csi: update network fence CR name

[riya-singhal31]

this commit updates the name of network fence CR to node name + driver name, which will allow the creation of multiple network fence per drivers on the same node.

Checklist:

• Commit Message Formatting: Commit titles and messages follow guidelines in the developer guide.
• Reviewed the developer guide on Submitting a Pull Request
• Pending release notes updated with breaking and/or notable changes for the next minor release.
• Documentation has been updated, if necessary.
• Unit tests have been added, if necessary.
• Integration tests have been added, if necessary.

[subhamkrai]

please update the unit test to have both pv in single node and verify both NF are created.

[travisn]

How about also add a - to the name? It will be more standard K8s convention and also more readable.

Suggested change

	Name: node.Name + driver,
	Name: node.Name + "-" + driver,

[travisn]

Suggested change

	err = c.client.Get(ctx, types.NamespacedName{Name: node.Name + "rbd", Namespace: cluster.Namespace}, networkFence)
	err = c.client.Get(ctx, types.NamespacedName{Name: node.Name + "-rbd", Namespace: cluster.Namespace}, networkFence)

[travisn]

Let's just keep it lower case, IMO the K8s resource naming is more consistent that way

Suggested change

	err = c.client.Get(ctx, types.NamespacedName{Name: node.Name + "cephFS", Namespace: cluster.Namespace}, networkFence)
	err = c.client.Get(ctx, types.NamespacedName{Name: node.Name + "-cephfs", Namespace: cluster.Namespace}, networkFence)

[travisn]

Can we have a common helper method for unfencing? If the only difference between unfenceAndDeleteCephFSNetworkFence() and unfenceAndDeleteRbdNetworkFence() is the name of the CR and the log messages, then we can make the name a parameters and keep a single method.

[riya-singhal31]

Yes, made the changes.

[riya-singhal31]

Thanks for the review Travis and Subham,
I've updated the PR for the same, PTAL
cc: @travisn , @subhamkrai

[riya-singhal31]

please update the unit test to have both pv in single node and verify both NF are created.

Thanks, Updated, and working as expected.

[travisn]

Suggested change

	logger.Infof("successfully unfenced %q network fence cr %q, proceeding with deletion", driver, networkFence.Name)
	logger.Infof("successfully unfenced %q network fence cr %q, proceeding with deletion", driver, networkFence.Name)

[travisn]

Since this name generation is used in several places, how about a helper method to implement it? Something like:

Suggested change

	Name: node.Name + "-" + driver,
	Name: fenceResourceName(node.Name, driver),

[riya-singhal31]

Thanks, Updated!

[subhamkrai]

few suggestions

[Madhu-1]

Secret:
    Name:       rook-csi-rbd-provisioner
    Namespace:  openshift-storage
Status:
  Message:  fencing operation successful
  Result:   Succeeded
Events:
  Type     Reason                    Age   From                          Message
  ----     ------                    ----  ----                          -------
  Warning  OwnerRefInvalidNamespace  89s   garbage-collector-controller  ownerRef [ceph.rook.io/v1/CephCluster, namespace: , name: ocs-storagecluster-cephcluster, uid: db2eb584-6ebb-4865-8902-a17241e49ff2] does not exist in namespace ""
(venv) [jopinto@jopinto ceph-csi]$

what about the warning mentioned in the BZ, can we check that as well or else we might get i to garbage collection problem.

use SetControllerReference from the k8sutil/resources.go file which check for valid Reference.

[Madhu-1]

we dont need to check fsName for a static volume if staticVolume check is enough, i don't see when fsName can be set to empty.

[travisn]

So we can simplify to this:

Suggested change

	if pv.Spec.CSI.VolumeAttributes["staticVolume"] == "true" || pv.Spec.CSI.VolumeAttributes["fsName"] == "" {
	if pv.Spec.CSI.VolumeAttributes["staticVolume"] == "true" {

[Madhu-1]

Suggested change

	func fenceResourceName(nodeName string, driver string) string {
	func fenceResourceName(nodeName , driver string) string {

[parth-gr]

why hardcoding can we define a variable?

[riya-singhal31]

Sure, updated, Thanks.

[parth-gr]

use fmt.stringf

[travisn]

So we can simplify to this:

Suggested change

	if pv.Spec.CSI.VolumeAttributes["staticVolume"] == "true" || pv.Spec.CSI.VolumeAttributes["fsName"] == "" {
	if pv.Spec.CSI.VolumeAttributes["staticVolume"] == "true" {

[riya-singhal31]

Secret:
    Name:       rook-csi-rbd-provisioner
    Namespace:  openshift-storage
Status:
  Message:  fencing operation successful
  Result:   Succeeded
Events:
  Type     Reason                    Age   From                          Message
  ----     ------                    ----  ----                          -------
  Warning  OwnerRefInvalidNamespace  89s   garbage-collector-controller  ownerRef [ceph.rook.io/v1/CephCluster, namespace: , name: ocs-storagecluster-cephcluster, uid: db2eb584-6ebb-4865-8902-a17241e49ff2] does not exist in namespace ""
(venv) [jopinto@jopinto ceph-csi]$

what about the warning mentioned in the BZ, can we check that as well or else we might get i to garbage collection problem.

use SetControllerReference from the k8sutil/resources.go file which check for valid Reference.

Thanks @Madhu-1 , for letting us know about this.
Created a tracker -> #13626

[travisn]

The PR looks good, could you also confirm in local testing? The unit tests don't catch everything.

[subhamkrai]

@riya-singhal31 please do the local testing, thanks

[riya-singhal31]

Hi! Working as expected,

These are the volumes & pods for cephFS and rbd each driver.

riyasinghal@rsinghal-mac rook % kubectl get pvc,pods
NAME                               STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS      AGE
persistentvolumeclaim/cephfs-pvc   Bound    pvc-7f8aa823-7ec7-4950-917e-80136e00c0b2   1Gi        RWO            rook-cephfs       36m
persistentvolumeclaim/rbd-pvc      Bound    pvc-e840b0a9-f1d7-4338-8ac0-c69dd6e471b1   1Gi        RWO            rook-ceph-block   60m

NAME                     READY   STATUS    RESTARTS   AGE
pod/csicephfs-demo-pod   1/1     Running   0          61s
pod/csirbd-demo-pod      1/1     Running   0          92s

Scheduled on same node, to test the functionality for this PR,

riyasinghal@rsinghal-mac rook % kubectl describe pod/csirbd-demo-pod 
Name:             csirbd-demo-pod
Namespace:        default
Priority:         0
Service Account:  default
Node:             ip-10-0-113-254.us-west-2.compute.internal/[10.0.113.254](http://10.0.113.254/)
Start Time:       Mon, 05 Feb 2024 18:38:27 +0530

riyasinghal@rsinghal-mac rook % kubectl describe pod csicephfs-demo-pod
Name:             csicephfs-demo-pod
Namespace:        default
Priority:         0
Service Account:  default
Node:             ip-10-0-113-254.us-west-2.compute.internal/[10.0.113.254](http://10.0.113.254/)
Start Time:       Mon, 05 Feb 2024 18:38:58 +0530

Since there are 2 drivers, so we expect 2 different Network fences to be created after applying taint to the node for each driver,

riyasinghal@rsinghal-mac rook % kubectl get [networkfences.csiaddons.openshift.io](http://networkfences.csiaddons.openshift.io/)                                  
NAME                                                DRIVER                          CIDRS               FENCESTATE   AGE    RESULT
ip-10-0-113-254.us-west-2.compute.internal-cephfs   [rook-ceph.cephfs.csi.ceph.com](http://rook-ceph.cephfs.csi.ceph.com/)   ["[100.64.0.5/32](http://100.64.0.5/32)"]   Fenced       6m6s   Succeeded
ip-10-0-113-254.us-west-2.compute.internal-rbd      [rook-ceph.rbd.csi.ceph.com](http://rook-ceph.rbd.csi.ceph.com/)      ["[100.64.0.5/32](http://100.64.0.5/32)"]   Fenced       6m7s   Succeeded

The above step was the main requirement for the concern of bug and this PR.

Thanks,
@travisn , @subhamkrai

[subhamkrai]

I guess ready to merge once @Madhu-1 approves.

feedback addressed