Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feature/csi 3848 call home create new object #244

Closed
Closed
Show file tree
Hide file tree
Changes from 55 commits
Commits
Show all changes
71 commits
Select commit Hold shift + click to select a range
35c8c3f
add callhome object
Feb 7, 2022
680c65f
update file with generate
Feb 8, 2022
e859d8e
labels test
Feb 8, 2022
4348120
remove labels test
Feb 8, 2022
fe7ed59
deployment to StatefulSet
Feb 8, 2022
b3e4347
deployment to StatefulSet
Feb 8, 2022
4388be0
defaults
Feb 8, 2022
2d8b65d
test adding secret
Feb 9, 2022
6b36db9
add management_address env var
Feb 9, 2022
c50a75c
naming and consts
Feb 9, 2022
73bdb40
CallHome is Optional
Feb 14, 2022
e9c4c19
update gen
Feb 14, 2022
e7be547
remove imagePullSecrets
Feb 15, 2022
efdcba1
test with cronjob
Feb 15, 2022
d868343
test with cronjob, remove selctor and add batch to role and RestartPo…
Feb 16, 2022
1cef0d9
Schedule from CR
Feb 16, 2022
e23dfe3
job's pod labels
Feb 16, 2022
9e0954c
adding call home ClusterRole
Feb 20, 2022
4facf75
adding namespaces role
Feb 20, 2022
404bf77
create ServiceAccount
Feb 20, 2022
f079767
create ClusterRoleBinding
Feb 20, 2022
58bf2d8
add pod to clusterrole
Feb 20, 2022
3d0a533
add cronjobs to role.yaml
Feb 20, 2022
100e70d
Merge remote-tracking branch 'origin/develop' into feature/CSI-3848_c…
Feb 20, 2022
d4410ca
clean
Feb 20, 2022
54c26b6
changed secret dir
Feb 20, 2022
1eea28b
fix name
Feb 20, 2022
2cbab21
remove env var
Feb 20, 2022
992b421
PR
Feb 20, 2022
8dfd762
PR
Feb 20, 2022
558e3af
PR
Feb 20, 2022
8b19abd
PR
Feb 21, 2022
eaae53b
PR
Feb 21, 2022
61c3f1e
PR
Feb 21, 2022
5a0b70e
manage cronjob
Feb 21, 2022
2b0048f
fix cron
Feb 21, 2022
2b8a8c3
fix callHome type
Feb 21, 2022
29534fb
PR
Feb 23, 2022
be7116e
fix role
Feb 23, 2022
0b4fa9c
fix role
Feb 23, 2022
fa9d848
test readiness
Feb 23, 2022
67b057f
test readiness
Feb 23, 2022
356cd9e
test readiness
Feb 23, 2022
27941e8
test readiness
Feb 23, 2022
c37fc4b
PR
Feb 23, 2022
a3e605d
test fsGroup
Feb 23, 2022
b2fc678
test fsGroup
Feb 23, 2022
4bbcda4
PR
Feb 23, 2022
4848247
PR
Feb 23, 2022
43dc550
PR
Feb 23, 2022
f228e83
PR
Feb 23, 2022
c3a472d
remove secret volume
Feb 24, 2022
8f53838
remove secret volume
Feb 24, 2022
5c6bcf1
remove secret volume
Feb 24, 2022
e0272c8
remove secret volume
Feb 27, 2022
8378d5f
test without call-home default Repository and tag
Feb 27, 2022
5029c39
fix
Feb 27, 2022
9ac11b5
PR
Feb 27, 2022
d845b09
Merge branch 'develop' into feature/CSI-3848_call_home_create_new_object
Feb 27, 2022
c2dc77e
PR
Feb 28, 2022
a366e1b
PR
Feb 28, 2022
e814128
PR
Feb 28, 2022
0b0785a
PR
Feb 28, 2022
4b2abda
PR
Feb 28, 2022
3108823
PR
Feb 28, 2022
96ddcab
rearrange
Feb 28, 2022
2be8294
olm update
Feb 28, 2022
d2bdd73
PR
Mar 1, 2022
ec9313d
added enable field to CR and uncomment call home
Mar 1, 2022
a16815e
add call hom to CSV certified
Mar 1, 2022
ba3dcf3
fix yamls
Mar 1, 2022
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 18 additions & 0 deletions api/v1/ibmblockcsi_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,9 @@ type IBMBlockCSISpec struct {
Controller IBMBlockCSIControllerSpec `json:"controller"`
Node IBMBlockCSINodeSpec `json:"node"`

// +kubebuilder:validation:Optional
CallHome IBMBlockCSICallHomeSpec `json:"callHome"`

// +kubebuilder:validation:Optional
Sidecars []CSISidecar `json:"sidecars,omitempty"`

Expand Down Expand Up @@ -112,6 +115,21 @@ type IBMBlockCSINodeSpec struct {
Tolerations []corev1.Toleration `json:"tolerations,omitempty"`
}

// IBMBlockCSICallHomeSpec defines the desired state of IBMBlockCSICallHome
type IBMBlockCSICallHomeSpec struct {
Repository string `json:"repository"`
Tag string `json:"tag"`

// +kubebuilder:validation:Optional
ImagePullPolicy corev1.PullPolicy `json:"imagePullPolicy"`

// +kubebuilder:validation:Optional
Affinity *corev1.Affinity `json:"affinity,omitempty"`

// +kubebuilder:validation:Optional
Tolerations []corev1.Toleration `json:"tolerations,omitempty"`
}

// IBMBlockCSIStatus defines the observed state of IBMBlockCSI
type IBMBlockCSIStatus struct {
// Phase is the driver running phase
Expand Down
28 changes: 28 additions & 0 deletions api/v1/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

497 changes: 497 additions & 0 deletions config/crd/bases/csi.ibm.com_ibmblockcsis.yaml

Large diffs are not rendered by default.

17 changes: 17 additions & 0 deletions config/rbac/role.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,23 @@ rules:
- get
- list
- watch
- apiGroups:
oriyarde marked this conversation as resolved.
Show resolved Hide resolved
- ""
resources:
- namespaces
verbs:
- get
oriyarde marked this conversation as resolved.
Show resolved Hide resolved
- apiGroups:
- batch
resources:
- cronjobs
verbs:
- create
- delete
- get
- list
- update
- watch
- apiGroups:
- ""
resources:
Expand Down
17 changes: 17 additions & 0 deletions config/samples/csi.ibm.com_v1_ibmblockcsi_cr.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,23 @@ spec:
- s390x
- ppc64le

# callHome is a statefulSet with ibm-block-csi-call-home container
# callHome:
# repository: ibmcom/ibm-block-csi-call-home
# tag: "1.9.0"
# imagePullPolicy: IfNotPresent
# affinity:
# nodeAffinity:
# requiredDuringSchedulingIgnoredDuringExecution:
# nodeSelectorTerms:
# - matchExpressions:
# - key: kubernetes.io/arch
# operator: In
# values:
# - amd64
# - s390x
# - ppc64le

# tolerations:
# - effect: NoSchedule
# key: node-role.kubernetes.io/master
Expand Down
37 changes: 37 additions & 0 deletions controllers/ibmblockcsi_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ package controllers
import (
"context"
"fmt"
batchv1 "k8s.io/api/batch/v1"
"os"
"reflect"
"strings"
Expand Down Expand Up @@ -193,6 +194,13 @@ func (r *IBMBlockCSIReconciler) Reconcile(ctx context.Context, req ctrl.Request)
return reconcile.Result{}, err
}

if instance.Spec.CallHome.Repository == "" {
callHomeSyncer := clustersyncer.NewCallHomeSyncer(r.Client, r.Scheme, instance)
if err := syncer.Sync(context.TODO(), callHomeSyncer, r.Recorder); err != nil {
return reconcile.Result{}, err
}
}

if err := r.updateStatus(instance, originalStatus); err != nil {
return reconcile.Result{}, err
}
Expand Down Expand Up @@ -234,6 +242,7 @@ func (r *IBMBlockCSIReconciler) SetupWithManager(mgr ctrl.Manager) error {
Owns(&appsv1.StatefulSet{}).
Owns(&appsv1.DaemonSet{}).
Owns(&corev1.ServiceAccount{}).
Owns(&batchv1.CronJob{}).
Complete(r)
}

Expand Down Expand Up @@ -308,6 +317,14 @@ func (r *IBMBlockCSIReconciler) updateStatus(instance *ibmblockcsi.IBMBlockCSI,
return err
}

callHomeCronJob, err := r.getCallHomeCronJob(instance)
oriyarde marked this conversation as resolved.
Show resolved Hide resolved
if instance.Spec.CallHome.Repository == "" {
err = r.deleteCallHomeCronJob(callHomeCronJob, logger)
if err != nil {
logger.Error(err, "failed to delete call home CronJob")
}
}

instance.Status.ControllerReady = r.isControllerReady(controllerStatefulset)
instance.Status.NodeReady = r.isNodeReady(nodeDaemonSet)
phase := csiv1.DriverPhaseNone
Expand Down Expand Up @@ -443,13 +460,15 @@ func (r *IBMBlockCSIReconciler) reconcileServiceAccount(instance *ibmblockcsi.IB

controller := instance.GenerateControllerServiceAccount()
node := instance.GenerateNodeServiceAccount()
callHome := instance.GenerateCallHomeServiceAccount()

controllerServiceAccountName := oconfig.GetNameForResource(oconfig.CSIControllerServiceAccount, instance.Name)
nodeServiceAccountName := oconfig.GetNameForResource(oconfig.CSINodeServiceAccount, instance.Name)

for _, sa := range []*corev1.ServiceAccount{
controller,
node,
callHome,
} {
if err := controllerutil.SetControllerReference(instance.Unwrap(), sa, r.Scheme); err != nil {
return err
Expand Down Expand Up @@ -533,6 +552,15 @@ func (r *IBMBlockCSIReconciler) getNodeDaemonSet(instance *ibmblockcsi.IBMBlockC
return node, err
}

func (r *IBMBlockCSIReconciler) getCallHomeCronJob(instance *ibmblockcsi.IBMBlockCSI) (*batchv1.CronJob, error) {
callHome := &batchv1.CronJob{}
err := r.Get(context.TODO(), types.NamespacedName{
Name: oconfig.GetNameForResource(oconfig.CallHome, instance.Name),
Namespace: instance.Namespace,
}, callHome)
return callHome, err
}

func (r *IBMBlockCSIReconciler) isControllerReady(controller *appsv1.StatefulSet) bool {
return controller.Status.ReadyReplicas == controller.Status.Replicas
}
Expand All @@ -541,6 +569,11 @@ func (r *IBMBlockCSIReconciler) isNodeReady(node *appsv1.DaemonSet) bool {
return node.Status.DesiredNumberScheduled == node.Status.NumberAvailable
}

func (r *IBMBlockCSIReconciler) deleteCallHomeCronJob(callHome *batchv1.CronJob, logger logr.Logger) error {
logger.Info("deleting call home CronJob")
return r.Delete(context.TODO(), callHome)
}

func (r *IBMBlockCSIReconciler) reconcileClusterRole(instance *ibmblockcsi.IBMBlockCSI) error {
logger := log.WithValues("Resource Type", "ClusterRole")

Expand Down Expand Up @@ -619,6 +652,7 @@ func (r *IBMBlockCSIReconciler) getClusterRoles(instance *ibmblockcsi.IBMBlockCS
csiAddonsReplicator := instance.GenerateCSIAddonsReplicatorClusterRole()
controllerSCC := instance.GenerateSCCForControllerClusterRole()
nodeSCC := instance.GenerateSCCForNodeClusterRole()
callHomeSCC := instance.GenerateSCCForCallHomeClusterRole()
oriyarde marked this conversation as resolved.
Show resolved Hide resolved

return []*rbacv1.ClusterRole{
externalProvisioner,
Expand All @@ -628,6 +662,7 @@ func (r *IBMBlockCSIReconciler) getClusterRoles(instance *ibmblockcsi.IBMBlockCS
csiAddonsReplicator,
controllerSCC,
nodeSCC,
callHomeSCC,
}
}

Expand Down Expand Up @@ -694,6 +729,7 @@ func (r *IBMBlockCSIReconciler) getClusterRoleBindings(instance *ibmblockcsi.IBM
csiAddonsReplicator := instance.GenerateCSIAddonsReplicatorClusterRoleBinding()
controllerSCC := instance.GenerateSCCForControllerClusterRoleBinding()
nodeSCC := instance.GenerateSCCForNodeClusterRoleBinding()
callHomeSCC := instance.GenerateSCCForCallHomeClusterRoleBinding()

return []*rbacv1.ClusterRoleBinding{
externalProvisioner,
Expand All @@ -703,6 +739,7 @@ func (r *IBMBlockCSIReconciler) getClusterRoleBindings(instance *ibmblockcsi.IBM
csiAddonsReplicator,
controllerSCC,
nodeSCC,
callHomeSCC,
}
}

Expand Down
8 changes: 8 additions & 0 deletions controllers/internal/ibmblockcsi/default_setter.go
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,14 @@ func (c *IBMBlockCSI) setDefaults() bool {
changed = true
}

if c.Spec.CallHome.Repository != config.DefaultCr.Spec.CallHome.Repository ||
oriyarde marked this conversation as resolved.
Show resolved Hide resolved
c.Spec.CallHome.Tag != config.DefaultCr.Spec.CallHome.Tag {
c.Spec.CallHome.Repository = config.DefaultCr.Spec.CallHome.Repository
c.Spec.CallHome.Tag = config.DefaultCr.Spec.CallHome.Tag

changed = true
}

changed = c.setDefaultSidecars() || changed

return changed
Expand Down
29 changes: 21 additions & 8 deletions controllers/internal/ibmblockcsi/ibmblockcsi.go
Original file line number Diff line number Diff line change
Expand Up @@ -105,6 +105,10 @@ func (c *IBMBlockCSI) GetCSINodeSelectorLabels() labels.Set {
return c.GetSelectorLabels(config.CSINode.String())
}

func (c *IBMBlockCSI) GetCallHomeSelectorLabels() labels.Set {
return c.GetSelectorLabels(config.CallHome.String())
}

func (c *IBMBlockCSI) GetCSIControllerPodLabels() labels.Set {
return labels.Merge(c.GetLabels(), c.GetCSIControllerSelectorLabels())
}
Expand All @@ -113,18 +117,27 @@ func (c *IBMBlockCSI) GetCSINodePodLabels() labels.Set {
return labels.Merge(c.GetLabels(), c.GetCSINodeSelectorLabels())
}

func (c *IBMBlockCSI) GetCSIControllerImage() string {
if c.Spec.Controller.Tag == "" {
return c.Spec.Controller.Repository
func (c *IBMBlockCSI) GetCallHomePodLabels() labels.Set {
return labels.Merge(c.GetLabels(), c.GetCallHomeSelectorLabels())
}

func (c *IBMBlockCSI) GetComponentImage(repository string, tag string) string {
if tag == "" {
return repository
}
return c.Spec.Controller.Repository + ":" + c.Spec.Controller.Tag
return repository + ":" + tag
}

func (c *IBMBlockCSI) GetCSIControllerImage() string {
return c.GetComponentImage(c.Spec.Controller.Repository, c.Spec.Controller.Tag)
}

func (c *IBMBlockCSI) GetCSINodeImage() string {
if c.Spec.Node.Tag == "" {
return c.Spec.Node.Repository
}
return c.Spec.Node.Repository + ":" + c.Spec.Node.Tag
return c.GetComponentImage(c.Spec.Node.Repository, c.Spec.Node.Tag)
}

func (c *IBMBlockCSI) GetCallHomeImage() string {
return c.GetComponentImage(c.Spec.CallHome.Repository, c.Spec.CallHome.Tag)
}

func (c *IBMBlockCSI) GetDefaultSidecarImageByName(name string) string {
Expand Down
50 changes: 50 additions & 0 deletions controllers/internal/ibmblockcsi/static_resource_generator.go
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,7 @@ const (
volumeReplicationsStatusResource string = "volumereplications/status"
eventsResource string = "events"
nodesResource string = "nodes"
namespacesResource string = "namespaces"
csiNodesResource string = "csinodes"
secretsResource string = "secrets"
securityContextConstraintsResource string = "securitycontextconstraints"
Expand Down Expand Up @@ -107,6 +108,15 @@ func (c *IBMBlockCSI) GenerateNodeServiceAccount() *corev1.ServiceAccount {
ImagePullSecrets: secrets,
}
}
func (c *IBMBlockCSI) GenerateCallHomeServiceAccount() *corev1.ServiceAccount {
return &corev1.ServiceAccount{
ObjectMeta: metav1.ObjectMeta{
Name: config.GetNameForResource(config.CallHomeServiceAccount, c.Name),
Namespace: c.Namespace,
Labels: c.GetLabels(),
},
}
}

func (c *IBMBlockCSI) GenerateExternalProvisionerClusterRole() *rbacv1.ClusterRole {
return &rbacv1.ClusterRole{
Expand Down Expand Up @@ -470,6 +480,26 @@ func (c *IBMBlockCSI) GenerateSCCForNodeClusterRole() *rbacv1.ClusterRole {
}
}

func (c *IBMBlockCSI) GenerateSCCForCallHomeClusterRole() *rbacv1.ClusterRole {
return &rbacv1.ClusterRole{
ObjectMeta: metav1.ObjectMeta{
Name: config.GetNameForResource(config.CallHomeSCCClusterRole, c.Name),
},
Rules: []rbacv1.PolicyRule{
{
APIGroups: []string{""},
Resources: []string{namespacesResource},
Verbs: []string{verbGet},
},
{
APIGroups: []string{""},
Resources: []string{podsResource},
Verbs: []string{verbList},
},
},
}
}

func (c *IBMBlockCSI) GenerateSCCForNodeClusterRoleBinding() *rbacv1.ClusterRoleBinding {
return &rbacv1.ClusterRoleBinding{
ObjectMeta: metav1.ObjectMeta{
Expand All @@ -489,3 +519,23 @@ func (c *IBMBlockCSI) GenerateSCCForNodeClusterRoleBinding() *rbacv1.ClusterRole
},
}
}

func (c *IBMBlockCSI) GenerateSCCForCallHomeClusterRoleBinding() *rbacv1.ClusterRoleBinding {
return &rbacv1.ClusterRoleBinding{
ObjectMeta: metav1.ObjectMeta{
Name: config.GetNameForResource(config.CallHomeSCCClusterRoleBinding, c.Name),
},
Subjects: []rbacv1.Subject{
{
Kind: "ServiceAccount",
Name: config.GetNameForResource(config.CallHomeServiceAccount, c.Name),
Namespace: c.Namespace,
},
},
RoleRef: rbacv1.RoleRef{
Kind: "ClusterRole",
Name: config.GetNameForResource(config.CallHomeSCCClusterRole, c.Name),
APIGroup: rbacAuthorizationApiGroup,
},
}
}
Loading