Conversation
iPraveenParihar
force-pushed
the
store-userid-in-metadata
branch
5 times, most recently
from
6efc0f4 to
4cb8950
Compare
| fs.cd = csicommon.NewCSIDriver(conf.DriverName, util.DriverVersion, conf.NodeID, conf.InstanceID, | ||
| conf.EnableFencing) | ||
| fs.cd = csicommon.NewCSIDriver(conf.DriverName, util.DriverVersion, conf.NodeID, conf.InstanceID) | ||
| fs.cd.SetEnableFencing(conf.EnableFencing) |
There was a problem hiding this comment.
Instead of having Set... functions for everything, consider passing options like WithFencing to NewCSIDriver(). Similar to how gRPC CallOptions work, that makes it a little more dynamic and easier extendible.
There was a problem hiding this comment.
addressed now, Thanks for the suggestion.
nixpanic
left a comment
nixpanic
left a comment
There was a problem hiding this comment.
surely there should be e2e tests for this?
| - rbd: add support for [CSI Snapshot Metadata Service RPCs](https://github.com/container-storage-interface/spec/blob/master/spec.md#snapshot-metadata-service-rpcs) | ||
| - feature: handle non graceful node shutdown [PR](https://github.com/ceph/ceph-csi/pull/5429/) | ||
| - refer design doc for more details - [here](docs/design/proposals/non-graceful-node-shutdown.md) | ||
| - feature: set nodeId:userId mapping metadata [PR](https://github.com/ceph/ceph-csi/pull/5445) |
There was a problem hiding this comment.
This is already feature section. we dont need to add feature: here
| // removeUserIdMapping attempts to remove nodeId:userId mapping metadata from the subvolume. | ||
| // | ||
| // Parameters: | ||
| // - nodeId: The ID of the node that may be fenced. |
There was a problem hiding this comment.
typo, addressed.
| return d.enableFencing | ||
| } | ||
|
|
||
| func (d *CSIDriver) SetEnableFencing(value bool) { |
There was a problem hiding this comment.
value is too generate please use better names
There was a problem hiding this comment.
removed now,
|
Thanks @Madhu-1, for the early reviews. |
iPraveenParihar
force-pushed
the
store-userid-in-metadata
branch
2 times, most recently
from
2cb79f8 to
ca1ef84
Compare
|
/test ci/centos/mini-e2e/k8s-1.31 |
|
@Rakshith-R @nixpanic PTAL |
|
/test ci/centos/mini-e2e/k8s-1.31 |
iPraveenParihar
force-pushed
the
store-userid-in-metadata
branch
from
ca1ef84 to
fcaf5c2
Compare
iPraveenParihar
force-pushed
the
store-userid-in-metadata
branch
2 times, most recently
from
5ae51ff to
590381a
Compare
|
/test ci/centos/mini-e2e/k8s-1.31 |
iPraveenParihar
force-pushed
the
store-userid-in-metadata
branch
from
590381a to
b96d4d8
Compare
|
/test ci/centos/mini-e2e/k8s-1.31 |
iPraveenParihar
force-pushed
the
store-userid-in-metadata
branch
from
b96d4d8 to
4baffa6
Compare
|
/test ci/centos/mini-e2e/k8s-1.31 |
iPraveenParihar
force-pushed
the
store-userid-in-metadata
branch
from
4baffa6 to
7c07363
Compare
|
/test ci/centos/mini-e2e/k8s-1.31 |
1 similar comment
|
/test ci/centos/mini-e2e/k8s-1.31 |
Madhu-1
left a comment
Madhu-1
left a comment
There was a problem hiding this comment.
small nits and few previous comments need to be addressed in E2E, LGTM
| - feature: handle non graceful node shutdown [PR](https://github.com/ceph/ceph-csi/pull/5429/) | ||
| - handle non graceful node shutdown [PR](https://github.com/ceph/ceph-csi/pull/5429/) | ||
| - refer design doc for more details - [here](docs/design/proposals/non-graceful-node-shutdown.md) | ||
| - set nodeId:userId mapping metadata [PR](https://github.com/ceph/ceph-csi/pull/5445) |
There was a problem hiding this comment.
nodeId:userId mapping in metadata
iPraveenParihar
changed the title
iPraveenParihar
force-pushed
the
store-userid-in-metadata
branch
from
5178685 to
b20201d
Compare
|
/test ci/centos/mini-e2e-helm/k8s-1.33 |
Rakshith-R
dismissed
Madhu-1’s stale review
Dismissing requested changes since they have been addressed.
|
@Mergifyio queue |
✅ The pull request has been merged automaticallyDetailsThe pull request has been merged automatically at df84cab |
This commit does the following operations: 1. In NodeStageVolume(): sets nodeId:userId mapping in image metadata. The userId is the ceph user used for mounting the subvolume. 2. In ControllerUnpulishVolume(): removes the nodeId:userId mapping from the image metadata. Signed-off-by: Praveen M <m.praveen@ibm.com>
This commit does the following operations: 1. In NodeStageVolume(): sets nodeId:userId mapping in subvolume metadata. The userId is the ceph user used for mounting the subvolume. 2. In ControllerUnpulishVolume(): removes the nodeId:userId mapping from the subvolume metadata. Signed-off-by: Praveen M <m.praveen@ibm.com>
Signed-off-by: Praveen M <m.praveen@ibm.com>
Signed-off-by: Praveen M <m.praveen@ibm.com>
mergify
bot
force-pushed
the
store-userid-in-metadata
branch
from
b20201d to
d033047
Compare
|
/test ci/centos/k8s-e2e-external-storage/1.32 |
|
/test ci/centos/k8s-e2e-external-storage/1.31 |
|
/test ci/centos/mini-e2e-helm/k8s-1.32 |
|
/test ci/centos/mini-e2e-helm/k8s-1.31 |
|
/test ci/centos/mini-e2e/k8s-1.32 |
|
/test ci/centos/mini-e2e/k8s-1.31 |
|
/test ci/centos/upgrade-tests-cephfs |
|
/test ci/centos/upgrade-tests-rbd |
|
/test ci/centos/k8s-e2e-external-storage/1.33 |
|
/test ci/centos/mini-e2e-helm/k8s-1.33 |
|
/test ci/centos/mini-e2e/k8s-1.33 |
6 participants
Describe what this PR does
Problem
Without a mechanism to track nodeID:userID mappings per volume, it becomes challenging to:
Monitor which userIDs are actively being used across the cluster
Make informed decisions about key rotation, allowing safe cleanup of old keys
Proposed Solution
The solution involves tracking userID information by storing it in the metadata of RBD images and CephFS subvolumes using the key: .[rbd|cephfs].csi.ceph.com/userID/:
refer design doc (here)for more details:
Checklist:
Show available bot commands
These commands are normally not required, but in case of issues, leave any of
the following bot commands in an otherwise empty comment in this PR:
/retest ci/centos/<job-name>: retest the<job-name>after unrelatedfailure (please report the failure too!)