud/gophercloud/openstack/extensions/volumeactions |
rootfs
reviewed
Sep 13, 2017
| return nil, errors.New("No monitors could be parsed from connection info") | ||
| } | ||
| splitName := strings.SplitN(ctx.connection.Data.Name, "/", 2) | ||
|
|
|
please also provide a deployment and docker file |
|
/approve |
j-griffith
approved these changes
Sep 13, 2017
|
Sorry guys. A bit new to the github PR process and the code validation tools for this project. |
|
build error |
|
To resolve that build error I think I am going to have to close this PR and start over. I resolved some vendor dependencies using the github merge ui and I think that broke things. |
aglitke
force-pushed
the
standalone-cinder
branch
from
b7671e6
to
68b8404
Compare
k8s-ci-robot
removed
the
cncf-cla: yes
|
Thanks for your pull request. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). 📝 Please follow instructions at https://github.com/kubernetes/kubernetes/wiki/CLA-FAQ to sign the CLA. It may take a couple minutes for the CLA signature to be fully registered; after that, please reply here with a new comment and we'll verify. Thanks.
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
k8s-ci-robot
added
the
cncf-cla: no
aglitke
force-pushed
the
standalone-cinder
branch
from
3c3d083
to
766662c
Compare
k8s-ci-robot
added
cncf-cla: yes
|
@aglitke add a Makefile in openstack/standalone-cinder and update top level Makefile (when vendor is updated) |
aglitke
force-pushed
the
standalone-cinder
branch
from
766662c
to
2d8326f
Compare
|
I think this is ready now? |
rootfs
reviewed
Sep 18, 2017
openstack/standalone-cinder/Makefile
Outdated
| .PHONY: all provisoner | ||
|
|
||
| all: provisioner | ||
|
|
There was a problem hiding this comment.
also add a container target
k8s-ci-robot
added
the
cncf-cla: no
aglitke
force-pushed
the
standalone-cinder
branch
from
d4dfc1c
to
531b24c
Compare
In this patch, we introduce a basic cinder provisioner that will dynamically provision cinder volumes and expose them as PVs with native k8s support (such as iscsi). This initial commit introduces the basic structure but does not yet populate iscsi connection parameters into the PV. Signed-off-by: Huamin Chen <hchen@redhat.com> Signed-off-by: Adam Litke <alitke@redhat.com>
Gather connection information by calling cinder InitializeConnection and populate a PV so that it will work with k8s native iscsi PV support. Also support deleting volumes from cinder when requested. Signed-off-by: Adam Litke <alitke@redhat.com>
In order to prepare to support other volume types such as rbd, separate the type-specific logic into an interface. Now, new types can be added by creating a new implementation of the interface as now exists in iscsi.go. Signed-off-by: Adam Litke <alitke@redhat.com>
Interfaces cannot contain fields and the code previously attempted to approximate inheritance from other languages by using a base struct with an embedded interface and then embedding that base struct into the actual volume types. This does not work. Do it in a more idiomatic way by making the volume types pure interfaces and then passing a context struct into methods that need inputs. Signed-off-by: Adam Litke <alitke@redhat.com>
Create a new rbdMapper that implements the volumeMapper interface. We currently assume that the cluster uses cephx authentication. We configure the PV to look for a secret named <storage class name>-cephx-secret of type "kubernetes.io/rbd" that contains the appropriate key. Signed-off-by: Adam Litke <alitke@redhat.com>
Since this provisioner is designed to work outside of the cloudprovider context we should not be using that infrastructure. Instead, use the gophercloud openstack SDK directly. This also allows us to support noauth authentication strategy in a to be delivered gophercloud enhancement[1]. [1] https://github.com/tchughesiv/gophercloud/commits/cinder-noauth Signed-off-by: Adam Litke <alitke@redhat.com>
Signed-off-by: Adam Litke <alitke@redhat.com>
When we receive connection information without CHAP authentication, we do not need a chap secret and chap auth should be disabled in the created PV. Signed-off-by: Adam Litke <alitke@redhat.com>
VolumeId is not returned by all cinder volume drivers when connecting the volume. Pass the Id received when we created the volume to BuildPV. Signed-off-by: Adam Litke <alitke@redhat.com>
Document the design of the cinder provisioner
Kubernetes already has a cinder provisioner which is designed to work with the openstack cloud provider for clusters which are deployed on openstack instances. To avoid confusion, rename this provisioner to standalone-cinder. Signed-off-by: Adam Litke <alitke@redhat.com>
Signed-off-by: Adam Litke <alitke@redhat.com>
By default, external provisioners are using their name as the provisioner ID. Adopt this convention. Signed-off-by: Adam Litke <alitke@redhat.com>
We split the name field in the connection info to get the pool and image. Make sure splitting on '/' yields two components. Signed-off-by: Adam Litke <alitke@redhat.com>
In order to prevent other cinder users from clobbering volumes that we have created for kubernetes we reserve volumes before connecting them and unreserve them after disconnect (before deletion). Signed-off-by: Adam Litke <alitke@redhat.com>
- Add make targets for standalone-cinder - Update the standalone-cinder provisioner to support podified deployments: - Update the build to produce a docker image - Build the provisioner with static flags - Allow openstack parameters to be specified in the environment - Provide sample deployment.yaml TODO: Acquire OS_PASSWORD from secret Signed-off-by: Adam Litke <alitke@redhat.com>
Signed-off-by: Adam Litke <alitke@redhat.com>
Signed-off-by: Adam Litke <alitke@redhat.com>
aglitke
force-pushed
the
standalone-cinder
branch
from
531b24c
to
35777c5
Compare
k8s-ci-robot
added
cncf-cla: yes
|
I fixed the gophercloud/snapshot vendor issue by specifying today's gophercloud HEAD as the requested version in glide.yaml. For some reason glide was choosing an older version implicitly. |
xing-yang
reviewed
Sep 19, 2017
| The provisioner works by mapping cinder volume connections | ||
| (iscsi, rbd, fc, etc) to the corresponding native/raw kubernetes | ||
| volume types. New cinder types can be supported in the provisioner | ||
| by creating a new implementation of the volunmeMapper interface. The |
There was a problem hiding this comment.
s/volunmeMapper/volumeMapper
xing-yang
reviewed
Sep 19, 2017
| providing the service catalog, and a standalone configuration where | ||
| cinder is accessed directly. | ||
|
|
||
| Conventional cinder deployments can be used by supplying a clound |
|
merging: please fix typos in a follow-up! thanks all! |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds a new provisioner called standalone-cinder. The provisioner works by creating a cinder volume and mapping that volume's connection details to a PV using a natively supported VolumeSource. Currently iscsi and rbd volumes are supported. See README.md for more details on the architecture and flow.
The status of the code is a working prototype and I plan to actively collaborate with the community on further improvements.
Please see Issue 317 for the initial discussions about adding this provisioner.
#317