Check if PV/PVC Access Modes are Supported by the Volume Provider

[rrpolanco]

Currently, when migrating data, we do not consider whether the source PV's access modes are supported by the destination's volume provider. Not having this check makes the migrator prone to errors during the migration which is not the optimal experience. E.g. if migration from a volume that supports access modes RWX(Minio) to a volume which only supports RWO (local volume). For cases such as this, we want to warn the users about such errors prior to the migration so they can fix them ahead of time and have a smoother migration experience.

Solution

pvmigrate client and library will support running volume access modes validation checks on the destination PV. The checks will verify if the access modes on any of the source PVCs are supported by the destination volume provider. This is accomplished by creating temporary headless pods which create and consume the destination storage class volume with the access modes of the source PVCs. Any failures will be shown to the user via the terminal.

How it Works

At a high level, the validation does the following:

1. Retrieve all PVs for the source storage class
2. For each of the PVs gathered, get their associated PVC reference
3. For each source PVC:
   1. Create a temporary PVC using source PVC volume access modes
   2. Create a temporary POD to consume the temp PVC
   3. Wait for temp POD to be ready, if not ready then it's highly likely there was an error creating the volume
      1. Get the volume provisioning error by inspecting the events for the PVC
4. Collect all the PVC errors and print them in a table format

NAMESPACE               PVC                             SOURCE                        REASON                           MESSAGE
---------               ---                             -----------                   --------------                   ----------
default                 rook-rwx-block-claim            openebs.io/local_openebs-localpv-provisioner-77c9bcfd96-v4dnj_311601fb-2832-4f3d-b464-e78d3895b046        ProvisioningFailed               failed to provision volume with StorageClass "openebs-localpv": Only support ReadWriteOnce access mode

Ref: Internal ticket tracker [sc-61144]

[rrpolanco]

[sc-61144]

[camilamacedo86]

Could we try to add names here that clarifies WHEN.. THEN .. EXPECTED?
more info: https://dev.to/smyrman/test-with-expect-a-bdd-style-go-naming-pattern-5eh5

Example: when has x should not fail

[rrpolanco]

Good suggestion. I'll give the TWE naming convention a try.

[camilamacedo86]

Could we not here return error only?
That is little strange return PVCError and error. is not PVCError an error as well?

[rrpolanco]

I could return (error, error) however, I would have to deal with the type conversation later on. I rather use the concrete type directly, PVCErrror, which represents the error from the PVC event.

[laverya]

Why not just return error, and have the cause of the PVCError be the parent error if one exists?

[camilamacedo86]

have we a CR that represents the service? if so, could we use use conditional status?
So that, we can properly set the status of this one?

[rrpolanco]

We don't have a CR. This project is both a CLI and library for doing PVC migrations.
What do you mean by

if so, could we use use conditional status?
So that, we can properly set the status of this one?

[camilamacedo86]

Question: how we have been using this project?
Do we distribute it like a bin and call in the kURL?
Where and how it is used?

[rrpolanco]

It's used as a library in kURL's version of pvmigrate CLI: https://github.com/replicatedhq/kURL/blob/main/kurl_util/cmd/pvmigrate/main.go#L14

[laverya]

It's also distributed as a binary publicly, and is installable with krew

[emosbaugh]

this seems like it begs to be a circular dep. can we move the method into this project?

[rrpolanco]

I'm specifically importing github.com/replicatedhq/kurl/pkg/k8sutil. However, nothing in k8sutil package imports this (migrate) package, so no import cycle there. I'd rather no duplicate code here if not absolutely required.

[emosbaugh]

then lets move the code to pvmigrate. this project should absolutely not depend on kurl

[rrpolanco]

@emosbaugh To sever the kURL dependency I can copy those functions into this project or refactor so as to not depend on those functions per your original suggestion. Agree?

[laverya]

Strongly agree
We should NOT be importing kurl here

[emosbaugh]

v1.25.4

[emosbaugh]

for consistency

Suggested change

	sourcePvcAnnotation = baseAnnotation + "-sourcepvc"
	sourcePVCAnnotation = baseAnnotation + "-sourcepvc"

[emosbaugh]

Suggested change

	PvcCopyTimeout int
	PVCCopyTimeout int

[emosbaugh]

do you see any value in adding a --dry-run flag?

[rrpolanco]

yes! Namely for standalone CLI users.

[laverya]

That's been requested before, actually: #104

[laverya]

Dry run of course could not create pods

[emosbaugh]

should this be in the same namespace as the src pvc?

[rrpolanco]

Temp pod is created in default ns. See #139 (comment)

[emosbaugh]

Will this work for airgap customers?

[rrpolanco]

Good point! This image would need to be loaded into Docker or containerd unless it's been loaded already by another image which builds atop of busybox.

Hmm, @ricardomaraschini node disk space validator would also run into the same issue if it was integrated in the kURL installer. The disk space validator relies on the rsync image to be available. It's probably a good idea for both to use the same container image. I need to think about how to best handle this. I'm currently thinking we should pick an image to use, archive it and then load it during install.

[laverya]

We already require an image to be passed via the CLI to do the migration with
Use that image

[laverya]

pvmigrate/pkg/migrate/migrate.go

Line 83 in 075f71c

flag.StringVar(&options.RsyncImage, "rsync-image", "eeacms/rsync:2.3", "the image to use to copy PVCs - must have 'rsync' on the path")

[rrpolanco]

Resolved: We can use the kurl util image and specify it as part of the CLI as show here: https://github.com/replicatedhq/kURL/blob/aea79861716d66787f0b31670f1fc74a7ee16d1f/scripts/common/rook.sh#L153

[emosbaugh]

Suggested change

	if err := p.k8scli.CoreV1().Pods(pod.Namespace).Delete(context.Background(), pod.Name, delopts); err != nil {
	// Cleanup should use background context so as not to fail if context has already been canceled
	if err := p.k8scli.CoreV1().Pods(pod.Namespace).Delete(context.Background(), pod.Name, delopts); err != nil {

[emosbaugh]

Suggested change

	func (p *PVMigrator) getPvcError(pvc *corev1.PersistentVolumeClaim) (PVCError, error) {
	func (p *PVMigrator) getPVCError(pvc *corev1.PersistentVolumeClaim) (PVCError, error) {

[emosbaugh]

Suggested change

	timeout := time.NewTicker(5 * time.Minute)
	timeout := time.After(5 * time.Minute)

[laverya]

if this is for dev/test only, that should be mentioned in the flag description - or the flag should be hidden.

[rrpolanco]

I'll update the comment. I added this in the case where there is a rare scenario where someone may a justifiable reason to ignore a PVC access volume validation.

[laverya]

Suggested change

	fmt.Printf("failed to get volumes using storage class %s: %s", options.SourceSCName, err)
	output.Printf("failed to get volumes using storage class %s: %s", options.SourceSCName, err)

ethan commented the same elsewhere, but let's avoid fmt.printf when we have output available

[rrpolanco]

agree.

[laverya]

What is this used by?
What is the use case?

Aren't you initializing the struct directly elsewhere?

[laverya]

IMO this whole function is unused and should not exist

I think there should be a single function to run the whole 'can I migrate from sc A to B without having broken access modes' check, but it should take all the args it needs directly.

[rrpolanco]

NewPVMigrator() is used by kURL's pvmigrator CLI: https://github.com/replicatedhq/kURL/pull/3767/files#diff-fc4b9380946b46363bac9e7ecee925d5142b5fa0f607de99b9f5d3383d952e01R97

[laverya]

Truthfully what I'm getting from that is 'oh dear lord why did we start reimplementing this logic in kURL, that was the entire reason that the CLI function exists'

I still think the solution is to move the entire 'can I make proper dest PVCs' logic inside of 'Migrate'

[laverya]

I'm relatively certain we have this logic in pvmigrate already - refactoring it into a function would be better than using kurlutils (even besides the 'let's not do circular deps' issue, having the same logic use two different implementations will cause issues)

[rrpolanco]

Yeah, we do. I can make use of that instead of relying the kurl k8s package.

[laverya]

Suggested change

	PvcCopyTimeout int
	PodReadyTimeout int
	PvcCopyTimeout time.Duration
	PodReadyTimeout time.Duration

Why are we passing around unitless integers when there is literally a type for that

[rrpolanco]

My thought on this was to make easy on clients...just give me a time in seconds (int) and the implementation will convert it to the type(time.Duration) it needs.

[laverya]

just.... no
I've requested a change to make the option actually a duration

[rrpolanco]

Will accept that change.

[laverya]

Why is this function public?

If we're going to keep it public let's move it (and all supporting infa) to a new package.

[rrpolanco]

The one benefit I see for keeping this public and separating the validation from the migration behaviour is that in the near future we could rollup all the different validation checks into one package or method.

[laverya]

Sure, but even if we do that we probably don't want to encourage calling one individual validator.

Better to keep this private until we 100% have a need for it externally

[laverya]

IIRC this doesn't work great in a for loop.

Also, just more generally, this isn't an OK change IMO - the current logic is 'keep copying as long as it's not stuck', and since some copies may legitimately take hours I would rather not have to wait hours to find out that something was really stuck

[laverya]

Also, you're doubling up on timeouts here - you've added timeout logic to copyOnePVC but also to the context it's being passed. Choose one (but preferably choose none in this PR), if we need to do that it needs more discussion

[rrpolanco]

This needs to be fleshed out bit a more. Namely, figure out what constitutes as "stuck" and how to detect that.

[rrpolanco]

Created internal tracking ticket for handling timeouts in this context.

[laverya]

Please back out all of the changes for this function. They do not appear related to the main thrust of the PR and require more discussion (as they prevent legitimately slow/large transfers from working, or prevent stalled transfers from being detected early, depending on configuration)

[rrpolanco]

I'll back this out.

[laverya]

can we pass in options instead of using an object?
It's not the patten the project has used thus far.

[rrpolanco]

@laverya you want buildPVConsumerPod() to accept the name override as an argument instead of pulling it from the receiver?

[laverya]

I swear this logic is present elsewhere in the code
could you factor them into a common function?

[rrpolanco]

yup.

[laverya]

another instance of this logic to factor out

[rrpolanco]

Will address this.

[laverya]

IMO these should be the same defer func, not two

[rrpolanco]

I can consolidate these.

[laverya]

I would greatly prefer for this logic to be contained within 'Migrate' (after the 'do these storageclasses exist' check, for instance), not independent

If it must be independent, it should be callable as a single function that returns an error and should handle getting the list of PVCs itself.

[laverya]

instead of having pvcNameOverride, I'd generally recommend using the source PVC's name with a suffix and then trimmed

[laverya]

(And name the pod based on the PVC being tested too)

[laverya]

this makes things much clearer to any cluster operator that encounters this in progress

[rrpolanco]

The name override is meant for testing since we need a deterministic name.

[laverya]

The name should ALWAYS be deterministic, never random

The way to do that is to take something like my-app-pvc-0 and turn it into my-app-pvc-0-pvcmigrate-accessmodes

[laverya]

This is what is done elsewhere in the code (and in fact that's why we need the 'trim from middle' code)

[rrpolanco]

Will make this change.

[laverya]

I'm confused - why are you setting status here?

[laverya]

If you're doing this so that you can set the claim status for something else to read in a test function, I'd recommend looking at the backgroundfunc stuff in some of the other test functions - that way you can wait for 1/10th of a second or whatever and ensure that the logic does not require status to be immediately perfect

[emosbaugh]

is there any possibility for the purposes of kurl we run validate and then migrate separately? then we dont have to have this alternate exit code. if we cant, can we try to map this exit code to standard linux exit codes? also should we use a constant here?

[rrpolanco]

The intention was to only run validate() as part of the openebs migration prompt here and abort the install if the validate failed. Also, AFAIK there are no standard/conventional exit codes. We could model this after a linux command or come up with our own scheme. I lean towards the latter.

[emosbaugh]

this should be 1

[emosbaugh]

Suggested change

	flag.IntVar(&options.PvcCopyTimeout, "pvc-copy-timeout", 300, "length of time to wait (in seconds) when transferring data from the source to the destination storage volume")
	flag.IntVar(&options.PVCCopyTimeout, "pvc-copy-timeout", 300, "length of time to wait (in seconds) when transferring data from the source to the destination storage volume")

[emosbaugh]

Suggested change

	return nil, fmt.Errorf("failed to get persistent volumes: %w", err)
	return nil, fmt.Errorf("failed to list persistent volumes: %w", err)

[emosbaugh]

Suggested change

	return nil, fmt.Errorf("failed to get PVCs for storage %s: %s", options.SourceSCName, err)
	return nil, fmt.Errorf("failed to get PVCs for storage %s: %w", options.SourceSCName, err)

[emosbaugh]

Suggested change

	return nil, fmt.Errorf("failed validate PVC access modes: %s", err)
	return nil, fmt.Errorf("failed validate PVC access modes: %w", err)

[emosbaugh]

Suggested change

	return nil, fmt.Errorf("failed to list events for PVC %s", pvc.Name)
	return nil, fmt.Errorf("failed to list events for PVC %s: %w", pvc.Name, err)

[rrpolanco]

good catch. I've addressed this.

[emosbaugh]

move this to k8sutil package?

[rrpolanco]

Done. thanks.

[rrpolanco]

Modified the output of the preflight validation to be generic.

When there is a validation failure when migrating from Rook to OpenEBS 👇

⚙  Waiting for OpenEBS CustomResourceDefinitions to be ready
✔ OpenEBS CustomResourceDefinitions are ready
Existing default storage class that is not OpenEBS LocalPV detected.
OpenEBS LocalPV will be installed as the non-default storage class.
storageclass.storage.k8s.io/openebs-localpv unchanged
awaiting openebs-localpv-provisioner deployment
Running Rook to OpenEBS Migration Checks ...

The following resources cannot be migrated:

NAMESPACE		RESOURCE			MESSAGE
---------		--------			-------
default			pvc/rook-rwx-claim		failed to provision volume with StorageClass "openebs-localpv": Only support ReadWriteOnce access mode
Cannot upgrade from Rook to OpenEBS due to previous errors.

[emosbaugh]

should this be stderr?

[rrpolanco]

I decided to separate the output of the validation failures to go to stdout and program errors to stderr.

[laverya]

Why have we removed the CLI function?

I suppose that kurl isn't using it anymore, so it might not be useful...

[rrpolanco]

I refactored this to avoid import cycles from pvmigrate package. Moreover, handling CLI flags in the pvmigrate package is not the right place to do this.

[laverya]

Should validateStorageClasses - which validates that storageclasses are present in the cluster - be part of Validate instead of Migrate?

[rrpolanco]

The validation of storage classes will happen in both the validation and migration paths.

[rrpolanco]

This the output when the validation can't find the storage class(es):

$ ./kurl/bin/pvmigrate --source-sc "non-default" --dest-sc "longhorn" --rsync-image "replicated/ku
rl-util:alpha" --skip-free-space-check --preflight-validation-only
The following resources cannot be migrated:

NAMESPACE		RESOURCE		MESSAGE
---------		--------		-------
			sc/non-default		Resource not found
			sc/longhorn		Resource not found

[laverya]

This needs to be a time.Duration, not an int

[rrpolanco]

Fixed.

[laverya]

Would you mind using this in Migrate? (specifically in newPvcName)

(This might require changing this to be NewSuffixedName for consistency)

[rrpolanco]

will take this suggestion as a future TODO.

[laverya]

This looks great, but there's one other thing I'd like to see -

PLEASE update the readme with the additional CLI flags and process steps.

[laverya]

Could you copy the logic from the migrate version more precisely? This drops support for the 'skip-source-validation' flag

[rrpolanco]

done

[emosbaugh]

can you return nil here?

Suggested change

	if _, err := client.CoreV1().PersistentVolumes().Get(
	ctx, pv.Name, metav1.GetOptions{},
	); err != nil && !k8serrors.IsNotFound(err) {
	l.Printf("failed to get pv for temp pvc %s: %s", pvc, err)
	} else if err != nil && k8serrors.IsNotFound(err) {
	break
	}
	if _, err := client.CoreV1().PersistentVolumes().Get(
	ctx, pv.Name, metav1.GetOptions{},
	); err != nil {
	if k8serrors.IsNotFound(err) {
	return nil
	}
	l.Printf("failed to get pv for temp pvc %s: %s", pvc, err)
	}

[emosbaugh]

Suggested change

return nil

[rrpolanco]

I can't remove this return statement, Go requires a return.

[emosbaugh]

this felt like unreachable code in my head based on the other change requested in my review. but ill take your word for it

[emosbaugh]

as i dont feel that strongly about my suggestion ill approve