diff --git a/Makefile b/Makefile index 8001e8529..15dcb2bc0 100755 --- a/Makefile +++ b/Makefile @@ -126,6 +126,7 @@ endif --platform=linux/amd64 . docker run \ + --user $(shell id -u):$(shell id -g) \ -v ${BINDIR}/linux/amd64:/release \ gcsfuse-release:${GCSFUSE_VERSION}-amd \ cp /gcsfuse_${GCSFUSE_VERSION}_amd64/usr/bin/gcsfuse /release @@ -139,6 +140,7 @@ ifeq (${BUILD_ARM}, true) --build-arg ARCHITECTURE=arm64 \ --platform=linux/arm64 . docker run \ + --user $(shell id -u):$(shell id -g) \ -v ${BINDIR}/linux/arm64:/release \ gcsfuse-release:${GCSFUSE_VERSION}-arm \ cp /gcsfuse_${GCSFUSE_VERSION}_arm64/usr/bin/gcsfuse /release diff --git a/cmd/csi_driver/main.go b/cmd/csi_driver/main.go index 4f5668884..e542e8a49 100644 --- a/cmd/csi_driver/main.go +++ b/cmd/csi_driver/main.go @@ -94,6 +94,8 @@ func main() { klog.InitFlags(nil) flag.Parse() + klog.Info("*** CUSTOM BUILD: CSI Driver - Manual Test Version ***") + // All CSI sidecars use http-endpoint for metrics and health checks. // Example: https://gke-internal.googlesource.com/third_party/kubernetes-csi/livenessprobe/+/refs/heads/master/cmd/livenessprobe/main.go#113 // At some point, we should replace "metrics-endpoint" with "http-endpoint". diff --git a/cmd/metadata_prefetch/main.go b/cmd/metadata_prefetch/main.go index 17ba27e2f..8ef823231 100644 --- a/cmd/metadata_prefetch/main.go +++ b/cmd/metadata_prefetch/main.go @@ -36,6 +36,8 @@ func main() { klog.InitFlags(nil) flag.Parse() + klog.Info("*** CUSTOM BUILD: Metadata Prefetch - Manual Test Version ***") + // Create cancellable context to pass into exec. ctx, cancel := context.WithCancel(context.Background()) diff --git a/cmd/sidecar_mounter/main.go b/cmd/sidecar_mounter/main.go index c88ffa036..567fd9f8c 100644 --- a/cmd/sidecar_mounter/main.go +++ b/cmd/sidecar_mounter/main.go @@ -56,6 +56,7 @@ func main() { klog.InitFlags(nil) flag.Parse() + klog.Info("*** CUSTOM BUILD: Sidecar Mounter - Manual Test Version ***") klog.Infof("Running Google Cloud Storage FUSE CSI driver sidecar mounter version %v", version) socketPathPattern := *volumeBasePath + "/*/socket" diff --git a/cmd/webhook/main.go b/cmd/webhook/main.go index 73322d235..3486bdd68 100644 --- a/cmd/webhook/main.go +++ b/cmd/webhook/main.go @@ -74,6 +74,8 @@ func main() { klog.InitFlags(nil) flag.Parse() + klog.Info("*** CUSTOM BUILD: Webhook - Manual Test Version ***") + // Thanks to the PR https://github.com/solo-io/gloo/pull/8549 // This line prevents controller-runtime from complaining about log.SetLogger never being called log.SetLogger(logr.New(log.NullLogSink{})) diff --git a/create_cluster.sh b/create_cluster.sh new file mode 100755 index 000000000..cfc8028e6 --- /dev/null +++ b/create_cluster.sh @@ -0,0 +1,36 @@ +gcloud beta container --project "gcs-tess" clusters create "rapid-ga-test-cluster-us-west4a" \ + --zone "us-west4-a" \ + --no-enable-basic-auth \ + --cluster-version "1.33.5-gke.2072000" \ + --release-channel "regular" \ + --machine-type "c4-standard-192" \ + --image-type "COS_CONTAINERD" \ + --disk-type "hyperdisk-balanced" \ + --disk-size "400" \ + --metadata disable-legacy-endpoints=true \ + --service-account "default" \ + --max-pods-per-node "110" \ + --num-nodes "8" \ + --logging=SYSTEM,WORKLOAD \ + --monitoring=SYSTEM,STORAGE,POD,DEPLOYMENT,STATEFULSET,DAEMONSET,HPA,CADVISOR,KUBELET \ + --enable-ip-alias \ + --network "projects/gcs-tess/global/networks/default" \ + --subnetwork "projects/gcs-tess/regions/us-west4/subnetworks/default" \ + --cluster-secondary-range-name "geertj-pods" \ + --no-enable-intra-node-visibility \ + --default-max-pods-per-node "110" \ + --enable-ip-access \ + --security-posture=standard \ + --workload-vulnerability-scanning=disabled \ + --addons HorizontalPodAutoscaling,HttpLoadBalancing,GcePersistentDiskCsiDriver \ + --enable-autoupgrade \ + --enable-autorepair \ + --max-surge-upgrade 1 \ + --max-unavailable-upgrade 0 \ + --binauthz-evaluation-mode=DISABLED \ + --enable-shielded-nodes \ + --shielded-integrity-monitoring \ + --no-shielded-secure-boot \ + --node-locations "us-west4-a" \ + --enable-gvnic \ + --workload-pool=gcs-tess.svc.id.goog \ No newline at end of file diff --git a/setup-test-pod.sh b/setup-test-pod.sh new file mode 100755 index 000000000..24d54f4bf --- /dev/null +++ b/setup-test-pod.sh @@ -0,0 +1,125 @@ +#!/bin/bash +# Setup script for testing custom GCS FUSE CSI Driver + +set -e + +# Parse flags +SKIP_SETUP=false +if [[ "$1" == "--skip-setup" ]] || [[ "$1" == "-s" ]]; then + SKIP_SETUP=true +fi + +PROJECT_ID="gcs-tess" +PROJECT_NUMBER="222564316065" +NAMESPACE="gcs-csi-test" +# BUCKET_NAME="gcs-fuse-warp-test-bucket" +BUCKET_NAME="princer-zonal-us-west4-a" +KSA_NAME="gcs-csi-test-sa" + +echo "=== Setting up GCS FUSE CSI Driver Test ===" +echo "Project: $PROJECT_ID" +echo "Project Number: $PROJECT_NUMBER" +echo "Namespace: $NAMESPACE" +echo "Bucket: $BUCKET_NAME" + +if [[ "$SKIP_SETUP" == "false" ]]; then + # Create GCS bucket + echo -e "\n1. Creating GCS bucket..." + gsutil mb -p $PROJECT_ID -l us-central1 gs://$BUCKET_NAME || echo "Bucket may already exist" + + # Create namespace + echo -e "\n2. Creating Kubernetes namespace..." + kubectl create namespace $NAMESPACE --dry-run=client -o yaml | kubectl apply -f - + + # Create Kubernetes Service Account + echo -e "\n3. Creating Kubernetes Service Account..." + cat < /dev/null + echo "" + echo "✓ Test successful! Pod will sleep now..." + sleep 3600 + volumeMounts: + - name: gcs-volume + mountPath: /data + resources: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 50m + memory: 64Mi + serviceAccountName: $KSA_NAME + tolerations: + - key: sandbox.gke.io/runtime + operator: Equal + value: gvisor + effect: NoSchedule + volumes: + - name: gcs-volume + csi: + driver: gcsfuse.csi.storage.gke.io + volumeAttributes: + bucketName: $BUCKET_NAME +EOF + +echo -e "\n=== Setup Complete! ===" +echo "" +echo "Monitor pod creation:" +echo " kubectl get pods -n $NAMESPACE -w" +echo "" +echo "View pod logs:" +echo " kubectl logs -n $NAMESPACE gcs-csi-test-pod -f" +echo "" +echo "View sidecar logs (to see CUSTOM BUILD message):" +echo " kubectl logs -n $NAMESPACE gcs-csi-test-pod -c gke-gcsfuse-sidecar" +echo "" +echo "Check CSI driver logs:" +echo " kubectl logs -n gcs-fuse-csi-driver daemonset/gcsfusecsi-node -c gcs-fuse-csi-driver | grep -i 'CUSTOM BUILD\\|$NAMESPACE\\|$BUCKET_NAME'" +echo "" +echo "Cleanup when done:" +echo " kubectl delete namespace $NAMESPACE" +echo " gsutil rm -r gs://$BUCKET_NAME" diff --git a/shortcuts.sh b/shortcuts.sh new file mode 100755 index 000000000..37826078b --- /dev/null +++ b/shortcuts.sh @@ -0,0 +1,70 @@ +#!/bin/bash +# Shortcuts for viewing GCS FUSE CSI Driver logs +# Usage: source shortcuts.sh or add to ~/.bashrc + +# Set default namespace +alias csi='kubectl config set-context --current --namespace=gcs-fuse-csi-driver' +alias test='kubectl config set-context --current --namespace=gcs-csi-test' + +# Get current namespace +alias ns='kubectl config view --minify --output "jsonpath={..namespace}" && echo' + +# Pod listings +alias pods='kubectl get pods' +alias podw='kubectl get pods -w' + +# CSI Driver logs +alias csi-logs='kubectl logs daemonset/gcsfusecsi-node -c gcs-fuse-csi-driver --tail=100' +alias csi-logs-f='kubectl logs daemonset/gcsfusecsi-node -c gcs-fuse-csi-driver -f' +alias csi-custom='kubectl logs daemonset/gcsfusecsi-node -c gcs-fuse-csi-driver --tail=200 | grep "CUSTOM BUILD"' + +# Webhook logs +alias webhook-logs='kubectl logs deployment/gcs-fuse-csi-driver-webhook --tail=100' +alias webhook-logs-f='kubectl logs deployment/gcs-fuse-csi-driver-webhook -f' +alias webhook-custom='kubectl logs deployment/gcs-fuse-csi-driver-webhook --tail=200 | grep "CUSTOM BUILD"' + +# Sidecar logs (assumes pod name gcs-csi-test-pod) +alias sidecar-logs='kubectl logs gcs-csi-test-pod -c gke-gcsfuse-sidecar --tail=100' +alias sidecar-logs-f='kubectl logs gcs-csi-test-pod -c gke-gcsfuse-sidecar -f' +alias sidecar-custom='kubectl logs gcs-csi-test-pod -c gke-gcsfuse-sidecar --tail=200 | grep "CUSTOM BUILD"' + +# Test pod logs +alias test-logs='kubectl logs gcs-csi-test-pod -c test-container' +alias test-logs-f='kubectl logs gcs-csi-test-pod -c test-container -f' + +# Describe resources +alias desc-pod='kubectl describe pod' +alias desc-webhook='kubectl describe deployment gcs-fuse-csi-driver-webhook' +alias desc-csi='kubectl describe daemonset gcsfusecsi-node' + +# Check all custom builds +alias check-custom='echo "=== CSI Driver ===" && kubectl logs daemonset/gcsfusecsi-node -c gcs-fuse-csi-driver -n gcs-fuse-csi-driver --tail=100 | grep "CUSTOM BUILD" | head -2 && echo -e "\n=== Webhook ===" && kubectl logs deployment/gcs-fuse-csi-driver-webhook -n gcs-fuse-csi-driver --tail=100 | grep "CUSTOM BUILD" | head -2 && echo -e "\n=== Sidecar ===" && kubectl logs gcs-csi-test-pod -c gke-gcsfuse-sidecar -n gcs-csi-test --tail=100 2>/dev/null | grep "CUSTOM BUILD" | head -2 || echo "No sidecar pod found"' + +# Quick commands +alias rebuild='cd /home/princer_google_com/dev/gcs-fuse-csi-driver && export PROJECT_ID=gcs-tess REGISTRY=gcr.io/gcs-tess/princer STAGINGVERSION=v999.999.999 BUILD_GCSFUSE_FROM_SOURCE=true && make build-image-and-push-multi-arch REGISTRY=$REGISTRY STAGINGVERSION=$STAGINGVERSION' +alias reinstall='cd /home/princer_google_com/dev/gcs-fuse-csi-driver && export REGISTRY=gcr.io/gcs-tess/princer STAGINGVERSION=v999.999.999 && make uninstall && make install' +alias update-csi='cd /home/princer_google_com/dev/gcs-fuse-csi-driver && export REGISTRY=gcr.io/gcs-tess/princer STAGINGVERSION=v999.999.999 && kubectl set image daemonset/gcsfusecsi-node gcs-fuse-csi-driver=$REGISTRY/gcs-fuse-csi-driver:$STAGINGVERSION -n gcs-fuse-csi-driver && kubectl set image deployment/gcs-fuse-csi-driver-webhook gcs-fuse-csi-driver-webhook=$REGISTRY/gcs-fuse-csi-driver-webhook:$STAGINGVERSION -n gcs-fuse-csi-driver' +alias recreate-pod='cd /home/princer_google_com/dev/gcs-fuse-csi-driver && ./setup-test-pod.sh --skip-setup' + +echo "✅ GCS FUSE CSI shortcuts loaded!" +echo "" +echo "Namespace shortcuts:" +echo " csi - Switch to gcs-fuse-csi-driver namespace" +echo " test - Switch to gcs-csi-test namespace" +echo " ns - Show current namespace" +echo "" +echo "Log shortcuts:" +echo " csi-logs, csi-logs-f, csi-custom" +echo " webhook-logs, webhook-logs-f, webhook-custom" +echo " sidecar-logs, sidecar-logs-f, sidecar-custom" +echo " test-logs, test-logs-f" +echo " check-custom - Check all components for custom build" +echo "" +echo "Quick commands:" +echo " rebuild - Rebuild and push all images" +echo " reinstall - Uninstall and reinstall CSI driver" +echo " update-csi - Update existing deployment with new images" +echo " recreate-pod - Recreate test pod" +echo "" +echo "Other:" +echo " pods, podw, desc-pod, desc-webhook, desc-csi" diff --git a/test-pod.yaml b/test-pod.yaml new file mode 100644 index 000000000..93f375d82 --- /dev/null +++ b/test-pod.yaml @@ -0,0 +1,54 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: gcs-csi-test +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: gcs-csi-test-sa + namespace: gcs-csi-test + annotations: + iam.gke.io/gcp-service-account: @gcs-tess.iam.gserviceaccount.com +--- +apiVersion: v1 +kind: Pod +metadata: + name: gcs-csi-test-pod + namespace: gcs-csi-test + annotations: + gke-gcsfuse/volumes: "true" +spec: + containers: + - name: test-container + image: busybox + command: + - "/bin/sh" + - "-c" + - | + echo "Testing GCS FUSE CSI Driver with custom build" + echo "Writing to /data/test-file.txt" + echo "Hello from custom CSI driver build at $(date)" > /data/test-file.txt + echo "Contents of /data:" + ls -la /data/ + echo "Reading back the file:" + cat /data/test-file.txt + echo "Sleeping to keep pod running..." + sleep 3600 + volumeMounts: + - name: gcs-volume + mountPath: /data + resources: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 50m + memory: 64Mi + serviceAccountName: gcs-csi-test-sa + volumes: + - name: gcs-volume + csi: + driver: gcsfuse.csi.storage.gke.io + volumeAttributes: + bucketName: gcs-fuse-warp-test-bucket