Add support for attacher/detacher interface in Flex volume #41804
Conversation
|
Hi @chakri-nelluri. Thanks for your PR. I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
k8s-ci-robot
added
the
cncf-cla: yes
k8s-github-robot
added
size/XXL
|
This change is |
|
@saad-ali @rootfs @MikaelCluseau PTAL If the plugin is not installed on the master node(controller-manager to be exact), the infra is generating the following events. |
|
@k8s-bot ok to test |
|
@kubernetes/sig-storage-pr-reviews |
pkg/volume/flexvolume/util.go
Outdated
| @@ -0,0 +1,111 @@ | |||
| /* | |||
| Copyright 2016 The Kubernetes Authors. | |||
pkg/volume/flexvolume/util.go
Outdated
| "k8s.io/kubernetes/pkg/volume" | ||
| ) | ||
|
|
||
| func addSecretsToOptions(options map[string]string, spec *volume.Spec, namespace string, host volume.VolumeHost) error { |
There was a problem hiding this comment.
you can reuse GetSecretForPV
pkg/volume/flexvolume/util.go
Outdated
| return | ||
| } | ||
|
|
||
| func prepareForMount(mounter mount.Interface, deviceMountPath string) (alreadyMounted bool, err error) { |
There was a problem hiding this comment.
you used named return but alreadyMounted and err are not used.
| // Mounts the device at the given path. | ||
| // It is expected that prepareForMount has been called before. | ||
| func doMount(mounter mount.Interface, devicePath, deviceMountPath, fsType string, options []string) error { | ||
| err := mounter.Mount(devicePath, deviceMountPath, fsType, options) |
There was a problem hiding this comment.
what if the device needs a format? Can FormatAndMount be called?
pkg/volume/flexvolume/plugin.go
Outdated
| plugin.unsupportedCommands = append(plugin.unsupportedCommands, commands...) | ||
| } | ||
|
|
||
| // Returns true iff the given command is know to be unsupported. |
| // Option keys | ||
| optionFSType = "kubernetes.io/fsType" | ||
| optionReadWrite = "kubernetes.io/readwrite" | ||
| optionKeySecret = "kubernetes.io/secret" |
|
|
||
| call.AppendSpec(f.spec, f.plugin.host, extraOptions) | ||
|
|
||
| _, err = call.Run() |
There was a problem hiding this comment.
if fsGroup is present and !readOnly, call SetVolumeOwnership
|
Review status: 0 of 31 files reviewed at latest revision, 7 unresolved discussions. pkg/volume/flexvolume/driver-call.go, line 51 at r1 (raw file): Previously, rootfs (Huamin Chen) wrote…
What is the mechanism to get selinux keys? pkg/volume/flexvolume/mounter.go, line 80 at r1 (raw file): Previously, rootfs (Huamin Chen) wrote…
Done pkg/volume/flexvolume/plugin.go, line 176 at r1 (raw file): Previously, rootfs (Huamin Chen) wrote…
Done pkg/volume/flexvolume/util.go, line 2 at r1 (raw file): Previously, rootfs (Huamin Chen) wrote…
Done for all files. pkg/volume/flexvolume/util.go, line 31 at r1 (raw file):
pkg/volume/flexvolume/util.go, line 66 at r1 (raw file):
pkg/volume/flexvolume/util.go, line 86 at r1 (raw file): Previously, rootfs (Huamin Chen) wrote…
This call just bind mounts or mount an existing filesystem. So formatandmount is offloaded to the plugin using this interface. But FormatAndMount is also missing from MountDevice. Added it in mountDevice. Comments from Reviewable |
|
Thanks @rootfs. Addressed the review comments. PTAL when you get a chance. |
|
LGTM ;) |
pkg/util/exec/exec.go
Outdated
| @@ -48,6 +49,8 @@ type Cmd interface { | |||
| SetDir(dir string) | |||
| SetStdin(in io.Reader) | |||
| SetStdout(out io.Writer) | |||
| // Stops the command (if it is running) | |||
| Stop() | |||
There was a problem hiding this comment.
Looking at the implementation below, the process does not need to be stopped when this function returns, it can wait for SIGKILL. Put there at least a comment that it's expected behavior.
|
|
||
| // Attach is part of the volume.Attacher interface | ||
| func (a *attacherDefaults) Attach(spec *volume.Spec, hostName types.NodeName) (string, error) { | ||
| glog.Warning(logPrefix(a.plugin), "using default Attach for volume ", spec.Name, ", host ", hostName) |
There was a problem hiding this comment.
is this default attacher supposed to be used? If so, please lower the log level, warning is quite offensive here if it is part of normal operation. +update it in all default implementations below.
If it should not be used at all then return an error instead.
There was a problem hiding this comment.
Warning is desired because of the way that Flex is implemented. It implements the attacher interface but individual drivers may or may not implement attacher methods. Therefore, we want it to be very clear when Flex decides to use a default method.
|
Please add a release note. Follow the guide in new pr template at https://raw.githubusercontent.com/kubernetes/kubernetes/master/.github/PULL_REQUEST_TEMPLATE.md. This |
|
Thanks @jsafrane. Will add it using the template. Review status: 0 of 31 files reviewed at latest revision, 9 unresolved discussions, some commit checks failed. pkg/util/exec/exec.go, line 53 at r2 (raw file): Previously, jsafrane (Jan Šafránek) wrote…
Added the details. pkg/volume/flexvolume/attacher-defaults.go, line 36 at r2 (raw file): Previously, jsafrane (Jan Šafránek) wrote…
Miss from debugging. Fixed the log level. Comments from Reviewable |
k8s-github-robot
added
release-note
| } | ||
|
|
||
| func (plugin *pluginDefaults) GetVolumeName(spec *volume.Spec) (string, error) { | ||
| glog.Warning(logPrefix((*flexVolumePlugin)(plugin)), "using default GetVolumeName for volume ", spec.Name) |
|
Review status: 0 of 33 files reviewed at latest revision, 21 unresolved discussions, some commit checks failed. pkg/volume/flexvolume/attacher.go, line 106 at r4 (raw file): Previously, MikaelCluseau (Mikaël Cluseau) wrote…
Yep. If we change it. Comments from Reviewable |
|
Almost there. A couple of comments. Once those are addressed, please squash commits, and modify the release-note to be more descriptive. Indicate that Flex volume driver interface is being modified to expose new attach/detach hooks, that these are different from previous releases because... and they will require Flex Driver authors to update their code accordingly. |
|
Review status: 0 of 33 files reviewed at latest revision, 21 unresolved discussions, some commit checks failed. pkg/volume/flexvolume/attacher-defaults.go, line 36 at r2 (raw file): Previously, saad-ali (Saad Ali) wrote…
Ack. pkg/volume/flexvolume/attacher.go, line 106 at r4 (raw file): Previously, saad-ali (Saad Ali) wrote…
It is too difficult to implement for driver writers. As per isAttached vs areAttached, I would keep it isAttached as it is a per volume call out. :) pkg/volume/flexvolume/detacher.go, line 94 at r4 (raw file): Previously, saad-ali (Saad Ali) wrote…
Oops. Somehow this change is missing. I removed the log altogether. Comments from Reviewable |
|
Thanks @saad-ali. Addressed the review comments. |
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is NOT APPROVED The following people have approved this PR: chakri-nelluri, saad-ali Needs approval from an approver in each of these OWNERS Files:
We suggest the following people: |
saad-ali
added
the
approved
|
Please remember to:
|
|
Thanks @saad-ali and |
|
Automatic merge from submit-queue (batch tested with PRs 41116, 41804, 42104, 42111, 42120) |
|
It seems like the README was forgotten in this PR, it still shows the old design. |
|
@klausenbusk I am working on updating the documentation. It should be in tomorrow. |
That sounds great :) I'm properly going to update https://github.com/tonyzou/flexvolumes DigitalOcean plugin for 1.6 support. |
|
Another question, shouldn't we also pass secret to the detach function? or should the API key be stored outside k8s? |
|
@klausenbusk secrets are namespaced while volumes aren't so, with the redesign, it was chosen to drop this feature. Some background is here: #26926 (comment). |
|
@klausenbusk Updated documentation is at https://github.com/kubernetes/community/tree/master/contributors/devel/flexvolume.md. Ping me if you have any questions. |
I couldn't get my K8s 1.6 cluster to work (kube-dns issues), so I'm "stuck" on 1.5.4 for a little while (properly until the CoreOS guys update their scripts). I have been wondering about one thing. I think it is very unlikely that I end in a situation where 5 disk is attached to a single droplet, but someone is properly gonna hit the limit at some point. |
|
@klausenbusk I think it's more a scheduler issue; I think I've seen something about that for GCE or AWS limit at 16 volumes/node. |
Thanks, I did a little more searching and stumbled on: #24317 which links to https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/#opaque-integer-resources-alpha-feature which could solve the issue. There is also |
|
@klausenbusk Check if you can leverage #13580 to integrate with. There is a new bind proposal for scheduler #41447, trying to address the limitations. |
Edit: See #55738 |
Add support for attacher/detacher interface in Flex volume
This change breaks backward compatibility and requires to be release noted.