From bd07dd4e7194ce62bc48f5e0ed910dfa76046cee Mon Sep 17 00:00:00 2001 From: Praveen M Date: Thu, 14 Mar 2024 15:45:54 +0530 Subject: [PATCH 1/2] rbd: deployment changes to support VGS Signed-off-by: Praveen M --- deploy/rbd/kubernetes/csi-provisioner-rbac.yaml | 11 ++++++++++- deploy/rbd/kubernetes/csi-rbdplugin-provisioner.yaml | 1 + 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/deploy/rbd/kubernetes/csi-provisioner-rbac.yaml b/deploy/rbd/kubernetes/csi-provisioner-rbac.yaml index 0fd06e17d77..dc714bc454c 100644 --- a/deploy/rbd/kubernetes/csi-provisioner-rbac.yaml +++ b/deploy/rbd/kubernetes/csi-provisioner-rbac.yaml @@ -35,7 +35,7 @@ rules: verbs: ["get", "list", "watch"] - apiGroups: ["snapshot.storage.k8s.io"] resources: ["volumesnapshots"] - verbs: ["get", "list", "patch"] + verbs: ["get", "list", "watch", "update", "patch", "create"] - apiGroups: ["snapshot.storage.k8s.io"] resources: ["volumesnapshots/status"] verbs: ["get", "list", "patch"] @@ -66,6 +66,15 @@ rules: - apiGroups: [""] resources: ["serviceaccounts/token"] verbs: ["create"] + - apiGroups: ["groupsnapshot.storage.k8s.io"] + resources: ["volumegroupsnapshotclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["groupsnapshot.storage.k8s.io"] + resources: ["volumegroupsnapshotcontents"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: ["groupsnapshot.storage.k8s.io"] + resources: ["volumegroupsnapshotcontents/status"] + verbs: ["update", "patch"] --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 diff --git a/deploy/rbd/kubernetes/csi-rbdplugin-provisioner.yaml b/deploy/rbd/kubernetes/csi-rbdplugin-provisioner.yaml index b8344c22f69..da8991612cc 100644 --- a/deploy/rbd/kubernetes/csi-rbdplugin-provisioner.yaml +++ b/deploy/rbd/kubernetes/csi-rbdplugin-provisioner.yaml @@ -133,6 +133,7 @@ spec: - "--timeout=150s" - "--leader-election=true" - "--extra-create-metadata=true" + - "--enable-volume-group-snapshots=true" env: - name: ADDRESS value: unix:///csi/csi-provisioner.sock From b9543d3fd338a3d16e05052a3003c11cfa3fc1c0 Mon Sep 17 00:00:00 2001 From: Praveen M Date: Thu, 14 Mar 2024 15:46:46 +0530 Subject: [PATCH 2/2] helm: update template for rbd volumegroupsnapshot This commit updates template for rbd VolumeGroupSnapshot. The value is set to false by default. Signed-off-by: Praveen M --- charts/ceph-csi-rbd/README.md | 1 + .../templates/provisioner-clusterrole.yaml | 22 +++++++++++++++++-- .../templates/provisioner-deployment.yaml | 1 + charts/ceph-csi-rbd/values.yaml | 4 ++++ scripts/install-helm.sh | 2 +- 5 files changed, 27 insertions(+), 3 deletions(-) diff --git a/charts/ceph-csi-rbd/README.md b/charts/ceph-csi-rbd/README.md index 9e1fe6b2d8d..6ab8b7a36c2 100644 --- a/charts/ceph-csi-rbd/README.md +++ b/charts/ceph-csi-rbd/README.md @@ -154,6 +154,7 @@ charts and their default values. | `provisioner.provisioner.image.tag` | Specifies image tag | `v4.0.0` | | `provisioner.provisioner.image.pullPolicy` | Specifies pull policy | `IfNotPresent` | | `provisioner.provisioner.image.extraArgs` | Specifies extra arguments for the provisioner sidecar | `[]` | +| `provisioner.snapshotter.args.enableVolumeGroupSnapshots` | enables the creation of volume group snapshots | `false` | | `provisioner.attacher.image.repository` | Specifies the csi-attacher image repository URL | `registry.k8s.io/sig-storage/csi-attacher` | | `provisioner.attacher.image.tag` | Specifies image tag | `v4.5.` | | `provisioner.attacher.image.pullPolicy` | Specifies pull policy | `IfNotPresent` | diff --git a/charts/ceph-csi-rbd/templates/provisioner-clusterrole.yaml b/charts/ceph-csi-rbd/templates/provisioner-clusterrole.yaml index fd3778bd8dd..8d42e215a52 100644 --- a/charts/ceph-csi-rbd/templates/provisioner-clusterrole.yaml +++ b/charts/ceph-csi-rbd/templates/provisioner-clusterrole.yaml @@ -37,15 +37,33 @@ rules: resources: ["volumeattachments/status"] verbs: ["patch"] {{- end }} +{{- if .Values.provisioner.snapshotter.args.enableVolumeGroupSnapshots }} - apiGroups: ["snapshot.storage.k8s.io"] resources: ["volumesnapshots"] - verbs: ["get", "list", "patch"] + verbs: ["get", "list", "watch", "update", "patch", "create"] - apiGroups: ["snapshot.storage.k8s.io"] - resources: ["volumesnapshots/status"] + resources: ["volumesnapshotcontents"] + verbs: ["get", "list", "watch", "update", "patch", "create"] + - apiGroups: ["groupsnapshot.storage.k8s.io"] + resources: ["volumegroupsnapshotclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["groupsnapshot.storage.k8s.io"] + resources: ["volumegroupsnapshotcontents"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: ["groupsnapshot.storage.k8s.io"] + resources: ["volumegroupsnapshotcontents/status"] + verbs: ["update", "patch"] +{{ else }} + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots"] verbs: ["get", "list", "patch"] - apiGroups: ["snapshot.storage.k8s.io"] resources: ["volumesnapshotcontents"] verbs: ["create", "get", "list", "watch", "update", "delete", "patch"] +{{- end }} + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots/status"] + verbs: ["get", "list", "patch"] - apiGroups: ["snapshot.storage.k8s.io"] resources: ["volumesnapshotclasses"] verbs: ["get", "list", "watch"] diff --git a/charts/ceph-csi-rbd/templates/provisioner-deployment.yaml b/charts/ceph-csi-rbd/templates/provisioner-deployment.yaml index cc72b409862..15d122d279d 100644 --- a/charts/ceph-csi-rbd/templates/provisioner-deployment.yaml +++ b/charts/ceph-csi-rbd/templates/provisioner-deployment.yaml @@ -191,6 +191,7 @@ spec: - "--timeout={{ .Values.provisioner.timeout }}" - "--leader-election=true" - "--extra-create-metadata=true" + - "--enable-volume-group-snapshots={{.Values.provisioner.snapshotter.args.enableVolumeGroupSnapshots }}" {{- range .Values.provisioner.snapshotter.extraArgs }} - "--{{ . }}" {{- end }} diff --git a/charts/ceph-csi-rbd/values.yaml b/charts/ceph-csi-rbd/values.yaml index 7dc4d019ab1..1ad00ffa578 100644 --- a/charts/ceph-csi-rbd/values.yaml +++ b/charts/ceph-csi-rbd/values.yaml @@ -266,6 +266,10 @@ provisioner: ## https://github.com/kubernetes-csi/external-snapshotter#csi-external-snapshotter-sidecar-command-line-options extraArgs: [] + args: + # enableVolumeGroupSnapshots enables support for volume group snapshots + enableVolumeGroupSnapshots: false + nodeSelector: {} tolerations: [] diff --git a/scripts/install-helm.sh b/scripts/install-helm.sh index 391230b225c..536e6927c90 100755 --- a/scripts/install-helm.sh +++ b/scripts/install-helm.sh @@ -190,7 +190,7 @@ install_cephcsi_helm_charts() { kubectl_retry delete cm ceph-config --namespace "${NAMESPACE}" # shellcheck disable=SC2086 - "${HELM}" install --namespace ${NAMESPACE} --set provisioner.fullnameOverride=csi-rbdplugin-provisioner --set nodeplugin.fullnameOverride=csi-rbdplugin --set configMapName=ceph-csi-config --set provisioner.replicaCount=1 --set-json='commonLabels={"app.kubernetes.io/name": "ceph-csi-rbd", "app.kubernetes.io/managed-by": "helm"}' ${SET_SC_TEMPLATE_VALUES} ${RBD_SECRET_TEMPLATE_VALUES} ${RBD_CHART_NAME} "${SCRIPT_DIR}"/../charts/ceph-csi-rbd --set topology.enabled=true --set topology.domainLabels="{${NODE_LABEL_REGION},${NODE_LABEL_ZONE}}" --set provisioner.maxSnapshotsOnImage=3 --set provisioner.minSnapshotsOnImage=2 ${READ_AFFINITY_VALUES} + "${HELM}" install --namespace ${NAMESPACE} --set provisioner.fullnameOverride=csi-rbdplugin-provisioner --set nodeplugin.fullnameOverride=csi-rbdplugin --set configMapName=ceph-csi-config --set provisioner.replicaCount=1 --set-json='commonLabels={"app.kubernetes.io/name": "ceph-csi-rbd", "app.kubernetes.io/managed-by": "helm"}' ${SET_SC_TEMPLATE_VALUES} ${RBD_SECRET_TEMPLATE_VALUES} ${RBD_CHART_NAME} "${SCRIPT_DIR}"/../charts/ceph-csi-rbd --set topology.enabled=true --set topology.domainLabels="{${NODE_LABEL_REGION},${NODE_LABEL_ZONE}}" --set provisioner.maxSnapshotsOnImage=3 --set provisioner.minSnapshotsOnImage=2 ${READ_AFFINITY_VALUES} --set provisioner.snapshotter.args.enableVolumeGroupSnapshots=true check_deployment_status app=ceph-csi-rbd "${NAMESPACE}" check_daemonset_status app=ceph-csi-rbd "${NAMESPACE}"