Merge pull request #43396 from rootfs/iscsi-chap
Automatic merge from submit-queue (batch tested with PRs 44119, 42538, 43802, 42336, 43396) iSCSI CHAP support **What this PR does / why we need it**: To support CHAP authentication in a multi-tenant setup **Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes # **Special notes for your reviewer**: **Release note**: ```release-note Support iSCSI CHAP authentication ```
This commit is contained in:
		| @@ -38704,6 +38704,14 @@ | |||||||
|      "lun" |      "lun" | ||||||
|     ], |     ], | ||||||
|     "properties": { |     "properties": { | ||||||
|  |      "chapAuthDiscovery": { | ||||||
|  |       "description": "whether support iSCSI Discovery CHAP authentication", | ||||||
|  |       "type": "boolean" | ||||||
|  |      }, | ||||||
|  |      "chapAuthSession": { | ||||||
|  |       "description": "whether support iSCSI Session CHAP authentication", | ||||||
|  |       "type": "boolean" | ||||||
|  |      }, | ||||||
|      "fsType": { |      "fsType": { | ||||||
|       "description": "Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#iscsi", |       "description": "Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#iscsi", | ||||||
|       "type": "string" |       "type": "string" | ||||||
| @@ -38732,6 +38740,10 @@ | |||||||
|       "description": "ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.", |       "description": "ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.", | ||||||
|       "type": "boolean" |       "type": "boolean" | ||||||
|      }, |      }, | ||||||
|  |      "secretRef": { | ||||||
|  |       "description": "CHAP secret for iSCSI target and initiator authentication", | ||||||
|  |       "$ref": "#/definitions/io.k8s.kubernetes.pkg.api.v1.LocalObjectReference" | ||||||
|  |      }, | ||||||
|      "targetPortal": { |      "targetPortal": { | ||||||
|       "description": "iSCSI target portal. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", |       "description": "iSCSI target portal. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", | ||||||
|       "type": "string" |       "type": "string" | ||||||
|   | |||||||
| @@ -2936,6 +2936,28 @@ | |||||||
|        "type": "string" |        "type": "string" | ||||||
|       }, |       }, | ||||||
|       "description": "iSCSI target portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." |       "description": "iSCSI target portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." | ||||||
|  |      }, | ||||||
|  |      "chapAuthDiscovery": { | ||||||
|  |       "type": "boolean", | ||||||
|  |       "description": "whether support iSCSI Discovery CHAP authentication" | ||||||
|  |      }, | ||||||
|  |      "chapAuthSession": { | ||||||
|  |       "type": "boolean", | ||||||
|  |       "description": "whether support iSCSI Session CHAP authentication" | ||||||
|  |      }, | ||||||
|  |      "secretRef": { | ||||||
|  |       "$ref": "v1.LocalObjectReference", | ||||||
|  |       "description": "CHAP secret for iSCSI target and initiator authentication" | ||||||
|  |      } | ||||||
|  |     } | ||||||
|  |    }, | ||||||
|  |    "v1.LocalObjectReference": { | ||||||
|  |     "id": "v1.LocalObjectReference", | ||||||
|  |     "description": "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.", | ||||||
|  |     "properties": { | ||||||
|  |      "name": { | ||||||
|  |       "type": "string", | ||||||
|  |       "description": "Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names" | ||||||
|      } |      } | ||||||
|     } |     } | ||||||
|    }, |    }, | ||||||
| @@ -3023,16 +3045,6 @@ | |||||||
|      } |      } | ||||||
|     } |     } | ||||||
|    }, |    }, | ||||||
|    "v1.LocalObjectReference": { |  | ||||||
|     "id": "v1.LocalObjectReference", |  | ||||||
|     "description": "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.", |  | ||||||
|     "properties": { |  | ||||||
|      "name": { |  | ||||||
|       "type": "string", |  | ||||||
|       "description": "Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names" |  | ||||||
|      } |  | ||||||
|     } |  | ||||||
|    }, |  | ||||||
|    "v1.FlexVolumeSource": { |    "v1.FlexVolumeSource": { | ||||||
|     "id": "v1.FlexVolumeSource", |     "id": "v1.FlexVolumeSource", | ||||||
|     "description": "FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. This is an alpha feature and may change in future.", |     "description": "FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. This is an alpha feature and may change in future.", | ||||||
|   | |||||||
| @@ -1719,6 +1719,28 @@ | |||||||
|        "type": "string" |        "type": "string" | ||||||
|       }, |       }, | ||||||
|       "description": "iSCSI target portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." |       "description": "iSCSI target portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." | ||||||
|  |      }, | ||||||
|  |      "chapAuthDiscovery": { | ||||||
|  |       "type": "boolean", | ||||||
|  |       "description": "whether support iSCSI Discovery CHAP authentication" | ||||||
|  |      }, | ||||||
|  |      "chapAuthSession": { | ||||||
|  |       "type": "boolean", | ||||||
|  |       "description": "whether support iSCSI Session CHAP authentication" | ||||||
|  |      }, | ||||||
|  |      "secretRef": { | ||||||
|  |       "$ref": "v1.LocalObjectReference", | ||||||
|  |       "description": "CHAP secret for iSCSI target and initiator authentication" | ||||||
|  |      } | ||||||
|  |     } | ||||||
|  |    }, | ||||||
|  |    "v1.LocalObjectReference": { | ||||||
|  |     "id": "v1.LocalObjectReference", | ||||||
|  |     "description": "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.", | ||||||
|  |     "properties": { | ||||||
|  |      "name": { | ||||||
|  |       "type": "string", | ||||||
|  |       "description": "Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names" | ||||||
|      } |      } | ||||||
|     } |     } | ||||||
|    }, |    }, | ||||||
| @@ -1806,16 +1828,6 @@ | |||||||
|      } |      } | ||||||
|     } |     } | ||||||
|    }, |    }, | ||||||
|    "v1.LocalObjectReference": { |  | ||||||
|     "id": "v1.LocalObjectReference", |  | ||||||
|     "description": "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.", |  | ||||||
|     "properties": { |  | ||||||
|      "name": { |  | ||||||
|       "type": "string", |  | ||||||
|       "description": "Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names" |  | ||||||
|      } |  | ||||||
|     } |  | ||||||
|    }, |  | ||||||
|    "v1.FlexVolumeSource": { |    "v1.FlexVolumeSource": { | ||||||
|     "id": "v1.FlexVolumeSource", |     "id": "v1.FlexVolumeSource", | ||||||
|     "description": "FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. This is an alpha feature and may change in future.", |     "description": "FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. This is an alpha feature and may change in future.", | ||||||
|   | |||||||
| @@ -2752,6 +2752,28 @@ | |||||||
|        "type": "string" |        "type": "string" | ||||||
|       }, |       }, | ||||||
|       "description": "iSCSI target portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." |       "description": "iSCSI target portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." | ||||||
|  |      }, | ||||||
|  |      "chapAuthDiscovery": { | ||||||
|  |       "type": "boolean", | ||||||
|  |       "description": "whether support iSCSI Discovery CHAP authentication" | ||||||
|  |      }, | ||||||
|  |      "chapAuthSession": { | ||||||
|  |       "type": "boolean", | ||||||
|  |       "description": "whether support iSCSI Session CHAP authentication" | ||||||
|  |      }, | ||||||
|  |      "secretRef": { | ||||||
|  |       "$ref": "v1.LocalObjectReference", | ||||||
|  |       "description": "CHAP secret for iSCSI target and initiator authentication" | ||||||
|  |      } | ||||||
|  |     } | ||||||
|  |    }, | ||||||
|  |    "v1.LocalObjectReference": { | ||||||
|  |     "id": "v1.LocalObjectReference", | ||||||
|  |     "description": "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.", | ||||||
|  |     "properties": { | ||||||
|  |      "name": { | ||||||
|  |       "type": "string", | ||||||
|  |       "description": "Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names" | ||||||
|      } |      } | ||||||
|     } |     } | ||||||
|    }, |    }, | ||||||
| @@ -2839,16 +2861,6 @@ | |||||||
|      } |      } | ||||||
|     } |     } | ||||||
|    }, |    }, | ||||||
|    "v1.LocalObjectReference": { |  | ||||||
|     "id": "v1.LocalObjectReference", |  | ||||||
|     "description": "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.", |  | ||||||
|     "properties": { |  | ||||||
|      "name": { |  | ||||||
|       "type": "string", |  | ||||||
|       "description": "Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names" |  | ||||||
|      } |  | ||||||
|     } |  | ||||||
|    }, |  | ||||||
|    "v1.FlexVolumeSource": { |    "v1.FlexVolumeSource": { | ||||||
|     "id": "v1.FlexVolumeSource", |     "id": "v1.FlexVolumeSource", | ||||||
|     "description": "FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. This is an alpha feature and may change in future.", |     "description": "FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. This is an alpha feature and may change in future.", | ||||||
|   | |||||||
| @@ -7183,6 +7183,28 @@ | |||||||
|        "type": "string" |        "type": "string" | ||||||
|       }, |       }, | ||||||
|       "description": "iSCSI target portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." |       "description": "iSCSI target portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." | ||||||
|  |      }, | ||||||
|  |      "chapAuthDiscovery": { | ||||||
|  |       "type": "boolean", | ||||||
|  |       "description": "whether support iSCSI Discovery CHAP authentication" | ||||||
|  |      }, | ||||||
|  |      "chapAuthSession": { | ||||||
|  |       "type": "boolean", | ||||||
|  |       "description": "whether support iSCSI Session CHAP authentication" | ||||||
|  |      }, | ||||||
|  |      "secretRef": { | ||||||
|  |       "$ref": "v1.LocalObjectReference", | ||||||
|  |       "description": "CHAP secret for iSCSI target and initiator authentication" | ||||||
|  |      } | ||||||
|  |     } | ||||||
|  |    }, | ||||||
|  |    "v1.LocalObjectReference": { | ||||||
|  |     "id": "v1.LocalObjectReference", | ||||||
|  |     "description": "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.", | ||||||
|  |     "properties": { | ||||||
|  |      "name": { | ||||||
|  |       "type": "string", | ||||||
|  |       "description": "Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names" | ||||||
|      } |      } | ||||||
|     } |     } | ||||||
|    }, |    }, | ||||||
| @@ -7270,16 +7292,6 @@ | |||||||
|      } |      } | ||||||
|     } |     } | ||||||
|    }, |    }, | ||||||
|    "v1.LocalObjectReference": { |  | ||||||
|     "id": "v1.LocalObjectReference", |  | ||||||
|     "description": "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.", |  | ||||||
|     "properties": { |  | ||||||
|      "name": { |  | ||||||
|       "type": "string", |  | ||||||
|       "description": "Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names" |  | ||||||
|      } |  | ||||||
|     } |  | ||||||
|    }, |  | ||||||
|    "v1.FlexVolumeSource": { |    "v1.FlexVolumeSource": { | ||||||
|     "id": "v1.FlexVolumeSource", |     "id": "v1.FlexVolumeSource", | ||||||
|     "description": "FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. This is an alpha feature and may change in future.", |     "description": "FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. This is an alpha feature and may change in future.", | ||||||
|   | |||||||
| @@ -1591,6 +1591,28 @@ | |||||||
|        "type": "string" |        "type": "string" | ||||||
|       }, |       }, | ||||||
|       "description": "iSCSI target portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." |       "description": "iSCSI target portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." | ||||||
|  |      }, | ||||||
|  |      "chapAuthDiscovery": { | ||||||
|  |       "type": "boolean", | ||||||
|  |       "description": "whether support iSCSI Discovery CHAP authentication" | ||||||
|  |      }, | ||||||
|  |      "chapAuthSession": { | ||||||
|  |       "type": "boolean", | ||||||
|  |       "description": "whether support iSCSI Session CHAP authentication" | ||||||
|  |      }, | ||||||
|  |      "secretRef": { | ||||||
|  |       "$ref": "v1.LocalObjectReference", | ||||||
|  |       "description": "CHAP secret for iSCSI target and initiator authentication" | ||||||
|  |      } | ||||||
|  |     } | ||||||
|  |    }, | ||||||
|  |    "v1.LocalObjectReference": { | ||||||
|  |     "id": "v1.LocalObjectReference", | ||||||
|  |     "description": "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.", | ||||||
|  |     "properties": { | ||||||
|  |      "name": { | ||||||
|  |       "type": "string", | ||||||
|  |       "description": "Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names" | ||||||
|      } |      } | ||||||
|     } |     } | ||||||
|    }, |    }, | ||||||
| @@ -1678,16 +1700,6 @@ | |||||||
|      } |      } | ||||||
|     } |     } | ||||||
|    }, |    }, | ||||||
|    "v1.LocalObjectReference": { |  | ||||||
|     "id": "v1.LocalObjectReference", |  | ||||||
|     "description": "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.", |  | ||||||
|     "properties": { |  | ||||||
|      "name": { |  | ||||||
|       "type": "string", |  | ||||||
|       "description": "Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names" |  | ||||||
|      } |  | ||||||
|     } |  | ||||||
|    }, |  | ||||||
|    "v1.FlexVolumeSource": { |    "v1.FlexVolumeSource": { | ||||||
|     "id": "v1.FlexVolumeSource", |     "id": "v1.FlexVolumeSource", | ||||||
|     "description": "FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. This is an alpha feature and may change in future.", |     "description": "FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. This is an alpha feature and may change in future.", | ||||||
|   | |||||||
| @@ -18242,6 +18242,18 @@ | |||||||
|        "type": "string" |        "type": "string" | ||||||
|       }, |       }, | ||||||
|       "description": "iSCSI target portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." |       "description": "iSCSI target portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." | ||||||
|  |      }, | ||||||
|  |      "chapAuthDiscovery": { | ||||||
|  |       "type": "boolean", | ||||||
|  |       "description": "whether support iSCSI Discovery CHAP authentication" | ||||||
|  |      }, | ||||||
|  |      "chapAuthSession": { | ||||||
|  |       "type": "boolean", | ||||||
|  |       "description": "whether support iSCSI Session CHAP authentication" | ||||||
|  |      }, | ||||||
|  |      "secretRef": { | ||||||
|  |       "$ref": "v1.LocalObjectReference", | ||||||
|  |       "description": "CHAP secret for iSCSI target and initiator authentication" | ||||||
|      } |      } | ||||||
|     } |     } | ||||||
|    }, |    }, | ||||||
|   | |||||||
| @@ -1880,6 +1880,27 @@ Populated by the system when a graceful deletion is requested. Read-only. More i | |||||||
| <td class="tableblock halign-left valign-top"><p class="tableblock">string array</p></td> | <td class="tableblock halign-left valign-top"><p class="tableblock">string array</p></td> | ||||||
| <td class="tableblock halign-left valign-top"></td> | <td class="tableblock halign-left valign-top"></td> | ||||||
| </tr> | </tr> | ||||||
|  | <tr> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">chapAuthDiscovery</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">whether support iSCSI Discovery CHAP authentication</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">boolean</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | </tr> | ||||||
|  | <tr> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">chapAuthSession</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">whether support iSCSI Session CHAP authentication</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">boolean</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | </tr> | ||||||
|  | <tr> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">secretRef</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">CHAP secret for iSCSI target and initiator authentication</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_v1_localobjectreference">v1.LocalObjectReference</a></p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"></td> | ||||||
|  | </tr> | ||||||
| </tbody> | </tbody> | ||||||
| </table> | </table> | ||||||
| 
 | 
 | ||||||
| @@ -6270,7 +6291,7 @@ Examples:<br> | |||||||
| </div> | </div> | ||||||
| <div id="footer"> | <div id="footer"> | ||||||
| <div id="footer-text"> | <div id="footer-text"> | ||||||
| Last updated 2017-03-28 17:18:11 UTC | Last updated 2017-04-05 12:44:27 UTC | ||||||
| </div> | </div> | ||||||
| </div> | </div> | ||||||
| </body> | </body> | ||||||
|   | |||||||
| @@ -2711,6 +2711,27 @@ Populated by the system when a graceful deletion is requested. Read-only. More i | |||||||
| <td class="tableblock halign-left valign-top"><p class="tableblock">string array</p></td> | <td class="tableblock halign-left valign-top"><p class="tableblock">string array</p></td> | ||||||
| <td class="tableblock halign-left valign-top"></td> | <td class="tableblock halign-left valign-top"></td> | ||||||
| </tr> | </tr> | ||||||
|  | <tr> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">chapAuthDiscovery</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">whether support iSCSI Discovery CHAP authentication</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">boolean</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | </tr> | ||||||
|  | <tr> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">chapAuthSession</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">whether support iSCSI Session CHAP authentication</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">boolean</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | </tr> | ||||||
|  | <tr> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">secretRef</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">CHAP secret for iSCSI target and initiator authentication</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_v1_localobjectreference">v1.LocalObjectReference</a></p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"></td> | ||||||
|  | </tr> | ||||||
| </tbody> | </tbody> | ||||||
| </table> | </table> | ||||||
| 
 | 
 | ||||||
| @@ -5512,7 +5533,7 @@ Examples:<br> | |||||||
| </div> | </div> | ||||||
| <div id="footer"> | <div id="footer"> | ||||||
| <div id="footer-text"> | <div id="footer-text"> | ||||||
| Last updated 2017-03-28 17:18:59 UTC | Last updated 2017-04-05 12:45:07 UTC | ||||||
| </div> | </div> | ||||||
| </div> | </div> | ||||||
| </body> | </body> | ||||||
|   | |||||||
| @@ -2642,6 +2642,27 @@ Populated by the system when a graceful deletion is requested. Read-only. More i | |||||||
| <td class="tableblock halign-left valign-top"><p class="tableblock">string array</p></td> | <td class="tableblock halign-left valign-top"><p class="tableblock">string array</p></td> | ||||||
| <td class="tableblock halign-left valign-top"></td> | <td class="tableblock halign-left valign-top"></td> | ||||||
| </tr> | </tr> | ||||||
|  | <tr> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">chapAuthDiscovery</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">whether support iSCSI Discovery CHAP authentication</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">boolean</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | </tr> | ||||||
|  | <tr> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">chapAuthSession</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">whether support iSCSI Session CHAP authentication</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">boolean</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | </tr> | ||||||
|  | <tr> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">secretRef</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">CHAP secret for iSCSI target and initiator authentication</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_v1_localobjectreference">v1.LocalObjectReference</a></p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"></td> | ||||||
|  | </tr> | ||||||
| </tbody> | </tbody> | ||||||
| </table> | </table> | ||||||
| 
 | 
 | ||||||
| @@ -2984,47 +3005,6 @@ Populated by the system when a graceful deletion is requested. Read-only. More i | |||||||
| </tbody> | </tbody> | ||||||
| </table> | </table> | ||||||
| 
 | 
 | ||||||
| </div> |  | ||||||
| <div class="sect2"> |  | ||||||
| <h3 id="_v1_persistentvolumeclaimvolumesource">v1.PersistentVolumeClaimVolumeSource</h3> |  | ||||||
| <div class="paragraph"> |  | ||||||
| <p>PersistentVolumeClaimVolumeSource references the user’s PVC in the same namespace. This volume finds the bound PV and mounts that volume for the pod. A PersistentVolumeClaimVolumeSource is, essentially, a wrapper around another type of volume that is owned by someone else (the system).</p> |  | ||||||
| </div> |  | ||||||
| <table class="tableblock frame-all grid-all" style="width:100%; "> |  | ||||||
| <colgroup> |  | ||||||
| <col style="width:20%;"> |  | ||||||
| <col style="width:20%;"> |  | ||||||
| <col style="width:20%;"> |  | ||||||
| <col style="width:20%;"> |  | ||||||
| <col style="width:20%;">  |  | ||||||
| </colgroup> |  | ||||||
| <thead> |  | ||||||
| <tr> |  | ||||||
| <th class="tableblock halign-left valign-top">Name</th> |  | ||||||
| <th class="tableblock halign-left valign-top">Description</th> |  | ||||||
| <th class="tableblock halign-left valign-top">Required</th> |  | ||||||
| <th class="tableblock halign-left valign-top">Schema</th> |  | ||||||
| <th class="tableblock halign-left valign-top">Default</th> |  | ||||||
| </tr> |  | ||||||
| </thead> |  | ||||||
| <tbody> |  | ||||||
| <tr> |  | ||||||
| <td class="tableblock halign-left valign-top"><p class="tableblock">claimName</p></td> |  | ||||||
| <td class="tableblock halign-left valign-top"><p class="tableblock">ClaimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: <a href="http://kubernetes.io/docs/user-guide/persistent-volumes#persistentvolumeclaims">http://kubernetes.io/docs/user-guide/persistent-volumes#persistentvolumeclaims</a></p></td> |  | ||||||
| <td class="tableblock halign-left valign-top"><p class="tableblock">true</p></td> |  | ||||||
| <td class="tableblock halign-left valign-top"><p class="tableblock">string</p></td> |  | ||||||
| <td class="tableblock halign-left valign-top"></td> |  | ||||||
| </tr> |  | ||||||
| <tr> |  | ||||||
| <td class="tableblock halign-left valign-top"><p class="tableblock">readOnly</p></td> |  | ||||||
| <td class="tableblock halign-left valign-top"><p class="tableblock">Will force the ReadOnly setting in VolumeMounts. Default false.</p></td> |  | ||||||
| <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> |  | ||||||
| <td class="tableblock halign-left valign-top"><p class="tableblock">boolean</p></td> |  | ||||||
| <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> |  | ||||||
| </tr> |  | ||||||
| </tbody> |  | ||||||
| </table> |  | ||||||
| 
 |  | ||||||
| </div> | </div> | ||||||
| <div class="sect2"> | <div class="sect2"> | ||||||
| <h3 id="_v1_awselasticblockstorevolumesource">v1.AWSElasticBlockStoreVolumeSource</h3> | <h3 id="_v1_awselasticblockstorevolumesource">v1.AWSElasticBlockStoreVolumeSource</h3> | ||||||
| @@ -3124,6 +3104,47 @@ Populated by the system when a graceful deletion is requested. Read-only. More i | |||||||
| </tbody> | </tbody> | ||||||
| </table> | </table> | ||||||
| 
 | 
 | ||||||
|  | </div> | ||||||
|  | <div class="sect2"> | ||||||
|  | <h3 id="_v1_persistentvolumeclaimvolumesource">v1.PersistentVolumeClaimVolumeSource</h3> | ||||||
|  | <div class="paragraph"> | ||||||
|  | <p>PersistentVolumeClaimVolumeSource references the user’s PVC in the same namespace. This volume finds the bound PV and mounts that volume for the pod. A PersistentVolumeClaimVolumeSource is, essentially, a wrapper around another type of volume that is owned by someone else (the system).</p> | ||||||
|  | </div> | ||||||
|  | <table class="tableblock frame-all grid-all" style="width:100%; "> | ||||||
|  | <colgroup> | ||||||
|  | <col style="width:20%;"> | ||||||
|  | <col style="width:20%;"> | ||||||
|  | <col style="width:20%;"> | ||||||
|  | <col style="width:20%;"> | ||||||
|  | <col style="width:20%;">  | ||||||
|  | </colgroup> | ||||||
|  | <thead> | ||||||
|  | <tr> | ||||||
|  | <th class="tableblock halign-left valign-top">Name</th> | ||||||
|  | <th class="tableblock halign-left valign-top">Description</th> | ||||||
|  | <th class="tableblock halign-left valign-top">Required</th> | ||||||
|  | <th class="tableblock halign-left valign-top">Schema</th> | ||||||
|  | <th class="tableblock halign-left valign-top">Default</th> | ||||||
|  | </tr> | ||||||
|  | </thead> | ||||||
|  | <tbody> | ||||||
|  | <tr> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">claimName</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">ClaimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: <a href="http://kubernetes.io/docs/user-guide/persistent-volumes#persistentvolumeclaims">http://kubernetes.io/docs/user-guide/persistent-volumes#persistentvolumeclaims</a></p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">true</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">string</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"></td> | ||||||
|  | </tr> | ||||||
|  | <tr> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">readOnly</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">Will force the ReadOnly setting in VolumeMounts. Default false.</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">boolean</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | </tr> | ||||||
|  | </tbody> | ||||||
|  | </table> | ||||||
|  | 
 | ||||||
| </div> | </div> | ||||||
| <div class="sect2"> | <div class="sect2"> | ||||||
| <h3 id="_v1_flockervolumesource">v1.FlockerVolumeSource</h3> | <h3 id="_v1_flockervolumesource">v1.FlockerVolumeSource</h3> | ||||||
| @@ -5608,7 +5629,7 @@ Examples:<br> | |||||||
| </div> | </div> | ||||||
| <div id="footer"> | <div id="footer"> | ||||||
| <div id="footer-text"> | <div id="footer-text"> | ||||||
| Last updated 2017-03-28 20:12:14 UTC | Last updated 2017-04-05 12:45:13 UTC | ||||||
| </div> | </div> | ||||||
| </div> | </div> | ||||||
| </body> | </body> | ||||||
|   | |||||||
| @@ -2445,6 +2445,27 @@ Populated by the system when a graceful deletion is requested. Read-only. More i | |||||||
| <td class="tableblock halign-left valign-top"><p class="tableblock">string array</p></td> | <td class="tableblock halign-left valign-top"><p class="tableblock">string array</p></td> | ||||||
| <td class="tableblock halign-left valign-top"></td> | <td class="tableblock halign-left valign-top"></td> | ||||||
| </tr> | </tr> | ||||||
|  | <tr> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">chapAuthDiscovery</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">whether support iSCSI Discovery CHAP authentication</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">boolean</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | </tr> | ||||||
|  | <tr> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">chapAuthSession</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">whether support iSCSI Session CHAP authentication</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">boolean</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | </tr> | ||||||
|  | <tr> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">secretRef</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">CHAP secret for iSCSI target and initiator authentication</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_v1_localobjectreference">v1.LocalObjectReference</a></p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"></td> | ||||||
|  | </tr> | ||||||
| </tbody> | </tbody> | ||||||
| </table> | </table> | ||||||
| 
 | 
 | ||||||
| @@ -7917,7 +7938,7 @@ Both these may change in the future. Incoming requests are matched against the h | |||||||
| </div> | </div> | ||||||
| <div id="footer"> | <div id="footer"> | ||||||
| <div id="footer-text"> | <div id="footer-text"> | ||||||
| Last updated 2017-03-28 17:19:22 UTC | Last updated 2017-04-05 12:45:25 UTC | ||||||
| </div> | </div> | ||||||
| </div> | </div> | ||||||
| </body> | </body> | ||||||
|   | |||||||
| @@ -2021,6 +2021,27 @@ Populated by the system when a graceful deletion is requested. Read-only. More i | |||||||
| <td class="tableblock halign-left valign-top"><p class="tableblock">string array</p></td> | <td class="tableblock halign-left valign-top"><p class="tableblock">string array</p></td> | ||||||
| <td class="tableblock halign-left valign-top"></td> | <td class="tableblock halign-left valign-top"></td> | ||||||
| </tr> | </tr> | ||||||
|  | <tr> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">chapAuthDiscovery</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">whether support iSCSI Discovery CHAP authentication</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">boolean</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | </tr> | ||||||
|  | <tr> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">chapAuthSession</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">whether support iSCSI Session CHAP authentication</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">boolean</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | </tr> | ||||||
|  | <tr> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">secretRef</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">CHAP secret for iSCSI target and initiator authentication</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_v1_localobjectreference">v1.LocalObjectReference</a></p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"></td> | ||||||
|  | </tr> | ||||||
| </tbody> | </tbody> | ||||||
| </table> | </table> | ||||||
| 
 | 
 | ||||||
| @@ -3806,7 +3827,7 @@ Examples:<br> | |||||||
| </div> | </div> | ||||||
| <div id="footer"> | <div id="footer"> | ||||||
| <div id="footer-text"> | <div id="footer-text"> | ||||||
| Last updated 2017-03-28 17:19:50 UTC | Last updated 2017-04-05 12:45:49 UTC | ||||||
| </div> | </div> | ||||||
| </div> | </div> | ||||||
| </body> | </body> | ||||||
|   | |||||||
| @@ -2612,6 +2612,27 @@ Populated by the system when a graceful deletion is requested. Read-only. More i | |||||||
| <td class="tableblock halign-left valign-top"><p class="tableblock">string array</p></td> | <td class="tableblock halign-left valign-top"><p class="tableblock">string array</p></td> | ||||||
| <td class="tableblock halign-left valign-top"></td> | <td class="tableblock halign-left valign-top"></td> | ||||||
| </tr> | </tr> | ||||||
|  | <tr> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">chapAuthDiscovery</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">whether support iSCSI Discovery CHAP authentication</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">boolean</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | </tr> | ||||||
|  | <tr> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">chapAuthSession</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">whether support iSCSI Session CHAP authentication</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">boolean</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | </tr> | ||||||
|  | <tr> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">secretRef</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">CHAP secret for iSCSI target and initiator authentication</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_v1_localobjectreference">v1.LocalObjectReference</a></p></td> | ||||||
|  | <td class="tableblock halign-left valign-top"></td> | ||||||
|  | </tr> | ||||||
| </tbody> | </tbody> | ||||||
| </table> | </table> | ||||||
| 
 | 
 | ||||||
| @@ -9857,7 +9878,7 @@ Examples:<br> | |||||||
| </div> | </div> | ||||||
| <div id="footer"> | <div id="footer"> | ||||||
| <div id="footer-text"> | <div id="footer-text"> | ||||||
| Last updated 2017-03-28 17:18:02 UTC | Last updated 2017-04-05 12:44:20 UTC | ||||||
| </div> | </div> | ||||||
| </div> | </div> | ||||||
| </body> | </body> | ||||||
|   | |||||||
| @@ -201,7 +201,9 @@ func TestExampleObjectSchemas(t *testing.T) { | |||||||
| 			"redis-slave-service":     &api.Service{}, | 			"redis-slave-service":     &api.Service{}, | ||||||
| 		}, | 		}, | ||||||
| 		"../examples/volumes/iscsi": { | 		"../examples/volumes/iscsi": { | ||||||
|  | 			"chap-secret": &api.Secret{}, | ||||||
| 			"iscsi":       &api.Pod{}, | 			"iscsi":       &api.Pod{}, | ||||||
|  | 			"iscsi-chap":  &api.Pod{}, | ||||||
| 		}, | 		}, | ||||||
| 		"../examples/volumes/glusterfs": { | 		"../examples/volumes/glusterfs": { | ||||||
| 			"glusterfs-pod":       &api.Pod{}, | 			"glusterfs-pod":       &api.Pod{}, | ||||||
| @@ -405,7 +407,7 @@ func TestReadme(t *testing.T) { | |||||||
| 		expectedType []runtime.Object | 		expectedType []runtime.Object | ||||||
| 	}{ | 	}{ | ||||||
| 		{"../README.md", []runtime.Object{&api.Pod{}}}, | 		{"../README.md", []runtime.Object{&api.Pod{}}}, | ||||||
| 		{"../examples/volumes/iscsi/README.md", []runtime.Object{&api.Pod{}}}, | 		{"../examples/volumes/iscsi/README.md", []runtime.Object{&api.Secret{}}}, | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
| 	for _, path := range paths { | 	for _, path := range paths { | ||||||
|   | |||||||
| @@ -5,6 +5,7 @@ Currently supported features are | |||||||
|   * Connecting to one portal |   * Connecting to one portal | ||||||
|   * Mounting a device directly or via multipathd |   * Mounting a device directly or via multipathd | ||||||
|   * Formatting and partitioning any new device connected |   * Formatting and partitioning any new device connected | ||||||
|  |   * CHAP authentication | ||||||
|  |  | ||||||
| ## Prerequisites | ## Prerequisites | ||||||
|  |  | ||||||
| @@ -26,6 +27,48 @@ If you want to use an iSCSI offload card or other open-iscsi transports besides | |||||||
| may have partitioned the device, the iSCSI volume plugin does not | may have partitioned the device, the iSCSI volume plugin does not | ||||||
| currently support partitions so format the device as one partition or leave the device raw and Kubernetes will partition and format it one first mount. | currently support partitions so format the device as one partition or leave the device raw and Kubernetes will partition and format it one first mount. | ||||||
|  |  | ||||||
|  | ### CHAP Authentication | ||||||
|  |  | ||||||
|  | To enable one-way or two-way CHAP authentication for discovery or session, following these steps. | ||||||
|  |  | ||||||
|  |  * Set `chapAuthDiscovery` to `true` for discovery authentication. | ||||||
|  |  * Set `chapAuthSession` to `true` for session authentication. | ||||||
|  |  * Create a CHAP secret and set `secretRef` to reference the CHAP secret. | ||||||
|  |  | ||||||
|  |  | ||||||
|  | Example can be found at [iscsi-chap.yaml](iscsi-chap.yaml) | ||||||
|  |  | ||||||
|  | ### CHAP Secret | ||||||
|  |  | ||||||
|  | As illustrated in [chap-secret.yaml](chap-secret.yaml), the secret must have type `kubernetes.io/iscsi-chap` and consists of the following keys: | ||||||
|  |  | ||||||
|  | ```yaml | ||||||
|  | --- | ||||||
|  | apiVersion: v1 | ||||||
|  | kind: Secret | ||||||
|  | metadata: | ||||||
|  |   name: chap-secret | ||||||
|  | type: "kubernetes.io/iscsi-chap"   | ||||||
|  | data: | ||||||
|  |   discovery.sendtargets.auth.username:  | ||||||
|  |   discovery.sendtargets.auth.password:  | ||||||
|  |   discovery.sendtargets.auth.username_in:  | ||||||
|  |   discovery.sendtargets.auth.password_in:  | ||||||
|  |   node.session.auth.username:  | ||||||
|  |   node.session.auth.password:  | ||||||
|  |   node.session.auth.username_in:  | ||||||
|  |   node.session.auth.password_in:  | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | These keys map to those used by Open-iSCSI initiator. Detailed documents on these keys can be found at [Open-iSCSI](https://github.com/open-iscsi/open-iscsi/blob/master/etc/iscsid.conf) | ||||||
|  |  | ||||||
|  | #### Create CHAP secret before creating iSCSI volumes and Pods | ||||||
|  |  | ||||||
|  | ```console | ||||||
|  | # kubectl create -f examples/volumes/iscsi/chap-iscsi.yaml | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
| Once the pod config is created, run it on the Kubernetes master: | Once the pod config is created, run it on the Kubernetes master: | ||||||
|  |  | ||||||
|   | |||||||
							
								
								
									
										15
									
								
								examples/volumes/iscsi/chap-secret.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										15
									
								
								examples/volumes/iscsi/chap-secret.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,15 @@ | |||||||
|  | --- | ||||||
|  | apiVersion: v1 | ||||||
|  | kind: Secret | ||||||
|  | metadata: | ||||||
|  |   name: chap-secret | ||||||
|  | type: "kubernetes.io/iscsi-chap"   | ||||||
|  | data: | ||||||
|  |   discovery.sendtargets.auth.username: dXNlcg== | ||||||
|  |   discovery.sendtargets.auth.password: ZGVtbw== | ||||||
|  |   discovery.sendtargets.auth.username_in: bXVzZXI= | ||||||
|  |   discovery.sendtargets.auth.password_in: bXBhc3M= | ||||||
|  |   node.session.auth.username: dXNlcm5hbWU= | ||||||
|  |   node.session.auth.password: cGFzc3dvcmQ= | ||||||
|  |   node.session.auth.username_in: bXVzZXIy | ||||||
|  |   node.session.auth.password_in: bXBhc3My | ||||||
							
								
								
									
										24
									
								
								examples/volumes/iscsi/iscsi-chap.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										24
									
								
								examples/volumes/iscsi/iscsi-chap.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,24 @@ | |||||||
|  | --- | ||||||
|  | apiVersion: v1 | ||||||
|  | kind: Pod | ||||||
|  | metadata: | ||||||
|  |   name: iscsipd | ||||||
|  | spec: | ||||||
|  |   containers: | ||||||
|  |   - name: iscsipd-ro | ||||||
|  |     image: kubernetes/pause | ||||||
|  |     volumeMounts: | ||||||
|  |     - mountPath: "/mnt/iscsipd" | ||||||
|  |       name: iscsivol | ||||||
|  |   volumes: | ||||||
|  |   - name: iscsivol | ||||||
|  |     iscsi: | ||||||
|  |       targetPortal: 127.0.0.1 | ||||||
|  |       iqn: iqn.2015-02.example.com:test | ||||||
|  |       lun: 0 | ||||||
|  |       fsType: ext4 | ||||||
|  |       readOnly: true | ||||||
|  |       chapAuthDiscovery: true | ||||||
|  |       chapAuthSession: true | ||||||
|  |       secretRef:  | ||||||
|  |          name: chap-secret | ||||||
| @@ -10208,6 +10208,14 @@ | |||||||
|      "lun" |      "lun" | ||||||
|     ], |     ], | ||||||
|     "properties": { |     "properties": { | ||||||
|  |      "chapAuthDiscovery": { | ||||||
|  |       "description": "whether support iSCSI Discovery CHAP authentication", | ||||||
|  |       "type": "boolean" | ||||||
|  |      }, | ||||||
|  |      "chapAuthSession": { | ||||||
|  |       "description": "whether support iSCSI Session CHAP authentication", | ||||||
|  |       "type": "boolean" | ||||||
|  |      }, | ||||||
|      "fsType": { |      "fsType": { | ||||||
|       "description": "Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#iscsi", |       "description": "Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#iscsi", | ||||||
|       "type": "string" |       "type": "string" | ||||||
| @@ -10236,6 +10244,10 @@ | |||||||
|       "description": "ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.", |       "description": "ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.", | ||||||
|       "type": "boolean" |       "type": "boolean" | ||||||
|      }, |      }, | ||||||
|  |      "secretRef": { | ||||||
|  |       "description": "CHAP secret for iSCSI target and initiator authentication", | ||||||
|  |       "$ref": "#/definitions/io.k8s.kubernetes.pkg.api.v1.LocalObjectReference" | ||||||
|  |      }, | ||||||
|      "targetPortal": { |      "targetPortal": { | ||||||
|       "description": "iSCSI target portal. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", |       "description": "iSCSI target portal. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", | ||||||
|       "type": "string" |       "type": "string" | ||||||
|   | |||||||
| @@ -88,6 +88,10 @@ func VisitPodSecretNames(pod *api.Pod, visitor func(string) bool) bool { | |||||||
| 			if source.ScaleIO.SecretRef != nil && !visitor(source.ScaleIO.SecretRef.Name) { | 			if source.ScaleIO.SecretRef != nil && !visitor(source.ScaleIO.SecretRef.Name) { | ||||||
| 				return false | 				return false | ||||||
| 			} | 			} | ||||||
|  | 		case source.ISCSI != nil: | ||||||
|  | 			if source.ISCSI.SecretRef != nil && !visitor(source.ISCSI.SecretRef.Name) { | ||||||
|  | 				return false | ||||||
|  | 			} | ||||||
| 		} | 		} | ||||||
| 	} | 	} | ||||||
| 	return true | 	return true | ||||||
|   | |||||||
| @@ -85,7 +85,11 @@ func TestPodSecrets(t *testing.T) { | |||||||
| 				VolumeSource: api.VolumeSource{ | 				VolumeSource: api.VolumeSource{ | ||||||
| 					ScaleIO: &api.ScaleIOVolumeSource{ | 					ScaleIO: &api.ScaleIOVolumeSource{ | ||||||
| 						SecretRef: &api.LocalObjectReference{ | 						SecretRef: &api.LocalObjectReference{ | ||||||
| 							Name: "Spec.Volumes[*].VolumeSource.ScaleIO.SecretRef"}}}}}, | 							Name: "Spec.Volumes[*].VolumeSource.ScaleIO.SecretRef"}}}}, { | ||||||
|  | 				VolumeSource: api.VolumeSource{ | ||||||
|  | 					ISCSI: &api.ISCSIVolumeSource{ | ||||||
|  | 						SecretRef: &api.LocalObjectReference{ | ||||||
|  | 							Name: "Spec.Volumes[*].VolumeSource.ISCSI.SecretRef"}}}}}, | ||||||
| 		}, | 		}, | ||||||
| 	} | 	} | ||||||
| 	extractedNames := sets.NewString() | 	extractedNames := sets.NewString() | ||||||
| @@ -114,6 +118,7 @@ func TestPodSecrets(t *testing.T) { | |||||||
| 		"Spec.Volumes[*].VolumeSource.Secret", | 		"Spec.Volumes[*].VolumeSource.Secret", | ||||||
| 		"Spec.Volumes[*].VolumeSource.Secret.SecretName", | 		"Spec.Volumes[*].VolumeSource.Secret.SecretName", | ||||||
| 		"Spec.Volumes[*].VolumeSource.ScaleIO.SecretRef", | 		"Spec.Volumes[*].VolumeSource.ScaleIO.SecretRef", | ||||||
|  | 		"Spec.Volumes[*].VolumeSource.ISCSI.SecretRef", | ||||||
| 	) | 	) | ||||||
| 	secretPaths := collectSecretPaths(t, nil, "", reflect.TypeOf(&api.Pod{})) | 	secretPaths := collectSecretPaths(t, nil, "", reflect.TypeOf(&api.Pod{})) | ||||||
| 	secretPaths = secretPaths.Difference(excludedSecretPaths) | 	secretPaths = secretPaths.Difference(excludedSecretPaths) | ||||||
|   | |||||||
| @@ -653,10 +653,20 @@ type ISCSIVolumeSource struct { | |||||||
| 	// the ReadOnly setting in VolumeMounts. | 	// the ReadOnly setting in VolumeMounts. | ||||||
| 	// +optional | 	// +optional | ||||||
| 	ReadOnly bool | 	ReadOnly bool | ||||||
| 	// Required: list of iSCSI target portal ips for high availability. | 	// Optional: list of iSCSI target portal ips for high availability. | ||||||
| 	// the portal is either an IP or ip_addr:port if port is other than default (typically TCP ports 860 and 3260) | 	// the portal is either an IP or ip_addr:port if port is other than default (typically TCP ports 860 and 3260) | ||||||
| 	// +optional | 	// +optional | ||||||
| 	Portals []string | 	Portals []string | ||||||
|  | 	// Optional: whether support iSCSI Discovery CHAP authentication | ||||||
|  | 	// +optional | ||||||
|  | 	DiscoveryCHAPAuth bool | ||||||
|  | 	// Optional: whether support iSCSI Session CHAP authentication | ||||||
|  | 	// +optional | ||||||
|  | 	SessionCHAPAuth bool | ||||||
|  | 	// Optional: CHAP secret for iSCSI target and initiator authentication. | ||||||
|  | 	// The secret is used if either DiscoveryCHAPAuth or SessionCHAPAuth is true | ||||||
|  | 	// +optional | ||||||
|  | 	SecretRef *LocalObjectReference | ||||||
| } | } | ||||||
|  |  | ||||||
| // Represents a Fibre Channel volume. | // Represents a Fibre Channel volume. | ||||||
|   | |||||||
										
											
												File diff suppressed because it is too large
												Load Diff
											
										
									
								
							| @@ -1227,6 +1227,18 @@ message ISCSIVolumeSource { | |||||||
|   // is other than default (typically TCP ports 860 and 3260). |   // is other than default (typically TCP ports 860 and 3260). | ||||||
|   // +optional |   // +optional | ||||||
|   repeated string portals = 7; |   repeated string portals = 7; | ||||||
|  | 
 | ||||||
|  |   // whether support iSCSI Discovery CHAP authentication | ||||||
|  |   // +optional | ||||||
|  |   optional bool chapAuthDiscovery = 8; | ||||||
|  | 
 | ||||||
|  |   // whether support iSCSI Session CHAP authentication | ||||||
|  |   // +optional | ||||||
|  |   optional bool chapAuthSession = 11; | ||||||
|  | 
 | ||||||
|  |   // CHAP secret for iSCSI target and initiator authentication | ||||||
|  |   // +optional | ||||||
|  |   optional LocalObjectReference secretRef = 10; | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| // Maps a string key to a path within a volume. | // Maps a string key to a path within a volume. | ||||||
|   | |||||||
| @@ -176,7 +176,10 @@ func VisitPodSecretNames(pod *v1.Pod, visitor func(string) bool) bool { | |||||||
| 			if source.ScaleIO.SecretRef != nil && !visitor(source.ScaleIO.SecretRef.Name) { | 			if source.ScaleIO.SecretRef != nil && !visitor(source.ScaleIO.SecretRef.Name) { | ||||||
| 				return false | 				return false | ||||||
| 			} | 			} | ||||||
|  | 		case source.ISCSI != nil: | ||||||
|  | 			if source.ISCSI.SecretRef != nil && !visitor(source.ISCSI.SecretRef.Name) { | ||||||
|  | 				return false | ||||||
|  | 			} | ||||||
| 		} | 		} | ||||||
| 	} | 	} | ||||||
| 	return true | 	return true | ||||||
|   | |||||||
| @@ -253,7 +253,11 @@ func TestPodSecrets(t *testing.T) { | |||||||
| 				VolumeSource: v1.VolumeSource{ | 				VolumeSource: v1.VolumeSource{ | ||||||
| 					ScaleIO: &v1.ScaleIOVolumeSource{ | 					ScaleIO: &v1.ScaleIOVolumeSource{ | ||||||
| 						SecretRef: &v1.LocalObjectReference{ | 						SecretRef: &v1.LocalObjectReference{ | ||||||
| 							Name: "Spec.Volumes[*].VolumeSource.ScaleIO.SecretRef"}}}}}, | 							Name: "Spec.Volumes[*].VolumeSource.ScaleIO.SecretRef"}}}}, { | ||||||
|  | 				VolumeSource: v1.VolumeSource{ | ||||||
|  | 					ISCSI: &v1.ISCSIVolumeSource{ | ||||||
|  | 						SecretRef: &v1.LocalObjectReference{ | ||||||
|  | 							Name: "Spec.Volumes[*].VolumeSource.ISCSI.SecretRef"}}}}}, | ||||||
| 		}, | 		}, | ||||||
| 	} | 	} | ||||||
| 	extractedNames := sets.NewString() | 	extractedNames := sets.NewString() | ||||||
| @@ -282,6 +286,7 @@ func TestPodSecrets(t *testing.T) { | |||||||
| 		"Spec.Volumes[*].VolumeSource.Secret", | 		"Spec.Volumes[*].VolumeSource.Secret", | ||||||
| 		"Spec.Volumes[*].VolumeSource.Secret.SecretName", | 		"Spec.Volumes[*].VolumeSource.Secret.SecretName", | ||||||
| 		"Spec.Volumes[*].VolumeSource.ScaleIO.SecretRef", | 		"Spec.Volumes[*].VolumeSource.ScaleIO.SecretRef", | ||||||
|  | 		"Spec.Volumes[*].VolumeSource.ISCSI.SecretRef", | ||||||
| 	) | 	) | ||||||
| 	secretPaths := collectSecretPaths(t, nil, "", reflect.TypeOf(&v1.Pod{})) | 	secretPaths := collectSecretPaths(t, nil, "", reflect.TypeOf(&v1.Pod{})) | ||||||
| 	secretPaths = secretPaths.Difference(excludedSecretPaths) | 	secretPaths = secretPaths.Difference(excludedSecretPaths) | ||||||
|   | |||||||
| @@ -15958,16 +15958,19 @@ func (x *ISCSIVolumeSource) CodecEncodeSelf(e *codec1978.Encoder) { | |||||||
| 		} else { | 		} else { | ||||||
| 			yysep2 := !z.EncBinary() | 			yysep2 := !z.EncBinary() | ||||||
| 			yy2arr2 := z.EncBasicHandle().StructToArray | 			yy2arr2 := z.EncBasicHandle().StructToArray | ||||||
| 			var yyq2 [7]bool | 			var yyq2 [10]bool | ||||||
| 			_, _, _ = yysep2, yyq2, yy2arr2 | 			_, _, _ = yysep2, yyq2, yy2arr2 | ||||||
| 			const yyr2 bool = false | 			const yyr2 bool = false | ||||||
| 			yyq2[3] = x.ISCSIInterface != "" | 			yyq2[3] = x.ISCSIInterface != "" | ||||||
| 			yyq2[4] = x.FSType != "" | 			yyq2[4] = x.FSType != "" | ||||||
| 			yyq2[5] = x.ReadOnly != false | 			yyq2[5] = x.ReadOnly != false | ||||||
| 			yyq2[6] = len(x.Portals) != 0 | 			yyq2[6] = len(x.Portals) != 0 | ||||||
|  | 			yyq2[7] = x.DiscoveryCHAPAuth != false | ||||||
|  | 			yyq2[8] = x.SessionCHAPAuth != false | ||||||
|  | 			yyq2[9] = x.SecretRef != nil | ||||||
| 			var yynn2 int | 			var yynn2 int | ||||||
| 			if yyr2 || yy2arr2 { | 			if yyr2 || yy2arr2 { | ||||||
| 				r.EncodeArrayStart(7) | 				r.EncodeArrayStart(10) | ||||||
| 			} else { | 			} else { | ||||||
| 				yynn2 = 3 | 				yynn2 = 3 | ||||||
| 				for _, b := range yyq2 { | 				for _, b := range yyq2 { | ||||||
| @@ -16143,6 +16146,79 @@ func (x *ISCSIVolumeSource) CodecEncodeSelf(e *codec1978.Encoder) { | |||||||
| 					} | 					} | ||||||
| 				} | 				} | ||||||
| 			} | 			} | ||||||
|  | 			if yyr2 || yy2arr2 { | ||||||
|  | 				z.EncSendContainerState(codecSelfer_containerArrayElem1234) | ||||||
|  | 				if yyq2[7] { | ||||||
|  | 					yym25 := z.EncBinary() | ||||||
|  | 					_ = yym25 | ||||||
|  | 					if false { | ||||||
|  | 					} else { | ||||||
|  | 						r.EncodeBool(bool(x.DiscoveryCHAPAuth)) | ||||||
|  | 					} | ||||||
|  | 				} else { | ||||||
|  | 					r.EncodeBool(false) | ||||||
|  | 				} | ||||||
|  | 			} else { | ||||||
|  | 				if yyq2[7] { | ||||||
|  | 					z.EncSendContainerState(codecSelfer_containerMapKey1234) | ||||||
|  | 					r.EncodeString(codecSelferC_UTF81234, string("chapAuthDiscovery")) | ||||||
|  | 					z.EncSendContainerState(codecSelfer_containerMapValue1234) | ||||||
|  | 					yym26 := z.EncBinary() | ||||||
|  | 					_ = yym26 | ||||||
|  | 					if false { | ||||||
|  | 					} else { | ||||||
|  | 						r.EncodeBool(bool(x.DiscoveryCHAPAuth)) | ||||||
|  | 					} | ||||||
|  | 				} | ||||||
|  | 			} | ||||||
|  | 			if yyr2 || yy2arr2 { | ||||||
|  | 				z.EncSendContainerState(codecSelfer_containerArrayElem1234) | ||||||
|  | 				if yyq2[8] { | ||||||
|  | 					yym28 := z.EncBinary() | ||||||
|  | 					_ = yym28 | ||||||
|  | 					if false { | ||||||
|  | 					} else { | ||||||
|  | 						r.EncodeBool(bool(x.SessionCHAPAuth)) | ||||||
|  | 					} | ||||||
|  | 				} else { | ||||||
|  | 					r.EncodeBool(false) | ||||||
|  | 				} | ||||||
|  | 			} else { | ||||||
|  | 				if yyq2[8] { | ||||||
|  | 					z.EncSendContainerState(codecSelfer_containerMapKey1234) | ||||||
|  | 					r.EncodeString(codecSelferC_UTF81234, string("chapAuthSession")) | ||||||
|  | 					z.EncSendContainerState(codecSelfer_containerMapValue1234) | ||||||
|  | 					yym29 := z.EncBinary() | ||||||
|  | 					_ = yym29 | ||||||
|  | 					if false { | ||||||
|  | 					} else { | ||||||
|  | 						r.EncodeBool(bool(x.SessionCHAPAuth)) | ||||||
|  | 					} | ||||||
|  | 				} | ||||||
|  | 			} | ||||||
|  | 			if yyr2 || yy2arr2 { | ||||||
|  | 				z.EncSendContainerState(codecSelfer_containerArrayElem1234) | ||||||
|  | 				if yyq2[9] { | ||||||
|  | 					if x.SecretRef == nil { | ||||||
|  | 						r.EncodeNil() | ||||||
|  | 					} else { | ||||||
|  | 						x.SecretRef.CodecEncodeSelf(e) | ||||||
|  | 					} | ||||||
|  | 				} else { | ||||||
|  | 					r.EncodeNil() | ||||||
|  | 				} | ||||||
|  | 			} else { | ||||||
|  | 				if yyq2[9] { | ||||||
|  | 					z.EncSendContainerState(codecSelfer_containerMapKey1234) | ||||||
|  | 					r.EncodeString(codecSelferC_UTF81234, string("secretRef")) | ||||||
|  | 					z.EncSendContainerState(codecSelfer_containerMapValue1234) | ||||||
|  | 					if x.SecretRef == nil { | ||||||
|  | 						r.EncodeNil() | ||||||
|  | 					} else { | ||||||
|  | 						x.SecretRef.CodecEncodeSelf(e) | ||||||
|  | 					} | ||||||
|  | 				} | ||||||
|  | 			} | ||||||
| 			if yyr2 || yy2arr2 { | 			if yyr2 || yy2arr2 { | ||||||
| 				z.EncSendContainerState(codecSelfer_containerArrayEnd1234) | 				z.EncSendContainerState(codecSelfer_containerArrayEnd1234) | ||||||
| 			} else { | 			} else { | ||||||
| @@ -16288,6 +16364,41 @@ func (x *ISCSIVolumeSource) codecDecodeSelfFromMap(l int, d *codec1978.Decoder) | |||||||
| 					z.F.DecSliceStringX(yyv16, false, d) | 					z.F.DecSliceStringX(yyv16, false, d) | ||||||
| 				} | 				} | ||||||
| 			} | 			} | ||||||
|  | 		case "chapAuthDiscovery": | ||||||
|  | 			if r.TryDecodeAsNil() { | ||||||
|  | 				x.DiscoveryCHAPAuth = false | ||||||
|  | 			} else { | ||||||
|  | 				yyv18 := &x.DiscoveryCHAPAuth | ||||||
|  | 				yym19 := z.DecBinary() | ||||||
|  | 				_ = yym19 | ||||||
|  | 				if false { | ||||||
|  | 				} else { | ||||||
|  | 					*((*bool)(yyv18)) = r.DecodeBool() | ||||||
|  | 				} | ||||||
|  | 			} | ||||||
|  | 		case "chapAuthSession": | ||||||
|  | 			if r.TryDecodeAsNil() { | ||||||
|  | 				x.SessionCHAPAuth = false | ||||||
|  | 			} else { | ||||||
|  | 				yyv20 := &x.SessionCHAPAuth | ||||||
|  | 				yym21 := z.DecBinary() | ||||||
|  | 				_ = yym21 | ||||||
|  | 				if false { | ||||||
|  | 				} else { | ||||||
|  | 					*((*bool)(yyv20)) = r.DecodeBool() | ||||||
|  | 				} | ||||||
|  | 			} | ||||||
|  | 		case "secretRef": | ||||||
|  | 			if r.TryDecodeAsNil() { | ||||||
|  | 				if x.SecretRef != nil { | ||||||
|  | 					x.SecretRef = nil | ||||||
|  | 				} | ||||||
|  | 			} else { | ||||||
|  | 				if x.SecretRef == nil { | ||||||
|  | 					x.SecretRef = new(LocalObjectReference) | ||||||
|  | 				} | ||||||
|  | 				x.SecretRef.CodecDecodeSelf(d) | ||||||
|  | 			} | ||||||
| 		default: | 		default: | ||||||
| 			z.DecStructFieldNotFound(-1, yys3) | 			z.DecStructFieldNotFound(-1, yys3) | ||||||
| 		} // end switch yys3 | 		} // end switch yys3 | ||||||
| @@ -16299,16 +16410,16 @@ func (x *ISCSIVolumeSource) codecDecodeSelfFromArray(l int, d *codec1978.Decoder | |||||||
| 	var h codecSelfer1234 | 	var h codecSelfer1234 | ||||||
| 	z, r := codec1978.GenHelperDecoder(d) | 	z, r := codec1978.GenHelperDecoder(d) | ||||||
| 	_, _, _ = h, z, r | 	_, _, _ = h, z, r | ||||||
| 	var yyj18 int | 	var yyj23 int | ||||||
| 	var yyb18 bool | 	var yyb23 bool | ||||||
| 	var yyhl18 bool = l >= 0 | 	var yyhl23 bool = l >= 0 | ||||||
| 	yyj18++ | 	yyj23++ | ||||||
| 	if yyhl18 { | 	if yyhl23 { | ||||||
| 		yyb18 = yyj18 > l | 		yyb23 = yyj23 > l | ||||||
| 	} else { | 	} else { | ||||||
| 		yyb18 = r.CheckBreak() | 		yyb23 = r.CheckBreak() | ||||||
| 	} | 	} | ||||||
| 	if yyb18 { | 	if yyb23 { | ||||||
| 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | ||||||
| 		return | 		return | ||||||
| 	} | 	} | ||||||
| @@ -16316,21 +16427,21 @@ func (x *ISCSIVolumeSource) codecDecodeSelfFromArray(l int, d *codec1978.Decoder | |||||||
| 	if r.TryDecodeAsNil() { | 	if r.TryDecodeAsNil() { | ||||||
| 		x.TargetPortal = "" | 		x.TargetPortal = "" | ||||||
| 	} else { | 	} else { | ||||||
| 		yyv19 := &x.TargetPortal | 		yyv24 := &x.TargetPortal | ||||||
| 		yym20 := z.DecBinary() | 		yym25 := z.DecBinary() | ||||||
| 		_ = yym20 | 		_ = yym25 | ||||||
| 		if false { | 		if false { | ||||||
| 		} else { | 		} else { | ||||||
| 			*((*string)(yyv19)) = r.DecodeString() | 			*((*string)(yyv24)) = r.DecodeString() | ||||||
| 		} | 		} | ||||||
| 	} | 	} | ||||||
| 	yyj18++ | 	yyj23++ | ||||||
| 	if yyhl18 { | 	if yyhl23 { | ||||||
| 		yyb18 = yyj18 > l | 		yyb23 = yyj23 > l | ||||||
| 	} else { | 	} else { | ||||||
| 		yyb18 = r.CheckBreak() | 		yyb23 = r.CheckBreak() | ||||||
| 	} | 	} | ||||||
| 	if yyb18 { | 	if yyb23 { | ||||||
| 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | ||||||
| 		return | 		return | ||||||
| 	} | 	} | ||||||
| @@ -16338,21 +16449,21 @@ func (x *ISCSIVolumeSource) codecDecodeSelfFromArray(l int, d *codec1978.Decoder | |||||||
| 	if r.TryDecodeAsNil() { | 	if r.TryDecodeAsNil() { | ||||||
| 		x.IQN = "" | 		x.IQN = "" | ||||||
| 	} else { | 	} else { | ||||||
| 		yyv21 := &x.IQN | 		yyv26 := &x.IQN | ||||||
| 		yym22 := z.DecBinary() | 		yym27 := z.DecBinary() | ||||||
| 		_ = yym22 | 		_ = yym27 | ||||||
| 		if false { | 		if false { | ||||||
| 		} else { | 		} else { | ||||||
| 			*((*string)(yyv21)) = r.DecodeString() | 			*((*string)(yyv26)) = r.DecodeString() | ||||||
| 		} | 		} | ||||||
| 	} | 	} | ||||||
| 	yyj18++ | 	yyj23++ | ||||||
| 	if yyhl18 { | 	if yyhl23 { | ||||||
| 		yyb18 = yyj18 > l | 		yyb23 = yyj23 > l | ||||||
| 	} else { | 	} else { | ||||||
| 		yyb18 = r.CheckBreak() | 		yyb23 = r.CheckBreak() | ||||||
| 	} | 	} | ||||||
| 	if yyb18 { | 	if yyb23 { | ||||||
| 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | ||||||
| 		return | 		return | ||||||
| 	} | 	} | ||||||
| @@ -16360,21 +16471,21 @@ func (x *ISCSIVolumeSource) codecDecodeSelfFromArray(l int, d *codec1978.Decoder | |||||||
| 	if r.TryDecodeAsNil() { | 	if r.TryDecodeAsNil() { | ||||||
| 		x.Lun = 0 | 		x.Lun = 0 | ||||||
| 	} else { | 	} else { | ||||||
| 		yyv23 := &x.Lun | 		yyv28 := &x.Lun | ||||||
| 		yym24 := z.DecBinary() | 		yym29 := z.DecBinary() | ||||||
| 		_ = yym24 | 		_ = yym29 | ||||||
| 		if false { | 		if false { | ||||||
| 		} else { | 		} else { | ||||||
| 			*((*int32)(yyv23)) = int32(r.DecodeInt(32)) | 			*((*int32)(yyv28)) = int32(r.DecodeInt(32)) | ||||||
| 		} | 		} | ||||||
| 	} | 	} | ||||||
| 	yyj18++ | 	yyj23++ | ||||||
| 	if yyhl18 { | 	if yyhl23 { | ||||||
| 		yyb18 = yyj18 > l | 		yyb23 = yyj23 > l | ||||||
| 	} else { | 	} else { | ||||||
| 		yyb18 = r.CheckBreak() | 		yyb23 = r.CheckBreak() | ||||||
| 	} | 	} | ||||||
| 	if yyb18 { | 	if yyb23 { | ||||||
| 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | ||||||
| 		return | 		return | ||||||
| 	} | 	} | ||||||
| @@ -16382,21 +16493,21 @@ func (x *ISCSIVolumeSource) codecDecodeSelfFromArray(l int, d *codec1978.Decoder | |||||||
| 	if r.TryDecodeAsNil() { | 	if r.TryDecodeAsNil() { | ||||||
| 		x.ISCSIInterface = "" | 		x.ISCSIInterface = "" | ||||||
| 	} else { | 	} else { | ||||||
| 		yyv25 := &x.ISCSIInterface | 		yyv30 := &x.ISCSIInterface | ||||||
| 		yym26 := z.DecBinary() | 		yym31 := z.DecBinary() | ||||||
| 		_ = yym26 | 		_ = yym31 | ||||||
| 		if false { | 		if false { | ||||||
| 		} else { | 		} else { | ||||||
| 			*((*string)(yyv25)) = r.DecodeString() | 			*((*string)(yyv30)) = r.DecodeString() | ||||||
| 		} | 		} | ||||||
| 	} | 	} | ||||||
| 	yyj18++ | 	yyj23++ | ||||||
| 	if yyhl18 { | 	if yyhl23 { | ||||||
| 		yyb18 = yyj18 > l | 		yyb23 = yyj23 > l | ||||||
| 	} else { | 	} else { | ||||||
| 		yyb18 = r.CheckBreak() | 		yyb23 = r.CheckBreak() | ||||||
| 	} | 	} | ||||||
| 	if yyb18 { | 	if yyb23 { | ||||||
| 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | ||||||
| 		return | 		return | ||||||
| 	} | 	} | ||||||
| @@ -16404,21 +16515,21 @@ func (x *ISCSIVolumeSource) codecDecodeSelfFromArray(l int, d *codec1978.Decoder | |||||||
| 	if r.TryDecodeAsNil() { | 	if r.TryDecodeAsNil() { | ||||||
| 		x.FSType = "" | 		x.FSType = "" | ||||||
| 	} else { | 	} else { | ||||||
| 		yyv27 := &x.FSType | 		yyv32 := &x.FSType | ||||||
| 		yym28 := z.DecBinary() | 		yym33 := z.DecBinary() | ||||||
| 		_ = yym28 | 		_ = yym33 | ||||||
| 		if false { | 		if false { | ||||||
| 		} else { | 		} else { | ||||||
| 			*((*string)(yyv27)) = r.DecodeString() | 			*((*string)(yyv32)) = r.DecodeString() | ||||||
| 		} | 		} | ||||||
| 	} | 	} | ||||||
| 	yyj18++ | 	yyj23++ | ||||||
| 	if yyhl18 { | 	if yyhl23 { | ||||||
| 		yyb18 = yyj18 > l | 		yyb23 = yyj23 > l | ||||||
| 	} else { | 	} else { | ||||||
| 		yyb18 = r.CheckBreak() | 		yyb23 = r.CheckBreak() | ||||||
| 	} | 	} | ||||||
| 	if yyb18 { | 	if yyb23 { | ||||||
| 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | ||||||
| 		return | 		return | ||||||
| 	} | 	} | ||||||
| @@ -16426,21 +16537,21 @@ func (x *ISCSIVolumeSource) codecDecodeSelfFromArray(l int, d *codec1978.Decoder | |||||||
| 	if r.TryDecodeAsNil() { | 	if r.TryDecodeAsNil() { | ||||||
| 		x.ReadOnly = false | 		x.ReadOnly = false | ||||||
| 	} else { | 	} else { | ||||||
| 		yyv29 := &x.ReadOnly | 		yyv34 := &x.ReadOnly | ||||||
| 		yym30 := z.DecBinary() | 		yym35 := z.DecBinary() | ||||||
| 		_ = yym30 | 		_ = yym35 | ||||||
| 		if false { | 		if false { | ||||||
| 		} else { | 		} else { | ||||||
| 			*((*bool)(yyv29)) = r.DecodeBool() | 			*((*bool)(yyv34)) = r.DecodeBool() | ||||||
| 		} | 		} | ||||||
| 	} | 	} | ||||||
| 	yyj18++ | 	yyj23++ | ||||||
| 	if yyhl18 { | 	if yyhl23 { | ||||||
| 		yyb18 = yyj18 > l | 		yyb23 = yyj23 > l | ||||||
| 	} else { | 	} else { | ||||||
| 		yyb18 = r.CheckBreak() | 		yyb23 = r.CheckBreak() | ||||||
| 	} | 	} | ||||||
| 	if yyb18 { | 	if yyb23 { | ||||||
| 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | ||||||
| 		return | 		return | ||||||
| 	} | 	} | ||||||
| @@ -16448,26 +16559,91 @@ func (x *ISCSIVolumeSource) codecDecodeSelfFromArray(l int, d *codec1978.Decoder | |||||||
| 	if r.TryDecodeAsNil() { | 	if r.TryDecodeAsNil() { | ||||||
| 		x.Portals = nil | 		x.Portals = nil | ||||||
| 	} else { | 	} else { | ||||||
| 		yyv31 := &x.Portals | 		yyv36 := &x.Portals | ||||||
| 		yym32 := z.DecBinary() | 		yym37 := z.DecBinary() | ||||||
| 		_ = yym32 | 		_ = yym37 | ||||||
| 		if false { | 		if false { | ||||||
| 		} else { | 		} else { | ||||||
| 			z.F.DecSliceStringX(yyv31, false, d) | 			z.F.DecSliceStringX(yyv36, false, d) | ||||||
| 		} | 		} | ||||||
| 	} | 	} | ||||||
|  | 	yyj23++ | ||||||
|  | 	if yyhl23 { | ||||||
|  | 		yyb23 = yyj23 > l | ||||||
|  | 	} else { | ||||||
|  | 		yyb23 = r.CheckBreak() | ||||||
|  | 	} | ||||||
|  | 	if yyb23 { | ||||||
|  | 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | ||||||
|  | 		return | ||||||
|  | 	} | ||||||
|  | 	z.DecSendContainerState(codecSelfer_containerArrayElem1234) | ||||||
|  | 	if r.TryDecodeAsNil() { | ||||||
|  | 		x.DiscoveryCHAPAuth = false | ||||||
|  | 	} else { | ||||||
|  | 		yyv38 := &x.DiscoveryCHAPAuth | ||||||
|  | 		yym39 := z.DecBinary() | ||||||
|  | 		_ = yym39 | ||||||
|  | 		if false { | ||||||
|  | 		} else { | ||||||
|  | 			*((*bool)(yyv38)) = r.DecodeBool() | ||||||
|  | 		} | ||||||
|  | 	} | ||||||
|  | 	yyj23++ | ||||||
|  | 	if yyhl23 { | ||||||
|  | 		yyb23 = yyj23 > l | ||||||
|  | 	} else { | ||||||
|  | 		yyb23 = r.CheckBreak() | ||||||
|  | 	} | ||||||
|  | 	if yyb23 { | ||||||
|  | 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | ||||||
|  | 		return | ||||||
|  | 	} | ||||||
|  | 	z.DecSendContainerState(codecSelfer_containerArrayElem1234) | ||||||
|  | 	if r.TryDecodeAsNil() { | ||||||
|  | 		x.SessionCHAPAuth = false | ||||||
|  | 	} else { | ||||||
|  | 		yyv40 := &x.SessionCHAPAuth | ||||||
|  | 		yym41 := z.DecBinary() | ||||||
|  | 		_ = yym41 | ||||||
|  | 		if false { | ||||||
|  | 		} else { | ||||||
|  | 			*((*bool)(yyv40)) = r.DecodeBool() | ||||||
|  | 		} | ||||||
|  | 	} | ||||||
|  | 	yyj23++ | ||||||
|  | 	if yyhl23 { | ||||||
|  | 		yyb23 = yyj23 > l | ||||||
|  | 	} else { | ||||||
|  | 		yyb23 = r.CheckBreak() | ||||||
|  | 	} | ||||||
|  | 	if yyb23 { | ||||||
|  | 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | ||||||
|  | 		return | ||||||
|  | 	} | ||||||
|  | 	z.DecSendContainerState(codecSelfer_containerArrayElem1234) | ||||||
|  | 	if r.TryDecodeAsNil() { | ||||||
|  | 		if x.SecretRef != nil { | ||||||
|  | 			x.SecretRef = nil | ||||||
|  | 		} | ||||||
|  | 	} else { | ||||||
|  | 		if x.SecretRef == nil { | ||||||
|  | 			x.SecretRef = new(LocalObjectReference) | ||||||
|  | 		} | ||||||
|  | 		x.SecretRef.CodecDecodeSelf(d) | ||||||
|  | 	} | ||||||
| 	for { | 	for { | ||||||
| 		yyj18++ | 		yyj23++ | ||||||
| 		if yyhl18 { | 		if yyhl23 { | ||||||
| 			yyb18 = yyj18 > l | 			yyb23 = yyj23 > l | ||||||
| 		} else { | 		} else { | ||||||
| 			yyb18 = r.CheckBreak() | 			yyb23 = r.CheckBreak() | ||||||
| 		} | 		} | ||||||
| 		if yyb18 { | 		if yyb23 { | ||||||
| 			break | 			break | ||||||
| 		} | 		} | ||||||
| 		z.DecSendContainerState(codecSelfer_containerArrayElem1234) | 		z.DecSendContainerState(codecSelfer_containerArrayElem1234) | ||||||
| 		z.DecStructFieldNotFound(yyj18-1, "") | 		z.DecStructFieldNotFound(yyj23-1, "") | ||||||
| 	} | 	} | ||||||
| 	z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | 	z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | ||||||
| } | } | ||||||
|   | |||||||
| @@ -1047,6 +1047,15 @@ type ISCSIVolumeSource struct { | |||||||
| 	// is other than default (typically TCP ports 860 and 3260). | 	// is other than default (typically TCP ports 860 and 3260). | ||||||
| 	// +optional | 	// +optional | ||||||
| 	Portals []string `json:"portals,omitempty" protobuf:"bytes,7,opt,name=portals"` | 	Portals []string `json:"portals,omitempty" protobuf:"bytes,7,opt,name=portals"` | ||||||
|  | 	// whether support iSCSI Discovery CHAP authentication | ||||||
|  | 	// +optional | ||||||
|  | 	DiscoveryCHAPAuth bool `json:"chapAuthDiscovery,omitempty" protobuf:"varint,8,opt,name=chapAuthDiscovery"` | ||||||
|  | 	// whether support iSCSI Session CHAP authentication | ||||||
|  | 	// +optional | ||||||
|  | 	SessionCHAPAuth bool `json:"chapAuthSession,omitempty" protobuf:"varint,11,opt,name=chapAuthSession"` | ||||||
|  | 	// CHAP secret for iSCSI target and initiator authentication | ||||||
|  | 	// +optional | ||||||
|  | 	SecretRef *LocalObjectReference `json:"secretRef,omitempty" protobuf:"bytes,10,opt,name=secretRef"` | ||||||
| } | } | ||||||
|  |  | ||||||
| // Represents a Fibre Channel volume. | // Represents a Fibre Channel volume. | ||||||
|   | |||||||
| @@ -658,6 +658,9 @@ var map_ISCSIVolumeSource = map[string]string{ | |||||||
| 	"fsType":            "Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#iscsi", | 	"fsType":            "Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#iscsi", | ||||||
| 	"readOnly":          "ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.", | 	"readOnly":          "ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.", | ||||||
| 	"portals":           "iSCSI target portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", | 	"portals":           "iSCSI target portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", | ||||||
|  | 	"chapAuthDiscovery": "whether support iSCSI Discovery CHAP authentication", | ||||||
|  | 	"chapAuthSession":   "whether support iSCSI Session CHAP authentication", | ||||||
|  | 	"secretRef":         "CHAP secret for iSCSI target and initiator authentication", | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| func (ISCSIVolumeSource) SwaggerDoc() map[string]string { | func (ISCSIVolumeSource) SwaggerDoc() map[string]string { | ||||||
|   | |||||||
| @@ -1706,6 +1706,9 @@ func autoConvert_v1_ISCSIVolumeSource_To_api_ISCSIVolumeSource(in *ISCSIVolumeSo | |||||||
| 	out.FSType = in.FSType | 	out.FSType = in.FSType | ||||||
| 	out.ReadOnly = in.ReadOnly | 	out.ReadOnly = in.ReadOnly | ||||||
| 	out.Portals = *(*[]string)(unsafe.Pointer(&in.Portals)) | 	out.Portals = *(*[]string)(unsafe.Pointer(&in.Portals)) | ||||||
|  | 	out.DiscoveryCHAPAuth = in.DiscoveryCHAPAuth | ||||||
|  | 	out.SessionCHAPAuth = in.SessionCHAPAuth | ||||||
|  | 	out.SecretRef = (*api.LocalObjectReference)(unsafe.Pointer(in.SecretRef)) | ||||||
| 	return nil | 	return nil | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| @@ -1721,6 +1724,9 @@ func autoConvert_api_ISCSIVolumeSource_To_v1_ISCSIVolumeSource(in *api.ISCSIVolu | |||||||
| 	out.FSType = in.FSType | 	out.FSType = in.FSType | ||||||
| 	out.ReadOnly = in.ReadOnly | 	out.ReadOnly = in.ReadOnly | ||||||
| 	out.Portals = *(*[]string)(unsafe.Pointer(&in.Portals)) | 	out.Portals = *(*[]string)(unsafe.Pointer(&in.Portals)) | ||||||
|  | 	out.DiscoveryCHAPAuth = in.DiscoveryCHAPAuth | ||||||
|  | 	out.SessionCHAPAuth = in.SessionCHAPAuth | ||||||
|  | 	out.SecretRef = (*LocalObjectReference)(unsafe.Pointer(in.SecretRef)) | ||||||
| 	return nil | 	return nil | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
|   | |||||||
| @@ -1198,6 +1198,11 @@ func DeepCopy_v1_ISCSIVolumeSource(in interface{}, out interface{}, c *conversio | |||||||
| 			*out = make([]string, len(*in)) | 			*out = make([]string, len(*in)) | ||||||
| 			copy(*out, *in) | 			copy(*out, *in) | ||||||
| 		} | 		} | ||||||
|  | 		if in.SecretRef != nil { | ||||||
|  | 			in, out := &in.SecretRef, &out.SecretRef | ||||||
|  | 			*out = new(LocalObjectReference) | ||||||
|  | 			**out = **in | ||||||
|  | 		} | ||||||
| 		return nil | 		return nil | ||||||
| 	} | 	} | ||||||
| } | } | ||||||
|   | |||||||
| @@ -622,6 +622,9 @@ func validateISCSIVolumeSource(iscsi *api.ISCSIVolumeSource, fldPath *field.Path | |||||||
| 	if iscsi.Lun < 0 || iscsi.Lun > 255 { | 	if iscsi.Lun < 0 || iscsi.Lun > 255 { | ||||||
| 		allErrs = append(allErrs, field.Invalid(fldPath.Child("lun"), iscsi.Lun, validation.InclusiveRangeError(0, 255))) | 		allErrs = append(allErrs, field.Invalid(fldPath.Child("lun"), iscsi.Lun, validation.InclusiveRangeError(0, 255))) | ||||||
| 	} | 	} | ||||||
|  | 	if (iscsi.DiscoveryCHAPAuth || iscsi.SessionCHAPAuth) && iscsi.SecretRef == nil { | ||||||
|  | 		allErrs = append(allErrs, field.Required(fldPath.Child("secretRef"), "")) | ||||||
|  | 	} | ||||||
| 	return allErrs | 	return allErrs | ||||||
| } | } | ||||||
|  |  | ||||||
|   | |||||||
| @@ -948,6 +948,42 @@ func TestValidateVolumes(t *testing.T) { | |||||||
| 			errtype:  field.ErrorTypeRequired, | 			errtype:  field.ErrorTypeRequired, | ||||||
| 			errfield: "iscsi.iqn", | 			errfield: "iscsi.iqn", | ||||||
| 		}, | 		}, | ||||||
|  | 		{ | ||||||
|  | 			name: "empty secret", | ||||||
|  | 			vol: api.Volume{ | ||||||
|  | 				Name: "iscsi", | ||||||
|  | 				VolumeSource: api.VolumeSource{ | ||||||
|  | 					ISCSI: &api.ISCSIVolumeSource{ | ||||||
|  | 						TargetPortal:      "127.0.0.1", | ||||||
|  | 						IQN:               "iqn.2015-02.example.com:test", | ||||||
|  | 						Lun:               1, | ||||||
|  | 						FSType:            "ext4", | ||||||
|  | 						ReadOnly:          false, | ||||||
|  | 						DiscoveryCHAPAuth: true, | ||||||
|  | 					}, | ||||||
|  | 				}, | ||||||
|  | 			}, | ||||||
|  | 			errtype:  field.ErrorTypeRequired, | ||||||
|  | 			errfield: "iscsi.secretRef", | ||||||
|  | 		}, | ||||||
|  | 		{ | ||||||
|  | 			name: "empty secret", | ||||||
|  | 			vol: api.Volume{ | ||||||
|  | 				Name: "iscsi", | ||||||
|  | 				VolumeSource: api.VolumeSource{ | ||||||
|  | 					ISCSI: &api.ISCSIVolumeSource{ | ||||||
|  | 						TargetPortal:    "127.0.0.1", | ||||||
|  | 						IQN:             "iqn.2015-02.example.com:test", | ||||||
|  | 						Lun:             1, | ||||||
|  | 						FSType:          "ext4", | ||||||
|  | 						ReadOnly:        false, | ||||||
|  | 						SessionCHAPAuth: true, | ||||||
|  | 					}, | ||||||
|  | 				}, | ||||||
|  | 			}, | ||||||
|  | 			errtype:  field.ErrorTypeRequired, | ||||||
|  | 			errfield: "iscsi.secretRef", | ||||||
|  | 		}, | ||||||
| 		// Secret | 		// Secret | ||||||
| 		{ | 		{ | ||||||
| 			name: "valid Secret", | 			name: "valid Secret", | ||||||
|   | |||||||
| @@ -1226,6 +1226,11 @@ func DeepCopy_api_ISCSIVolumeSource(in interface{}, out interface{}, c *conversi | |||||||
| 			*out = make([]string, len(*in)) | 			*out = make([]string, len(*in)) | ||||||
| 			copy(*out, *in) | 			copy(*out, *in) | ||||||
| 		} | 		} | ||||||
|  | 		if in.SecretRef != nil { | ||||||
|  | 			in, out := &in.SecretRef, &out.SecretRef | ||||||
|  | 			*out = new(LocalObjectReference) | ||||||
|  | 			**out = **in | ||||||
|  | 		} | ||||||
| 		return nil | 		return nil | ||||||
| 	} | 	} | ||||||
| } | } | ||||||
|   | |||||||
| @@ -3971,11 +3971,32 @@ func GetOpenAPIDefinitions(ref openapi.ReferenceCallback) map[string]openapi.Ope | |||||||
| 								}, | 								}, | ||||||
| 							}, | 							}, | ||||||
| 						}, | 						}, | ||||||
|  | 						"chapAuthDiscovery": { | ||||||
|  | 							SchemaProps: spec.SchemaProps{ | ||||||
|  | 								Description: "whether support iSCSI Discovery CHAP authentication", | ||||||
|  | 								Type:        []string{"boolean"}, | ||||||
|  | 								Format:      "", | ||||||
|  | 							}, | ||||||
|  | 						}, | ||||||
|  | 						"chapAuthSession": { | ||||||
|  | 							SchemaProps: spec.SchemaProps{ | ||||||
|  | 								Description: "whether support iSCSI Session CHAP authentication", | ||||||
|  | 								Type:        []string{"boolean"}, | ||||||
|  | 								Format:      "", | ||||||
|  | 							}, | ||||||
|  | 						}, | ||||||
|  | 						"secretRef": { | ||||||
|  | 							SchemaProps: spec.SchemaProps{ | ||||||
|  | 								Description: "CHAP secret for iSCSI target and initiator authentication", | ||||||
|  | 								Ref:         ref("k8s.io/kubernetes/pkg/api/v1.LocalObjectReference"), | ||||||
|  | 							}, | ||||||
|  | 						}, | ||||||
| 					}, | 					}, | ||||||
| 					Required: []string{"targetPortal", "iqn", "lun"}, | 					Required: []string{"targetPortal", "iqn", "lun"}, | ||||||
| 				}, | 				}, | ||||||
| 			}, | 			}, | ||||||
| 			Dependencies: []string{}, | 			Dependencies: []string{ | ||||||
|  | 				"k8s.io/kubernetes/pkg/api/v1.LocalObjectReference"}, | ||||||
| 		}, | 		}, | ||||||
| 		"k8s.io/kubernetes/pkg/api/v1.KeyToPath": { | 		"k8s.io/kubernetes/pkg/api/v1.KeyToPath": { | ||||||
| 			Schema: spec.Schema{ | 			Schema: spec.Schema{ | ||||||
|   | |||||||
| @@ -99,10 +99,23 @@ func (plugin *iscsiPlugin) GetAccessModes() []v1.PersistentVolumeAccessMode { | |||||||
|  |  | ||||||
| func (plugin *iscsiPlugin) NewMounter(spec *volume.Spec, pod *v1.Pod, _ volume.VolumeOptions) (volume.Mounter, error) { | func (plugin *iscsiPlugin) NewMounter(spec *volume.Spec, pod *v1.Pod, _ volume.VolumeOptions) (volume.Mounter, error) { | ||||||
| 	// Inject real implementations here, test through the internal function. | 	// Inject real implementations here, test through the internal function. | ||||||
| 	return plugin.newMounterInternal(spec, pod.UID, &ISCSIUtil{}, plugin.host.GetMounter()) | 	var secret map[string]string | ||||||
|  | 	source, _, err := getVolumeSource(spec) | ||||||
|  | 	if err != nil { | ||||||
|  | 		return nil, err | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	if source.SecretRef != nil { | ||||||
|  | 		if secret, err = ioutil.GetSecretForPod(pod, source.SecretRef.Name, plugin.host.GetKubeClient()); err != nil { | ||||||
|  | 			glog.Errorf("Couldn't get secret from %v/%v", pod.Namespace, source.SecretRef) | ||||||
|  | 			return nil, err | ||||||
|  | 		} | ||||||
|  | 	} | ||||||
|  |  | ||||||
|  | 	return plugin.newMounterInternal(spec, pod.UID, &ISCSIUtil{}, plugin.host.GetMounter(), secret) | ||||||
| } | } | ||||||
|  |  | ||||||
| func (plugin *iscsiPlugin) newMounterInternal(spec *volume.Spec, podUID types.UID, manager diskManager, mounter mount.Interface) (volume.Mounter, error) { | func (plugin *iscsiPlugin) newMounterInternal(spec *volume.Spec, podUID types.UID, manager diskManager, mounter mount.Interface, secret map[string]string) (volume.Mounter, error) { | ||||||
| 	// iscsi volumes used directly in a pod have a ReadOnly flag set by the pod author. | 	// iscsi volumes used directly in a pod have a ReadOnly flag set by the pod author. | ||||||
| 	// iscsi volumes used as a PersistentVolume gets the ReadOnly flag indirectly through the persistent-claim volume used to mount the PV | 	// iscsi volumes used as a PersistentVolume gets the ReadOnly flag indirectly through the persistent-claim volume used to mount the PV | ||||||
| 	iscsi, readOnly, err := getVolumeSource(spec) | 	iscsi, readOnly, err := getVolumeSource(spec) | ||||||
| @@ -127,6 +140,9 @@ func (plugin *iscsiPlugin) newMounterInternal(spec *volume.Spec, podUID types.UI | |||||||
| 			iqn:            iscsi.IQN, | 			iqn:            iscsi.IQN, | ||||||
| 			lun:            lun, | 			lun:            lun, | ||||||
| 			iface:          iface, | 			iface:          iface, | ||||||
|  | 			chap_discovery: iscsi.DiscoveryCHAPAuth, | ||||||
|  | 			chap_session:   iscsi.SessionCHAPAuth, | ||||||
|  | 			secret:         secret, | ||||||
| 			manager:        manager, | 			manager:        manager, | ||||||
| 			plugin:         plugin}, | 			plugin:         plugin}, | ||||||
| 		fsType:       iscsi.FSType, | 		fsType:       iscsi.FSType, | ||||||
| @@ -179,6 +195,9 @@ type iscsiDisk struct { | |||||||
| 	iqn            string | 	iqn            string | ||||||
| 	lun            string | 	lun            string | ||||||
| 	iface          string | 	iface          string | ||||||
|  | 	chap_discovery bool | ||||||
|  | 	chap_session   bool | ||||||
|  | 	secret         map[string]string | ||||||
| 	plugin         *iscsiPlugin | 	plugin         *iscsiPlugin | ||||||
| 	// Utility interface that provides API calls to the provider to attach/detach disks. | 	// Utility interface that provides API calls to the provider to attach/detach disks. | ||||||
| 	manager diskManager | 	manager diskManager | ||||||
|   | |||||||
| @@ -141,7 +141,7 @@ func doTestPlugin(t *testing.T, spec *volume.Spec) { | |||||||
| 	fakeManager := NewFakeDiskManager() | 	fakeManager := NewFakeDiskManager() | ||||||
| 	defer fakeManager.Cleanup() | 	defer fakeManager.Cleanup() | ||||||
| 	fakeMounter := &mount.FakeMounter{} | 	fakeMounter := &mount.FakeMounter{} | ||||||
| 	mounter, err := plug.(*iscsiPlugin).newMounterInternal(spec, types.UID("poduid"), fakeManager, fakeMounter) | 	mounter, err := plug.(*iscsiPlugin).newMounterInternal(spec, types.UID("poduid"), fakeManager, fakeMounter, nil) | ||||||
| 	if err != nil { | 	if err != nil { | ||||||
| 		t.Errorf("Failed to make a new Mounter: %v", err) | 		t.Errorf("Failed to make a new Mounter: %v", err) | ||||||
| 	} | 	} | ||||||
|   | |||||||
| @@ -17,7 +17,6 @@ limitations under the License. | |||||||
| package iscsi | package iscsi | ||||||
|  |  | ||||||
| import ( | import ( | ||||||
| 	"errors" |  | ||||||
| 	"fmt" | 	"fmt" | ||||||
| 	"os" | 	"os" | ||||||
| 	"path" | 	"path" | ||||||
| @@ -31,6 +30,59 @@ import ( | |||||||
| 	"k8s.io/kubernetes/pkg/volume" | 	"k8s.io/kubernetes/pkg/volume" | ||||||
| ) | ) | ||||||
|  |  | ||||||
|  | var ( | ||||||
|  | 	chap_st = []string{ | ||||||
|  | 		"discovery.sendtargets.auth.username", | ||||||
|  | 		"discovery.sendtargets.auth.password", | ||||||
|  | 		"discovery.sendtargets.auth.username_in", | ||||||
|  | 		"discovery.sendtargets.auth.password_in"} | ||||||
|  | 	chap_sess = []string{ | ||||||
|  | 		"node.session.auth.username", | ||||||
|  | 		"node.session.auth.password", | ||||||
|  | 		"node.session.auth.username_in", | ||||||
|  | 		"node.session.auth.password_in"} | ||||||
|  | ) | ||||||
|  |  | ||||||
|  | func updateISCSIDiscoverydb(b iscsiDiskMounter, tp string) error { | ||||||
|  | 	if b.chap_discovery { | ||||||
|  | 		out, err := b.plugin.execCommand("iscsiadm", []string{"-m", "discoverydb", "-t", "sendtargets", "-p", tp, "-I", b.iface, "-o", "update", "-n", "discovery.sendtargets.auth.authmethod", "-v", "CHAP"}) | ||||||
|  | 		if err != nil { | ||||||
|  | 			return fmt.Errorf("iscsi: failed to update discoverydb with CHAP, output: %v", string(out)) | ||||||
|  | 		} | ||||||
|  |  | ||||||
|  | 		for _, k := range chap_st { | ||||||
|  | 			v := b.secret[k] | ||||||
|  | 			if len(v) > 0 { | ||||||
|  | 				out, err := b.plugin.execCommand("iscsiadm", []string{"-m", "discoverydb", "-t", "sendtargets", "-p", tp, "-I", b.iface, "-o", "update", "-n", k, "-v", v}) | ||||||
|  | 				if err != nil { | ||||||
|  | 					return fmt.Errorf("iscsi: failed to update discoverydb key %q with value %q error: %v", k, v, string(out)) | ||||||
|  | 				} | ||||||
|  | 			} | ||||||
|  | 		} | ||||||
|  | 	} | ||||||
|  | 	return nil | ||||||
|  | } | ||||||
|  |  | ||||||
|  | func updateISCSINode(b iscsiDiskMounter, tp string) error { | ||||||
|  | 	if b.chap_session { | ||||||
|  | 		out, err := b.plugin.execCommand("iscsiadm", []string{"-m", "node", "-p", tp, "-T", b.iqn, "-I", b.iface, "-o", "update", "-n", "node.session.auth.authmethod", "-v", "CHAP"}) | ||||||
|  | 		if err != nil { | ||||||
|  | 			return fmt.Errorf("iscsi: failed to update node with CHAP, output: %v", string(out)) | ||||||
|  | 		} | ||||||
|  |  | ||||||
|  | 		for _, k := range chap_sess { | ||||||
|  | 			v := b.secret[k] | ||||||
|  | 			if len(v) > 0 { | ||||||
|  | 				out, err := b.plugin.execCommand("iscsiadm", []string{"-m", "node", "-p", tp, "-T", b.iqn, "-I", b.iface, "-o", "update", "-n", k, "-v", v}) | ||||||
|  | 				if err != nil { | ||||||
|  | 					return fmt.Errorf("iscsi: failed to update node session key %q with value %q error: %v", k, v, string(out)) | ||||||
|  | 				} | ||||||
|  | 			} | ||||||
|  | 		} | ||||||
|  | 	} | ||||||
|  | 	return nil | ||||||
|  | } | ||||||
|  |  | ||||||
| // stat a path, if not exists, retry maxRetries times | // stat a path, if not exists, retry maxRetries times | ||||||
| // when iscsi transports other than default are used,  use glob instead as pci id of device is unknown | // when iscsi transports other than default are used,  use glob instead as pci id of device is unknown | ||||||
| type StatFunc func(string) (os.FileInfo, error) | type StatFunc func(string) (os.FileInfo, error) | ||||||
| @@ -105,6 +157,7 @@ func (util *ISCSIUtil) AttachDisk(b iscsiDiskMounter) error { | |||||||
| 	var devicePath string | 	var devicePath string | ||||||
| 	var devicePaths []string | 	var devicePaths []string | ||||||
| 	var iscsiTransport string | 	var iscsiTransport string | ||||||
|  | 	var lastErr error | ||||||
|  |  | ||||||
| 	out, err := b.plugin.execCommand("iscsiadm", []string{"-m", "iface", "-I", b.iface, "-o", "show"}) | 	out, err := b.plugin.execCommand("iscsiadm", []string{"-m", "iface", "-I", b.iface, "-o", "show"}) | ||||||
| 	if err != nil { | 	if err != nil { | ||||||
| @@ -133,21 +186,41 @@ func (util *ISCSIUtil) AttachDisk(b iscsiDiskMounter) error { | |||||||
| 		} | 		} | ||||||
| 		exist := waitForPathToExist(devicePath, 1, iscsiTransport) | 		exist := waitForPathToExist(devicePath, 1, iscsiTransport) | ||||||
| 		if exist == false { | 		if exist == false { | ||||||
| 			// discover iscsi target | 			// build discoverydb and discover iscsi target | ||||||
| 			out, err := b.plugin.execCommand("iscsiadm", []string{"-m", "discovery", "-t", "sendtargets", "-p", tp, "-I", b.iface}) | 			b.plugin.execCommand("iscsiadm", []string{"-m", "discoverydb", "-t", "sendtargets", "-p", tp, "-I", b.iface, "-o", "new"}) | ||||||
|  | 			// update discoverydb with CHAP secret | ||||||
|  | 			err = updateISCSIDiscoverydb(b, tp) | ||||||
| 			if err != nil { | 			if err != nil { | ||||||
| 				glog.Errorf("iscsi: failed to sendtargets to portal %s error: %s", tp, string(out)) | 				lastErr = fmt.Errorf("iscsi: failed to update discoverydb to portal %s error: %v", tp, err) | ||||||
|  | 				continue | ||||||
|  | 			} | ||||||
|  | 			out, err := b.plugin.execCommand("iscsiadm", []string{"-m", "discoverydb", "-t", "sendtargets", "-p", tp, "-I", b.iface, "--discover"}) | ||||||
|  | 			if err != nil { | ||||||
|  | 				// delete discoverydb record | ||||||
|  | 				b.plugin.execCommand("iscsiadm", []string{"-m", "discoverydb", "-t", "sendtargets", "-p", tp, "-I", b.iface, "-o", "delete"}) | ||||||
|  | 				lastErr = fmt.Errorf("iscsi: failed to sendtargets to portal %s output: %s, err %v", tp, string(out), err) | ||||||
|  | 				continue | ||||||
|  | 			} | ||||||
|  | 			err = updateISCSINode(b, tp) | ||||||
|  | 			if err != nil { | ||||||
|  | 				// failure to update node db is rare. But deleting record will likely impact those who already start using it. | ||||||
|  | 				lastErr = fmt.Errorf("iscsi: failed to update iscsi node to portal %s error: %v", tp, err) | ||||||
| 				continue | 				continue | ||||||
| 			} | 			} | ||||||
| 			// login to iscsi target | 			// login to iscsi target | ||||||
| 			out, err = b.plugin.execCommand("iscsiadm", []string{"-m", "node", "-p", tp, "-T", b.iqn, "-I", b.iface, "--login"}) | 			out, err = b.plugin.execCommand("iscsiadm", []string{"-m", "node", "-p", tp, "-T", b.iqn, "-I", b.iface, "--login"}) | ||||||
| 			if err != nil { | 			if err != nil { | ||||||
| 				glog.Errorf("iscsi: failed to attach disk:Error: %s (%v)", string(out), err) | 				// delete the node record from database | ||||||
|  | 				b.plugin.execCommand("iscsiadm", []string{"-m", "node", "-p", tp, "-I", b.iface, "-T", b.iqn, "-o", "delete"}) | ||||||
|  | 				lastErr = fmt.Errorf("iscsi: failed to attach disk: Error: %s (%v)", string(out), err) | ||||||
| 				continue | 				continue | ||||||
| 			} | 			} | ||||||
| 			exist = waitForPathToExist(devicePath, 10, iscsiTransport) | 			exist = waitForPathToExist(devicePath, 10, iscsiTransport) | ||||||
| 			if !exist { | 			if !exist { | ||||||
| 				glog.Errorf("Could not attach disk: Timeout after 10s") | 				glog.Errorf("Could not attach disk: Timeout after 10s") | ||||||
|  | 				// update last error | ||||||
|  | 				lastErr = fmt.Errorf("Could not attach disk: Timeout after 10s") | ||||||
|  | 				continue | ||||||
| 			} else { | 			} else { | ||||||
| 				devicePaths = append(devicePaths, devicePath) | 				devicePaths = append(devicePaths, devicePath) | ||||||
| 			} | 			} | ||||||
| @@ -158,8 +231,8 @@ func (util *ISCSIUtil) AttachDisk(b iscsiDiskMounter) error { | |||||||
| 	} | 	} | ||||||
|  |  | ||||||
| 	if len(devicePaths) == 0 { | 	if len(devicePaths) == 0 { | ||||||
| 		glog.Errorf("iscsi: failed to get any path for iscsi disk") | 		glog.Errorf("iscsi: failed to get any path for iscsi disk, last err seen:\n%v", lastErr) | ||||||
| 		return errors.New("failed to get any path for iscsi disk") | 		return fmt.Errorf("failed to get any path for iscsi disk, last err seen:\n%v", lastErr) | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
| 	//Make sure we use a valid devicepath to find mpio device. | 	//Make sure we use a valid devicepath to find mpio device. | ||||||
| @@ -233,12 +306,24 @@ func (util *ISCSIUtil) DetachDisk(c iscsiDiskUnmounter, mntPath string) error { | |||||||
| 				if err != nil { | 				if err != nil { | ||||||
| 					glog.Errorf("iscsi: failed to detach disk Error: %s", string(out)) | 					glog.Errorf("iscsi: failed to detach disk Error: %s", string(out)) | ||||||
| 				} | 				} | ||||||
|  | 				// Delete the node record | ||||||
|  | 				glog.Infof("iscsi: delete node record target %s iqn %s", portal, iqn) | ||||||
|  | 				out, err = c.plugin.execCommand("iscsiadm", []string{"-m", "node", "-p", portal, "-T", iqn, "-I", iface, "-o", "delete"}) | ||||||
|  | 				if err != nil { | ||||||
|  | 					glog.Errorf("iscsi: failed to delete node record Error: %s", string(out)) | ||||||
|  | 				} | ||||||
| 			} else { | 			} else { | ||||||
| 				glog.Infof("iscsi: log out target %s iqn %s", portal, iqn) | 				glog.Infof("iscsi: log out target %s iqn %s", portal, iqn) | ||||||
| 				out, err := c.plugin.execCommand("iscsiadm", []string{"-m", "node", "-p", portal, "-T", iqn, "--logout"}) | 				out, err := c.plugin.execCommand("iscsiadm", []string{"-m", "node", "-p", portal, "-T", iqn, "--logout"}) | ||||||
| 				if err != nil { | 				if err != nil { | ||||||
| 					glog.Errorf("iscsi: failed to detach disk Error: %s", string(out)) | 					glog.Errorf("iscsi: failed to detach disk Error: %s", string(out)) | ||||||
| 				} | 				} | ||||||
|  | 				// Delete the node record | ||||||
|  | 				glog.Infof("iscsi: delete node record target %s iqn %s", portal, iqn) | ||||||
|  | 				out, err = c.plugin.execCommand("iscsiadm", []string{"-m", "node", "-p", portal, "-T", iqn, "-o", "delete"}) | ||||||
|  | 				if err != nil { | ||||||
|  | 					glog.Errorf("iscsi: failed to delete node record Error: %s", string(out)) | ||||||
|  | 				} | ||||||
| 			} | 			} | ||||||
| 		} | 		} | ||||||
| 	} | 	} | ||||||
|   | |||||||
| @@ -653,10 +653,20 @@ type ISCSIVolumeSource struct { | |||||||
| 	// the ReadOnly setting in VolumeMounts. | 	// the ReadOnly setting in VolumeMounts. | ||||||
| 	// +optional | 	// +optional | ||||||
| 	ReadOnly bool | 	ReadOnly bool | ||||||
| 	// Required: list of iSCSI target portal ips for high availability. | 	// Optional: list of iSCSI target portal ips for high availability. | ||||||
| 	// the portal is either an IP or ip_addr:port if port is other than default (typically TCP ports 860 and 3260) | 	// the portal is either an IP or ip_addr:port if port is other than default (typically TCP ports 860 and 3260) | ||||||
| 	// +optional | 	// +optional | ||||||
| 	Portals []string | 	Portals []string | ||||||
|  | 	// Optional: whether support iSCSI Discovery CHAP authentication | ||||||
|  | 	// +optional | ||||||
|  | 	DiscoveryCHAPAuth bool | ||||||
|  | 	// Optional: whether support iSCSI Session CHAP authentication | ||||||
|  | 	// +optional | ||||||
|  | 	SessionCHAPAuth bool | ||||||
|  | 	// Optional: CHAP secret for iSCSI target and initiator authentication. | ||||||
|  | 	// The secret is used if either DiscoveryCHAPAuth or SessionCHAPAuth is true | ||||||
|  | 	// +optional | ||||||
|  | 	SecretRef *LocalObjectReference | ||||||
| } | } | ||||||
|  |  | ||||||
| // Represents a Fibre Channel volume. | // Represents a Fibre Channel volume. | ||||||
|   | |||||||
										
											
												File diff suppressed because it is too large
												Load Diff
											
										
									
								
							| @@ -1227,6 +1227,18 @@ message ISCSIVolumeSource { | |||||||
|   // is other than default (typically TCP ports 860 and 3260). |   // is other than default (typically TCP ports 860 and 3260). | ||||||
|   // +optional |   // +optional | ||||||
|   repeated string portals = 7; |   repeated string portals = 7; | ||||||
|  | 
 | ||||||
|  |   // whether support iSCSI Discovery CHAP authentication | ||||||
|  |   // +optional | ||||||
|  |   optional bool chapAuthDiscovery = 8; | ||||||
|  | 
 | ||||||
|  |   // whether support iSCSI Session CHAP authentication | ||||||
|  |   // +optional | ||||||
|  |   optional bool chapAuthSession = 11; | ||||||
|  | 
 | ||||||
|  |   // CHAP secret for iSCSI target and initiator authentication | ||||||
|  |   // +optional | ||||||
|  |   optional LocalObjectReference secretRef = 10; | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| // Maps a string key to a path within a volume. | // Maps a string key to a path within a volume. | ||||||
|   | |||||||
| @@ -15958,16 +15958,19 @@ func (x *ISCSIVolumeSource) CodecEncodeSelf(e *codec1978.Encoder) { | |||||||
| 		} else { | 		} else { | ||||||
| 			yysep2 := !z.EncBinary() | 			yysep2 := !z.EncBinary() | ||||||
| 			yy2arr2 := z.EncBasicHandle().StructToArray | 			yy2arr2 := z.EncBasicHandle().StructToArray | ||||||
| 			var yyq2 [7]bool | 			var yyq2 [10]bool | ||||||
| 			_, _, _ = yysep2, yyq2, yy2arr2 | 			_, _, _ = yysep2, yyq2, yy2arr2 | ||||||
| 			const yyr2 bool = false | 			const yyr2 bool = false | ||||||
| 			yyq2[3] = x.ISCSIInterface != "" | 			yyq2[3] = x.ISCSIInterface != "" | ||||||
| 			yyq2[4] = x.FSType != "" | 			yyq2[4] = x.FSType != "" | ||||||
| 			yyq2[5] = x.ReadOnly != false | 			yyq2[5] = x.ReadOnly != false | ||||||
| 			yyq2[6] = len(x.Portals) != 0 | 			yyq2[6] = len(x.Portals) != 0 | ||||||
|  | 			yyq2[7] = x.DiscoveryCHAPAuth != false | ||||||
|  | 			yyq2[8] = x.SessionCHAPAuth != false | ||||||
|  | 			yyq2[9] = x.SecretRef != nil | ||||||
| 			var yynn2 int | 			var yynn2 int | ||||||
| 			if yyr2 || yy2arr2 { | 			if yyr2 || yy2arr2 { | ||||||
| 				r.EncodeArrayStart(7) | 				r.EncodeArrayStart(10) | ||||||
| 			} else { | 			} else { | ||||||
| 				yynn2 = 3 | 				yynn2 = 3 | ||||||
| 				for _, b := range yyq2 { | 				for _, b := range yyq2 { | ||||||
| @@ -16143,6 +16146,79 @@ func (x *ISCSIVolumeSource) CodecEncodeSelf(e *codec1978.Encoder) { | |||||||
| 					} | 					} | ||||||
| 				} | 				} | ||||||
| 			} | 			} | ||||||
|  | 			if yyr2 || yy2arr2 { | ||||||
|  | 				z.EncSendContainerState(codecSelfer_containerArrayElem1234) | ||||||
|  | 				if yyq2[7] { | ||||||
|  | 					yym25 := z.EncBinary() | ||||||
|  | 					_ = yym25 | ||||||
|  | 					if false { | ||||||
|  | 					} else { | ||||||
|  | 						r.EncodeBool(bool(x.DiscoveryCHAPAuth)) | ||||||
|  | 					} | ||||||
|  | 				} else { | ||||||
|  | 					r.EncodeBool(false) | ||||||
|  | 				} | ||||||
|  | 			} else { | ||||||
|  | 				if yyq2[7] { | ||||||
|  | 					z.EncSendContainerState(codecSelfer_containerMapKey1234) | ||||||
|  | 					r.EncodeString(codecSelferC_UTF81234, string("chapAuthDiscovery")) | ||||||
|  | 					z.EncSendContainerState(codecSelfer_containerMapValue1234) | ||||||
|  | 					yym26 := z.EncBinary() | ||||||
|  | 					_ = yym26 | ||||||
|  | 					if false { | ||||||
|  | 					} else { | ||||||
|  | 						r.EncodeBool(bool(x.DiscoveryCHAPAuth)) | ||||||
|  | 					} | ||||||
|  | 				} | ||||||
|  | 			} | ||||||
|  | 			if yyr2 || yy2arr2 { | ||||||
|  | 				z.EncSendContainerState(codecSelfer_containerArrayElem1234) | ||||||
|  | 				if yyq2[8] { | ||||||
|  | 					yym28 := z.EncBinary() | ||||||
|  | 					_ = yym28 | ||||||
|  | 					if false { | ||||||
|  | 					} else { | ||||||
|  | 						r.EncodeBool(bool(x.SessionCHAPAuth)) | ||||||
|  | 					} | ||||||
|  | 				} else { | ||||||
|  | 					r.EncodeBool(false) | ||||||
|  | 				} | ||||||
|  | 			} else { | ||||||
|  | 				if yyq2[8] { | ||||||
|  | 					z.EncSendContainerState(codecSelfer_containerMapKey1234) | ||||||
|  | 					r.EncodeString(codecSelferC_UTF81234, string("chapAuthSession")) | ||||||
|  | 					z.EncSendContainerState(codecSelfer_containerMapValue1234) | ||||||
|  | 					yym29 := z.EncBinary() | ||||||
|  | 					_ = yym29 | ||||||
|  | 					if false { | ||||||
|  | 					} else { | ||||||
|  | 						r.EncodeBool(bool(x.SessionCHAPAuth)) | ||||||
|  | 					} | ||||||
|  | 				} | ||||||
|  | 			} | ||||||
|  | 			if yyr2 || yy2arr2 { | ||||||
|  | 				z.EncSendContainerState(codecSelfer_containerArrayElem1234) | ||||||
|  | 				if yyq2[9] { | ||||||
|  | 					if x.SecretRef == nil { | ||||||
|  | 						r.EncodeNil() | ||||||
|  | 					} else { | ||||||
|  | 						x.SecretRef.CodecEncodeSelf(e) | ||||||
|  | 					} | ||||||
|  | 				} else { | ||||||
|  | 					r.EncodeNil() | ||||||
|  | 				} | ||||||
|  | 			} else { | ||||||
|  | 				if yyq2[9] { | ||||||
|  | 					z.EncSendContainerState(codecSelfer_containerMapKey1234) | ||||||
|  | 					r.EncodeString(codecSelferC_UTF81234, string("secretRef")) | ||||||
|  | 					z.EncSendContainerState(codecSelfer_containerMapValue1234) | ||||||
|  | 					if x.SecretRef == nil { | ||||||
|  | 						r.EncodeNil() | ||||||
|  | 					} else { | ||||||
|  | 						x.SecretRef.CodecEncodeSelf(e) | ||||||
|  | 					} | ||||||
|  | 				} | ||||||
|  | 			} | ||||||
| 			if yyr2 || yy2arr2 { | 			if yyr2 || yy2arr2 { | ||||||
| 				z.EncSendContainerState(codecSelfer_containerArrayEnd1234) | 				z.EncSendContainerState(codecSelfer_containerArrayEnd1234) | ||||||
| 			} else { | 			} else { | ||||||
| @@ -16288,6 +16364,41 @@ func (x *ISCSIVolumeSource) codecDecodeSelfFromMap(l int, d *codec1978.Decoder) | |||||||
| 					z.F.DecSliceStringX(yyv16, false, d) | 					z.F.DecSliceStringX(yyv16, false, d) | ||||||
| 				} | 				} | ||||||
| 			} | 			} | ||||||
|  | 		case "chapAuthDiscovery": | ||||||
|  | 			if r.TryDecodeAsNil() { | ||||||
|  | 				x.DiscoveryCHAPAuth = false | ||||||
|  | 			} else { | ||||||
|  | 				yyv18 := &x.DiscoveryCHAPAuth | ||||||
|  | 				yym19 := z.DecBinary() | ||||||
|  | 				_ = yym19 | ||||||
|  | 				if false { | ||||||
|  | 				} else { | ||||||
|  | 					*((*bool)(yyv18)) = r.DecodeBool() | ||||||
|  | 				} | ||||||
|  | 			} | ||||||
|  | 		case "chapAuthSession": | ||||||
|  | 			if r.TryDecodeAsNil() { | ||||||
|  | 				x.SessionCHAPAuth = false | ||||||
|  | 			} else { | ||||||
|  | 				yyv20 := &x.SessionCHAPAuth | ||||||
|  | 				yym21 := z.DecBinary() | ||||||
|  | 				_ = yym21 | ||||||
|  | 				if false { | ||||||
|  | 				} else { | ||||||
|  | 					*((*bool)(yyv20)) = r.DecodeBool() | ||||||
|  | 				} | ||||||
|  | 			} | ||||||
|  | 		case "secretRef": | ||||||
|  | 			if r.TryDecodeAsNil() { | ||||||
|  | 				if x.SecretRef != nil { | ||||||
|  | 					x.SecretRef = nil | ||||||
|  | 				} | ||||||
|  | 			} else { | ||||||
|  | 				if x.SecretRef == nil { | ||||||
|  | 					x.SecretRef = new(LocalObjectReference) | ||||||
|  | 				} | ||||||
|  | 				x.SecretRef.CodecDecodeSelf(d) | ||||||
|  | 			} | ||||||
| 		default: | 		default: | ||||||
| 			z.DecStructFieldNotFound(-1, yys3) | 			z.DecStructFieldNotFound(-1, yys3) | ||||||
| 		} // end switch yys3 | 		} // end switch yys3 | ||||||
| @@ -16299,16 +16410,16 @@ func (x *ISCSIVolumeSource) codecDecodeSelfFromArray(l int, d *codec1978.Decoder | |||||||
| 	var h codecSelfer1234 | 	var h codecSelfer1234 | ||||||
| 	z, r := codec1978.GenHelperDecoder(d) | 	z, r := codec1978.GenHelperDecoder(d) | ||||||
| 	_, _, _ = h, z, r | 	_, _, _ = h, z, r | ||||||
| 	var yyj18 int | 	var yyj23 int | ||||||
| 	var yyb18 bool | 	var yyb23 bool | ||||||
| 	var yyhl18 bool = l >= 0 | 	var yyhl23 bool = l >= 0 | ||||||
| 	yyj18++ | 	yyj23++ | ||||||
| 	if yyhl18 { | 	if yyhl23 { | ||||||
| 		yyb18 = yyj18 > l | 		yyb23 = yyj23 > l | ||||||
| 	} else { | 	} else { | ||||||
| 		yyb18 = r.CheckBreak() | 		yyb23 = r.CheckBreak() | ||||||
| 	} | 	} | ||||||
| 	if yyb18 { | 	if yyb23 { | ||||||
| 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | ||||||
| 		return | 		return | ||||||
| 	} | 	} | ||||||
| @@ -16316,21 +16427,21 @@ func (x *ISCSIVolumeSource) codecDecodeSelfFromArray(l int, d *codec1978.Decoder | |||||||
| 	if r.TryDecodeAsNil() { | 	if r.TryDecodeAsNil() { | ||||||
| 		x.TargetPortal = "" | 		x.TargetPortal = "" | ||||||
| 	} else { | 	} else { | ||||||
| 		yyv19 := &x.TargetPortal | 		yyv24 := &x.TargetPortal | ||||||
| 		yym20 := z.DecBinary() | 		yym25 := z.DecBinary() | ||||||
| 		_ = yym20 | 		_ = yym25 | ||||||
| 		if false { | 		if false { | ||||||
| 		} else { | 		} else { | ||||||
| 			*((*string)(yyv19)) = r.DecodeString() | 			*((*string)(yyv24)) = r.DecodeString() | ||||||
| 		} | 		} | ||||||
| 	} | 	} | ||||||
| 	yyj18++ | 	yyj23++ | ||||||
| 	if yyhl18 { | 	if yyhl23 { | ||||||
| 		yyb18 = yyj18 > l | 		yyb23 = yyj23 > l | ||||||
| 	} else { | 	} else { | ||||||
| 		yyb18 = r.CheckBreak() | 		yyb23 = r.CheckBreak() | ||||||
| 	} | 	} | ||||||
| 	if yyb18 { | 	if yyb23 { | ||||||
| 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | ||||||
| 		return | 		return | ||||||
| 	} | 	} | ||||||
| @@ -16338,21 +16449,21 @@ func (x *ISCSIVolumeSource) codecDecodeSelfFromArray(l int, d *codec1978.Decoder | |||||||
| 	if r.TryDecodeAsNil() { | 	if r.TryDecodeAsNil() { | ||||||
| 		x.IQN = "" | 		x.IQN = "" | ||||||
| 	} else { | 	} else { | ||||||
| 		yyv21 := &x.IQN | 		yyv26 := &x.IQN | ||||||
| 		yym22 := z.DecBinary() | 		yym27 := z.DecBinary() | ||||||
| 		_ = yym22 | 		_ = yym27 | ||||||
| 		if false { | 		if false { | ||||||
| 		} else { | 		} else { | ||||||
| 			*((*string)(yyv21)) = r.DecodeString() | 			*((*string)(yyv26)) = r.DecodeString() | ||||||
| 		} | 		} | ||||||
| 	} | 	} | ||||||
| 	yyj18++ | 	yyj23++ | ||||||
| 	if yyhl18 { | 	if yyhl23 { | ||||||
| 		yyb18 = yyj18 > l | 		yyb23 = yyj23 > l | ||||||
| 	} else { | 	} else { | ||||||
| 		yyb18 = r.CheckBreak() | 		yyb23 = r.CheckBreak() | ||||||
| 	} | 	} | ||||||
| 	if yyb18 { | 	if yyb23 { | ||||||
| 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | ||||||
| 		return | 		return | ||||||
| 	} | 	} | ||||||
| @@ -16360,21 +16471,21 @@ func (x *ISCSIVolumeSource) codecDecodeSelfFromArray(l int, d *codec1978.Decoder | |||||||
| 	if r.TryDecodeAsNil() { | 	if r.TryDecodeAsNil() { | ||||||
| 		x.Lun = 0 | 		x.Lun = 0 | ||||||
| 	} else { | 	} else { | ||||||
| 		yyv23 := &x.Lun | 		yyv28 := &x.Lun | ||||||
| 		yym24 := z.DecBinary() | 		yym29 := z.DecBinary() | ||||||
| 		_ = yym24 | 		_ = yym29 | ||||||
| 		if false { | 		if false { | ||||||
| 		} else { | 		} else { | ||||||
| 			*((*int32)(yyv23)) = int32(r.DecodeInt(32)) | 			*((*int32)(yyv28)) = int32(r.DecodeInt(32)) | ||||||
| 		} | 		} | ||||||
| 	} | 	} | ||||||
| 	yyj18++ | 	yyj23++ | ||||||
| 	if yyhl18 { | 	if yyhl23 { | ||||||
| 		yyb18 = yyj18 > l | 		yyb23 = yyj23 > l | ||||||
| 	} else { | 	} else { | ||||||
| 		yyb18 = r.CheckBreak() | 		yyb23 = r.CheckBreak() | ||||||
| 	} | 	} | ||||||
| 	if yyb18 { | 	if yyb23 { | ||||||
| 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | ||||||
| 		return | 		return | ||||||
| 	} | 	} | ||||||
| @@ -16382,21 +16493,21 @@ func (x *ISCSIVolumeSource) codecDecodeSelfFromArray(l int, d *codec1978.Decoder | |||||||
| 	if r.TryDecodeAsNil() { | 	if r.TryDecodeAsNil() { | ||||||
| 		x.ISCSIInterface = "" | 		x.ISCSIInterface = "" | ||||||
| 	} else { | 	} else { | ||||||
| 		yyv25 := &x.ISCSIInterface | 		yyv30 := &x.ISCSIInterface | ||||||
| 		yym26 := z.DecBinary() | 		yym31 := z.DecBinary() | ||||||
| 		_ = yym26 | 		_ = yym31 | ||||||
| 		if false { | 		if false { | ||||||
| 		} else { | 		} else { | ||||||
| 			*((*string)(yyv25)) = r.DecodeString() | 			*((*string)(yyv30)) = r.DecodeString() | ||||||
| 		} | 		} | ||||||
| 	} | 	} | ||||||
| 	yyj18++ | 	yyj23++ | ||||||
| 	if yyhl18 { | 	if yyhl23 { | ||||||
| 		yyb18 = yyj18 > l | 		yyb23 = yyj23 > l | ||||||
| 	} else { | 	} else { | ||||||
| 		yyb18 = r.CheckBreak() | 		yyb23 = r.CheckBreak() | ||||||
| 	} | 	} | ||||||
| 	if yyb18 { | 	if yyb23 { | ||||||
| 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | ||||||
| 		return | 		return | ||||||
| 	} | 	} | ||||||
| @@ -16404,21 +16515,21 @@ func (x *ISCSIVolumeSource) codecDecodeSelfFromArray(l int, d *codec1978.Decoder | |||||||
| 	if r.TryDecodeAsNil() { | 	if r.TryDecodeAsNil() { | ||||||
| 		x.FSType = "" | 		x.FSType = "" | ||||||
| 	} else { | 	} else { | ||||||
| 		yyv27 := &x.FSType | 		yyv32 := &x.FSType | ||||||
| 		yym28 := z.DecBinary() | 		yym33 := z.DecBinary() | ||||||
| 		_ = yym28 | 		_ = yym33 | ||||||
| 		if false { | 		if false { | ||||||
| 		} else { | 		} else { | ||||||
| 			*((*string)(yyv27)) = r.DecodeString() | 			*((*string)(yyv32)) = r.DecodeString() | ||||||
| 		} | 		} | ||||||
| 	} | 	} | ||||||
| 	yyj18++ | 	yyj23++ | ||||||
| 	if yyhl18 { | 	if yyhl23 { | ||||||
| 		yyb18 = yyj18 > l | 		yyb23 = yyj23 > l | ||||||
| 	} else { | 	} else { | ||||||
| 		yyb18 = r.CheckBreak() | 		yyb23 = r.CheckBreak() | ||||||
| 	} | 	} | ||||||
| 	if yyb18 { | 	if yyb23 { | ||||||
| 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | ||||||
| 		return | 		return | ||||||
| 	} | 	} | ||||||
| @@ -16426,21 +16537,21 @@ func (x *ISCSIVolumeSource) codecDecodeSelfFromArray(l int, d *codec1978.Decoder | |||||||
| 	if r.TryDecodeAsNil() { | 	if r.TryDecodeAsNil() { | ||||||
| 		x.ReadOnly = false | 		x.ReadOnly = false | ||||||
| 	} else { | 	} else { | ||||||
| 		yyv29 := &x.ReadOnly | 		yyv34 := &x.ReadOnly | ||||||
| 		yym30 := z.DecBinary() | 		yym35 := z.DecBinary() | ||||||
| 		_ = yym30 | 		_ = yym35 | ||||||
| 		if false { | 		if false { | ||||||
| 		} else { | 		} else { | ||||||
| 			*((*bool)(yyv29)) = r.DecodeBool() | 			*((*bool)(yyv34)) = r.DecodeBool() | ||||||
| 		} | 		} | ||||||
| 	} | 	} | ||||||
| 	yyj18++ | 	yyj23++ | ||||||
| 	if yyhl18 { | 	if yyhl23 { | ||||||
| 		yyb18 = yyj18 > l | 		yyb23 = yyj23 > l | ||||||
| 	} else { | 	} else { | ||||||
| 		yyb18 = r.CheckBreak() | 		yyb23 = r.CheckBreak() | ||||||
| 	} | 	} | ||||||
| 	if yyb18 { | 	if yyb23 { | ||||||
| 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | ||||||
| 		return | 		return | ||||||
| 	} | 	} | ||||||
| @@ -16448,26 +16559,91 @@ func (x *ISCSIVolumeSource) codecDecodeSelfFromArray(l int, d *codec1978.Decoder | |||||||
| 	if r.TryDecodeAsNil() { | 	if r.TryDecodeAsNil() { | ||||||
| 		x.Portals = nil | 		x.Portals = nil | ||||||
| 	} else { | 	} else { | ||||||
| 		yyv31 := &x.Portals | 		yyv36 := &x.Portals | ||||||
| 		yym32 := z.DecBinary() | 		yym37 := z.DecBinary() | ||||||
| 		_ = yym32 | 		_ = yym37 | ||||||
| 		if false { | 		if false { | ||||||
| 		} else { | 		} else { | ||||||
| 			z.F.DecSliceStringX(yyv31, false, d) | 			z.F.DecSliceStringX(yyv36, false, d) | ||||||
| 		} | 		} | ||||||
| 	} | 	} | ||||||
|  | 	yyj23++ | ||||||
|  | 	if yyhl23 { | ||||||
|  | 		yyb23 = yyj23 > l | ||||||
|  | 	} else { | ||||||
|  | 		yyb23 = r.CheckBreak() | ||||||
|  | 	} | ||||||
|  | 	if yyb23 { | ||||||
|  | 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | ||||||
|  | 		return | ||||||
|  | 	} | ||||||
|  | 	z.DecSendContainerState(codecSelfer_containerArrayElem1234) | ||||||
|  | 	if r.TryDecodeAsNil() { | ||||||
|  | 		x.DiscoveryCHAPAuth = false | ||||||
|  | 	} else { | ||||||
|  | 		yyv38 := &x.DiscoveryCHAPAuth | ||||||
|  | 		yym39 := z.DecBinary() | ||||||
|  | 		_ = yym39 | ||||||
|  | 		if false { | ||||||
|  | 		} else { | ||||||
|  | 			*((*bool)(yyv38)) = r.DecodeBool() | ||||||
|  | 		} | ||||||
|  | 	} | ||||||
|  | 	yyj23++ | ||||||
|  | 	if yyhl23 { | ||||||
|  | 		yyb23 = yyj23 > l | ||||||
|  | 	} else { | ||||||
|  | 		yyb23 = r.CheckBreak() | ||||||
|  | 	} | ||||||
|  | 	if yyb23 { | ||||||
|  | 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | ||||||
|  | 		return | ||||||
|  | 	} | ||||||
|  | 	z.DecSendContainerState(codecSelfer_containerArrayElem1234) | ||||||
|  | 	if r.TryDecodeAsNil() { | ||||||
|  | 		x.SessionCHAPAuth = false | ||||||
|  | 	} else { | ||||||
|  | 		yyv40 := &x.SessionCHAPAuth | ||||||
|  | 		yym41 := z.DecBinary() | ||||||
|  | 		_ = yym41 | ||||||
|  | 		if false { | ||||||
|  | 		} else { | ||||||
|  | 			*((*bool)(yyv40)) = r.DecodeBool() | ||||||
|  | 		} | ||||||
|  | 	} | ||||||
|  | 	yyj23++ | ||||||
|  | 	if yyhl23 { | ||||||
|  | 		yyb23 = yyj23 > l | ||||||
|  | 	} else { | ||||||
|  | 		yyb23 = r.CheckBreak() | ||||||
|  | 	} | ||||||
|  | 	if yyb23 { | ||||||
|  | 		z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | ||||||
|  | 		return | ||||||
|  | 	} | ||||||
|  | 	z.DecSendContainerState(codecSelfer_containerArrayElem1234) | ||||||
|  | 	if r.TryDecodeAsNil() { | ||||||
|  | 		if x.SecretRef != nil { | ||||||
|  | 			x.SecretRef = nil | ||||||
|  | 		} | ||||||
|  | 	} else { | ||||||
|  | 		if x.SecretRef == nil { | ||||||
|  | 			x.SecretRef = new(LocalObjectReference) | ||||||
|  | 		} | ||||||
|  | 		x.SecretRef.CodecDecodeSelf(d) | ||||||
|  | 	} | ||||||
| 	for { | 	for { | ||||||
| 		yyj18++ | 		yyj23++ | ||||||
| 		if yyhl18 { | 		if yyhl23 { | ||||||
| 			yyb18 = yyj18 > l | 			yyb23 = yyj23 > l | ||||||
| 		} else { | 		} else { | ||||||
| 			yyb18 = r.CheckBreak() | 			yyb23 = r.CheckBreak() | ||||||
| 		} | 		} | ||||||
| 		if yyb18 { | 		if yyb23 { | ||||||
| 			break | 			break | ||||||
| 		} | 		} | ||||||
| 		z.DecSendContainerState(codecSelfer_containerArrayElem1234) | 		z.DecSendContainerState(codecSelfer_containerArrayElem1234) | ||||||
| 		z.DecStructFieldNotFound(yyj18-1, "") | 		z.DecStructFieldNotFound(yyj23-1, "") | ||||||
| 	} | 	} | ||||||
| 	z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | 	z.DecSendContainerState(codecSelfer_containerArrayEnd1234) | ||||||
| } | } | ||||||
|   | |||||||
| @@ -1047,6 +1047,15 @@ type ISCSIVolumeSource struct { | |||||||
| 	// is other than default (typically TCP ports 860 and 3260). | 	// is other than default (typically TCP ports 860 and 3260). | ||||||
| 	// +optional | 	// +optional | ||||||
| 	Portals []string `json:"portals,omitempty" protobuf:"bytes,7,opt,name=portals"` | 	Portals []string `json:"portals,omitempty" protobuf:"bytes,7,opt,name=portals"` | ||||||
|  | 	// whether support iSCSI Discovery CHAP authentication | ||||||
|  | 	// +optional | ||||||
|  | 	DiscoveryCHAPAuth bool `json:"chapAuthDiscovery,omitempty" protobuf:"varint,8,opt,name=chapAuthDiscovery"` | ||||||
|  | 	// whether support iSCSI Session CHAP authentication | ||||||
|  | 	// +optional | ||||||
|  | 	SessionCHAPAuth bool `json:"chapAuthSession,omitempty" protobuf:"varint,11,opt,name=chapAuthSession"` | ||||||
|  | 	// CHAP secret for iSCSI target and initiator authentication | ||||||
|  | 	// +optional | ||||||
|  | 	SecretRef *LocalObjectReference `json:"secretRef,omitempty" protobuf:"bytes,10,opt,name=secretRef"` | ||||||
| } | } | ||||||
|  |  | ||||||
| // Represents a Fibre Channel volume. | // Represents a Fibre Channel volume. | ||||||
|   | |||||||
| @@ -658,6 +658,9 @@ var map_ISCSIVolumeSource = map[string]string{ | |||||||
| 	"fsType":            "Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#iscsi", | 	"fsType":            "Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: http://kubernetes.io/docs/user-guide/volumes#iscsi", | ||||||
| 	"readOnly":          "ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.", | 	"readOnly":          "ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.", | ||||||
| 	"portals":           "iSCSI target portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", | 	"portals":           "iSCSI target portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).", | ||||||
|  | 	"chapAuthDiscovery": "whether support iSCSI Discovery CHAP authentication", | ||||||
|  | 	"chapAuthSession":   "whether support iSCSI Session CHAP authentication", | ||||||
|  | 	"secretRef":         "CHAP secret for iSCSI target and initiator authentication", | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| func (ISCSIVolumeSource) SwaggerDoc() map[string]string { | func (ISCSIVolumeSource) SwaggerDoc() map[string]string { | ||||||
|   | |||||||
| @@ -1706,6 +1706,9 @@ func autoConvert_v1_ISCSIVolumeSource_To_api_ISCSIVolumeSource(in *ISCSIVolumeSo | |||||||
| 	out.FSType = in.FSType | 	out.FSType = in.FSType | ||||||
| 	out.ReadOnly = in.ReadOnly | 	out.ReadOnly = in.ReadOnly | ||||||
| 	out.Portals = *(*[]string)(unsafe.Pointer(&in.Portals)) | 	out.Portals = *(*[]string)(unsafe.Pointer(&in.Portals)) | ||||||
|  | 	out.DiscoveryCHAPAuth = in.DiscoveryCHAPAuth | ||||||
|  | 	out.SessionCHAPAuth = in.SessionCHAPAuth | ||||||
|  | 	out.SecretRef = (*api.LocalObjectReference)(unsafe.Pointer(in.SecretRef)) | ||||||
| 	return nil | 	return nil | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| @@ -1721,6 +1724,9 @@ func autoConvert_api_ISCSIVolumeSource_To_v1_ISCSIVolumeSource(in *api.ISCSIVolu | |||||||
| 	out.FSType = in.FSType | 	out.FSType = in.FSType | ||||||
| 	out.ReadOnly = in.ReadOnly | 	out.ReadOnly = in.ReadOnly | ||||||
| 	out.Portals = *(*[]string)(unsafe.Pointer(&in.Portals)) | 	out.Portals = *(*[]string)(unsafe.Pointer(&in.Portals)) | ||||||
|  | 	out.DiscoveryCHAPAuth = in.DiscoveryCHAPAuth | ||||||
|  | 	out.SessionCHAPAuth = in.SessionCHAPAuth | ||||||
|  | 	out.SecretRef = (*LocalObjectReference)(unsafe.Pointer(in.SecretRef)) | ||||||
| 	return nil | 	return nil | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
|   | |||||||
| @@ -1198,6 +1198,11 @@ func DeepCopy_v1_ISCSIVolumeSource(in interface{}, out interface{}, c *conversio | |||||||
| 			*out = make([]string, len(*in)) | 			*out = make([]string, len(*in)) | ||||||
| 			copy(*out, *in) | 			copy(*out, *in) | ||||||
| 		} | 		} | ||||||
|  | 		if in.SecretRef != nil { | ||||||
|  | 			in, out := &in.SecretRef, &out.SecretRef | ||||||
|  | 			*out = new(LocalObjectReference) | ||||||
|  | 			**out = **in | ||||||
|  | 		} | ||||||
| 		return nil | 		return nil | ||||||
| 	} | 	} | ||||||
| } | } | ||||||
|   | |||||||
| @@ -1226,6 +1226,11 @@ func DeepCopy_api_ISCSIVolumeSource(in interface{}, out interface{}, c *conversi | |||||||
| 			*out = make([]string, len(*in)) | 			*out = make([]string, len(*in)) | ||||||
| 			copy(*out, *in) | 			copy(*out, *in) | ||||||
| 		} | 		} | ||||||
|  | 		if in.SecretRef != nil { | ||||||
|  | 			in, out := &in.SecretRef, &out.SecretRef | ||||||
|  | 			*out = new(LocalObjectReference) | ||||||
|  | 			**out = **in | ||||||
|  | 		} | ||||||
| 		return nil | 		return nil | ||||||
| 	} | 	} | ||||||
| } | } | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user
	 Kubernetes Submit Queue
					Kubernetes Submit Queue