Automatic merge from submit-queue (batch tested with PRs 64013, 63896, 64139, 57527, 62102). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Simplify the volume util by v1helper.
Signed-off-by: Da K. Ma <klaus1982.cn@gmail.com>
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Release note**:
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 64102, 63303, 64150, 63841). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add block device support for azure disk
**What this PR does / why we need it**:
add block device support for azure disk
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#61821
**Special notes for your reviewer**:
detailed steps about how it work:
https://github.com/andyzhangx/demo/tree/master/linux/block/azuredisk
**Release note**:
```
add block device support for azure disk
```
@karataliu @feiskyer @khenidak
Automatic merge from submit-queue (batch tested with PRs 64102, 63303, 64150, 63841). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Return attach error to A/D controller.
The plugin should not wait with errors for WaitForAttach, WaitForAttach runs on nodes, not in A/D controller.
**Which issue(s) this PR fixes**
Fixes#63300
~~Work in progress, missing testing.~~
**Release note**:
```release-note
NONE
```
/sig storage
@saad-ali @vladimirvivien
Automatic merge from submit-queue (batch tested with PRs 63830, 63579, 64173). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix iSCSI and RBD UnmountDevice with mount containers.
Google's [configure-helper.sh](https://github.com/kubernetes/kubernetes/blob/master/cluster/gce/gci/configure-helper.sh) script bind-mounts `/var/lib/kubelet` somewhere into `/home/kubernetes` and thus every mount that Kubernetes does is visible **twice** in `/proc/mounts`.
iSCSI and RBD volume plugins should not rely on counting entries in `/proc/mounts` and unmount device when Kubernetes thinks it's unusued. Kubernetes tracks the mounts by itself and most of other volume plugins already rely on it safely.
/sig storage
Fixes#56704
(well, it does not fix it, but it makes Kubernetes working with double mounts)
**Release note**:
```release-note
NONE
```
@rootfs, PTAL
Automatic merge from submit-queue (batch tested with PRs 63914, 63887, 64116, 64026, 62933). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Enable SELinux relabeling in CSI volumes
**What this PR does / why we need it**:
CSI volume plugin should provide correct information in `GetAttributes` call so kubelet can ask container runtime to relabel the volume. Therefore CSI volume plugin needs to check if a random volume mounted by a CSI driver supports SELinux or not by checking for "seclabel" mount or superblock option.
**Which issue(s) this PR fixes**
Fixes#63965
**Release note**:
```release-note
NONE
```
@saad-ali @vladimirvivien @davidz627
@cofyc, FYI, I'm changing `struct mountInfo`.
Automatic merge from submit-queue (batch tested with PRs 63569, 63918, 63980, 63295, 63989). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fixed CSI volume detach when the volume is already detached.
**What this PR does / why we need it**:
"VolumeAttachment NotFound" error should be treated as successful detach.
/sig storage
/assign @vladimirvivien @saad-ali
**Special notes for your reviewer**:
Note that the PR changes just 4 lines in attachment code, the rest is unit test refactoring to inject fake errors.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 63424, 63657). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix#63183 Pods on different nodes mount Ceph RBD PVC stuck on ContainerCreating
**What this PR does / why we need it**:
Ceph/RBD pvc can be attached on different nodes when use ReadOnlyMany.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#63183
**Special notes for your reviewer**:
**Release note**:
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 59034, 63565, 63533). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
[RBD block device ]ignore the loopbackdevice error, or the rbd volume will not get detached
The rbd volume loop device maybe not found and then the volume will not get detached.
so need to ignore the error.
@mtanino @sbezverk
Can you take a look?
Release note:
```
ignore the loopback device not found error when `GetLoopDevice`
```
Google's configure-helper.sh script bind-mounts /var/lib/kubelet somewhere
into /home/kubernetes and thus every mount that Kubernetes does is visible
twice in /proc/mounts.
iSCSI and RBD should not rely on counting on entries in /proc/mounts and
unmount device when Kubernetes thinks it's unusued. Kubernetes tracks
the mounts by itself and most of other volume plugins rely on it safely.
Automatic merge from submit-queue (batch tested with PRs 63298, 63339). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
kubelet: volume: do not create event on mount success
xref https://github.com/openshift/origin/issues/19497
There is an argument to be made that we should not emit events on volume mount successes. Many pods have lots of volumes that generate lots of events, especially if the pods are short lived (batch, etc). This creates load on the API server and add noise in the events.
Creating events on volume mount failures is obviously a good idea. Seems like the absence of such events or the "Started container" event implies mount success for all volumes.
/sig node
/sig storage
/release-note-none
@smarterclayton @jsafrane @saad-ali
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
aws, azure: replace path with filepath
**What this PR does / why we need it**:
This PR replaces usage of `path` with `filepath` as it uses OS-specific path separators.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#62916
**Special notes for your reviewer**:
This PR addresses the following volume plugins:
- `pkg/volume/aws_ebs`
- `pkg/volume/azure_dd`
- `pkg/volume/azure_file`
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 61725, 63261). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Use cloudprovider.NotImplemented in AddSSHKeyToAllInstances
**What this PR does / why we need it**:
Minor cleanup: In looking at implementations of this method,
noticed a few providers created their own errors instead of using cloudprovider.NotImplemented
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 62657, 63278, 62903, 63375). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add more volume types in e2e and fix part of them.
**What this PR does / why we need it**:
- Add dir-link/dir-bindmounted/dir-link-bindmounted/bockfs volume types for e2e tests.
- Fix fsGroup related e2e tests partially.
- Return error if we cannot resolve volume path.
- Because we should not fallback to volume path, if it's a symbolic link, we may get wrong results.
To safely set fsGroup on local volume, we need to implement these two methods correctly for all volume types both on the host and in container:
- get volume path kubelet can access
- paths on the host and in container are different
- get mount references
- for directories, we cannot use its mount source (device field) to identify mount references, because directories on same filesystem have same mount source (e.g. tmpfs), we need to check filesystem's major:minor and directory root path on it
Here is current status:
| | (A) volume-path (host) | (B) volume-path (container) | (C) mount-refs (host) | (D) mount-refs (container) |
| --- | --- | --- | --- | --- |
| (1) dir | OK | FAIL | FAIL | FAIL |
| (2) dir-link | OK | FAIL | FAIL | FAIL |
| (3) dir-bindmounted | OK | FAIL | FAIL | FAIL |
| (4) dir-link-bindmounted | OK | FAIL | FAIL | FAIL |
| (5) tmpfs| OK | FAIL | FAIL | FAIL |
| (6) blockfs| OK | FAIL | OK | FAIL |
| (7) block| NOTNEEDED | NOTNEEDED | NOTNEEDED | NOTNEEDED |
| (8) gce-localssd-scsi-fs| NOTTESTED | NOTTESTED | NOTTESTED | NOTTESTED |
- This PR uses `nsenter ... readlink` to resolve path in container as @msau42 @jsafrane [suggested](https://github.com/kubernetes/kubernetes/pull/61489#pullrequestreview-110032850). This fixes B1:B6 and D6, , the rest will be addressed in https://github.com/kubernetes/kubernetes/pull/62102.
- C5:D5 marked `FAIL` because `tmpfs` filesystems can share same mount source, we cannot rely on it to check mount references. e2e tests passes due to we use unique mount source string in tests.
- A7:D7 marked `NOTNEEDED` because we don't set fsGroup on block devices in local plugin. (TODO: Should we set fsGroup on block device?)
- A8:D8 marked `NOTTESTED` because I didn't test it, I leave it to `pull-kubernetes-e2e-gce`. I think it should be same as `blockfs`.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Update all script shebangs to use /usr/bin/env interpreter instead of /bin/interpreter
This is required to support systems where bash doesn't reside in /bin (such as NixOS, or the *BSD family) and allow users to specify a different interpreter version through $PATH manipulation.
https://www.cyberciti.biz/tips/finding-bash-perl-python-portably-using-env.html
```release-note
Use /usr/bin/env in all script shebangs to increase portability.
```
Minor cleanup: In looking at implementations of this method,
noticed a few providers created their own errors instead of using cloudprovider.NotImplemented
Automatic merge from submit-queue (batch tested with PRs 63251, 59166, 63250, 63180, 63169). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
clean one redundant comment of rbd.go
**What this PR does / why we need it**:
This is a small PR for cleanup.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix cephfs fuse mount bug when user is not admin
**What this PR does / why we need it**:
fix cephfs fuse mount bug when user is not admin
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes https://github.com/kubernetes/kubernetes/issues/59393
**Special notes for your reviewer**:
**Release note**:
```release-note
fix cephfs fuse mount bug when user is not admin
```
Automatic merge from submit-queue (batch tested with PRs 63129, 63066, 60009, 63136, 63086). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add node shutdown taint
**What this PR does / why we need it**: we need node stopped taint in order to detach volumes immediately without waiting timeout. More info in issue ticket #58635
**Which issue(s) this PR fixes**
Fixes#58635
**Special notes for your reviewer**: this was reverted, original PR https://github.com/kubernetes/kubernetes/pull/59323 Hopefully now bugs are fixed. However, I will execute more tests manually today.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 62590, 62818, 63015, 62922, 63000). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix some bugs inside CSI volume plugin unit test TestAttacherMountDevice
**What this PR does / why we need it**:
Fix two bugs inside CSI volume plugin unit test `TestAttacherMountDevice`.
**Release note**:
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 62780, 62886). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Only count local mounts that are from other pods
**What this PR does / why we need it**:
In GCE, we mount the same local SSD in two different paths (for backwards compatability). This makes the fsGroup conflict check fail because it thinks the 2nd mount is from another pod. For the fsgroup check, we only want to detect if other pods are mounting the same volume, so this PR filters the mount list to only those mounts under "/var/lib/kubelet".
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#62867
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 62876, 62733, 62827). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix csi data race in csi_attacher_test.go
**What this PR does / why we need it**:
fix csi data race in csi_attacher_test.go#TestAttacherWaitForVolumeAttachment
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#62630
**Special notes for your reviewer**:
run `stress -p 500 ./csi.test -v 5 -alsologtostderr` , There is another failure
I think we should fix it in another PR.
```
--- FAIL: TestAttacherMountDevice (0.07s)
csi_attacher_test.go:495: Running test case: normal
csi_attacher_test.go:534: test should not fail, but error occurred: mkdir path2: file exists
```
**Release note**:
```release-note
NONE
```
/sig storage
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add metrics to cinder volume
**What this PR does / why we need it**: We need cinder volume metrics to be exposed
**Which issue(s) this PR fixes**:
Fixes#62644
**Special notes for your reviewer**: This is not tested in running cluster.
**Release note**:
```release-note
Make volume usage metrics available for Cinder
```
cc @gnufied @dims
Automatic merge from submit-queue (batch tested with PRs 62803, 62787). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add `volumenameprefix` tests for glusterfs dynamic provisioner.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 62694, 62569, 62646, 61633, 62433). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Report events to apiserver in local volume plugin.
**What this PR does / why we need it**:
See https://github.com/kubernetes/kubernetes/pull/62102#discussion_r179238429.
Report events to apiserver in local volume plugin.
- Add VolumeHost.GetEventRecorder() method
- Add related e2e tests
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#62248
**Special notes for your reviewer**:
Example output of `kubectl describe pods`:
```
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 7s default-scheduler Successfully assigned e2e-tests-persistent-local-volumes-test-x4h5x/security-context-670da435-4174-11e8-9098-000c29bb0377 to 127.0.0.1
Warning AlreadyMountedVolume 7s kubelet, 127.0.0.1 The requested fsGroup is 4321, but the volume local-pvfbb76 has GID 1234. The volume may not be shareable.
Normal SuccessfulMountVolume 7s kubelet, 127.0.0.1 MountVolume.SetUp succeeded for volume "default-token-996xr"
Normal SuccessfulMountVolume 7s kubelet, 127.0.0.1 MountVolume.SetUp succeeded for volume "local-pvfbb76"
Normal Pulled 6s kubelet, 127.0.0.1 Container image "k8s.gcr.io/busybox:1.24" already present on machine
Normal Created 6s kubelet, 127.0.0.1 Created container
Normal Started 6s kubelet, 127.0.0.1 Started container
```
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 62694, 62569, 62646, 61633, 62433). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Use filepath.Clean() instead of path.Clean()
**What this PR does / why we need it**:
Use filepath.Clean() instead of path.Clean() across `pkg/volume`. This could fix potential issues for windows containers.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
followup of #62375.
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
/assign @msau42
Automatic merge from submit-queue (batch tested with PRs 62378, 62734). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add `snapfactor` storageclass parameter for GlusterFS provisioner.
This patch add a new parameter called `snapfactor` to glusterfs
storageclass. This is an optional parameter and value should
fall into the range of 1-100. When set the thin pool calculation
respect this snapfactor and create a thinpool accordingly.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
storageclass. This is an optional parameter and value should
fall into the range of 1-100. When set the thin pool calculation
respect this snapfactor and create a thinpool accordingly.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
Automatic merge from submit-queue (batch tested with PRs 62676, 62612). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix WaitForAttach failure issue for azure disk
**What this PR does / why we need it**:
From v1.10, `devicePath` will be updated due to following code change:
568afb4ecc/pkg/volume/util/operationexecutor/operation_generator.go (L517-L518)
So in v1.10.0, MountVolume.WaitForAttach will fail in the azure disk remount, error logs would be like following:
```
MountVolume.WaitForAttach failed for volume "pvc-f1562ecb-3e5f-11e8-ab6b-000d3af9f967" : azureDisk - Wait for attach expect device path as a lun number, instead got: /dev/disk/azure/scsi1/lun1 (strconv.Atoi: parsing "/dev/disk/azure/scsi1/lun1": invalid syntax)
Warning FailedMount 1m (x10 over 21m) kubelet, k8s-agentpool-66825246-0 Unable to mount volumes for pod
```
This PR does not use `devicePath` anymore since it could be changed, instead, it use `diskController.GetDiskLun(diskName, volumeSource.DataDiskURI, nodeName)` to get disk LUN, this ARM api call would cost about 0.12s
The GCE disk won't have this issue since `devicePath` is not used in [WaitForAttach func](https://github.com/kubernetes/kubernetes/blob/master/pkg/volume/gce_pd/attacher.go#L133), while aws disk is also using `devicePath` in [WaitForAttach func](https://github.com/kubernetes/kubernetes/blob/master/pkg/volume/aws_ebs/attacher.go#L145), I think there is potentical issue for aws_ebs
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#62540
**Special notes for your reviewer**:
should cherry-pick to v1.10
**Release note**:
```
fix WaitForAttach failure issue for azure disk
```
/assign @feiskyer
/sig azure
FYI @khenidak
Automatic merge from submit-queue (batch tested with PRs 62650, 62303, 62545, 62375). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix user visible files creation for windows
**What this PR does / why we need it**:
Fix user visible files creation for windows. Without this, [createUserVisibleFiles](https://github.com/kubernetes/kubernetes/blob/master/pkg/volume/util/atomic_writer.go#L415:24) will get linkname with subpath included, and then symlink will fail. This is because "/" is used in pod spec (e.g. `"new/path/data-1"`) while "\" is used on Windows to get linkname.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#62338
**Special notes for your reviewer**:
Should also be cherry-picked to old releases.
**Release note**:
```release-note
Fix user visible files creation for windows
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix volume node affinity to OR node selector terms
**What this PR does / why we need it**:
Fixes node selector terms to be ORed, to be consistent with documentation and Pod.NodeAffinity. Also handles the "node selector term nil or empty matches nothing" behavior.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#62551
**Special notes for your reviewer**:
**Release note**:
```release-note
Fixes issue where PersistentVolume.NodeAffinity.NodeSelectorTerms were ANDed instead of ORed.
```
In WatchPod(), if one of the two channels being watched (pod updates and
events) is closed, the for/select loop turns into a tight infinite loop because
the select immediately falls through due to the channel being closed. Watch
them independently instead.
Automatic merge from submit-queue (batch tested with PRs 62486, 62471, 62183). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
CSI - Update to apply fsGroup volume ownership
**What this PR does / why we need it**:
This PR correctly fixes the CSI internal driver to apply fsGroup volume ownership value during mount.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#62413
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 60476, 62462, 61391, 62535, 62394). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Revert "git: Use VolumeHost.GetExec() to execute stuff in volume plugins"
This reverts commit c578542ad7 (PR #51098). The PR added support for containerized git, on the other hand it required git 1.8.5. This breaks git volumes on older distros (CentOS 7, Ubuntu 14.04) that have old git.
Git volumes are getting deprecated (https://github.com/kubernetes/kubernetes/issues/60999) so we should restore it to the last working state and not touch it any longer.
**Release note**:
```release-note
gitRepo volumes in pods no longer require git 1.8.5 or newer, older git versions are supported too now.
```
I'd like to cherry-pick it into 1.10.
/sig storage
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
The err has checked in TearDownAt func/kind bug
**What this PR does / why we need it**:
The err has checked in TearDownAt func/kind bug
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 62324, 61459, 62475, 62476, 61914). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Return error in mount_unsupported for unsupported platforms
**What this PR does / why we need it**:
Presently, `util/mount_unsupported.go` does not return any errors. For unsupported platforms, this hides failures. This PR returns errors, thereby properly informing users attempting to run on an unsupported platform.
**Which issue(s) this PR fixes** :
Fixes https://github.com/kubernetes/kubernetes/issues/61919
**Special notes for your reviewer**:
There are a few methods that simply call through to other methods. I did not return errors from those methods.
I've also updated an error check and message in `volume/fc/fc_test.go`, since it was ignoring an error on unsupported platforms.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add volume spec to mountedPod in actual state of world
Add volume spec into mountedPod data struct in the actual state of the
world.
Fixes issue #61248
Automatic merge from submit-queue (batch tested with PRs 61147, 62236, 62018). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix local volume absolute path issue on Windows
**What this PR does / why we need it**:
remove IsAbs validation on local volume since it does not work on windows cluster, Windows absolute path `D:` is not allowed in local volume, the [validation](https://github.com/kubernetes/kubernetes/blob/master/pkg/apis/core/validation/validation.go#L1386) happens on both master and agent node, while for windows cluster, the master is Linux and agent is Windows, so `path.IsAbs()` func will not work all in both nodes.
**Instead**, this PR use `MakeAbsolutePath` func to convert `local.path` value in kubelet, it supports both linux and windows styple.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#62016
**Special notes for your reviewer**:
**Release note**:
```
fix local volume absolute path issue on Windows
```
/sig storage
/sig windows
Automatic merge from submit-queue (batch tested with PRs 61147, 62236, 62018). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Return NodeStageVolume/NodePublishVolume error if operation failed for CSI
**What this PR does / why we need it**:
Currently in CSI volume plugin, if `NodeStageVolume`/`NodePublishVolume` operation failed, we will try to remove according target dir(global mount path or pod volume path) first. If this clear operation failed, according error will be returned, and finally displayed in `Pod`'s event. However, compared to this clear error, the user is more concerned about `NodeStageVolume`/`NodePublishVolume` error, so I suggest that just log the clear error and still return the `NodeStageVolume`/`NodePublishVolume` error.
**Release note**:
```release-note
NONE
```
/sig storage
Automatic merge from submit-queue (batch tested with PRs 59035, 61933). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix format error for sioUtil-UT
**What this PR does / why we need it**:
1、Use t.Fatalf instead of t.Fatal when format is needed;
2、Before my change, when open file failed you will get such return "failed to open conf file: %!(EXTRA os.file=&{***})". After my change, when open file failed you will get such return "Failed to open conf file: /dir/filename",which is more human readable .
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
"NONE"
```
Automatic merge from submit-queue (batch tested with PRs 56045, 61447, 62189). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add UT Test to TestAttacherUnmountDevice
**What this PR does / why we need it**:
Add UT Test to TestAttacherUnmountDevice if no volumeID scenero
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
use MakeAbsolutePath to convert path in Windows
fix test error: allow relative path for local volume
fix comments
fix comments and add windows unit tests
Automatic merge from submit-queue (batch tested with PRs 60983, 62012, 61892, 62051, 62067). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix local volume issue on Windows
**What this PR does / why we need it**:
Actually local volume does not work on Windows up to now, with this PR, local volume would work on Windows. Here is a [local volume example on Windows](https://github.com/andyzhangx/demo/tree/master/windows/local)
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#62010
**Special notes for your reviewer**:
This PR would not `MkdirAll(dir, 0750)` on windows node, the MkdirAll process would happen on https://github.com/kubernetes/kubernetes/blob/master/pkg/util/mount/mount_windows.go#L59-L62
**Release note**:
```
fix local volume issue on Windows
```
/sig windows
/sig storage
Automatic merge from submit-queue (batch tested with PRs 60073, 58519, 61860). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
flexvolume prober: trigger plugin init only for the relevant plugin
**What this PR does / why we need it**:
The automatic discovery trigger init only to the specific plugin directory that was updated, and not to all the plugins in the flexvolume plugin directory.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#58352
**Special notes for your reviewer**:
NONE
**Release note**:
```
NONE
```
Automatic merge from submit-queue (batch tested with PRs 61096, 61955, 61542, 60597). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Return error if get NodeStageSecret and NodePublishSecret failed
**What this PR does / why we need it**:
Currently, if got NodeStageSecret or NodePublishSecret failed, we just log the error and assume that there is no credential. I think we should report the error as if user specified these secret, they expect to apply some credentials.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#61052
**Release note**:
```release-note
NONE
```
/sig storage
Automatic merge from submit-queue (batch tested with PRs 61894, 61369). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Use range in loops; misc fixes
**What this PR does / why we need it**:
It is cleaner to use `range` in for loops to iterate over channel until it is closed.
**Release note**:
```release-note
NONE
```
/kind cleanup
Automatic merge from submit-queue (batch tested with PRs 61452, 61727, 61462, 61692, 61738). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Skip volume unit tests that don't work on osx.
**What this PR does / why we need it**:
`volume/fc` and `volume/rbd` unit tests fail on osx.
```
$ pwd
<snip>/gopath/src/k8s.io/kubernetes/pkg/volume/fc
$ go test
--- FAIL: Test_ConstructVolumeSpec (0.00s)
fc_test.go:450: couldn't fetch mountrefs
fc_test.go:469: failed to retrieve WWIDs
fc_test.go:450: couldn't fetch mountrefs
fc_test.go:469: failed to retrieve WWIDs
FAIL
exit status 1
FAIL k8s.io/kubernetes/pkg/volume/fc 0.054s
<snip>
$ pwd
<snip>/gopath/src/k8s.io/kubernetes/pkg/volume/rbd
$ go test
--- FAIL: TestConstructVolumeSpec (0.00s)
rbd_test.go:575: ConstructVolumeSpec failed: directory /var/folders/59/yc7_f4fd53nbyw868zqpk78cn7shx9/T/rbd_test144865306/pods/pod123/volumes/kubernetes.io~rbd/vol is not mounted
rbd_test.go:575: ConstructVolumeSpec failed: directory /var/folders/59/yc7_f4fd53nbyw868zqpk78cn7shx9/T/rbd_test144865306/pods/pod123/volumes/kubernetes.io~rbd/vol is not mounted
FAIL
exit status 1
FAIL k8s.io/kubernetes/pkg/volume/rbd 0.063s
```
**Which issue(s) this PR fixes** :
Fixes#61569 and #61571
**Special notes for your reviewer**:
To see these unit test fail, you need to run `go test` on an osx machine.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Replace package "golang.org/x/net/context" with "context"
**What this PR does / why we need it**:
Replace package "golang.org/x/net/context" with "context"
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#60560
**Special notes for your reviewer**:
As of Go 1.7 this package(golang.org/x/net/context) is available in the standard library under the name context. see (https://godoc.org/golang.org/x/net/context)
It is almost machinery replace.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 61453, 61393, 61379, 61373, 61494). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Use inner volume name instead of outer volume name for subpath directory
**What this PR does / why we need it**:
Fixes volume reconstruction for PVCs with subpath
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#61372
**Special notes for your reviewer**:
**Release note**:
```release-note
ACTION REQUIRED: In-place node upgrades to this release from versions 1.7.14, 1.8.9, and 1.9.4 are not supported if using subpath volumes with PVCs. Such pods should be drained from the node first.
```
Automatic merge from submit-queue (batch tested with PRs 60793, 61181, 61267, 61252, 61334). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
respect fstype in Windows for azure disk
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#61266
**Special notes for your reviewer**:
**Release note**:
```
respect fstype in Windows for azure disk
```
/sig azure
/sig windows
/assign @feiskyer
Automatic merge from submit-queue (batch tested with PRs 60632, 60806, 59471, 61251, 61013). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add volumemetrics for ISCSI Plugin.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 59536, 61104, 61030, 59013, 61169). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix incorrect logic in glusterfs.go#canSupport
**What this PR does / why we need it**:
if `spec.PersistentVolume` is nil or `spec.Volume` is nil, func `canSupport` should return false.
**Release note**:
```
NONE
```
/release-note-none
/sig storage
Automatic merge from submit-queue (batch tested with PRs 59637, 60611, 60788, 60489, 60687). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
pkg/volume/nfs/nfs.go: correct error messages
**What this PR does / why we need it**:
We don't use `IsLikelyNotMountPoint()` function since 45d21ee36b commit. This PR updates the error messages to mention a new function instead of the old one.
Automatic merge from submit-queue (batch tested with PRs 59637, 60611, 60788, 60489, 60687). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
delete unused variable
delete unused variable in sio_plugin.go
**Release note**:
```
NONE
```
/release-note-none
/kink cleanup
Automatic merge from submit-queue (batch tested with PRs 60189, 59542, 59931, 60621, 60353). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Log warning message when failed to remove rbd lock
It is hard to debug without any error message when lock is not removed
successfully.
Automatic merge from submit-queue (batch tested with PRs 60457, 60331, 54970, 58731, 60562). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove val and ok in Storageos
**What this PR does / why we need it**:
in for loop has define the two para
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 59740, 59728, 60080, 60086, 58714). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
more concise to merge the slice
**What this PR does / why we need it**:
more concise to merge the slice
**Special notes for your reviewer**:
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Added missing error check that could cause kubelet to crash
**What this PR does / why we need it**:
Adds missing error check. An error can happen due to a race condition when watched files change, or become inaccessible. This can happen if a file was added to the driver directory then quickly removed, in which case the callback will be called with non-nil `err` and nil `info`, which is not checked, causing kubelet to crash.
**Which issue(s) this PR fixes**:
Fixes#60861
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Set readOnly for CSI mounter
**What this PR does / why we need it**:
Currently the `csiMountMgr .readOnly` field is never set, we should set it to `Spec.ReadOnly`.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#61008
**Special notes for your reviewer**:
Currently, most of the volume plugins use a `getVolumeSourceFromSpec` method to fetch `VolumeSource` and `ReadOnly` from `volume.Spec`. If the volume is an inline volume, `ReadOnly` is fetched from `Spec.Volume.<SpecificVolumeSource>.ReadOnly`, and if the volume is a `PersistentVolume`, `ReadOnly` is set to `Spec.Readonly`, which comes from `PersistentVolumeClaimVolumeSource.ReadOnly`.
However, as CSI volume plugin is only supported in `PersistentVolume`, so we can just set `ReadOnly` to `Spec.ReadOnly`.
**Release note**:
```release-note
NONE
```
/sig storage
Users must not be allowed to step outside the volume with subPath.
Therefore the final subPath directory must be "locked" somehow
and checked if it's inside volume.
On Windows, we lock the directories. On Linux, we bind-mount the final
subPath into /var/lib/kubelet/pods/<uid>/volume-subpaths/<container name>/<subPathName>,
it can't be changed to symlink user once it's bind-mounted.
Automatic merge from submit-queue (batch tested with PRs 60342, 60505, 59218, 52900, 60486). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Use consts defined in api instead of defining another ones.
**What this PR does / why we need it**:
empty_dir defines some consts. There are already similar consts in api types. So remove the local ones in empty_dir.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 60342, 60505, 59218, 52900, 60486). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix nested volume mounts for read-only API data volumes
**What this PR does / why we need it**:
Since the runtime may try to create mount points within the sandbox, it will fail if the mount point is within a read-only API data volume, like a secret or configMap volume.
Create any needed mount points during volume setup.
**Which issue(s) this PR fixes**:
Fixes#60341
**Special notes for your reviewer**:
**Release note**:
No release note needed since we haven't released any versions with this bug present (yet)
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 60157, 60337, 60246, 59714, 60467). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Feature gate for regional PDs
**What this PR does / why we need it**: Adding beta feature gate around regional PD support.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*: Partially addresses #59988
**Special notes for your reviewer**: This feature has already been in alpha for two releases, but at the time it was not gated with a Kubernetes feature gate. Instead it was controlled by a GCE-specific alpha gate. However, there are additional changes with GCE PD StorageClass parameters that we'd like to gate as well, and this is out of scope of GCE alpha gates.
/cc @saad-ali @lavalamp
Automatic merge from submit-queue (batch tested with PRs 60430, 60115, 58052, 60355, 60116). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
CSI MountDevice/UnmountDevice Implementation
Fixes#60114
**What this PR does / why we need it**:
This PR Implements MountDevice and UnmountDevice for the CSI Plugin, the functions will call through to NodeStageVolume/NodeUnstageVolume for CSI plugins.
/sig storage
```release-note
Implements MountDevice and UnmountDevice for the CSI Plugin, the functions will call through to NodeStageVolume/NodeUnstageVolume for CSI plugins.
```
Since the runtime may try to create mount points within
the sandbox, it will fail if the mount point is within
a read-only API data volume, like a secret or configMap
volume.
Create any needed mount points during volume setup.
Automatic merge from submit-queue (batch tested with PRs 59674, 60059, 60220, 58916, 60336). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Support rbd-nbd for mounting operations on Ceph rbd volumes
**What this PR does / why we need it**:
This PR improves Ceph RBD support by allowing the pkg/volume/rbd to use the rbd-nbd client. This client is based on the common and broadly adopted (librados) librbd library, and it is being actively developed and maintained as part of the ceph upstream code base, unlike krbd.
**Which issue(s) this PR fixes**:
Fixes https://github.com/kubernetes/kubernetes/issues/32266
**Special notes for your reviewer**:
rbd-nbd will be used for Ceph rbd volumes if rbd fails.
Some inspiration was pulled from these PRs #38936 & #55866.
**Test Description**: Tested against a k8s cluster with centos/7 as the host os. rbd-nbd installed from package rbd-nbd-10.2.3.rpm.
Tested:
1. Fall-through to current rbd map/unmap when no rbd-nbd tools are found.
2. Map/Unmap through rbd-nbd.
3. Detecting image already mapped to a nbd device and skipping additional mapping.
4. Detecting image already mapped to a rbd device and skipping additional mapping through nbd.
5. Unmap in hosts having mixed rbd and nbd devices (caused by fall-throughs for some images).
6. Map failure in rbd-nbd due to missing image.
7. Map failure in rbd-nbd due to unreachable mon.
8. Fall-through to current rbd map when rbd-nbd map fails for any reason.
**Release note**:
```release-note
K8s supports rbd-nbd for Ceph rbd volume mounts.
```
Automatic merge from submit-queue (batch tested with PRs 60427, 60361, 60364, 58625, 60187). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Avoid explicit mention of glusterfs in error strings.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 60427, 60361, 60364, 58625, 60187). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
update aws plugin for block support
Update aws plugin to support block and volumeMode.
cc @jsafrane @mtanino @msau42
```release-note
AWS EBS volume plugin got block volume support
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix incorrect comparison in /pkg/volume error message
Signed-off-by: allencloud <allen.sun@daocloud.io>
**What this PR does / why we need it**:
This PR fixes incorrect error message when there is comparison.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
NONE
**Special notes for your reviewer**:
NONE
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 57326, 60076, 60293, 59756, 60370). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
FIX the os.Stat() func in volume file/kind bug
**What this PR does / why we need it**:
FIX the os.Stat() func has two same and delete one
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Delete the two same if in func TestPlugin
**What this PR does / why we need it**:
Delete the two same if in func TestPlugin
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
update GCE plugin for block support
update GCE plugin for block volume support
cc @gnufied @mtanino @jsafrane
```release-note
GCE PD volume plugin got block volume support
```
Automatic merge from submit-queue (batch tested with PRs 60396, 60384, 60395, 60387, 60260). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
correct the expected value in plugintest
**What this PR does / why we need it**:
correct the expected value and got value
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 60396, 60384, 60395, 60387, 60260). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Delete two same if judgement in photon_pd
**What this PR does / why we need it**:
Delete two same if in photon_pd
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
VolumeMode block requires alpha feature-gate BlockVolume=true
Added VolumeMode to e2e test framework for pv and pvc
Added volumeDevices to e2e test framework for block volumes
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
CSI credentials to secrets update
Finalizing refactor of k8s CSI core code, it was triggered by changes in CSI Spec 0.2.0
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 60346, 60135, 60289, 59643, 52640). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix device name change issue for azure disk
**What this PR does / why we need it**:
fix device name change issue for azure disk due to default host cache setting changed from None to ReadWrite from v1.7, and default host cache setting in azure portal is `None`
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#60344, #57444
also fixes following issues:
https://github.com/Azure/acs-engine/issues/1918https://github.com/Azure/AKS/issues/201
**Special notes for your reviewer**:
From v1.7, default host cache setting changed from None to ReadWrite, this would lead to device name change after attach multiple disks on azure vm, finally lead to disk unaccessiable from pod.
For an example:
statefulset with 8 replicas(each with an azure disk) on one node will always fail, according to my observation, add the 6th data disk will always make dev name change, some pod could not access data disk after that.
I have verified this fix on v1.8.4
Without this PR on one node(dev name changes):
```
azureuser@k8s-agentpool2-40588258-0:~$ tree /dev/disk/azure
...
└── scsi1
├── lun0 -> ../../../sdk
├── lun1 -> ../../../sdj
├── lun2 -> ../../../sde
├── lun3 -> ../../../sdf
├── lun4 -> ../../../sdg
├── lun5 -> ../../../sdh
└── lun6 -> ../../../sdi
```
With this PR on one node(no dev name change):
```
azureuser@k8s-agentpool2-40588258-1:~$ tree /dev/disk/azure
...
└── scsi1
├── lun0 -> ../../../sdc
├── lun1 -> ../../../sdd
├── lun2 -> ../../../sde
├── lun3 -> ../../../sdf
├── lun5 -> ../../../sdh
└── lun6 -> ../../../sdi
```
Following `myvm-0`, `myvm-1` is crashing due to dev name change, after controller manager replacement, myvm2-x pods work well.
```
Every 2.0s: kubectl get po Sat Feb 24 04:16:26 2018
NAME READY STATUS RESTARTS AGE
myvm-0 0/1 CrashLoopBackOff 13 41m
myvm-1 0/1 CrashLoopBackOff 11 38m
myvm-2 1/1 Running 0 35m
myvm-3 1/1 Running 0 33m
myvm-4 1/1 Running 0 31m
myvm-5 1/1 Running 0 29m
myvm-6 1/1 Running 0 26m
myvm2-0 1/1 Running 0 17m
myvm2-1 1/1 Running 0 14m
myvm2-2 1/1 Running 0 12m
myvm2-3 1/1 Running 0 10m
myvm2-4 1/1 Running 0 8m
myvm2-5 1/1 Running 0 5m
myvm2-6 1/1 Running 0 3m
```
**Release note**:
```
fix device name change issue for azure disk
```
/assign @karataliu
/sig azure
@feiskyer could you mark it as v1.10 milestone?
@brendandburns @khenidak @rootfs @jdumars FYI
Since it's a critical bug, I will cherry pick this fix to v1.7-v1.9, note that v1.6 does not have this issue since default cachingmode is `None`
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Adding credentials support for k8s core CSI
PR implements changes proposed in: https://github.com/kubernetes/community/pull/1816
```release-note
CSI now allows credentials to be specified on CreateVolume/DeleteVolume, ControllerPublishVolume/ControllerUnpublishVolume, and NodePublishVolume/NodeUnpublishVolume operations
```
Automatic merge from submit-queue (batch tested with PRs 60208, 60084, 60183, 59713, 60096). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix race condition issue when detaching azure disk
**What this PR does / why we need it**:
add lock before detaching azure disk, without this PR, there would be lots of `Multi-Attach error` when scheduling one pod from one node to another.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#60101
**Special notes for your reviewer**:
@feiskyer @djsly @khenidak
Since we are using `getLunMutex.LockKey(instanceid)` for both AttachDisk and DetachDisk, there would be only one VM.update operation at a time for both AttachDisk and DetachDisk.
**Release note**:
```
fix race condition issue when detaching azure disk
```
/assign @feiskyer
Could you also mark as v1.10 milestone @feiskyer thanks.
/sig azure
Automatic merge from submit-queue (batch tested with PRs 60214, 58762, 59898, 59897, 60204). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Make CSI volume attributes first class
**What this PR does / why we need it**:
Move CSI volume attributes from PV annotation to CSI volume source first class field
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
StorageOS configurable device directory and mount options
**What this PR does / why we need it**:
This allows StorageOS volumes to be mounted when the kubelet is running in a container and we are unable to use the default device location (/var/lib/storageos/volumes). With this PR, the node's device location is requested via the StorageOS api, falling back to the current behaviour if not configured. The node's device location can be supplied as an environment variable (DEVICE_DIR) to the StorageOS container. This is backwards-compatible and no changes are needed to existing deployments.
The PR also allows Mount options to be set for StorageOS volumes in the same way they're enabled for other volume plugins.
The StorageOS API dependency was updated to the latest version, but no functionality changes besides adding the DeviceDir property to the Controller object.
There is also a small refactor of the loopback device handling code in storageos_utils.go to capture stderr output.
**Release note**:
```release-note
StorageOS volume plugin updated to support mount options and environments where the kubelet runs in a container and the device location should be specified.
```
Not sure why godep changed the comments of unrelated packages in Godeps.json...
/sig storage
Automatic merge from submit-queue (batch tested with PRs 59901, 59302, 59928). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Reformat and update error strings.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix device unmap for non-attachable plugin case
**What this PR does / why we need it**:
This PR fixes following problem.
- If plugin is non-attachable, global unmap path isn't stored in asw,
then plugin fails to unmap volume. To store the path, this PR moves
MarkDeviceAsMounted operation from the `if volumeAttacher != nil` block.
**Which issue(s) this PR fixes**: Fixes#60025
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
/sig storage
/cc @msau42 @jingxu97
@dhirajh @ianchakeres @mlmhl
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Move volume scheduling and local storage to beta
**What this PR does / why we need it**:
* Move the feature gates and APIs for volume scheduling and local storage to beta
* Update tests to use the beta fields
@kubernetes/sig-storage-pr-reviews
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#59390
**Special notes for your reviewer**:
**Release note**:
```release-note
ACTION REQUIRED: VolumeScheduling and LocalPersistentVolume features are beta and enabled by default. The PersistentVolume NodeAffinity alpha annotation is deprecated and will be removed in a future release.
```
If plugin is non-attachable, global unmap path isn't stored in asw
then plugin fails to unmap volume. To store the path, this PR moves
MarkDeviceAsMounted operation from the `if volumeAttacher != nil` block.
Fixes#60025
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
glusterfs: improve a few comments
**What this PR does / why we need it**:
This PR fixes a couple of comments in the glusterfs module:
* fixes a typo in a comment
* removes an outdated comment that is not correct (any more)
* updates one comment to refer to upstream gluster documentation instead of downstream red hat product documentation
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Update bazelbuild/rules_go, kubernetes/repo-infra, and gazelle dependencies
**What this PR does / why we need it**: updates our bazelbuild/rules_go dependency in order to bump everything to go1.9.4. I'm separating this effort into two separate PRs, since updating rules_go requires a large cleanup, removing an attribute from most build rules.
**Release note**:
```release-note
NONE
```
Do not refer to downstream Red Hat documentation
in the upstream kubernetes code, if there is upstream
documentation to refer to.
Signed-off-by: Michael Adam <obnox@redhat.com>
This was originally added due to a misunderstanding
of the documentation of Heketi (using a different
convention). Heketi's documentation has meanwhile
been clarified.
Signed-off-by: Michael Adam <obnox@redhat.com>
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
CSI 0.2.0 breaking changes
Refactor kubernetes CSI bits to support CSI version 0.2.0
```release-note
Addressing breaking changes introduced by new 0.2.0 release of CSI spec
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
csi: Remove stale volume path
**What this PR does / why we need it**:
The CSI mounter creates the following paths during SetUp():
* .../pods/\<podID\>/volumes/kubernetes.io~csi/\<specVolId\>/mount/
* .../pods/\<podID\>/volumes/kubernetes.io~csi/\<specVolId\>/volume_data.json
During TearDown(), it does not remove the `.../kubernetes.io~csi/<specVolId>/`
directory, leaving behind orphan volumes: method cleanupOrphanedPodDirs()
complains with 'Orphaned pod found, but volume paths are still present
on disk'.
Fix that by removing the above directory in removeMountDir().
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 59873, 59933, 59923, 59944, 59953). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Rework volume manager log levels
- all normal logs to go to level 4
- too frequent / duplicate logs go to level 5 (e.g. when something else logged similar message not too far away).
I checked that there is no excessive spam in the log - reconciler runs every 100ms, but it does not log anything if there is nothing to do.
**What this PR does / why we need it**:
This will help us debug flakes. E2e tests do not log levels 10-12 used in volume manager
**Release note**:
```release-note
NONE
```
/sig storage
/sig node
cc: @jingxu97 @sjenning
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add node shutdown taint
**What this PR does / why we need it**: we need node stopped taint in order to detach volumes immediately without waiting timeout. More info in issue ticket #58635
**Which issue(s) this PR fixes**
Fixes#58635
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
The CSI mounter creates the following paths during SetUp():
* .../pods/<podID>/volumes/kubernetes.io~csi/<specVolId>/mount/
* .../pods/<podID>/volumes/kubernetes.io~csi/<specVolId>/volume_data.json
During TearDown(), it does not remove the `.../kubernetes.io~csi/<specVolId>/`
directory, leaving behind orphan volumes: method cleanupOrphanedPodDirs()
complains with 'Orphaned pod found, but volume paths are still present
on disk'.
Fix that by removing the above directory in removeMountDir().
Signed-off-by: Ilias Tsitsimpis <iliastsi@arrikto.com>
Automatic merge from submit-queue (batch tested with PRs 59489, 59716). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add AzureDisk support for vmss nodes
**What this PR does / why we need it**:
This PR adds AzureDisk support for vmss nodes. Changes include
- Upgrade vmss API to 2017-12-01
- Upgrade vmss clients with new version API
- Abstract AzureDisk operations for vmss and vmas
- Added AzureDisk support for vmss
- Unit tests and fake clients fix
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#43287
**Special notes for your reviewer**:
~~Depending on #59652 (the first two commits are from #59652).~~
**Release note**:
```release-note
Add AzureDisk support for vmss nodes
```
Automatic merge from submit-queue (batch tested with PRs 59767, 56454, 59237, 59730, 55479). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Block Volume: Refactor volumehandler in operationexecutor
**What this PR does / why we need it**:
Based on discussion with @saad-ali at #51494, we need refactor volumehandler in operationexecutor
for Block Volume feature. We don't need to add volumehandler as separated object.
```
VolumeHandler does not need to be a separate object that is constructed inline like this.
You can create a new operation, e.g. UnmountOperation to which you pass the spec,
and it can return either a UnmountVolume or UnmapVolume.
```
**Which issue(s) this PR fixes** : no related issue.
**Special notes for your reviewer**:
@saad-ali @msau42
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
correct the ConstructVolumeSpec func path value
**What this PR does / why we need it**:
the path value is incorrect
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix the create azure file pvc failure if there is no storage account in current resource group
**What this PR does / why we need it**:
When create an azure file PVC, there will be error if there is no storage account in current resource group.
With this PR, a storage account will be created if there is no storage account in current resource group.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#56556
**Special notes for your reviewer**:
1. rephrase the code logic of `CreateFileShare` func.
```
if accountName is empty, then
find a storage account that matches accountType
if no storage account found, then
create a new account
else
we only use user specified storage account
create a file share according to found storage account
```
2. Use func `getStorageAccountName` to get a unique storage account name by UUID, a storage account for azure file would be like `f0b2b0bd40c010112e897fa`. And in next PR, I will use this function to create storage account for azure disk, the storage account for azure disk would be like `d8f3ad8ad92000f1e1e88bd`.
**Release note**:
```
fix the create azure file pvc failure if there is no storage account in current resource group
```
/sig azure
/assign @rootfs
use new storage account name generation method
use uuid to generate account name
change azure file account prefix
use uniqueID to generate a storage account name
fix comments
fix comments
fix comments
fix a storage account matching bug
only use UUID in getStorageAccountName func
use shorter storage account prefix for azure file
fix comments
fix comments
fix comments
fix rebase build error
rewrite CreateFileShare code logic
fix gofmt issue
fix test error
fix comments
fix a location matching bug
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix all the typos across the project
**What this PR does / why we need it**:
There are lots of typos across the project. We should avoid small PRs on fixing those annoying typos, which is time-consuming and low efficient.
This PR does fix all the typos across the project currently. And with #59463, typos could be avoided when a new PR gets merged.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
/sig testing
/area test-infra
/sig release
/cc @ixdy
/assign @fejta
**Release note**:
```release-note
None
```
PanFengyun <pan_feng_yun@163.com>'s previous github id was @FengyunPan
Due to some problem with github, he lost access to @FengyunPan and
is not using @FengyunPan2. So let's switch over to the new id. Github
has promised to release the previous id back in 6 months, so we may
have to switch it back later.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fixes the regression of GCEPD not provisioning correctly on GKE alpha clusters.
Fixes the regression by better distinguishing between single-zone and multi-zone PDs.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#59047
**Special notes for your reviewer**: All PD and dynamic provisioning e2e tests pass, manually verified provision, delete, attach, and detach of both single-zone and multi-zone PDs. Will create e2e tests for multizone PDs in a separate PR.
**Release note**:
/sig storage
/assign @saad-ali
Automatic merge from submit-queue (batch tested with PRs 59607, 59232). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Make log content more information
And change some `fmt.Errorf` to `fmt.Error`
Automatic merge from submit-queue (batch tested with PRs 59607, 59232). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Pass pvc namespace and annotations to Portworx Create API
Signed-off-by: Harsh Desai <harsh@portworx.com>
**What this PR does / why we need it**:
Fixes#59606
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 59466, 58912, 59605, 59548). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix incorrect logic in canSupport
**What this PR does / why we need it**:
if `spec.PersistentVolume` is nil or `spec.Volume` is nil, func `canSupport` should return false.
**Release note**:
```
NONE
```
/release-note-none
/sig storage
Automatic merge from submit-queue (batch tested with PRs 59466, 58912, 59605, 59548). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Gluster: Remove provisioner configuration from info message.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Redesign and implement volume reconstruction work
This PR is the first part of redesign of volume reconstruction work. The detailed design information is https://github.com/kubernetes/community/pull/1601
The changes include
1. Remove dependency on volume spec stored in actual state for volume
cleanup process (UnmountVolume and UnmountDevice)
Modify AttachedVolume struct to add DeviceMountPath so that volume
unmount operation can use this information instead of constructing from
volume spec
2. Modify reconciler's volume reconstruction process (syncState). Currently workflow
is when kubelet restarts, syncState() is only called once before
reconciler starts its loop.
a. If volume plugin supports reconstruction, it will use the
reconstructed volume spec information to update actual state as before.
b. If volume plugin cannot support reconstruction, it will use the
scanned mount path information to clean up the mounts.
In this PR, all the plugins still support reconstruction (except
glusterfs), so reconstruction of some plugins will still have issues.
The next PR will modify those plugins that cannot support reconstruction
well.
This PR addresses issue #52683
Automatic merge from submit-queue (batch tested with PRs 57824, 58806, 59410, 59280). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
2nd try at using a vanity GCR name
The 2nd commit here is the changes relative to the reverted PR. Please focus review attention on that.
This is the 2nd attempt. The previous try (#57573) was reverted while we
figured out the regional mirrors (oops).
New plan: k8s.gcr.io is a read-only facade that auto-detects your source
region (us, eu, or asia for now) and pulls from the closest. To publish
an image, push k8s-staging.gcr.io and it will be synced to the regionals
automatically (similar to today). For now the staging is an alias to
gcr.io/google_containers (the legacy URL).
When we move off of google-owned projects (working on it), then we just
do a one-time sync, and change the google-internal config, and nobody
outside should notice.
We can, in parallel, change the auto-sync into a manual sync - send a PR
to "promote" something from staging, and a bot activates it. Nice and
visible, easy to keep track of.
xref https://github.com/kubernetes/release/issues/281
TL;DR:
* The new `staging-k8s.gcr.io` is where we push images. It is literally an alias to `gcr.io/google_containers` (the existing repo) and is hosted in the US.
* The contents of `staging-k8s.gcr.io` are automatically synced to `{asia,eu,us)-k8s.gcr.io`.
* The new `k8s.gcr.io` will be a read-only alias to whichever regional repo is closest to you.
* In the future, images will be promoted from `staging` to regional "prod" more explicitly and auditably.
```release-note
Use "k8s.gcr.io" for pulling container images rather than "gcr.io/google_containers". Images are already synced, so this should not impact anyone materially.
Documentation and tools should all convert to the new name. Users should take note of this in case they see this new name in the system.
```
shutdowned -> stopped
use shutdown everywhere
use patch in taints api call
use notimplemented in clouds use AddOrUpdateTaintOnNode
correct log text
add fake cloud
try to fix bazel
add shutdown tests
add context
This is the 2nd attempt. The previous was reverted while we figured out
the regional mirrors (oops).
New plan: k8s.gcr.io is a read-only facade that auto-detects your source
region (us, eu, or asia for now) and pulls from the closest. To publish
an image, push k8s-staging.gcr.io and it will be synced to the regionals
automatically (similar to today). For now the staging is an alias to
gcr.io/google_containers (the legacy URL).
When we move off of google-owned projects (working on it), then we just
do a one-time sync, and change the google-internal config, and nobody
outside should notice.
We can, in parallel, change the auto-sync into a manual sync - send a PR
to "promote" something from staging, and a bot activates it. Nice and
visible, easy to keep track of.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Block Volume Support: Local Volume Plugin update
**What this PR does / why we need it**:
Introduce block volume support to local volumes plugin.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#59500
**Special notes for your reviewer**:
@msau42 @mtanino @ianchakeres
Adding support for block volumes as per https://github.com/kubernetes/features/issues/121
Other related PRs:
(#50457) API Change
(#53385) VolumeMode PV-PVC Binding change
(#51494) Container runtime interface change, volumemanager changes, operationexecutor changes
**Release note**:
```
Added support for Block Volume type to local-volume plugin.
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add keyring parameter in Ceph RBD provisioner
**What this PR does / why we need it**:
userSecretName is a mandatory parameter for the kubernetes.io/rbd storage provisioner. Ceph RBD persistent volumes however don't need the secretRef. If no secret is given, a local keyring file (/etc/ceph/keyring) on the node will be used. This behaviour should also work with the storage provisioner. If no userSecretName parameter is given, no secretRef should be created in the resulting persistent volume.
**Special notes for your reviewer**:
**Release note**:
```release-note
Add "keyring" parameter for Ceph RBD provisioner
```
Automatic merge from submit-queue (batch tested with PRs 57230, 59400). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
make sure mounter not nil and fix some typo
**What this PR does / why we need it**:
make sure mounter not nil then and fix some typo
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix TODO:change to a api-server watch
What this PR does / why we need it:
fix TODO (vladimirvivien) instead of polling api-server, change to a api-server watch
Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
Fixes#58031
Special notes for your reviewer:
Release note:
NONE
@vladimirvivien,@jsafrane,@saad-ali
I saw some TODO there and I am very interested in fixing it.
Please let me know if it is not inappropriate to do this.
Automatic merge from submit-queue (batch tested with PRs 59441, 58264, 59287, 59396, 59439). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add context to all relevant cloud APIs
**What this PR does / why we need it**:
This adds context to all the relevant cloud provider interface signatures.
Callers of those APIs are currently satisfied using context.TODO().
There will be follow on PRs to push the context through the stack.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#815
**Special notes for your reviewer**:
For an idea of the full scope of this change please look at PR #58532.
**Release note**:
```release-note
Implementers of the cloud provider interface will note the addition of a context to this interface. Trivial code modification will be necessary for a cloud provider to continue to compile.
```
Automatic merge from submit-queue (batch tested with PRs 59441, 58264, 59287, 59396, 59439). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix some log param error
this patch fix some log parameter mistakes.
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
/release-note-none
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix TODO: moving Driver name check in API validation
**What this PR does / why we need it**:
fix TODO in csi_plugin.go ,moving Driver name check in API validation
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#58163
**Special notes for your reviewer**:
**Release note**:
NONE
@vladimirvivien,@jsafrane,@saad-ali
I saw some TODO there and I am very interested in fixing it.
Please let me know if it is not inappropriate to do this.
This adds context to all the relevant cloud provider interface signatures.
Callers of those APIs are currently satisfied using context.TODO().
There will be follow on PRs to push the context through the stack.
For an idea of the full scope of this change please look at PR #58532.
Automatic merge from submit-queue (batch tested with PRs 52942, 58415). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Improve messaging on volume expansion
- we now provide clear message to user what to do when cloudprovider resizing is finished
and file system resizing is needed.
- add a event when resizing is successful
- Use PATCH both in controller-manager and kubelet for updating PVC status
- Remove code duplication between controller-manager and kubelet for updating PVC status
- Only remove conditions that are managed by resize controller
```release-note
Improve messages user gets during and after volume resizing is done.
```
Automatic merge from submit-queue (batch tested with PRs 54680, 59388, 57455). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix TestPlugin func has two same if code/kind bug
**What this PR does / why we need it**:
Fix TestPlugin func has two same if code
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
This change queries the StorageOS API to retrieve the volume
device dir when a volume is attached, rather than relying on
the default /var/lib/storageos/volumes directory. This allows
all or some nodes to have kubelet running in a container with
the StorageOS volume path mounted in, which is required for
Azure ACS support.
Volume mount options are also supported.
Automatic merge from submit-queue (batch tested with PRs 58317, 58687, 57872, 59063, 59328). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Volume metrics support for vSphere Cloud Provider
**What this PR does / why we need it**:
This PR adds Volume metrics support for vSphere Cloud Provider. With this we can monitor the available space, capacity and used space on volumes created using vSphere.
**Which issue(s) this PR fixes**
Fixes # https://github.com/kubernetes/kubernetes/issues/43527
Fixes # https://github.com/vmware/kubernetes/issues/208
**Special notes for your reviewer**:
Performed following steps to ensure metrics are reported correctly for vSphere Volumes.
- Created Dynamic PV using the PV claim of size 1Gi.
```
$ kubectl get pvc
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
thinclaim Bound pvc-bbc18f6a-0a04-11e8-bb1c-0050569c126b 1Gi RWO thin 5m
```
- Created Pod using this claim.
- Verified volume stats metrics.
```
/ # df -h | grep /dev/sdb
Filesystem Size Used Available Use% Mounted on
/dev/sdb 975.9M 1.3M 923.4M 0% /mnt/volume1
```
```
# HELP kubelet_volume_stats_available_bytes Number of available bytes in the volume
# TYPE kubelet_volume_stats_available_bytes gauge
kubelet_volume_stats_available_bytes{namespace="default",persistentvolumeclaim="thinclaim"} 9.68261632e+08
# HELP kubelet_volume_stats_capacity_bytes Capacity in bytes of the volume
# TYPE kubelet_volume_stats_capacity_bytes gauge
kubelet_volume_stats_capacity_bytes{namespace="default",persistentvolumeclaim="thinclaim"} 1.02330368e+09
# HELP kubelet_volume_stats_used_bytes Number of used bytes in the volume
# TYPE kubelet_volume_stats_used_bytes gauge
kubelet_volume_stats_used_bytes{namespace="default",persistentvolumeclaim="thinclaim"} 1.355776e+06
```
- Download 512MB file in the Pod on attached volume and Verified volume stats metrics is updated successfully.
```
/mnt/volume1 # df -h | grep /dev/sdb
Filesystem Size Used Available Use% Mounted on
/dev/sdb 975.9M 513.8M 410.9M 56% /mnt/volume1
```
```
# HELP kubelet_volume_stats_available_bytes Number of available bytes in the volume
# TYPE kubelet_volume_stats_available_bytes gauge
kubelet_volume_stats_available_bytes{namespace="default",persistentvolumeclaim="thinclaim"} 4.30862336e+08
# HELP kubelet_volume_stats_capacity_bytes Capacity in bytes of the volume
# TYPE kubelet_volume_stats_capacity_bytes gauge
kubelet_volume_stats_capacity_bytes{namespace="default",persistentvolumeclaim="thinclaim"} 1.02330368e+09
# HELP kubelet_volume_stats_used_bytes Number of used bytes in the volume
# TYPE kubelet_volume_stats_used_bytes gauge
kubelet_volume_stats_used_bytes{namespace="default",persistentvolumeclaim="thinclaim"} 5.38755072e+08
```
**Release note**:
```release-note
Volume metrics support for vSphere Cloud Provider
```
This PR is the first part of redesign of volume reconstruction work. The
changes include
1. Remove dependency on volume spec stored in actual state for volume
cleanup process (UnmountVolume and UnmountDevice)
Modify AttachedVolume struct to add DeviceMountPath so that volume
unmount operation can use this information instead of constructing from
volume spec
2. Modify reconciler's volume reconstruction process (syncState). Currently workflow
is when kubelet restarts, syncState() is only called once before
reconciler starts its loop.
a. If volume plugin supports reconstruction, it will use the
reconstructed volume spec information to update actual state as before.
b. If volume plugin cannot support reconstruction, it will use the
scanned mount path information to clean up the mounts.
In this PR, all the plugins still support reconstruction (except
glusterfs), so reconstruction of some plugins will still have issues.
The next PR will modify those plugins that cannot support reconstruction
well.
This PR addresses issue #52683, #54108 (This PR includes the changes to
update devicePath after local attach finishes)
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add PV size grow feature for azure file
**What this PR does / why we need it**:
According to kubernetes/features#284, add size grow feature for azure file
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#56462
**Special notes for your reviewer**:
Since azure file is using SMB 3.0 protocal, there is no necessary to resize filesystem on agent side, the agent node will detect the changed size automatically.
**Release note**:
```
add size grow feature for azure file
```
/sig azure
@gnufied @rootfs @brendandburns
Automatic merge from submit-queue (batch tested with PRs 59097, 57076, 59295). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
delete duplicate function for getting volume source
**What this PR does / why we need it**:
these two methods have same function.
```go
func getVolumeSource(
spec *volume.Spec) (*v1.GlusterfsVolumeSource, bool, error) {
if spec.Volume != nil && spec.Volume.Glusterfs != nil {
return spec.Volume.Glusterfs, spec.Volume.Glusterfs.ReadOnly, nil
} else if spec.PersistentVolume != nil &&
spec.PersistentVolume.Spec.Glusterfs != nil {
return spec.PersistentVolume.Spec.Glusterfs, spec.ReadOnly, nil
}
return nil, false, fmt.Errorf("Spec does not reference a Glusterfs volume type")
}
func (plugin *glusterfsPlugin) getGlusterVolumeSource(spec *volume.Spec) (*v1.GlusterfsVolumeSource, bool) {
// Glusterfs volumes used directly in a pod have a ReadOnly flag set by the pod author.
// Glusterfs volumes used as a PersistentVolume gets the ReadOnly flag indirectly through the persistent-claim volume used to mount the PV
if spec.Volume != nil && spec.Volume.Glusterfs != nil {
return spec.Volume.Glusterfs, spec.Volume.Glusterfs.ReadOnly
}
return spec.PersistentVolume.Spec.Glusterfs, spec.ReadOnly
}
```
`getVolumeSource` seems to be much better.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 55606, 59185, 58763, 59072, 59251). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Cleaning up loopback removal process
Handling more graceful the process of loopback removal. In case loopback device does not exist any longer, we should not fail the detachment process.
```release-note
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Perform resize of mounted volume if necessary
Under certain conditions - we must perform resize of volume even when it is mounted. This enables us to get around problem of resizing volumes used by deployments etc.
```release-note
Allow expanding mounted volumes
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Postpone PV deletion with finalizer when it is being used
Postpone PV deletion if it is bound to a PVC
xref: https://github.com/kubernetes/community/pull/1608
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#33355
**Special notes for your reviewer**:
**Release note**:
```release-note
Postpone PV deletion when it is being bound to a PVC
```
WIP, assign to myself first
/assign @NickrenREN
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add V1beta1 VolumeAttachment API
**What this PR does / why we need it**:
Add V1beta1 VolumeAttachment API, co-existing with Alpha API object
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#58461
**Special notes for your reviewer**:
**Release note**:
```release-note
Add V1beta1 VolumeAttachment API, co-existing with Alpha API object
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
csi: Update version comparison model
**What this PR does / why we need it**:
CSI version matching needed to be updated to be able to support different patch levels during 0.x.x versions, and different minor.patch levels during >=1.x.x versions.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#58813
```release-note
NONE
```
- we now provide clear message to user what to do when cloudprovider resizing is finished
and file system resizing is needed.
- add a event when resizing is successful.
- Use Patch for updating PVCs in both kubelet and controller-manager
- Extract updating pvc util function in one place.
- Only update resize conditions on progress
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
remove duplicated check of device path in aws attacher
**What this PR does / why we need it**:
The `devicePath` parameter is already validated in this [code](b7100f1ee7/pkg/volume/aws_ebs/attacher.go (L158)), so no need to check it again in the `for loop` as it won't be modified.
This can make the code clearer.
**Release note**:
```release-note
NONE
```
/sig storage
/kind cleanup
If our supported version is still at 0.X.X, then check
also the minor number. If our supported version is >= 1.X.X
then check only the major number.
Closes#58813
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Make ExpandVolumeDevice() idempotent if existing volume capacity meets the requested size.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add binary configmap
Reviving code from https://github.com/kubernetes/kubernetes/pull/33549 submitted by @zreigz
**What this PR does / why we need it**:
Add support for binary files in ConfigMap
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#32432
**Special notes for your reviewer**:
**Release note**:
```release-note
ConfigMap objects now support binary data via a new `binaryData` field. When using `kubectl create configmap --from-file`, files containing non-UTF8 data will be placed in this new field in order to preserve the non-UTF8 data. Use of this feature requires 1.10+ apiserver and kubelets.
```
Automatic merge from submit-queue (batch tested with PRs 58626, 58791). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Use correct pv annotation to fetch volume ID.
Fix , Issue #58627
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 58480, 58549). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Use backup location to load cloud config for OpenStack
**What this PR does / why we need it**:
Since we are transitioning to external cloud provider, we need a way
to use the existing cinder volume plugin (from kubelet). With external
cloud manager kubelet will be run with --cloud=provider=external and
no --cloud-config file will be in the command line. So we need a way
to load the openstack config file from somewhere.
Taking a cue from kubeadm, which currently is picking up "/etc/kubernetes/cloud-config"
https://github.com/kubernetes/kubernetes/blob/master/cmd/kubeadm/app/phases/controlplane/manifests.go#L44
let's support the scenario where we fall back to this static location if
there is no cloud provider specified in the command line.
This has been tested with local-up-cluster using the following params:
EXTERNAL_CLOUD_PROVIDER=true
CLOUD_PROVIDER=openstack
CLOUD_CONFIG=/etc/kubernetes/cloud-config
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 58438, 58523, 58513, 57948). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix csi ut print
**What this PR does / why we need it**:
fix csi ut print
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 58438, 58523, 58513, 57948). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add Namespace to glusterfs custom volume names.
For better isolation of volumes, users/admins would like to include `namespace` in custom volume names. This patch adds that support.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Since we are transitioning to external cloud provider, we need a way
to use the existing cinder volume plugin (from kubelet). With external
cloud manager kubelet will be run with --cloud=provider=external and
no --cloud-config file will be in the command line. So we need a way
to load the openstack config file from somewhere.
Taking a cue from kubeadm, which currently is picking up "/etc/kubernetes/cloud-config"
https://github.com/kubernetes/kubernetes/blob/master/cmd/kubeadm/app/phases/controlplane/manifests.go#L44
let's support the scenario where we fall back to this static location if
there is no cloud provider specified in the command line.
This has been tested with local-up-cluster using the following params:
EXTERNAL_CLOUD_PROVIDER=true
CLOUD_PROVIDER=openstack
CLOUD_CONFIG=/etc/kubernetes/cloud-config
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
csi: Fix versioning error message
**What this PR does / why we need it**:
Incorrect error message
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#58092
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add FSType for CSI volume source
**What this PR does / why we need it**:
Add FSType for CSI volume source to specify filesystems (alpha defaults to `ext4`)
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#58183
**Special notes for your reviewer**:
**Release note**:
```release-note
Add FSType for CSI volume source to specify filesystems
```
/assign @saad-ali
cc @vladimirvivien
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Rework method of updating atomic-updated data volumes
**What this PR does / why we need it**:
This change affects the way that secret, configmap, downwardAPI and projected volumes (which all use the same underlying code) implement their data update functionality.
* Instead of creating a subdirectory hierarchy that will contain symlinks to each actual data file, create only symlinks to items in the root of the volume, whether they be files or directories.
* Rather than comparing the user-visible data directory to see if an update is needed, compare with the current version of the data directory.
* Fix data dir timestamp format year
* Create `..data` symlink even when a data volume has no data so consumers can have simplified update watch logic.
**Which issue(s) this PR fixes**:
Fixes#57421
**Release note**:
```release-note
Correct issues that arise when volumes are mounted beneath another secret, configmap, downwardAPI or projected volume
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fixed TearDown of NFS with root squash.
NFS plugin should not use `IsLikelyNotMountPoint()`, as it uses `lstat()` / `stat()` to determine if the NFS volume is still mounted - NFS server may use root_squash and kubelet may not be allowed to do `lstat()` / `stat()` there.
It must use slower `IsNotMountPoint()` instead, including in `TearDown()` function.
**Release note**:
```release-note
NONE
```
/assign @gnufied @rootfs
This change affects the way that secret, configmap, downwardAPI and projected
volumes (which all use the same underlying code) implement their data update
functionality.
* Instead of creating a subdirectory hierarchy that itself
will contain symlinks to each actual data file, create only
symlinks to items in the root of the volume, whether they
be files or directories.
* Rather than comparing the user-visible data directory
to see if an update is needed, compare with the current
version of the data directory.
* Fix data dir timestamp format year
* Create ..data symlink even when a data volume has no data so
consumers can have simplified update watch logic.
This PR add comments for the background why plugin gets loopback
device and removes loopback device even if operation_generator has
same functionality.
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
set fsGroup by securityContext.fsGroup in azure file
**What this PR does / why we need it**:
set fsGroup by securityContext.fsGroup in azure file
This PR respects `securityContext.fsGroup`, while if user both sets `gid=xxx` in mountOptions in azure storage class and `securityContext.fsGroup`, `gid=xxx` setting in mountOptions will win.
```
apiVersion: v1
kind: Pod
metadata:
name: security-context-demo
spec:
securityContext:
fsGroup: 2000
volumes:
- name: sec-ctx-vol
emptyDir: {}
containers:
- name: sec-ctx-demo
image: gcr.io/google-samples/node-hello:1.0
volumeMounts:
- name: sec-ctx-vol
mountPath: /data/demo
securityContext:
allowPrivilegeEscalation: false
```
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#44085
**Special notes for your reviewer**:
**Release note**:
```
set fsGroup by securityContext.fsGroup in azure file
```
/assign @karataliu
cc @rootfs @avaranovich
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
[FC Plugin] Create proper volumeSpec during ConstructVolumeSpec
**What this PR does / why we need it**:
Currently, FC plugin returns volume name and empty FCVolumeSource during ConstrutVolumeSpec of filesystem volume's reconstruction.
In this fix, ConstructVolumeSpec retrieves global mount path, and analyzes volume parameters such as
WWN, LUN, WWID from the path.
**Which issue(s) this PR fixes** :
Fixes#58085
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
cc @rootfs @jsafrane
/sig storage
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add custom volume name based on SC parameter.
At present glusterfs dynamic PVs are created with
random names. However an admin would like to have some
handle on the volume names created dynamically for
various purposes. One example would be having a filter
for sorting out PVs created for a particular storage class.
This patch enables the functionality by having a custom
volume name as a prefix to dynamic PVs. This is an optional
parameter in SC and if set, the dynamic volumes are created
in below format where `_` is the field seperator/delimiter:
customvolumeprefix_PVCname_randomUUID
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
git: Use VolumeHost.GetExec() to execute stuff in volume plugins
This prepares volume plugins to run things in containers instead of running
them on the host.
**Special notes for your reviewer**:
* instead of `cmd.SetDir(<dir>); cmd.Exec("git <command>")`, we do `cmd.Exec("git -C <dir> <command>")` - mounter.Exec does not have SetDir()
* there are lot of changes in the tests because a different exec interface is used.
@kubernetes/sig-storage-pr-reviews
```release-note
gitRepo volumes in pods require git 1.8.5 or later
```
/assign @rootfs
Currently, FC plugin returns volume name and empty
FCVolumeSource during ConstrutVolumeSpec during
filesystem volume's reconstruction.
In this fix, ConstructVolumeSpec retrieves global
mount path, analyzes volume parameters such as
WWN, LUN, WWID from the path.
Fixes#58085
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix bug:Kubelet failure to umount mount points
What this PR does / why we need it:
Fix bug#41141:Kubelet failure to umount glusterfs mount points
kubelet failure to umount mount moints in these cases:
1. glusterfs volume : transport endpoint is not connected
2. nfs volume : stale NFS file handle
this PR will fix it
Which issue this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close that issue when PR gets merged): fixes #
fixes#41141
Special notes for your reviewer:
NONE
Release note:
NONE
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix cinder detach problems
**What this PR does / why we need it**: We have currently huge problems in cinder volume detach. This PR tries to fix these issues.
**Which issue(s) this PR fixes**:
Fixes#50004Fixes#57497
**Special notes for your reviewer**:
**Release note**:
```release-note
openstack cinder detach problem is fixed if nova is shutdowned
```
At present glusterfs dynamic PVs are created with
random names. However an admin would like to have some
handle on the volume names created dynamically for
various purposes. One example would be having a filter
for sorting out PVs created for a particular storage class.
This patch enables the functionality by having a custom
volume name as a prefix to dynamic PVs. This is an optional
parameter in SC and if set, the dynamic volumes are created
in below format where `_` is the field seperator/delimiter:
customvolumeprefix_PVCname_randomUUID
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
Automatic merge from submit-queue (batch tested with PRs 54230, 58100, 57861, 54752). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Block volumes Support: iSCSI plugin update
**What this PR does / why we need it**:
Add interface changes to iSCSI volume plugin to enable block volumes support feature.
**Which issue this PR fixes**:
Based on this proposal (kubernetes/community#805 & kubernetes/community#1265) and this feature issue: kubernetes/features#351
**Special notes for your reviewer**:
This PR temporarily includes following changes except iSCSI plugin change for reviewing purpose.
These changes will be removed from the PR once they are merged.
- (#50457) API Change
- (#51494) Container runtime interface change, volumemanager changes, operationexecutor changes
There are another PRs related to this functionality.
(#50457) API Change
(#53385) VolumeMode PV-PVC Binding change
(#51494) Container runtime interface change, volumemanager changes, operationexecutor changes
(#55112) Block volume: Command line printer update
Plugins
(#51493) Block volumes Support: FC plugin update
(#54752) Block volumes Support: iSCSI plugin update
**Release note**:
```
NONE
```
Automatic merge from submit-queue (batch tested with PRs 57823, 58091, 58093, 58096, 57020). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix rbd ConstructVolumeSpec bug
**What this PR does / why we need it**:
Fix rbd `ConstructVolumeSpec` bug as its global device mount path is not canonical. Full details are in #57744 .
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#57744
**Release note**:
```release-note
NONE
```
/sig storage
/kind bug
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
check function return err
**What this PR does / why we need it**:
check function return err
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```NONE
```
Automatic merge from submit-queue (batch tested with PRs 57733, 57613, 57953). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix device name change issue for azure disk: add remount logic
**What this PR does / why we need it**:
fix device name change issue for azure disk: add remount logic
Accoding to [Troubleshoot Linux VM device name change](https://docs.microsoft.com/en-us/azure/virtual-machines/linux/troubleshoot-device-names-problems), there is possibility of device name change, so when kubelet is restarted, we need to check whether the following two paths are still valid:
1. `/var/lib/kubelet/plugins/kubernetes.io/azure-disk/mounts/m358246426`: in MountDevice func
2. `/var/lib/kubelet/pods/950f2eb8-d4e7-11e7-bc95-000d3a041274/volumes/kubernetes.io~azure-disk/pvc-67e4e319-d4e7-11e7-bc95-000d3a041274`: in SetUpAt func
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#57952
**Special notes for your reviewer**:
this is a corresponding fix of https://github.com/kubernetes/kubernetes/pull/57549, #57549 uses '/dev/disk/by-id', and this PR would check whether the mountPath is valid when kubelet restart(e.g. after VM reboot since device name may change), if not valid, remount, remember '/dev/disk/by-id' will be always valid.
**Release note**:
```
fix device name change issue for azure disk: add remount logic
```
Automatic merge from submit-queue (batch tested with PRs 57993, 58028). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add volumemetrics for glusterfs plugin.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix binary check for cephfs.go
**What this PR does / why we need it**:
unify the check method. see ref issue: #56479
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#56479
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 57784, 56651). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Adding support for Block Volume to rbd plugin
Adding support for Block Volume to rbd plugin
```release-note
Adding support for Block Volume type to rbd plugin.
```
NFS plugin should not use IsLikelyNotMountPoint(), as it uses lstat() / stat()
to determine if the NFS volume is still mounted - NFS server may use
root_squash and kubelet may not be allowed to do lstat() / stat() there.
It must use slower IsNotMountPoint() instead, including TearDown() function.
Automatic merge from submit-queue (batch tested with PRs 57572, 57512, 57770). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
RBD Plugin: Pass monitors addresses in a comma-separed list instead of trying one by one.
**What this PR does / why we need it**:
In production, monitors may crash (or have a network problem), if we try monitors one by one, rbd
command will hang a long time (e.g. `rbd map -m <unconnectable_host_ip>`
on linux 4.4 timed out in 6 minutes) when trying a unconnectable monitor. This is unacceptable.
Actually, we can simply pass a comma-separated list monitor addresses to `rbd`
command utility. Kernel rbd/libceph modules will pick monitor randomly
and try one by one, `rbd` command utility succeed soon if there is a
good one in monitors list.
[Docs](http://docs.ceph.com/docs/jewel/man/8/rbd/#cmdoption-rbd-m) about `-m` option of `rbd` is wrong, 'rbd' utility simply pass '-m <mon>' parameter to kernel rbd/libceph modules, which
takes a comma-seprated list of one or more monitor addresses (e.g. ip1[:port1][,ip2[:port2]...]) in its first version in linux (see 602adf4002/net/ceph/ceph_common.c (L239)). Also, libceph choose monitor randomly, so we can simply pass all addresses without randomization (see 602adf4002/net/ceph/mon_client.c (L132)).
From what I saw, there is no need to iterate monitor hosts one by one.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
Run `rbd map` against unconnectable monitor address logs on Linux 4.4:
```
root@myhost:~# uname -a
Linux myhost 4.4.0-62-generic #83-Ubuntu SMP Wed Jan 18 14:10:15 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
root@myhost:~# time rbd map kubernetes-dynamic-pvc-941ff4d2-b951-11e7-8836-049fca8e58df --pool <pool> --id <id> -m <unconnectable_host_ip> --key=<password>
rbd: sysfs write failed
2017-12-20 18:55:11.810583 7f7ec56863c0 0 monclient(hunting): authenticate timed out after 300
2017-12-20 18:55:11.810638 7f7ec56863c0 0 librados: client.<id> authentication error (110) Connection timed out
rbd: couldn't connect to the cluster!
In some cases useful info is found in syslog - try "dmesg | tail" or so.
rbd: map failed: (110) Connection timed out
real 6m0.018s
user 0m0.052s
sys 0m0.064s
```
We can simply pass a comma-separated list of monitors, if there is a good one in them, `rbd map` succeed soon.
```
root@myhost:~# time rbd map kubernetes-dynamic-pvc-941ff4d2-b951-11e7-8836-049fca8e58df --pool <pool> --id <id> -m <unconnectable_host_ip>,<good_host_ip> --key=<password>
/dev/rbd3
real 0m0.426s
user 0m0.008s
sys 0m0.008s
```
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 57366, 57779). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove unused command waitfordetach from flex volume driver
**What this PR does / why we need it**:
Clean unused code.
**Special notes for your reviewer**:
See #35629
Original PR is https://github.com/kubernetes/kubernetes/pull/50754 , the PR's repo has bean deleted,so I create a new PR and merge upstream for test.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 57702, 57128). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
format error message and remove duplicated event for resize volume failure
**What this PR does / why we need it**:
1. The `operationGenerator.resizeFileSystem` method returns errors generated by `volumeToMount.GenerateErrorDetailed`, and the outside code(`operationGenerator.GenerateMountVolumeFunc`) uses `volumeToMount.GenerateError` to generate a new error again, which lead to the event message redundant and confused, we should use `volumeToMount.GenerateError` inside `operationGenerator.resizeFileSystem` only, in outside code is not necessary.
2. The `eventRecorderFunc` will record an event if `resizeFileSystem` returns an error, so we needn't to record event inside `resizeFileSystem` itself.
**Release note**:
```release-note
NONE
```
/sig storage
/kind enhancement
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix ExpandController panic bug
If we want to expand a volume which is not supported for now, for example, in release 1.8, we want to expand RBD volume, controller-manager will panic.
We do not check if volume plugin is nil in `GenerateExpandVolumeFunc` PTAL, thanks
```
Dec 27 23:32:26 master kube-controller-manager[4192]: /usr/local/go/src/runtime/asm_amd64.s:2337
Dec 27 23:32:26 master kube-controller-manager[4192]: panic: runtime error: invalid memory address or nil pointer dereference [recovered]
Dec 27 23:32:26 master kube-controller-manager[4192]: panic: runtime error: invalid memory address or nil pointer dereference
Dec 27 23:32:26 master kube-controller-manager[4192]: [signal SIGSEGV: segmentation violation code=0x1 addr=0x38 pc=0x1a1e95a]
Dec 27 23:32:26 master kube-controller-manager[4192]: goroutine 1157 [running]:
Dec 27 23:32:26 master kube-controller-manager[4192]: k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/util/runtime.HandleCrash(0x0, 0x0, 0x0)
Dec 27 23:32:26 master kube-controller-manager[4192]: /go/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go:58 +0x111
Dec 27 23:32:26 master kube-controller-manager[4192]: panic(0x2cc10c0, 0x4e280c0)
Dec 27 23:32:26 master kube-controller-manager[4192]: /usr/local/go/src/runtime/panic.go:491 +0x283
Dec 27 23:32:26 master kube-controller-manager[4192]: k8s.io/kubernetes/pkg/volume/util/operationexecutor.(*operationGenerator).GenerateExpandVolumeFunc(0xc420872780, 0xc42163b400, 0x4d7bee0, 0xc4208727b0, 0xc422187cd0, 0xc422187cd0, 0x40e84f, 0x10, 0x2a901a0)
Dec 27 23:32:26 master kube-controller-manager[4192]: /go/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/pkg/volume/util/operationexecutor/operation_generator.go:787 +0x2ba
Dec 27 23:32:26 master kube-controller-manager[4192]: k8s.io/kubernetes/pkg/volume/util/operationexecutor.(*operationExecutor).ExpandVolume(0xc420dfa7a0, 0xc42163b400, 0x4d7bee0, 0xc4208727b0, 0x1, 0x1)
Dec 27 23:32:26 master kube-controller-manager[4192]: /go/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/pkg/volume/util/operationexecutor/operation_executor.go:726 +0x5c
Dec 27 23:32:26 master kube-controller-manager[4192]: k8s.io/kubernetes/pkg/controller/volume/expand.(*syncResize).Sync(0xc420d09780)
Dec 27 23:32:26 master kube-controller-manager[4192]: /go/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/pkg/controller/volume/expand/sync_volume_resize.go:81 +0x324
Dec 27 23:32:26 master kube-controller-manager[4192]: k8s.io/kubernetes/pkg/controller/volume/expand.(*syncResize).Sync-fm()
Dec 27 23:32:26 master kube-controller-manager[4192]: /go/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/pkg/controller/volume/expand/sync_volume_resize.go:60 +0x2a
Dec 27 23:32:26 master kube-controller-manager[4192]: k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/util/wait.JitterUntil.func1(0xc42128a7b0)
Dec 27 23:32:26 master kube-controller-manager[4192]: /go/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:133 +0x5e
Dec 27 23:32:26 master kube-controller-manager[4192]: k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/util/wait.JitterUntil(0xc422187fb0, 0x6fc23ac00, 0x0, 0xc4202b6101, 0xc420070d80)
Dec 27 23:32:26 master kube-controller-manager[4192]: /go/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:134 +0xbd
Dec 27 23:32:26 master kube-controller-manager[4192]: k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/util/wait.Until(0xc42128a7b0, 0x6fc23ac00, 0xc420070d80)
Dec 27 23:32:26 master kube-controller-manager[4192]: /go/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:88 +0x4d
Dec 27 23:32:26 master kube-controller-manager[4192]: k8s.io/kubernetes/pkg/controller/volume/expand.(*syncResize).Run(0xc420d09780, 0xc420070d80)
Dec 27 23:32:26 master kube-controller-manager[4192]: /go/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/pkg/controller/volume/expand/sync_volume_resize.go:60 +0x53
Dec 27 23:32:26 master kube-controller-manager[4192]: created by k8s.io/kubernetes/pkg/controller/volume/expand.(*expandController).Run
Dec 27 23:32:26 master kube-controller-manager[4192]: /go/src/k8s.io/kubernetes/_output/dockerized/go/src/k8s.io/kubernetes/pkg/controller/volume/expand/expand_controller.go:154 +0x18e
Dec 27 23:32:26 master systemd[1]: kube-controller-manager.service: Main process exited, code=exited, status=2/INVALIDARGUMENT
Dec 27 23:32:26 master systemd[1]: kube-controller-manager.service: Unit entered failed state.
Dec 27 23:32:26 master systemd[1]: kube-controller-manager.service: Failed with result 'exit-code'.
```
**What this PR does / why we need it**:
Fix controller-manager panic
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#57684
**Special notes for your reviewer**:
I find some other places where we do not check if volumeplugin is nil, so i modify the `Find...PluginBy...` functions too.
Just like these do:
https://github.com/kubernetes/kubernetes/blob/master/pkg/volume/plugins.go#L576https://github.com/kubernetes/kubernetes/blob/master/pkg/volume/plugins.go#L602
**Release note**:
```release-note
NONE
```
/kind bug
/sig storage
/cc @gnufied
@left2right
Automatic merge from submit-queue (batch tested with PRs 57399, 57751, 57475). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
iscsi: set node.startup to manual
If the default iSCSI node.startup is set to automatic, if there is a node failure,
any pods on that node will get rescheduled to another node. If the failed node is
later brought back up it will then try to log back in to any iSCSI sessions it had
prior to the failure, which may no longer exist or may be now in-use by the other
nodes.
It appears most platforms keep the open-iscsi default of node.startup-automatic.
But in case this system-wide setting has been changed, and just to be explicit, this
sets node.startup values for kubernetes controlled volumes to manual.
Fixes#21305
```release-note
iSCSI sessions managed by kubernetes will now explicitly set startup.mode to 'manual' to
prevent automatic login after node failure recovery. This is the default open-iscsi mode, so
this change will only impact users who have changed their startup.mode to be 'automatic'
in /etc/iscsi/iscsid.conf.
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add Dong Liu as approver and add OWNERS in credentialprovider
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#57540
**Special notes for your reviewer**:
**Release note**:
```
none
```
/sig azure
/assign @brendandburns
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix rbd volume ConstructVolumeSpec
**What this PR does / why we need it**:
1. rbd plugin.ConstructVolumeSpec() construct volume spec with fake value, cause kubelet volume manager will create two volumesInUse in node Status.
2. change plugin.GetVolumeName(), create volumeName using rbd pool instead of monitors, because monitors is a group of IPs, which makes the volumeName too long. Also, this is to fit plugin.ConstructVolumeSpec() since makeGlobalPDName only uses rbd pool and image.
```
before fix:
volumesAttached:
- devicePath: ""
name: kubernetes.io/rbd/[xxxxxxx:6789 xxxxxxxxx:6789]:volume-9a106847-4def-4d1e-9603-4c7099b22a31
volumesInUse:
- 'kubernetes.io/rbd/[]:'
- kubernetes.io/rbd/[xxxxxxx:6789 xxxxxxxxx:6789]:volume-9a106847-4def-4d1e-9603-4c7099b22a31
after fix:
volumesAttached:
- devicePath: ""
name: kubernetes.io/rbd/volumes:volume-9a106847-4def-4d1e-9603-4c7099b22a31
volumesInUse:
- kubernetes.io/rbd/volumes:volume-9a106847-4def-4d1e-9603-4c7099b22a31
trying one by one.
In production, monitors may crash (or have a network problem), if we try
monitors one by one, rbd command will hang a long time (e.g. `rbd map -m
<unconnectable_host_ip>` on linux 4.4 timed out in 6 minutes) when
trying a unconnectable monitor. This is unacceptable.
Actually, we can simply pass a comma-separed list monitor addresses
to `rbd` command utility. Kernel rbd/libceph modules will pick
monitor randomly and try one by one, `rbd` command utility succeed soon
if there is a good one in monitors list.
Automatic merge from submit-queue (batch tested with PRs 57215, 57489). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Print/return the text from a number of errors that were silent before.
@rootfs @andyzhangx @khendiak @feiskyer
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
outdent err block
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```NONE
```
If the default iSCSI node.startup is set to automatic, if there is a node failure,
any pods on that node will get rescheduled to another node. If the failed node is
later brought back up it will then try to log back in to any iSCSI sessions it had
prior to the failure, which may no longer exist or may be now in-use by the other
nodes.
It appears most platforms keep the open-iscsi default of node.startup-automatic.
But in case this system-wide setting has been changed, and just to be explicit, this
sets node.startup values for kubernetes controlled volumes to manual.
Closes issue #21305
Automatic merge from submit-queue (batch tested with PRs 56600, 56814). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix volume size allocation in gcd_pd
**What this PR does / why we need it**:
GCE PDs are allocated in chunks of GBs not GiB but CreateVolume function incorrectly creates volume in chunks of GiB.
1 GiB = 1024 * 1024 * 1024 Bytes
1 GB = 1000 * 1000 * 1000 Bytes
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#56081
**Special notes for your reviewer**:
**Release note**:
```release-note
Fixed dynamic provisioning of GCE PDs to round to the next GB instead of GiB
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add azure owners
**What this PR does / why we need it**:
Add azure owners and sort owner files.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
cc @khenidak @andyzhangx
**Release note**:
```release-note
NONE
```
/assign @brendandburns
Automatic merge from submit-queue (batch tested with PRs 55475, 57155, 57260, 57222). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Improved mount/attach error logging and added attach event.
Fixed kubelet error message to be more descriptive. Added Attach success event for help in debugging.
The attach event is helpful when the node may not have the correct information about attachment status, it allows the user to see whether the Attach was run at all. If there is no success/failure attach message we can infer that there was no attach started at all.
Fixes#57217
Automatic merge from submit-queue (batch tested with PRs 55475, 57155, 57260, 57222). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
FC plugin: Update detach logic for block volume if devicePath is empty
**What this PR does / why we need it**:
Currently, FC plugin doesn't have a chance to update attached volume's devicePath into volume object.
Therefore, at the volume teardown path, FC plugin gets empty devicePath from kubelet then fails volume detach operations especially volumeMode is Block.
This PR adds logic to obtain devicePath from global map path if passed devicePath from kubelet is empty.
I think this PR isn't complete solution but is a workaround to avoid teardown failures. In order to solve the root cause, we need to discuss the way to update devicePath at kubelet side again.(https://github.com/kubernetes/kubernetes/pull/54264)
If volume is managed by multipath, FC plugin fails to detach volume from kubelet node on both Filesystem and Block cases. This PR also fix the problem.
**Which issue(s) this PR fixes** : Fixes#57153
**Special notes for your reviewer**:
@rootfs @jsafrane
**Release note**:
```
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix accessmode mapping error
What this PR does / why we need it:
fix accessmode mapping error in csi_client.go
`// can be mounted in read-only mode to many hosts`
`ReadOnlyMany PersistentVolumeAccessMode = "ReadOnlyMany"`
I think api.ReadOnlyMany should be mapping to csipb.VolumeCapability_AccessMode_MULTI_NODE_READER_ONLY
Which issue this PR fixes (optional, in fixes #(, fixes #<issue_number>, ...) format, will close that issue when PR gets merged): fixes #
NONE
Special notes for your reviewer:
NONE
Release note:
NONE
Automatic merge from submit-queue (batch tested with PRs 56375, 56872, 57053, 57165, 57218). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Improved event generation in volume mount,attach, and extend operations
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#57217
refactored mount, attach, extend operation's so that all failures generate events and event generation is more consistent.
```release-note
Improved event generation in volume mount, attach, and extend operations
```
Automatic merge from submit-queue (batch tested with PRs 57148, 57123, 57091, 57141, 57131). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add VolumeMode in GlusterFS PV spec.
This ensures that GlusterFS pvs are file backed storage.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 57148, 57123, 57091, 57141, 57131). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix incorrect log in csi_plugin
What this PR does / why we need it:
fix incorrect log in csi_plugin_test.go and csi_mounter.go
Which issue this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close that issue when PR gets merged): fixes #
NONE
Special notes for your reviewer:
NONE
Release note:
NONE
Automatic merge from submit-queue (batch tested with PRs 56650, 55813, 56911, 56921, 56871). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
enable flexvolume on Windows node
**What this PR does / why we need it**:
enable flexvolume on Windows node:
current PodVolumeDir is like
`\var\lib\kubelet\pods\f54c5a74-da63-11e7-b71a-000d3a02c330\volumes\test~hostpath.cmd\flextest`
which is a unix path, with this PR, PodVolumeDir in **windows** kubelet will be converted into like
`c:\var\lib\kubelet\pods\f54c5a74-da63-11e7-b71a-000d3a02c330\volumes\test~hostpath.cmd\flextest`
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#56875
**Special notes for your reviewer**:
Detailed steps about how to use flexvolume on Windows with this PR:
https://github.com/andyzhangx/Demo/tree/master/windows/flexvolume
**Release note**:
```
enable flexvolume on Windows node
```
/sig windows
Automatic merge from submit-queue (batch tested with PRs 56480, 56675, 56624, 56648, 56658). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
minor fix error typo of rbd volume teardown
fix typo in rbd volume plugin `diskTearDown`
Automatic merge from submit-queue (batch tested with PRs 56401, 56506, 56551, 56298, 56581). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Heketi documentats incorrectly about sizes in GBs
Heketi documentation incorrectly says that volume size is created in
GB but in fact is in GiB. Fix both resizing and create volume
functions to relfect that.
Fixes https://github.com/kubernetes/kubernetes/issues/56192
```release-note
Use GiB unit for creating and resizing volumes for Glusterfs
```
Automatic merge from submit-queue (batch tested with PRs 56401, 56506, 56551, 56298, 56581). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Addressing Comments from Code Review
**What this PR does / why we need it**: addressing comments from code review: https://github.com/kubernetes/kubernetes/pull/55824#pullrequestreview-78597250
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*: N/A
**Special notes for your reviewer**:
@thockin @jsafrane @msau42 PTAL
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 56401, 56506, 56551, 56298, 56581). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
change default azure file/dir mode to 0755
**What this PR does / why we need it**:
change default azure file/dir mode to 0755, users complain current `0700` value a lot.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#54610
**Special notes for your reviewer**:
**Release note**:
```
none
```
/sig azure
/assign @rootfs
Automatic merge from submit-queue (batch tested with PRs 56413, 56322, 56490, 56460, 56487). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix binary check for glusterfs.go
**What this PR does / why we need it**:
err check can't show that the binary does not exist.
If the binary does not exist, the err still be nil ever.
we should use "test -x" to check if the binary exist.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#56479
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 56413, 56322, 56490, 56460, 56487). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Allow FlexVolume PV secret namespaces
Completes the secret namespace PV refactor, so all PV volume sources that specify secrets can reference them outside the PVC namespace.
Finished the secret-related aspect of https://github.com/kubernetes/kubernetes/issues/32131
```release-note
PersistentVolume flexVolume sources can now reference secrets in a namespace other than the PersistentVolumeClaim's namespace.
```
Automatic merge from submit-queue (batch tested with PRs 57172, 55382, 56147, 56146, 56158). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add mount options support for azure disk
**What this PR does / why we need it**:
add mount options support for azure disk
example azure class with mount options:
```
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
name: hdd
provisioner: kubernetes.io/azure-disk
mountOptions:
- barrier=1
- acl
parameters:
skuname: Standard_LRS
kind: Managed
fstype: ext3
```
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#56131
**Special notes for your reviewer**:
**Release note**:
```
add mount options support for azure disk
```
/sig azure
/assign @rootfs
Automatic merge from submit-queue (batch tested with PRs 55925, 55999, 55944, 55992, 56196). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix binary check for nfs.go
**What this PR does / why we need it**:
err check can't show that the binary does not exist.
If the binary does not exist, the err still be nil ever.
we should add print check to show if the binary exist.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes https://github.com/kubernetes/kubernetes/issues/56479
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 55925, 55999, 55944, 55992, 56196). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
probeAttachedVolume improvement in Cinder
What this PR does / why we need it:
During OpenStack Cinder volume attachment, kubelet creates too many udev "change" events.
If volume attachement takes long, then udev event queue gets full,therefore
udev does not answer requests from docker, and makes Kubernetes node unhealthy.
This patch will extend the udevadm trigger period,
and use the udevadm settle to ensure that any device nodes
have been created successfully before proceeding.
Fixes#55007
Release note:
```release-note
None
```
/cc @dims @kabakaev
Automatic merge from submit-queue (batch tested with PRs 55954, 56037, 55866, 55984, 54994). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
make k8s support cephfs fuse mount
**What this PR does / why we need it**:
make k8s support cephfs fuse.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes https://github.com/kubernetes/kubernetes/issues/46636, https://github.com/kubernetes/kubernetes/issues/44486
**Special notes for your reviewer**:
**Release note**:
```release-note
K8s supports cephfs fuse mount.
```
Automatic merge from submit-queue (batch tested with PRs 54604, 55781, 55806, 55935, 55991). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Use core client with explicit version
**What this PR does / why we need it**:
Core client without explicit version has been deprecated, change them to the one with explicit version.
**Which issue(s) this PR fixes**:
Fixes partially #55993
**Special notes for your reviewer**:
/cc @kubernetes/sig-api-machinery-pr-reviews
/cc @caesarxuchao @k82cn @sttts @kevin-wangzefeng
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
AWS: Support for mounting nvme volumes
Supports mounting nvme volumes
Fixes#56155
```release-note
AWS: Detect EBS volumes mounted via NVME and mount them
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix CreateVolume func: use search mode instead
**What this PR does / why we need it**:
This is a little fall back for CreateVolume func: use search mode for Dedicated kind as @rootfs suggested.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#52396
**Special notes for your reviewer**:
I reference the implmentation of v1.6 in the same CreateVolume func
https://github.com/kubernetes/kubernetes/blob/release-1.6/pkg/cloudprovider/providers/azure/azure_storage.go#L213-L247
**Release note**:
```
fix azure storage account exhausting issue by using azure disk mount
```
/sig azure
@rootfs @feiskyer @karataliu
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add andyzhangx as azure reviewer
**What this PR does / why we need it**:
add andyzhangx as azure reviewer
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```
none
```
/sig azure
/assign @jdumars @brendandburns
Heketi documentation incorrectly says that volume size is created in
GB but in fact is in GiB. Fix both resizing and create volume
functions to relfect that.
This admission plugin puts finalizer to every created PVC. The finalizer is
removed by PVCProtectionController when the PVC is not referenced by any
pods and thus the PVC can be deleted.
Automatic merge from submit-queue (batch tested with PRs 54843, 55810). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix testSupport in downwardapi_test
add some code to test plugin.CanSupport function
/sig storage
Automatic merge from submit-queue (batch tested with PRs 52767, 55065, 55148, 56228, 56221). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add resize support for ceph RBD
Add resize support for ceph RBD
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: part of [#657](https://github.com/kubernetes/community/pull/657)
**Special notes for your reviewer**:
**Release note**:
```release-note
Add resize support for ceph RBD
```
WIP, need to add fs resize,
assign to myself first
/assign @NickrenREN
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Expose single annotation/label via downward API
**What this PR does / why we need it**:
https://github.com/kubernetes/community/blob/master/contributors/design-proposals/node/annotations-downward-api.md
Support exposing single annotation via both env and volume downward API using the following syntax:
```
metadata.annotations['key']
metadata.labels['key']
```
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
#31218
**Special notes for your reviewer**:
This PR takes over the work in https://github.com/kubernetes/kubernetes/pull/41648.
**Release note**:
```
A single value in metadata.annotations/metadata.labels can be passed into the containers via Downward API
```
/assign @thockin @vishh
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Implement volume resize for cinder
**What this PR does / why we need it**:
resize for cinder
xref: [resize proposal](https://github.com/kubernetes/community/pull/657)
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: xref https://github.com/kubernetes/community/pull/657
Follow up: #49727
**Special notes for your reviewer**:
**Release note**:
```release-note
Implement volume resize for cinder
```
wip, assign to myself first
/assign @NickrenREN
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Block volumes Support: FC plugin update
**What this PR does / why we need it**:
Add interface changes to FC volume plugin to enable block volumes support feature.
**Which issue this PR fixes**:
Based on this proposal (kubernetes/community#805 & kubernetes/community#1265) and this feature issue: kubernetes/features#351
**Special notes for your reviewer**:
This PR temporarily includes following changes except FC plugin change for reviewing purpose.
These changes will be removed from the PR once they are merged.
- (#50457) API Change
- (#53385) VolumeMode PV-PVC Binding change
- (#51494) Container runtime interface change, volumemanager changes, operationexecutor changes
There are another PRs related to this functionality.
(#50457) API Change
(#53385) VolumeMode PV-PVC Binding change
(#51494) Container runtime interface change, volumemanager changes, operationexecutor changes
(#55112) Block volume: Command line printer update
Plugins
(#51493) Block volumes Support: FC plugin update
(#54752) Block volumes Support: iSCSI plugin update
**Release note**:
```
FC plugin: Support for block volume
- This enables uses to allow attaching raw block volume to their pod without filesystem through FC plugin.
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Block volumes Support: CRI, volumemanager and operationexecutor changes
**What this PR does / why we need it**:
This PR contains following items to enable block volumes support feature.
- container runtime interface change
- volumemanager changes
- operationexecuto changes
**Which issue this PR fixes**:
Based on this proposal (kubernetes/community#805) and this feature issue: kubernetes/features#351
**Special notes for your reviewer**:
There are another PRs related to this functionality.
(#50457) API Change
(#53385) VolumeMode PV-PVC Binding change
(#51494) Container runtime interface change, volumemanager changes, operationexecutor changes
(#55112) Block volume: Command line printer update
Plugins
(#51493) Block volumes Support: FC plugin update
(#54752) Block volumes Support: iSCSI plugin update
**Release note**:
```
Adds alpha support for block volume, which allows the users to attach raw block volume to their pod without filesystem on top of the volume.
```
/cc @msau42 @liggitt @jsafrane @saad-ali @erinboyd @screeley44
Automatic merge from submit-queue (batch tested with PRs 55812, 55752, 55447, 55848, 50984). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Initial basic bootstrap-checkpoint support
**What this PR does / why we need it**:
Adds initial support for Pod checkpointing to allow for controlled recovery of the control plane during self host failure conditions.
fixes#49236
xref https://github.com/kubernetes/features/issues/378
**Special notes for your reviewer**:
Proposal is here: https://docs.google.com/document/d/1hhrCa_nv0Sg4O_zJYOnelE8a5ClieyewEsQM6c7-5-o/edit?ts=5988fba8#
1. Controlled tests work, but I have not tested the self hosted api-server recovery, that requires validation and logs. /cc @luxas
2. In adding hooks for checkpoint manager much of the tests around basicpodmanager appears to be stub'd. This has become an anti-pattern in the code and should be avoided.
3. I need a node-e2e to ensure consistency of behavior.
**Release note**:
```
Add basic bootstrap checkpointing support to the kubelet for control plane recovery
```
/cc @kubernetes/sig-cluster-lifecycle-misc @kubernetes/sig-node-pr-reviews
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fixes issue where PVCs using `standard` StorageClass create PDs in disks in wrong zone in multi-zone GKE clusters
Fixes#50115
Changed GetAllZones to only get zones with nodes that are currently running (renamed to GetAllCurrentZones). Added E2E test to confirm this behavior.
Automatic merge from submit-queue (batch tested with PRs 55112, 56029, 55740, 56095, 55845). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Updating vsphere cloud provider to support k8s cluster spread across multiple vCenters
**What this PR does / why we need it**:
vSphere cloud provider in Kubernetes 1.8 was designed to work only if all the nodes of the cluster are in one single datacenter folder. This is a hard restriction that makes the cluster not span across different folders/datacenter/vCenters. Users have use-cases to span the cluster across datacenters/vCenters.
**Which issue(s) this PR fixes**
Fixes # https://github.com/vmware/kubernetes/issues/255
**Special notes for your reviewer**:
This is a change purely in vsphere cloud provider and no changes in kubernetes core are needed.
**Release note**:
```release-note
With this change
- User should be able to create k8s cluster which spans across multiple ESXi clusters, datacenters or even vCenters.
- vSphere cloud provider (VCP) uses OS hostname and not vSphere Inventory VM Name.
That means, now VCP can handle cases where user changes VM inventory name.
- VCP can handle cases where VM migrates to other ESXi cluster or datacenter or vCenter.
The only requirement is the shared storage. VCP needs shared storage on all Node VMs.
```
Internally tested and reviewed the code.
@tthole, @shaominchen, @abrarshivani
running (renamed to GetAllCurrentZones). Added E2E test to confirm this
behavior.
Added node informer to cloud-provider controller to keep track of zones
with k8s nodes in them.
Automatic merge from submit-queue (batch tested with PRs 55963, 55790, 55670, 55931). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add GRS, RAGRS storage account type support for azure disk
**What this PR does / why we need it**:
add Standard_GRS, Standard_RAGRS storage account type support for azure disk, and Standard_ZRS, Premium_GRS are not supported for azure disk now
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#55774
**Special notes for your reviewer**:
**Release note**:
```
add Standard_GRS, Standard_RAGRS support for azure disk
```
/sig azure
@rootfs @brendanburns
Automatic merge from submit-queue (batch tested with PRs 55963, 55790, 55670, 55931). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
include error message for volumeManager during attach and mount
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#55609
**Special notes for your reviewer**:
/assign @jsafrane @jingxu97
**Release note**:
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 55217, 54260). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Checking Cinder disk when tickers are delivered
Cinder's WaitForAttach() runs probeAttachedVolume() 2 times per
second(L243 and L247), that triggers SCSI rescan and generates many udev "change"
events.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix representation of the pv's capacity which provisioned by glusterfs
**What this PR does / why we need it**:
This PR fixes representation of the pv's capacity which provisioned by glusterfs.
Gluster's volume size is calculated in GB, and than this value is setted as GiB for pv's storage capacity.
**Which issue(s) this PR fixes**:
Fixes#55937
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
RBD Plugin: Fix bug in checking command not found error.
**What this PR does / why we need it**:
Fix bug in error checking logic.
`Error()` method of command not found error returned from `command.Run/Output` is not "executable file not found in $PATH". Actually, it's `exec: "<command>": executable file not found in $PATH`.
I followed the logic in https://github.com/kubernetes/kubernetes/blob/v1.9.0-alpha.1/pkg/kubectl/cmd/util/editor/editor.go#L129 to detect command not found error.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
https://play.golang.org/p/yZJxtouUQL
**Release note**:
```release-note
NONE
```
- vsphere.conf (cloud-config) is now needed only on master node
- VCP uses OS hostname and not vSphere inventory name
- VCP is now resilient to VM inventory name change and VM migration
Automatic merge from submit-queue (batch tested with PRs 55254, 55525, 50108, 54674, 55263). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
support mount options in azure file
**What this PR does / why we need it**:
support mount options in azure file
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#37005, #54610
**Special notes for your reviewer**:
@rootfs @karataliu @feiskyer
By default, the dir_mode and file_mode would be 0700, vers would be 3.0, while if user specify `dir_mode`, `file_mode`, `vers` in storage class in `mountOptions` field(see below), then azure file should use user specified mount options.
```
---
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
name: azurefile
provisioner: kubernetes.io/azure-file
mountOptions:
- dir_mode=0377
- file_mode=0350
- vers=2.1
parameters:
skuName: Standard_LRS
location: westus2
```
**Release note**:
```
support mount options in azure file
```
/sig azure
Automatic merge from submit-queue (batch tested with PRs 55392, 55491, 51914, 55831, 55836). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Move regexp.MustCompile to global variable
Move regexp.MustCompile to global variable.
regexp.MustCompile heavy function and can be run on init app
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 54177, 55203, 55120, 55275, 55260). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
[bug fix]invalid memory address or nil pointer dereference when mounting azure disk
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#55199
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Rename Detach() parameter.
`Detach()` does not get device name, it gets volume name. Parameters named `deviceMountPath` or `deviceName` just confuses developers.
Note that this PR just renames parameters here and there, there should be no behavior change.
@kubernetes/sig-storage-pr-reviews
/assign @gnufied @jingxu97
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove dependency on drv_cfg binary for querying ScaleIO devices
**What this PR does / why we need it**:
This PR fixes the issue where a ScleIO kubernetes plugin required additional binary `drv_cfg` to be present on the local node to work properly, making it harder for the kubelet binary to be containerized without providing access to local paths inside the container.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#54954
**Special notes for your reviewer**:
**Release note**:
```release-note
ScaleIO driver completely removes dependency on drv_cfg binary so a Kubernetes cluster can easily run a containerized kubelet.
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Update volume OWNERS to reflect active sig-storage reviewers
**What this PR does / why we need it**:
Update sig-storage reviewers to add new members and remove those that don't have as much time to review storage PRs. Approvers are unchanged.
**Special notes for your reviewer**:
For all those that have been removed, please approve. If you want to remain as a reviewer, let me know and I will add you back.
**Release note**:
NONE
Automatic merge from submit-queue (batch tested with PRs 54533, 54777, 54763, 54806, 54703). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Change bucket info of volume operations
The default buckets for volume operations are mostly incorrect because most metric tend to cluster in >10s bucket.
This fixes the problem with buckets.
cc @kubernetes/sig-storage-pr-reviews @jingxu97
Automatic merge from submit-queue (batch tested with PRs 54635, 54250, 54657, 54696, 54700). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Don't cache exec and mounter in RBD volume plugin
#51608 has broken containerized RBD mount utilities proposed in https://github.com/kubernetes/kubernetes/pull/53440.
Volume plugin can get a different exec and mounter implementation with every call, it must not be cached.
```release-note
NONE
```
/sig storage
/assign @rootfs
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix incorrect log
**What this PR does / why we need it**:
fix incorrect log in nfs_test.go
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
NONE
**Special notes for your reviewer**:
NONE
**Release note**:
NONE
Automatic merge from submit-queue (batch tested with PRs 53730, 51608, 54459, 54534, 54585). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix azure storage account num exhausting issue
**What this PR does / why we need it**:
If customer is using the default storage class of azure-disk, create lots of azure disk pvs by using default storage class of azure-disk, the storage account num would be exhausted in the azure subscription. Change default `kind` value of azure disk storge class from `Dedicated` to `Shared`, which means only a few storage accounts would be created even there are even hundreds of azure disk PVs.
**Which issue this PR fixes**:
fixes#54669
fix storage account num exhausting issue when lots of azure disk pvs are created by using the default storage class of azure-disk
**Special notes for your reviewer**:
fix azure storage account num exhausting issue when lots of azure disk pvs are created by using the default storage class of azure-disk
I would suggest also cherry pick this fix to v1.7, v1.8
**Release note**:
```
fix azure storage account num exhausting issue
```
/sig azure
@karataliu @rootfs @brendanburns
Automatic merge from submit-queue (batch tested with PRs 53730, 51608, 54459, 54534, 54585). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
RBD Plugin: Implement Attacher/Detacher interfaces.
**What this PR does / why we need it**:
This PR continues @rootfs 's work in #33660. It implements volume.Attacher/Volume.Detacher interfaces to resolve RBD image locking and makes RBD plugin more robust.
Summary of interfaces and what they do for RBD plugin:
- Attacher.Attach(): does nothing
- Attacher.VolumesAreAttached(): method to query volume attach status
- Attacher.GetDeviceMountPath(): method to get device mount path
- Attacher.WaitForAttach(): kubelet maps the image on the node (and lock the image if needed)
- Attacher.MountDevice(): kubelet mounts device at the device mount path
- Detacher.UnmountDevice: kubelet unmounts device from the device mount path (currently, we need to unmaps image from the node here) (and unlock the image if needed)
- Detacher.Detach(): does nothing
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
fixes#50142.
**Special notes for your reviewer**:
RBD changes:
1) Modify rbdPlugin to implement volume.AttachableVolumePlugin interface.
2) Add rbdAttacher/rbdDetacher structs to implement
volume.Attacher/Detacher interfaces.
3) Add mount.SafeFormatAndMount/mount.Exec fields to rbdPlugin, and setup them in
rbdPlugin.Init for later uses. Attacher/Mounter/Unmounter/Detacher
reference rbdPlugin to use mounter and exec. This simplifies
code.
4) Add testcase struct to abstract RBD Plugin test case, etc.
5) Add newRBD constructor to unify rbd struct initialization.
Non-RBD changes:
1) Fix FakeMounter.IsLikelyNotMountPoint to return ErrNotExist if the
directory does not exist. Mounter.IsLikelyNotMountPoint interface
requires this, and RBD plugin depends on it.
2) ~~Extend Detacher.Detach method to pass `*volume.Spec`, RBD plugin
needs it to detach device from the node.~~
3) ~~Extend Volume.Spec struct to include namespace string, RBD Plugin needs
it to locate objects (e.g. secrets) in Pod's namespace.~~
4) ~~Update RABC bootstrap policy to allow
`system:controller:attachdetach-controller` cluster role to get
Secrets object. RBD attach/detach needs to access secrets object in
Pod's namespace.~~
**Release note**:
```
NONE
```
Automatic merge from submit-queue (batch tested with PRs 49865, 53731, 54013, 54513, 51502). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
ScaleIO - Ability to specify Secret's name and namespace
**What this PR does / why we need it**:
This PR is to decouple the ScaleIO secret from the same namespace as that of the StorageClass/PVC/PV that uses it (#53619). Currently, authorized non-admin k8s user, who creates volumes, may end up having unauthorized access to ScaleIO secret information. This PR introduces secret parameter that allows specification of secret's namespace.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#53619
**Release note**:
```release-note
ScaleIO persistent volumes now support referencing a secret in a namespace other than the bound persistent volume claim's namespace; this is controlled during provisioning with the `secretNamespace` storage class parameter; StoragePool and ProtectionDomain attributes no longer defaults to the value `default`
```
Automatic merge from submit-queue (batch tested with PRs 54593, 54607, 54539, 54105). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix azure pv crash due to volumeSource.ReadOnly value nil
**What this PR does / why we need it**:
kubelet in agent would crash due to volumeSource.ReadOnly is nil in some condition
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#54149
**Special notes for your reviewer**:
#54149 is the issue: volumeSource.ReadOnly is nil, make kubelet in azure agent node crash.
"volumeSource.ReadOnly is nil" could be regarded as `false` value
@rootfs
**Release note**:
```
fix azure pv crash due to volumeSource.ReadOnly value nil
```
/sig azure
Automatic merge from submit-queue (batch tested with PRs 54081, 54271, 51783, 54600, 54594). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove redundant code of checking path
**What this PR does / why we need it**:
Remove redundant code of checking path
the checking is not necessary here,WrapperUnmounter#TearDownAt always do that
func UnmountViaEmptyDir(dir string, host VolumeHost, volName string, volSpec Spec, podUID types.UID) error {
glog.V(3).Infof("Tearing down volume %v for pod %v at %v", volName, podUID, dir)
if pathExists, pathErr := volutil.PathExists(dir); pathErr != nil {
return fmt.Errorf("Error checking if path exists: %v", pathErr)
} else if !pathExists {
glog.Warningf("Warning: Unmount skipped because path does not exist: %v", dir)
return nil
}
// Wrap EmptyDir, let it do the teardown.
wrapped, err := host.NewWrapperUnmounter(volName, volSpec, podUID)
if err != nil {
return err
}
return wrapped.TearDownAt(dir)
}
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
NONE
**Release note**:
NONE
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
glusterfs service endpoint prefix should be `glusterfs-dynamic-`.
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
/sig storage
Automatic merge from submit-queue (batch tested with PRs 54336, 54470, 54334, 54175). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix azure disk mount failure on coreos and some other distros
**What this PR does / why we need it**:
azure disk mount failure on coreos due to `/dev/disk/azure` not populated on coreos, and also on some other distros.
After a long time back and forth discussion, I have decided to fix this issue on k8s side. Customers are leaving azure because of this udev issue, you could read details from #50150 . I have verifed the code works well on current coreos on azure.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*:
fixes#50150: azure_dd: managed disks don't pass "FormatAndMount"
In coreos on azure and some old distros, one udev rule is not applied, which means `/dev/disk/azure` not populated, while current disk detection code logic relies on `/dev/disk/azure`, so it would lead to azure disk mount failure, for more details, pls refer to #50150
**Special notes for your reviewer**:
In v1.6, there is no such issue becuase it's not using /dev/azure/disk to detect the LUN of new disk, so I refer the code logic of v1.6:
https://github.com/kubernetes/kubernetes/blob/release-1.6/pkg/volume/azure_dd/vhd_util.go#L59-L66
while from v1.7, it's using /dev/azure/disk, the code logic does not apply to distro which does not have udev rules(/dev/azure/disk), see:
https://github.com/kubernetes/kubernetes/blob/release-1.7/pkg/volume/azure_dd/azure_common.go#L231-L236
**Release note**:
```
fix azure disk mount failure on coreos and some other distro due to udev rule not applied
```
/sig azure
@rootfs @brendanburns @colemickens
@tlyng @karataliu @szarkos
With central attachdetach controller, we don't need to lock the image
any more. But for backward compatibility, we should:
1) Check if the image is still used by nodes running old kubelet in
attaching.
2) Clean old rbd.json file and remove lock if found in detaching.
1) Modify rbdPlugin to implement volume.AttachableVolumePlugin
interface.
2) Add rbdAttacher/rbdDetacher structs to implement
volume.Attacher/Detacher interfaces.
3) Add mount.SafeFormatAndMount/mount.Exec fields to rbdPlugin, and
setup them in rbdPlugin.Init for later uses.
Attacher/Mounter/Unmounter/Detacher reference rbdPlugin to use mounter
and exec. This simplifies code.
4) Add testcase struct to abstract RBD Plugin test case, etc.
5) Add newRBD constructor to unify rbd struct initialization.
Automatic merge from submit-queue (batch tested with PRs 54229, 54380, 54302, 54454). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
RBD Plugin: rbdStatus only check output of successful `rbd status` run
**What this PR does / why we need it**:
Current RBDUtil.rbdStatus implementation never return error in any cases, even if command not found or `rbd status` never succeed. This PR change it to only check output of successful `rbd status` run, and return error on other cases.
Because there are maybe network problem or ceph cluster unresponsive conditions which will cause `rbd status` command to fail. We cannot assume there is no watchers on given image. It's better to return error, and let the caller to decide what to do.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 51402, 54283). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Abstract contains function to common place
**What this PR does / why we need it**:
There are identical "contains" func in multiple files,better to abstract it to common place
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
NONE
**Release note**:
NONE
Automatic merge from submit-queue (batch tested with PRs 52794, 54243, 54248, 53491, 53841). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
PV recycler: don't reuse old recycler pod.
It might be forged by user and block Kubernetes from recycling. Try to kill it instead.
+ report error when Kubernetes failed to delete recycler pod. PV controller will re-try recycling the PV again and delete the pod eventually.
**Which issue this PR fixes**
fixes#53413
**Release note**:
```release-note
None
```
@kubernetes/sig-storage-pr-reviews
/assign @tallclair
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
pkg/api: extract Scheme/Registry/Codecs into pkg/api/legacyscheme
This serves as
- a preparation for the pkg/api->pkg/apis/core move
- and makes the dependency to the scheme explicit when vizualizing
left depenncies.
The later helps with our our efforts to split up the monolithic repo
into self-contained sub-repos, e.g. for kubectl, controller-manager
and kube-apiserver in the future.
Automatic merge from submit-queue (batch tested with PRs 53958, 53947). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix PV Recycle issue when running on multi-arch
**What this PR does / why we need it**:
Currently PV Recycle uses image `gcr.io/google_containers/busybox`, which is an amd64 image, not applied for multi-arch , to start pod `"pv-recycler"`. For other non-x86 platforms, like `ppc64le` and `arm64`, the pod cannot get started due to the busybox image.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#53942
**Special notes for your reviewer**:
/cc @gyliu513 @mkumatag
/assign @saad-ali @jsafrane
**Release note**:
```release-note
fix PV Recycle failed on non-amd64 platfrom
```
Automatic merge from submit-queue (batch tested with PRs 53872, 53719). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix azureDisk warns about disk format failure
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#53713
**Special notes for your reviewer**:
**Release note**:
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 53525, 53652). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
apimachinery: remove ObjectCopier interface(s)
The big commit is a mechanical, transitive removal of the copier interfaces in all structs and function calls.
Automatic merge from submit-queue (batch tested with PRs 52662, 53547, 53588, 53573, 53599). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Use const instead of hard code for volume plugin
**What this PR does / why we need it**:
nits: cleanup hard-coded volume plugin name
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add possibility to ignore volume label in dynamic provisioning
**What this PR does / why we need it**: this is needed if openstack cinder zone name does not match to compute zone names. For instance if there is only one cinder zone and many compute zones.
**Which issue this PR fixes**: fixes#53488
**Special notes for your reviewer**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Refactor nsenter
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#51273
**Special notes for your reviewer**:
/assign @jsafrane
**Release note**:
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 51765, 53053, 52771, 52860, 53284). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
TestIoHandler should not run on unsupported platforms
Fix for failing test on darwin/osx. Skip the test on unsupported (non-windows and non-linux) platforms.
**What this PR does / why we need it**:
`make test WHAT=./pkg/volume/azure_dd` doesn't pass on my OSX setup (10.12.6, go1.9, docker 17.06.2) on master. Our [docs on unit tests](https://github.com/kubernetes/community/blob/master/contributors/devel/testing.md#unit-tests) say they should pass on OS X. This PR allows it to pass.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 52880, 52855, 52761, 52885, 52929). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..
Remove cloud provider rackspace
**What this PR does / why we need it**:
For now, we have to implement functions in both `rackspace` and `openstack` packages if we want to add function for cinder, for example [resize for cinder](https://github.com/kubernetes/kubernetes/pull/51498). Since openstack has implemented all the functions rackspace has, and rackspace is considered deprecated for a long time, [rackspace deprecated](https://github.com/rackspace/gophercloud/issues/592) ,
after talking with @mikedanese and @jamiehannaford offline , i sent this PR to remove `rackspace` in favor of `openstack`
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#52854
**Special notes for your reviewer**:
**Release note**:
```release-note
The Rackspace cloud provider has been removed after a long deprecation period. It was deprecated because it duplicates a lot of the OpenStack logic and can no longer be maintained. Please use the OpenStack cloud provider instead.
```
Automatic merge from submit-queue (batch tested with PRs 52831, 52764, 52763, 52673, 52558). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..
Minor fix: make sure that glusterfsPlugin implements interface ExpandableVolumePlugin
Attempting an assignment to make sure that `glusterfsPlugin` implements interface `ExpandableVolumePlugin`, just as we did for `DeletableVolumePlugin`, `PersistentVolumePlugin`
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
/assign @gnufied
Automatic merge from submit-queue (batch tested with PRs 52469, 52574, 52330, 52689, 52829). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..
add feature: azurefile mount on windows node
**What this PR does / why we need it**:
feature: azurefile mount on windows node. I created this new PR, close the original one(https://github.com/kubernetes/kubernetes/pull/50233) as there is a big rebase change.
Currently only SMB(a nfs protocol) is supported for windows container in the new Windows 2016 RS3 image, and windows container in RS3 could only use New-SmbGlobalMapping cmdlet for volume mapping, "net use" command does not work for windows container.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
As there is a known blocking issue in Windows 2016 server when mounting a SMB(a NFS protocol in Windows) share on a container host and then bind that share to a container ( Azure file on Windows is using SMB protocol), this PR still could not mount an azure file on current windows 2016 server node, it depends on 2016 RS3 release, and it will still succeed (as a workaround) if customer want to mount an azure file on current windows node.
Main code logic is similar to what it does in Linux node:
1. create target directory in Windows host
2. Use New-SmbGlobalMapping powershell cmdlet to mount SMB azure file to a drive in Windows host
3. Use mklink command to link target directory to the mounted drive
K8s would bind target directory to the container directory
source in mount function would be like:
`\\[accountname].file.core.windows.net\test`
target in mount function would be like:
`c:\var\lib\kubelet\pods\5f679f75-7ce3-11e7-b718-000d3a31dac4\volumes\kubernetes.io~azure-file`
sample azure file config file:
```
apiVersion: v1
kind: Pod
metadata:
name: iis
spec:
containers:
- image: microsoft/iis
name: iis
volumeMounts:
- name: azure
mountPath: "d:"
nodeSelector:
beta.kubernetes.io/os: windows
volumes:
- name: azure
azureFile:
secretName: azure-secret
shareName: k8stest
readOnly: false
```
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 50068, 52406, 52394, 48551, 52131). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..
Implement bulk polling of volumes for vSphere
This PR implements bulk polling of volumes - BulkVerifyVolumes() API for vSphere.
With the existing implementation, vSphere makes multiple calls to VC to check if the volume is attached to a node. If there are "N" volumes attached on "M" nodes, vSphere makes "N" VCenter calls to check if the volumes are attached to VC for all "N" volumes. Also, by default Kubernetes queries if the volumes are attached to nodes every 1 minute. This will substantially increase the number of calls made by vSphere cloud provider to vCenter.
Inorder to prevent this, vSphere cloud provider implements the BulkVerifyVolumes() API in which only a single call is made to vCenter to check if all the volumes are attached to the respective nodes. Irrespective of the number of volumes attached to nodes, the number of vCenter calls will always be 1 on a query to BulkVerifyVolumes() API by kubernetes.
@rohitjogvmw @divyenpatel @luomiao
```release-note
BulkVerifyVolumes() implementation for vSphere
```
Automatic merge from submit-queue (batch tested with PRs 51902, 52718, 52687, 52137, 52697). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..
Refactoring and improvements for iSCSI and FC storage plugins
**What this PR does / why we need it**:
This PR makes following changes.
- Simplify volume tearDown path for iSCSI and FC using
util.UnmountPath().
- Log lastErr during iscsi connection
If iscsid fails to connect second portal, currently
the error is ignored silently. The lastErr should be
logged to find the root cause of problem.
- Remove iscsi plugin directory after iscsi connection
is successfully closed.
**Which issue this PR fixes** : No related issues.
**Special notes for your reviewer**:
/cc @rootfs @jsafrane
**Release note**:
```
NONE
```
Automatic merge from submit-queue (batch tested with PRs 51902, 52718, 52687, 52137, 52697). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..
stop the Timer
**What this PR does / why we need it**:
Ticker stop twice, and does not stop Timer.
Automatic merge from submit-queue (batch tested with PRs 47806, 49539, 48763, 47049, 50600). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..
flexvolume: remove a mount directory in a error case
**What this PR does / why we need it**:
flexVolumeMounter.SetUpAt creates a directory, where a volume has to be
mounted, and we have to remove this directory in a error case. Otherwise
we see errors like this:
Orphaned pod 673b66d9-70f7-11e7-a5fa-525400307392 found, but volume paths are still present on disk
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
https://github.com/kubernetes/kubernetes/issues/49383
**Special notes for your reviewer**:
**Release note**:
Fix a rollback code for the flexvolume mount operation
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..
suspect nil HostPathType
**What this PR does / why we need it**:
Nil `HostPathType` is suspicious. @luxas Will help re-verify.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#52242
**Special notes for your reviewer**:
/assign @luxas @thockin
**Release note**:
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 51064, 52132). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..
Kubelet weird output fix
**What this PR does / why we need it**:
All kube binaries print the following message at the top when executed:
```
2017/08/28 21:37:12 proto: duplicate proto type registered: google.protobuf.Any
2017/08/28 21:37:12 proto: duplicate proto type registered: google.protobuf.Duration
2017/08/28 21:37:12 proto: duplicate proto type registered: google.protobuf.Timestamp
```
This PR addresses the above issue
It involves the following two changes:
1. Updating vendor packages
- Removes everything under the repo ``go.pedge.io``
- Updates repo libopenstorage/openstorage (which was using the above package)
2. Updates the portworx volume native driver to adhere to the newly vendor'ed code.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*:
fixes#51452
**Special notes for your reviewer**:
I have divided the changes into 2 commits
1. Vendor'ed changes
2. Changes in portworx volume driver.
```release-note
Remove duplicate proto errors in kubelet.
```
Automatic merge from submit-queue (batch tested with PRs 52675, 52691). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..
FC plugin: Return target wwn + lun at GetVolumeName()
**What this PR does / why we need it**:
At volume attach/detach controller, GetVolumeName() is
expected to return unique volume identifier, but FC
plugin didn't return unique identifier if user specified
FC volume using target wwn and lun.
In order to return unique identifier, GetVolumeName()
should use combination of target wwn and lun.
**Which issue this PR fixes** : fixes#52690
**Special notes for your reviewer**:
Should we use same format of unique volume identifier between v1.7 and v1.8 `for the purpose of backward compatibility?`
- At v1.7(before introducing attach/detach function), unique ID was pod's uuid + volume name
```
I0918 22:47:13.113481 44661 reconciler.go:257] operationExecutor.MountVolume started for volume "pv0001" (UniqueName: "kubernetes.io/fc/d6c66980-9ce4-11e7-8bb7-f8bc12550954-pv0001") pod "nginx-pod1" (UID: "d6c66980-9ce4-11e7-8bb7-f8bc12550954")
I0918 22:47:15.116584 44661 operation_generator.go:476] MountVolume.SetUp succeeded for volume "pv0001" (UniqueName: "kubernetes.io/fc/d6c66980-9ce4-11e7-8bb7-f8bc12550954-pv0001") pod "nginx-pod1" (UID: "d6c66980-9ce4-11e7-8bb7-f8bc12550954")
```
- At latest master, unique ID is targetWWNs.(if a user specifies a volume using target wwn + lun)
```
I0918 22:23:48.389339 1016 reconciler.go:212] operationExecutor.VerifyControllerAttachedVolume started for volume "pv0001" (UniqueName: "kubernetes.io/fc/[78060e801049abcd]") pod "nginx-pod3" (UID: "8f76b894-9ce1-11e7-b8f4-f8bc12550954")
```
/cc @jsafrane @rootfs @msau42 @jingxu97
**Release note**:
```
NONE
```
Automatic merge from submit-queue (batch tested with PRs 52675, 52691). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..
Fix FC WaitForAttach not mounting a volume
**What this PR does / why we need it**:
WaitForAttach failed consistently with this error:
Heuristic determination of mount point failed:stat
/var/lib/kubelet/plugins/kubernetes.io/fc/wwn-lun-0:
no such file or directory
We should create dir at first to avoid the error.
**Which issue this PR fixes** : fixes#52674
**Special notes for your reviewer**:
@rootfs @jsafrane
**Release note**:
```
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..
RBD Plugin: Omit volume.MetricsProvider field and add some testcases.
**What this PR does / why we need it**:
Embedded struct `volume.MetricProvider` is capitalized and should be omitted in JSON marshalling. It's also a unmarshalable struct, will cause error in `RBDUtil.loadRBD`.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
It's a bug I introduced in https://github.com/kubernetes/kubernetes/pull/48486. It's my bad, sorry about that.
**Release note**:
```release-note
```
At volume attach/detach controller, GetVolumeName() is
expected to return unique volume identifier, but FC
plugin didn't return unique identifier if user specified
FC volume using target wwn and lun.
In order to return unique identifier, GetVolumeName()
should use combination of target wwn and lun.
Fixes#52690
WaitForAttach failed consistently with this error:
Heuristic determination of mount point failed:stat
/var/lib/kubelet/plugins/kubernetes.io/fc/<wwn>-lun-0:
no such file or directory
We should create dir first to avoid the error.
Fixes: #52674
This PR makes following changes.
- Simplify volume tearDown path for iSCSI and FC using
util.UnmountPath().
- Log lastErr during iscsi connection
If iscsid fails to connect second portal, currently
the error is ignored silently. The lastErr should be
logged to find the root cause of problem.
- Remove iscsi plugin directory after iscsi connection
is successfully closed.
Automatic merge from submit-queue (batch tested with PRs 52452, 52115, 52260, 52290)
fix azure disk mounter issue
**What this PR does / why we need it**:
fix azure disk mounter issue, it's a P1 bug, it exists in 1.7, 1.8 release, should cherry pick to 1.7, 1.8
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
fixes#52261
consider following issue:
1) A pod mounting an azure disk in a k8s agent
2) The kubelet is restarted in that k8s agent
3) The pod could not start up, it always reports error as following:
4d 1m 3065 kubelet, 14777acs9000 Warning FailedMount MountVolume.SetUp failed for volume "pvc-7a0cdeb9-92c7-11e7-b86b-000d3a36d70c" : azureDisk - No
t a mounting point for disk andykubewin175-dynamic-pvc-7a0cdeb9-92c7-11e7-b86b-000d3a36d70c on \var\lib\kubelet\pods\d146c023-92c7-11e7-b86b-000d3a36d70c\volumes\kubernetes.io~azure-disk\pvc-7a0cdeb9-92c7-11
e7-b86b-000d3a36d70c
4d 1m 3157 kubelet, 14777acs9000 Warning FailedMount Error syncing pod
**Special notes for your reviewer**:
If you take a look at following implementation of vsphere or gce, it will return nil instead of error:
https://github.com/kubernetes/kubernetes/blob/master/pkg/volume/vsphere_volume/vsphere_volume.go#L217-L220https://github.com/kubernetes/kubernetes/blob/master/pkg/volume/gce_pd/gce_pd.go#L273-L275
The logic of return info parsing here, it's wrong to return error
https://github.com/kubernetes/kubernetes/blob/master/pkg/volume/util/operationexecutor/operation_generator.go#L469-L475
**Release note**:
```release-note
```
Automatic merge from submit-queue
Fix swallowed errors in various volume packages
**What this PR does / why we need it**: Fixes swallowed errors in various volume packages.
**Release note**:
```release-note NONE
```
Automatic merge from submit-queue
Azuredisk mount on windows node
**What this PR does / why we need it**:
This PR will enable azure disk on windows node, customer could create a pod mounted with azure disk on windows node.
There are a few pending items still left:
1) Current fstype would be forced as NTFS, will change if there is such requirement
2) GetDeviceNameFromMount function is not implemented(empty) because in Linux, we could use "cat /proc/mounts" to read all mounting points in OS easily, but in Windows, there is no such place, I am still figuring out. The empty function would cause a few warning logging, but it will not affect the main logic now.
**Special notes for your reviewer**:
1. This PR depends on https://github.com/kubernetes/kubernetes/pull/51240, which allow windows mount path in config validation
2. There is a bug in docker on windows(https://github.com/moby/moby/issues/34729), the ContainerPath could only be a drive letter now(e.g. D:), dir path would fail in the end.
The example pod with mount path is like below:
```
kind: Pod
apiVersion: v1
metadata:
name: pod-uses-shared-hdd-5g
labels:
name: storage
spec:
containers:
- image: microsoft/iis
name: az-c-01
volumeMounts:
- name: blobdisk01
mountPath: 'F:'
nodeSelector:
beta.kubernetes.io/os: windows
volumes:
- name: blobdisk01
persistentVolumeClaim:
claimName: pv-dd-shared-hdd-5
```
**Release note**:
```release-note
Automatic merge from submit-queue (batch tested with PRs 51041, 52297, 52296, 52335, 52338)
Fix pagesize mount option name
**What this PR does / why we need it**:
Fixes#52337 .
add initial work for mount azure file on windows
fix review comments
full implementation for attach azure file on windows node
working azure file mount
remove useless functions
add a workable implementation about mounting azure file on windows node
fix review comments and make the pod creating successful even azure file mount failed
fix according to review comments
add mount_windows_test
add implementation for IsLikelyNotMountPoint func
remove mount_windows_test.go temporaly
add back unit test for mount_windows.go
add normalizeWindowsPath func
fix normalizeWindowsPath func issue
implment azure disk on windows
update bazel BUILD
revert validation.go change as it's another PR
fix merge issue and compiling issue
fix windows compiling issue
fix according to review comments
fix according to review comments
fix cross-build failure
fix according to review comments
fix test build failure temporalily
fix darwin build failure
fix azure windows test failure
add empty implementation of MakeRShared on windows
fix gofmt errors
As per glusterfs documentation it can't create
volumes in GiB and all sizes must be specified in GB.
This code was slightly buggy because we were creating
volumes of sizes lesser than user asked for
The commit allow ScaleIO volume plugin to read SDC GUID value as a node label.
If binary drv_cfg is not installed, the plugin will still work properly.
If node label not found, it defaults to drv_cfg if installed.
Modifies the VolumeZonePredicate to handle a PV that belongs to more
then one zone or region. This is indicated by the zone or region label
value containing a comma separated list.
Automatic merge from submit-queue (batch tested with PRs 51819, 51706, 51761, 51818, 51500)
Fix local storage code to follow go style
**What this PR does / why we need it**:
Fix local storage code to follow go style
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 51805, 51725, 50925, 51474, 51638)
Flexvolume dynamic plugin discovery: Prober unit tests and basic e2e test.
**What this PR does / why we need it**: Tests for changes introduced in PR #50031 .
As part of the prober unit test, I mocked filesystem, filesystem watch, and Flexvolume plugin initialization.
Moved the filesystem event goroutine to watcher implementation.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#51147
**Special notes for your reviewer**:
First commit contains added functionality of the mock filesystem.
Second commit is the refactor for moving mock filesystem into a common util directory.
Third commit is the unit and e2e tests.
**Release note**:
```release-note
NONE
```
/release-note-none
/sig storage
/assign @saad-ali @liggitt
/cc @mtaufen @chakri-nelluri @wongma7
Automatic merge from submit-queue (batch tested with PRs 51628, 51637, 51490, 51279, 51302)
Fix iSCSI WaitForAttach not mounting a volume
WaitForAttach failed consistently with this error:
```
Heuristic determination of mount point failed:stat /var/lib/kubelet/plugins/kubernetes.io/iscsi/iface-default/10.128.0.3:3260-iqn.2003-01.org.linux-iscsi.f21.x8664:sn.4b0aae584f7c-lun-0: no such file or directory
```
We should ignore "no such file or directory" eror, the directory is created just few lines below.
Fixes: #51625
**Release note**:
```release-note
NONE
```
/sig storage
/assign @mtanino
Automatic merge from submit-queue (batch tested with PRs 51574, 51534, 49257, 44680, 48836)
rbd: default image format to v2 instead of deprecated v1
**What this PR does / why we need it**:
Image format v1 has been deprecated since the Infernalis release of
Ceph over two years ago.
**Release note**:
```StorageClass Ceph RBD now defaults to using the v2 image format ```
WaitForAttach failed consistently with this error:
Heuristic determination of mount point failed:stat /var/lib/kubelet/plugins/kubernetes.io/iscsi/iface-default/10.128.0.3:3260-iqn.2003-01.org.linux-iscsi.f21.x8664:sn.4b0aae584f7c-lun-0: no such file or directory
We should ignore "no such file or directory" eror, the directory is created
just few lines below.
Automatic merge from submit-queue (batch tested with PRs 51439, 51361, 51140, 51539, 51585)
Iscsi handle failed mount
**What this PR does / why we need it**:
**Which issue this PR fixes**: fixes#50556
**Special notes for your reviewer**:
**Release note**:
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 50919, 51410, 50099, 51300, 50296)
Take mount options to GA by adding PV.spec.mountOptions
**What this PR does / why we need it**: Implements https://github.com/kubernetes/community/pull/771
issue: https://github.com/kubernetes/features/issues/168
**Special notes for your reviewer**:
TODO:
- ~StorageClass mountOptions~
As described in proposal, this adds PV.spec.mountOptions + mountOptions parameter to every plugin that is both provisionable & supports mount options.
(personally, even having done all the work already, i don't agree w/ the proposal that mountOptions should be SC parameter but... :))
**Release note**:
```release-note
Add mount options field to PersistentVolume spec
```
Automatic merge from submit-queue
Add volume operation metrics to operation executor and PV controller
This PR implements the proposal for high level volume metrics https://github.com/kubernetes/community/pull/809
**Special notes for your reviewer**:
~Differences from proposal:~ all resolved
~"verify_volume" is now "verify_volumes_are_attached" + "verify_volumes_are_attached_per_node" + "verify_controller_attached_volume." Which of them do we want?~
~There is no "mount_device" metric because the MountVolume operation combines MountDevice and mount (plugin.Setup). Do we want to extract the mount_device metric or is it okay to keep mountvolume as one? For attachable volumes, MountDevice is the actual mount and Setup is a bindmount + setvolumeownership. For unattachable, mountDevice does not occur and Setup is an actual mount + setvolumeownership.~
~PV controller metrics I did not implement following the proposal at all. I did not change goroutinemap nor scheduleOperation. Because provisionClaimOperation does not return an error, so it's impossible for the caller to know if there is actually a failure worth reporting. So I manually create a new metric inside the function according to some conditions.~
@gnufied
I have tested the operationexecutor metrics but not provision & delete. Sample:
**Release note**:
```release-note
Add error count and time-taken metrics for storage operations such as mount and attach, per-volume-plugin.
```
Automatic merge from submit-queue (batch tested with PRs 49849, 50334, 51414)
Support iscsi volume attach and detach
**What this PR does / why we need it**:
Support iSCSI volume attach and detach to enforce RWO access
**Which issue this PR fixes** : fixes#48953
**Special notes for your reviewer**:
**Release note**:
```
NONE
```
This change is prerequisite for implementing iSCSI attacher
and detacher.
In order to use chap authentication at iSCSI plugin after
implementing attacher and detacher, secret is needed at
AttachDisk() which is called from WaitForAttach().
To obtain secret, pod information is required, but
WaitForAttach() doesn't pass pod information inside.
This patch adds 'pod' as an argument of WaitForAttach()
and adds changes to drivers who implements WaitForAttach().
Fixes#48953
Automatic merge from submit-queue
Fix swallowed error in iscsi package
**What this PR does / why we need it**: Fixes a swallowed error in the iscsi package.
```release-note NONE
```
Automatic merge from submit-queue
Fix swallowed errors in tests of photon_pd package
**What this PR does / why we need it**: Fixes swallowed errors in the tests of the photon_pd package.
```release-note NONE
```
Automatic merge from submit-queue (batch tested with PRs 51174, 51363, 51087, 51382, 51388)
Fix swallowed error in scaleio package tests
**What this PR does / why we need it**: Fixes a dropped error in the tests of the scaleio package.
**Release note**:
```release-note NONE
```
Automatic merge from submit-queue (batch tested with PRs 51174, 51363, 51087, 51382, 51388)
Add InstanceExistsByProviderID to cloud provider interface for CCM
**What this PR does / why we need it**:
Currently, [`MonitorNode()`](02b520f0a4/pkg/controller/cloud/nodecontroller.go (L240)) in the node controller checks with the CCM if a node still exists by calling `ExternalID(nodeName)`. `ExternalID` is supposed to return the provider id of a node which is not supported on every cloud. This means that any clouds who cannot infer the provider id by the node name from a remote location will never remove nodes that no longer exist.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#50985
**Special notes for your reviewer**:
We'll want to create a subsequent issue to track the implementation of these two new methods in the cloud providers.
**Release note**:
```release-note
Adds `InstanceExists` and `InstanceExistsByProviderID` to cloud provider interface for the cloud controller manager
```
/cc @wlan0 @thockin @andrewsykim @luxas @jhorwit2
/area cloudprovider
/sig cluster-lifecycle
Automatic merge from submit-queue (batch tested with PRs 51054, 51101, 50031, 51296, 51173)
Dynamic Flexvolume plugin discovery, probing with filesystem watch.
**What this PR does / why we need it**: Enables dynamic Flexvolume plugin discovery. This model uses a filesystem watch (fsnotify library), which notifies the system that a probe is necessary only if something changes in the Flexvolume plugin directory.
This PR uses the dependency injection model in https://github.com/kubernetes/kubernetes/pull/49668.
**Release Note**:
```release-note
Dynamic Flexvolume plugin discovery. Flexvolume plugins can now be discovered on the fly rather than only at system initialization time.
```
/sig-storage
/assign @jsafrane @saad-ali
/cc @bassam @chakri-nelluri @kokhang @liggitt @thockin
Automatic merge from submit-queue (batch tested with PRs 51235, 50819, 51274, 50972, 50504)
handle failed mounts for fc volumes
**What this PR does / why we need it**: handles failed mounts for fc
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#50502
**Special notes for your reviewer**:
**Release note**:
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 51235, 50819, 51274, 50972, 50504)
Clean cinder detachlogerror
**What this PR does / why we need it**:
**Which issue this PR fixes** : fixes#50441
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 50033, 49988, 51132, 49674, 51207)
Adding fsGroup check before mounting a volume
fsGroup check will be enforcing that if a volume has already been
mounted by one pod and another pod wants to mount it but has a different
fsGroup value, this mount operation will not be allowed.
Closes#45053
Automatic merge from submit-queue (batch tested with PRs 50872, 51103, 51220, 51285, 50841)
ScaleIO: Use VolumeHost.GetExec() to execute stuff in volume plugins
This PR updates ScaleIO volume plugin to use `VolumeHost.GetExec()` to execute utilities like mkfs and lsblk instead of simple `os/exec` + to use a fresh `mounter` for every `SetUp` / `TearDown` calls, as they may be different each time.
This prepares the volume plugin to run these utilities in containers instead of running them on the host + makes the volume plugin more independent and less hardcoded.
See proposal in https://github.com/kubernetes/community/pull/589.
Note that this PR does **not** change place where the utilities are executed - `VolumeHost.GetExec()` still leads directly to `os/exec`. It will be changed when the aforementioned proposal is merged and implemented.
**Special notes for your reviewer**:
* I needed to pass `mount.Exec` interface from the place where it is available down to `SioClient` where it's needed to execute stuff.
@kubernetes/sig-storage-pr-reviews
/assign @vladimirvivien @rootfs
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 51114, 51233, 51024, 51053, 51197)
rbd: Use VolumeHost.GetExec() to execute stuff in volume plugins
**What this PR does / why we need it**:
This PR updates rbd volume plugin to use `VolumeHost.GetExec()` to execute utilities like mkfs and lsblk instead of simple `os/exec`. This prepares the volume plugin to run these utilities in containers instead of running them on the host + makes the volume plugin more independent and less hardcoded.
See proposal in https://github.com/kubernetes/community/pull/589.
Note that this PR does **not** change place where the utilities are executed - `VolumeHost.GetExec()` still leads directly to `os/exec`. It will be changed when the aforementioned proposal is merged and implemented.
@kubernetes/sig-storage-pr-reviews
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
RBD Plugin: Log RBD Attach/Mount/Unmout actions in addition to Detach
**What this PR does / why we need it**:
Currently, RBD Plugin can log a info message for a successful action of RBD Unmap, e.g.:
```
I0822 09:32:31.595162 15177 rbd_util.go:349] rbd: successfully unmap device /dev/rbd0
```
This PR adds logs for another three important actions: Attach, Mount and Unmount.
Logging these actions and associated info is *very* useful in diagnosing problems.
**Special notes for your reviewer**:
Example RBD Plugin logs of successful pod volume attaching and mounting:
```
I0822 09:30:27.512015 15177 rbd_util.go:148] lock list output "2017-08-22 09:30:27.493889 7fa4ae3c23c0 -1 auth: unable to find a keyring on /etc/ceph/ceph.client.kube.keyring,/etc/ceph/ceph.keyring,/etc/ceph/keyring,/etc/ceph/keyring.bin: (2) No such file or directory\n"
W0822 09:30:27.547513 15177 rbd_util.go:460] rbd: no watchers on kubernetes-dynamic-pvc-83bfd49e-871c-11e7-b88e-000c291fbe71
I0822 09:30:27.704703 15177 rbd_util.go:315] rbd: successfully map image kube/kubernetes-dynamic-pvc-83bfd49e-871c-11e7-b88e-000c291fbe71 to /dev/rbd0
I0822 09:30:27.965603 15177 rbd_util.go:322] rbd: successfully mount image kube/kubernetes-dynamic-pvc-83bfd49e-871c-11e7-b88e-000c291fbe71 at /var/lib/kubelet/plugins/kubernetes.io/rbd/rbd/kube-image-kubernetes-dynamic-pvc-83bfd49e-871c-11e7-b88e-000c291fbe71
```
Example RBD Plugin logs of successful pod volume detaching and unmouting:
```
I0822 09:32:31.380124 15177 rbd_util.go:334] rbd: successfully umount mountpoint /var/lib/kubelet/plugins/kubernetes.io/rbd/rbd/kube-image-kubernetes-dynamic-pvc-83bfd49e-871c-11e7-b88e-000c291fbe71
I0822 09:32:31.459867 15177 rbd_util.go:148] lock list output "2017-08-22 09:32:31.443643 7f2bb8ab53c0 -1 auth: unable to find a keyring on /etc/ceph/ceph.client.kube.keyring,/etc/ceph/ceph.keyring,/etc/ceph/keyring,/etc/ceph/keyring.bin: (2) No such file or directory\nThere is 1 exclusive lock on this image.\nLocker ID Address \nclient.64117 kubelet_lock_magic_k8s 192.168.2.128:0/4124042516 \n"
I0822 09:32:31.595162 15177 rbd_util.go:349] rbd: successfully unmap device /dev/rbd0
```
It does not add too much logs, but admins/ops can know what RBD plugin are doing internally and exact time a RBD image is mapped, mounted or unmounted (in addition to unmapped).
**Release note**:
```release-note
NONE
```
fsGroup check will be enforcing that if a volume has already been
mounted by one pod and another pod wants to mount it but has a different
fsGroup value, this mount operation will not be allowed.
Automatic merge from submit-queue (batch tested with PRs 51108, 51035, 50539, 51160, 50947)
iscsi: Use VolumeHost.GetExec() to execute stuff in volume plugins
**What this PR does / why we need it**:
This PR updates iSCSI volume plugin to use `VolumeHost.GetExec()` to execute utilities like mkfs and lsblk instead of simple `os/exec`. This prepares the volume plugin to run these utilities in containers instead of running them on the host + makes the volume plugin more independent and less hardcoded.
See proposal in https://github.com/kubernetes/community/pull/589.
Note that this PR does **not** change place where the utilities are executed - `VolumeHost.GetExec()` still leads directly to `os/exec`. It will be changed when the aforementioned proposal is merged and implemented.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 51113, 46597, 50397, 51052, 51166)
implement proposal 34058: hostPath volume type
**What this PR does / why we need it**:
implement proposal #34058
**Which issue this PR fixes** : fixes#46549
**Special notes for your reviewer**:
cc @thockin @luxas @euank PTAL
Automatic merge from submit-queue
quobyte: Use VolumeHost.GetExec() to execute stuff in volume plugins
**What this PR does / why we need it**:
This PR updates ~~nfs~~ quobyte volume plugin to use `VolumeHost.GetExec()` to execute utilities like mkfs and lsblk instead of simple `os/exec`. This prepares the volume plugin to run these utilities in containers instead of running them on the host + makes the volume plugin more independent and less hardcoded.
See proposal in https://github.com/kubernetes/community/pull/589.
Note that this PR does **not** change place where the utilities are executed - `VolumeHost.GetExec()` still leads directly to `os/exec`. It will be changed when the aforementioned proposal is merged and implemented.
@kubernetes/sig-storage-pr-reviews
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 38947, 50239, 51115, 51094, 51116)
StorageOS: Use VolumeHost.GetExec() to execute stuff in volume plugins
Use VolumeHost.GetExec() to execute stuff in volume plugins
**What this PR does / why we need it**:
This PR updates StorageOS volume plugin to use `VolumeHost.GetExec()` to execute utilities like mkfs and lsblk instead of simple `os/exec`. This prepares the volume plugin to run these utilities in containers instead of running them on the host + makes the volume plugin more independent and less hardcoded.
See proposal in https://github.com/kubernetes/community/pull/589.
Note that this PR does **not** change place where the utilities are executed - `VolumeHost.GetExec()` still leads directly to `os/exec`. It will be changed when the aforementioned proposal is merged and implemented.
@kubernetes/sig-storage-pr-reviews
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 38947, 50239, 51115, 51094, 51116)
Mark the volumes as detached when node does not exist
If node does not exist, node's volumes will be detached
automatically and become available. So mark them detached and do not return err.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
#50200
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 38947, 50239, 51115, 51094, 51116)
Call Fatalf instead of Errorf when mounter/unmounter is nil in volume tests
If we get a nil mounter or unmounter, a panic will occur. Should call `Fatalf` instead of `Errorf`.
Automatic merge from submit-queue (batch tested with PRs 51105, 51097, 51110, 50843, 51107)
gluster: Use VolumeHost.GetExec() to execute stuff in volume plugins
**What this PR does / why we need it**:
This PR updates GlusterFS volume plugin to use `VolumeHost.GetExec()` to execute utilities like mkfs and lsblk instead of simple `os/exec`. This prepares the volume plugin to run these utilities in containers instead of running them on the host + makes the volume plugin more independent and less hardcoded.
See proposal in https://github.com/kubernetes/community/pull/589.
Note that this PR does **not** change place where the utilities are executed - `VolumeHost.GetExec()` still leads directly to `os/exec`. It will be changed when the aforementioned proposal is merged and implemented.
**Special notes for your reviewer**:
There are two commits:
* The first one removes unused `plugin.execCommand` (so we don't need to update it to `VolumeHost.GetExec`)
* The second one does the `VolumeHost.GetExec` trick described above.
@kubernetes/sig-storage-pr-reviews
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 51105, 51097, 51110, 50843, 51107)
FlexVolume: Add ability to control 'SupportsSELinux' during driver's init phase
**What this PR does / why we need it**:
Adds the ability to disable FlexVolume SELinux relabeling for filesystems that don't support it, e.g. fuse
**Which issue this PR fixes**:
This was reported in: https://github.com/lizardfs/lizardfs/issues/581
This is a reworked solution as per feedback from #50548https://github.com/kubernetes/kubernetes/pull/50548#issuecomment-322328679
**Special notes for your reviewer**:
/assign @thockin
/cc @chakri-nelluri @verult @saad-ali
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 51105, 51097, 51110, 50843, 51107)
nfs: Use VolumeHost.GetExec() to execute stuff in volume plugins
**What this PR does / why we need it**:
This PR updates nfs volume plugin to use `VolumeHost.GetExec()` to execute utilities like mkfs and lsblk instead of simple `os/exec`. This prepares the volume plugin to run these utilities in containers instead of running them on the host + makes the volume plugin more independent and less hardcoded.
See proposal in https://github.com/kubernetes/community/pull/589.
Note that this PR does **not** change place where the utilities are executed - `VolumeHost.GetExec()` still leads directly to `os/exec`. It will be changed when the aforementioned proposal is merged and implemented.
@kubernetes/sig-storage-pr-reviews
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 51105, 51097, 51110, 50843, 51107)
azure: Use VolumeHost.GetExec() to execute stuff in volume plugins
**What this PR does / why we need it**:
This PR updates Azure volume plugin to use `VolumeHost.GetExec()` to execute utilities like mkfs and lsblk instead of simple `os/exec`. This prepares the volume plugin to run these utilities in containers instead of running them on the host + makes the volume plugin more independent and less hardcoded.
See proposal in https://github.com/kubernetes/community/pull/589.
Note that this PR does **not** change place where utilities are executed - `VolumeHost.GetExec()` still leads directly to `os/exec`. It will be changed when the aforementioned proposal is merged and implemented.
To simplify testing, `/sys/bus/scsi/devices/*/model` and `.../vendor` are read using `ioutil.ReadFile` instead of `/bin/cat` in the first commit.
```release-note
NONE
```
@kubernetes/sig-storage-pr-reviews @kubernetes/sig-azure-misc
Automatic merge from submit-queue (batch tested with PRs 51105, 51097, 51110, 50843, 51107)
fibre channel: Remove unused exe interface
**What this PR does / why we need it**:
`execCommand` is not used anywhere, let's remove it and associated `exe` field from several structs.
@kubernetes/sig-storage-pr-reviews
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
Add Humble as GlusterFS approver.
@humblec has shown his commitment into GlusterFS by number of commits there
and by support on sig-storage slack channel.
@kubernetes/sig-storage-misc
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 50806, 48789, 49922, 49935, 50438)
Fix Getpath() description
Modify the description of the word error
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 50806, 48789, 49922, 49935, 50438)
iSCSI volume plugin: iSCSI initiatorname support
**What this PR does / why we need it**:
This PR adds iSCSI initiatorname parameter to ISCSIVolumeSource to enable automatic configuration of initiator name per volume. This would allow for more fine grained configuration, and remove the need to configure the initiator name on the host by administrator.
**Which issue this PR fixes**: fixes#47311
**Special notes for your reviewer**:
/cc @rootfs @jsafrane @msau42
**Release note**:
```
iSCSI volume plugin: Support customization of iSCSI initiator name per volume
```
This prepares volume plugins to run things in containers instead of running
them on the host.
As consequence, a mount.Exec interface needs to be passed from VolumeHost
down to SioClient.
Automatic merge from submit-queue (batch tested with PRs 46458, 50934, 50766, 50970, 47698)
Prepare VolumeHost for running mount tools in containers
This is the first part of implementation of https://github.com/kubernetes/features/issues/278 - running mount utilities in containers.
It updates `VolumeHost` interface:
* `GetMounter()` now requires volume plugin name, as it is going to return different mounter to different volume plugings, because mount utilities for these plugins can be on different places.
* New `GetExec()` method that should volume plugins use to execute any utilities. This new `Exec` interface will execute them on proper place.
* `SafeFormatAndMount` is updated to the new `Exec` interface.
This is just a preparation, `GetExec` right now leads to simple `os.Exec` and mount utilities are executed on the same place as before. Also, the volume plugins will be updated in subsequent PRs (split into separate PRs, some plugins required lot of changes).
```release-note
NONE
```
@kubernetes/sig-storage-pr-reviews
@rootfs @gnufied
Automatic merge from submit-queue (batch tested with PRs 50693, 50831, 47506, 49119, 50871)
fix two typos in quobyte error message
Signed-off-by: allencloud <allen.sun@daocloud.io>
**What this PR does / why we need it**:
fix two typos in quobyte error message
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*:
NONE
**Special notes for your reviewer**:
NONE
**Release note**:
```release-note
NONE
```
This PR adds iSCSI initiatorname parameter to ISCSIVolumeSource
to enable automatic configuration of initiator name per volume.
This would allow for more fine grained configuration, and remove
the need to configure the initiator name on the host by
administrator.
fixes: #47311
Automatic merge from submit-queue (batch tested with PRs 50626, 50683, 50679, 50684, 50460)
Specify node labels for fakeVolumeHost
**What this PR does / why we need it**:
Adds ability to set arbitrary node labels to type `fakeVolumeHost`.
Allows creation of tests of code that depends on reading node labels using `fakeVolumeHost.GetNodeLabels() `.
**Release note**:
```release-note
NONE
```
If node doesn't exist, OpenStack Nova will assume the volumes
are not attached to it. So mark the volumes as detached and
return false without error.
Fix: #50200
Automatic merge from submit-queue
Fix dropped errors in vsphere_volume
**What this PR does / why we need it**: Error variables are being assigned in the vsphere_volume tests, but their values are being ignored.
**Release note**:
```release-note NONE
```
Automatic merge from submit-queue
Remove repeated reviewer's names
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue
remove the duplicate address of glusterfs
**What this PR does / why we need it**:
remove the duplicate endpoint address of glusterfs.
If there is no duplicate address of user config or the duplicate address is ok, we can remove the unused addr map.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 49615, 49321, 49982, 49788, 50355)
remove redundant comment
**What this PR does / why we need it**:
there has redundant comment and delete it!
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
VSphere cloud provider code refactoring
The current PR tracks the vSphere Cloud Provider code refactoring which includes the following changes.
- VCLib Package - A framework used by vSphere cloud provider for managing the vSphere entities. VCLib package mainly does the following:
- Volume management on datastore (Create/Delete)
- Volume management on Virtual Machines (Attach/Detach)
- Storage Policy Management
- vSphere Cloud Provider changes to implement the cloud provider interfaces by calling into VCLib package.
- Modifications to e2e tests to accomodate the latest design changes.
@divyenpatel @rohitjogvmw @luomiao
```release-note
vSphere cloud provider: vSphere cloud provider code refactoring
```
Automatic merge from submit-queue
checking if disk is already attached for photon
**What this PR does / why we need it**: check if disk is already attached
**Which issue this PR fixes** : fixes#49621
**Release note**:
```release-note
```
Automatic merge from submit-queue
Switch from package syscall to golang.org/x/sys/unix
**What this PR does / why we need it**:
The syscall package is locked down and the comment in https://github.com/golang/go/blob/master/src/syscall/syscall.go#L21-L24 advises to switch code to use the corresponding package from golang.org/x/sys. This PR does so and replaces usage of package syscall with package golang.org/x/sys/unix where applicable. This will also allow to get updates and fixes
without having to use a new go version.
In order to get the latest functionality, golang.org/x/sys/ is re-vendored. This also allows to use Eventfd() from this package instead of calling the eventfd() C function.
**Special notes for your reviewer**:
This follows previous works in other Go projects, see e.g. moby/moby#33399, cilium/cilium#588
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 49871, 49422, 49092, 49858, 48999)
ScaleIO Volume Plugin - Volume attribute fixes and updates
**What this PR does / why we need it**:
This is a housekeeping PR for small enhancements and fixes to the ScaleIO volume plugin to address issues:
- Enforcement of fsGroup
- Enable ScaleIO multiple-instance volume mapping
- Tighter validation of PVC parameters
- Injection of default PVC capacity when omitted
- Better alignment of PVC, PV, and volume names for dynamic provisioning
**Special notes for your reviewer**:
**Release note**:
```release-note
Enforcement of fsGroup; enable ScaleIO multiple-instance volume mapping; default PVC capacity; alignment of PVC, PV, and volume names for dynamic provisioning
```
Automatic merge from submit-queue (batch tested with PRs 49870, 49416, 49872, 49892, 49908)
FC volume plugin: remove block device at DetachDisk
**What this PR does / why we need it**:
After a volume is unmounted from pod and worker node, and then PV and PVC are deleted, cluster admin or external-provisioner might delete the disk from storage, therefore block device on the node should be cleaned up beforehand.
The photon volume plugin already has same functionality.
**Which issue this PR fixes**: fixes#49392
**Special notes for your reviewer**:
/assign @rootfs
/cc @jsafrane @saad-ali
**Release note**:
```
NONE
```
Automatic merge from submit-queue (batch tested with PRs 49284, 49555, 47639, 49526, 49724)
Supply Portworx StorageClass paramters in volume spec labels for server-side processing
**What this PR does / why we need it**:
This change offloads the requirement of successfully parsing all existing and new portworx volume parameters to it's server-side components. As a result, for fixing bugs in existing volume parameters parsing and adding new support, we will not need to submit a k8s PR.
**Which issue this PR fixes**: fixes#49525
**Release note**:
```release-note
Fix incorrect parsing of io_priority in Portworx volume StorageClass and add support for new paramters.
```
Automatic merge from submit-queue (batch tested with PRs 49284, 49555, 47639, 49526, 49724)
amend spec.PersistentVolume.Spec
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 49651, 49707, 49662, 47019, 49747)
remove the redundant err define
**What this PR does / why we need it**:
some place has define err ,like
class, err := volutil.GetClassForVolume(d.plugin.host.GetKubeClient(), d.spec)
so delete the err define!
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
This commit introduces the following updates and fixes:
- Enable scaleIO volume multip-mapping based on accessMode
- No longer uses "default" as default values for storagepool & protection domain
- validates capacity when capacity is zero
- Better naming for PV and volume
- make mount ro when accessModes contains ROM
After a volume is unmounted from pod and worker node,
cluster admin or external-provisioner might delete
the disk from storage, therefore block device on
the node should be cleaned up beforehand.
The photon volume plugin already has same functionality.
Fixes#49392
Automatic merge from submit-queue
Volunteer to review Cinder related code
**What this PR does / why we need it**:
Since i am currently helping with the OpenStack cloud provider, happy
to do the same with cinder package as well as they are related.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 49712, 49694, 49714, 49670, 49717)
FC volume plugin: remove unmount of global mount
**What this PR does / why we need it**:
The unmount operation for global mount should be done by reconciler.go instead of executing inside the FC Plugin since attacher/detacher for FC plugin was merged recently.
**Which issue this PR fixes** : fixes#49669
**Special notes for your reviewer**:
**Release note**:
```
NONE
```
Automatic merge from submit-queue (batch tested with PRs 49619, 49598, 47267, 49597, 49638)
Adding metrics support to local volume
Adding metrics support to local volume plugin.
Fixes#49601
Automatic merge from submit-queue (batch tested with PRs 49081, 49318, 49219, 48989, 48486)
Use MetricsStatsFs to expose RBD volume plugin metrics.
**What this PR does / why we need it**:
We need to monitor RBD volume usage of our cluster and configure alerts if RBD volume is nearly full. Users of cluster also need to see usage history graph on Grafana.
This PR use MetricsStatsFs to implement MetricsProvider interface of RBD plugin (same as `gce_pd`), so kubelet /stat/summary can expose RBD volume stats.
**Special notes for your reviewer**:
cc @rootfs
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
Tune Cinder approvers
I don't want to be single approver for cinder PRs, @anguslees is OpenStack maintainer and should be able to help with Cinder.
Any other volunteers from @kubernetes/sig-storage-pr-reviews or @k8s-sig-openstack-pr-reviews?
Note: @justinsb **is** still reviewer, he was just listed twice.
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 47357, 49514, 49271, 49572, 49476)
set default adminid for rbd deleter if unset
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#49225
**Special notes for your reviewer**:
/cc @BastiPaeltz @sjenning
**Release note**:
```release-note
set default adminid for rbd deleter if unset
```
flexVolumeMounter.SetUpAt creates a directory, where a volume has to be
mounted, and we have to remove this directory in error cases. Otherwise
we will see errors like this:
Orphaned pod 673b66d9-70f7-11e7-a5fa-525400307392 found, but volume paths are still present on disk
https://github.com/kubernetes/kubernetes/issues/49383
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Automatic merge from submit-queue (batch tested with PRs 49479, 49496)
tune iscsi and fc volume owner
**What this PR does / why we need it**:
add @mtanino to iscsi and fc volume reviewer
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
@kubernetes/sig-storage-misc
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 48911, 49475, 49438, 49362, 49274)
set RBD default values as constant vars
**What this PR does / why we need it**:
When working on #49225, I found some [default RBD parameters](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#ceph-rbd) had not been declared as constant values, which will be error-prone.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
set RBD default values as constant vars
```
Automatic merge from submit-queue (batch tested with PRs 48911, 49475, 49438, 49362, 49274)
Fixed glusterfs mount options
Capacity of a slice is the third argument, not the second one.
We use append() to fill the slice, so it should be empty at the beginning
and with the right capacity.
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 49444, 47864, 48584, 49395, 49118)
Allow unmounting bind-mounted directories.
**What this PR does / why we need it**:
For files, we cannot use `path/..`;
we could use `filepath.Dir` but for bind-mounted, `isNotMounted` which calls `IsLikelyNotMountPoint` would not work anyway.
Let's just have the driver do the work.
Addressing
```
Error: UnmountVolume.TearDown failed for volume "..." (volume.spec.Name: "...") pod "..." (UID: "...") with: lstat /path/.../test-flex/..: not a directory
```
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
N/A
**Special notes for your reviewer**:
N/A
**Release note**:
```release-note
It is now posible to use flexVolumes to bind mount directories and files.
```
Automatic merge from submit-queue (batch tested with PRs 45345, 49470, 49407, 49448, 49486)
Support "fstype" parameter in dynamically provisioned PVs
This PR is a replacement for https://github.com/kubernetes/kubernetes/pull/40805. I was not able to push fixes and rebases to the original branch as I don't have access to the Github organization anymore.
I assume the PR will need a new "ok to test"
**ORIGINAL PR DESCRIPTION**
**What this PR does / why we need it**: This PR allows specifying the desired FSType when dynamically provisioning volumes with storage classes. The FSType can now be set as a parameter:
```yaml
kind: StorageClass
apiVersion: storage.k8s.io/v1beta1
metadata:
name: test
provisioner: kubernetes.io/azure-disk
parameters:
fstype: xfs
```
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#37801
**Special notes for your reviewer**:
The PR also implicitly adds checks for unsupported parameters.
**Release note**:
```release-note
Support specifying of FSType in StorageClass
```
For bind-mounted directories, the isNotMounted which calls
IsLikelyNotMountPoint fails because the filesystem of the mounted
location and the parent directory are the same.
Addressing:
unmounter.go:59] Warning: Path: /path/.../test-dir already unmounted
Capacity of a slice is the third argument, not the second one.
We use append() to fill the slice, so it should be empty at the beginning
and with the right capacity.
The syscall package is locked down and the comment in [1] advises to
switch code to use the corresponding package from golang.org/x/sys. Do
so and replace usage of package syscall with package
golang.org/x/sys/unix where applicable.
[1] https://github.com/golang/go/blob/master/src/syscall/syscall.go#L21-L24
This will also allow to get updates and fixes for syscall wrappers
without having to use a new go version.
Errno, Signal and SysProcAttr aren't changed as they haven't been
implemented in /x/sys/. Stat_t from syscall is used if standard library
packages (e.g. os) require it. syscall.SIGTERM is used for
cross-platform files.
Automatic merge from submit-queue (batch tested with PRs 49328, 49285, 49307, 49127, 49163)
Make definite mount timeout for glusterfs volume mount.
The `backup-volfile-servers` mount option allows to specify more than
one server to be contacted in single mount command. With this option in place,
it is not required to iterate over all the servers in the addrlist.
A mount attempt with this option will fetch all the servers mentioned in
the list, Reference # https://access.redhat.com/documentation/en-US/Red_Hat_Storage/3/html/Administration_Guide/sect-Native_Client.html
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
Automatic merge from submit-queue (batch tested with PRs 49212, 49203, 49255)
If the init fails for whatever reason, plugin is nil and cannot be used.
**What this PR does / why we need it**:
Addressing
```
=== RUN TestCanSupport
E0719 13:48:19.829849 2289 driver-call.go:232] init command failed, status: Successx, reason:
--- FAIL: TestCanSupport (0.00s)
flexvolume_test.go:180: Can't find the plugin by name
panic: runtime error: invalid memory address or nil pointer dereference [recovered]
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x30 pc=0x11fc5b5]
```
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
N/A
**Special notes for your reviewer**:
N/A
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 49218, 48253, 48967, 48460, 49230)
Fix the Azure file to work within different cloud environments
**What this PR does / why we need it**:
Fix the Azure file plugin to work within different cloud environments.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#46081
cc @rootfs @brendandburns
Automatic merge from submit-queue (batch tested with PRs 48377, 48940, 49144, 49062, 49148)
support fc volume attach and detach
**What this PR does / why we need it**:
Support FC volume attach and detach to enforce RWO access
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#48953
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
Improve the warning message if the rbd command is not found.
**What this PR does / why we need it**:
The previous warning msg is not correct if there is no rbd cmd.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 48481, 48256)
Refactor: pkg/util into sub-pkgs
**What this PR does / why we need it**:
- move code in pkg/util into sub-pkgs
- delete some unused funcs
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#15634
**Special notes for your reviewer**:
This is the final work of #15634. It will close that issue.
/cc @thockin
**Release note**:
```release-note
NONE
```
`volumeoptions` which can be used to set various volume options.
for eg# if you want to enable encryption on volumes,
the values like `client.ssl on`, `server.ssl on`..etc can be passed
to `volumeoptions` parameter in storageclass.
Issue # https://github.com/kubernetes/kubernetes/issues/28454
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
Automatic merge from submit-queue (batch tested with PRs 48997, 48595, 48898, 48711, 48972)
Use local PX endpoint for mount, unmount, detach and attach calls
**What this PR does / why we need it**:
This PR fixes an issue with Setup and TearDown of Portworx volumes which has side-effects such a Pod using a Portworx volume not being able to start on the minion.
**Which issue this PR fixes**: fixes#49034
This PR addresses an issue that fails to mount, attach, unmount or detach a volume when Kubernetes sends these requests to Portworx when it's API server on that particular minion is down.
Portworx mount, unmount, attach and detach requests need to be received on the minion where the pod is running. So these calls need to talk to the Portworx API server running locally on that node (and NOT to the Portworx k8s service since it may route the request to any node in the cluster). This PR explicitly makes such requests local only.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 47417, 47638, 46930)
print non-existent key in configmap
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#41573
**Special notes for your reviewer**:
carry from #41574
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 46973, 48556)
Improve error reporting when flex driver has failed to initialize
**What this PR does / why we need it**:
This PR improves error reporting for the case when flex driver is failing to initialize. There are 2 improvements:
1) show only the plugin name instead of a full struct. This makes a message shorter and removes useless and internal information.
Before:
>E0605 16:44:59.330215 26786 plugins.go:359] Failed to load volume plugin &{k8s/nfs /usr/libexec/kubernetes/kubelet-plugins/volume/exec/k8s~nfs %!s(*kubelet.kubeletVolumeHost=&{0xc431ea5800 {{1 0} map[kubernetes.io/downward-api:0xc431ee3f20 kubernetes.io/aws-ebs:0xc431ee3eb0 kubernetes.io/git-repo:0xc431ee3ef0 kubernetes.io/host-path:0xc430e985f0 kubernetes.io/rbd:0xc42bfab840 kubernetes.io/quobyte:0xc431ee3f00 kubernetes.io/fc:0xc42bfab980 kubernetes.io/empty-dir:0xc431ee3ed0 kubernetes.io/nfs:0xc430e98640 kubernetes.io/iscsi:0xc42bfab720 kubernetes.io/glusterfs:0xc430faaba0 kubernetes.io/cinder:0xc42bfab8c0 kubernetes.io/gce-pd:0xc431ee3ee0 kubernetes.io/secret:0xc42bfab6a0 kubernetes.io/flocker:0xc431ee3f30 kubernetes.io/cephfs:0xc431ee3f10]} 0xc42698cf40}) %!s(*exec.executor=&{}) {%!s(int32=0) %!s(uint32=0)} []}, error: unexpected end of JSON input
After:
>E0605 16:59:45.520185 29041 plugins.go:359] Failed to load volume plugin k8s/nfs, error: unexpected end of JSON input
2) quote script output. In case the output was empty, messages look a bit better:
Before:
> E0605 16:44:59.330077 26786 driver-call.go:212] Failed to unmarshal output for command: init, **output: **, error: unexpected end of JSON input
> W0605 16:44:59.330170 26786 driver-call.go:140] FlexVolume: driver call failed: executable: /usr/libexec/kubernetes/kubelet-plugins/volume/exec/k8s\~nfs/nfs, args: [init], error: fork/exec /usr/libexec/kubernetes/kubelet-plugins/volume/exec/k8s\~nfs/nfs: permission denied, **output: **
After:
>E0605 16:59:45.519906 29041 driver-call.go:212] Failed to unmarshal output for command: init, **output: ""**, error: unexpected end of JSON input
>W0605 16:59:45.520109 29041 driver-call.go:140] FlexVolume: driver call failed: executable: /usr/libexec/kubernetes/kubelet-plugins/volume/exec/k8s\~nfs/nfs, args: [init], error: fork/exec /usr/libexec/kubernetes/kubelet-plugins/volume/exec/k8s\~nfs/nfs: permission denied, **output: ""**
Automatic merge from submit-queue
Fix comments and typo in the error message
**What this PR does / why we need it**:
This PR fixes outdated comments and typo in the error message.
**Release note**:
```release-note
NONE
```
CC @simo5
Automatic merge from submit-queue
Fix share name generation in azure file provisioner.
**What this PR does / why we need it**:
Azure file share name has a length limit of 63, but currently the code is using data volume's limit 75.
**Which issue this PR fixes**
With current implementation, when the cluster name is long, the resulting file share name could have a length of 75.
Also function `GenerateVolumeName` would produce double '-' when clusterName containing '-' is to be truncated.
In both cases, service would reject the creating file share request.
**Special notes for your reviewer**:
Please refer to:
https://docs.microsoft.com/en-us/rest/api/storageservices/naming-and-referencing-shares--directories--files--and-metadata#share-names
- Share names must be from 3 through 63 characters long.
- The name cannot contain two consecutive hyphens.
@rootfs @colemickens
**Release note**:
Automatic merge from submit-queue
remove some people from OWNERS so they don't get reviews anymore
These are googlers who don't work on the project anymore but are still
getting reviews assigned to them:
- @bprashanth
- @rjnagal
- @vmarmol
Automatic merge from submit-queue (batch tested with PRs 48425, 41680, 48457, 48619, 48635)
"rbd: image xxx is locked by other nodes" is misleading
**What this PR does / why we need it**:
For RWO PV, RBD plugin tries to fence it first, but there are many situations which may cause lock to fail, e.g.
- userSecret is incorrect
- monitor addresses are incorrect or node cannot access ceph cluster temporarily
- image is locked by other nodes
- maybe more...
So, original "image xxx is locked by other nodes" is incorrect in some cases and misleading in diagnosis.
This PR change the error to be correct and not misleading first. We may add detail error descriptions later.
**Special notes for your reviewer**:
New FailedMount event example if RBD plugin cannot lock image:
```
... FailedMount MountVolume.SetUp failed for volume "pvc-ee37a9c8-608e-11e7-b3a7-000c291fbe71" : rbd: failed to lock image kubernetes-dynamic-pvc-ee3b9911-608e-11e7-97b6-000c291fbe71 (maybe locked by other nodes), error exit status 22
```
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 48672, 47140, 48709, 48786, 48757)
glusterfs: retry without auto_unmount only when it's not supported
GlusterFS volume plugin should not blindly retry all failed mounts without
auto_unmount, it should retry them only when we are sure that auto_unmount
was the reason the first attempt failed.
@kubernetes/sig-storage-pr-reviews
/assign @humblec
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 48672, 47140, 48709, 48786, 48757)
use built-in path separator instead of hard coded
**What this PR does / why we need it**:
We should use built-in path separator to avoid hard coded strings.
**Which issue this PR fixes** :
**Special notes for your reviewer**:
**Release note**:
```release-note
None
```
Automatic merge from submit-queue
Local storage teardown fix
**What this PR does / why we need it**: Local storage uses bindmounts and the method IsLikelyNotMountPoint does not detect these as mountpoints. Therefore, local PVs are not properly unmounted when they are deleted.
**Which issue this PR fixes**: fixes#48331
**Special notes for your reviewer**:
You can use these e2e tests to reproduce the issue and validate the fix works appropriately https://github.com/kubernetes/kubernetes/pull/47999
The existing method IsLikelyNotMountPoint purposely does not check mountpoints reliability (4c5b22d4c6/pkg/util/mount/mount_linux.go (L161)), since the number of mountpoints can be large. 4c5b22d4c6/pkg/util/mount/mount.go (L46)
This implementation changes the behavior for local storage to detect mountpoints reliably, and avoids changing the behavior for any other callers to a UnmountPath.
**Release note**:
```
Fixes bind-mount teardown failure with non-mount point Local volumes (issue https://github.com/kubernetes/kubernetes/issues/48331).
```
Added IsNotMountPoint method to mount utils (pkg/util/mount/mount.go)
Added UnmountMountPoint method to volume utils (pkg/volume/util/util.go)
Call UnmountMountPoint method from local storage (pkg/volume/local/local.go)
IsLikelyNotMountPoint behavior was not modified, so the logic/behavior for UnmountPath is not modified
GlusterFS volume plugin should not blindly retry all failed mounts without
auto_unmount, it should retry them only when we are sure that auto_unmount
was the reason the first attempt failed.
Automatic merge from submit-queue (batch tested with PRs 48264, 48324, 48125, 47944, 47489)
Set quota for volumes
**What this PR does / why we need it**:
This PR allows users of the Quobyte Storage class to specify if automatically a Quota for the volume should be created. With a Quota a Quobyte volume can only grow in the specified size.
**Special notes for your reviewer**:
Update the Quobyte API version for the needed functionality.
Automatic merge from submit-queue (batch tested with PRs 47619, 47951, 46260, 48277)
iSCSi plugin: Remove redundant nil check
**What this PR does / why we need it**:
This patch is for cleanup of redundant nil check in iSCSI plugin.
This was mentioned at the code review on origin github thread.
https://github.com/openshift/origin/pull/14565
**Which issue this PR fixes**
**Special notes for your reviewer**:
**Release note**:
```
NONE
```
Automatic merge from submit-queue (batch tested with PRs 48074, 47971, 48044, 47514, 47647)
Use more meaningful and consistent variable names in glusterfs plugin.
Automatic merge from submit-queue
storageclass ceph add imageformat parameter
**What this PR does / why we need it**:
Add a imageformat parameter for StorageClass(ceph rbd)
k8s hard coded ceph imageformat 1, according to [ceph manual](http://docs.ceph.com/docs/master/man/8/rbd/), imageformat 1 was deprecated, we should add an extra ceph parameter to set ceph rbd imageformat. Ceph rbd imageformat can only be 1 or 2, set the default value to 1.
**Release note**:
```release-note
Allow StorageClass Ceph RBD to specify image format and image features.
```
Automatic merge from submit-queue (batch tested with PRs 47878, 47503, 47857)
Remove controller node plugin driver dependency for non-attachable fl…
…ex volume drivers (Ex: NFS).
**What this PR does / why we need it**:
Removes requirement to install flex volume drivers on master node for non-attachable drivers likes NFS.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#47109
```release-note
Fixes issue w/Flex volume, introduced in 1.6.0, where drivers without an attacher would fail (node indefinitely waiting for attach). Drivers that don't implement attach should return `attach: false` on `init`.
```
Automatic merge from submit-queue (batch tested with PRs 47851, 47824, 47858, 46099)
Revert 44714 manually
#44714 broke backward compatibility for old swagger spec that kubectl still uses. The decision on #47448 was to revert this change but the change was not automatically revertible. Here I semi-manually remove all references to UnixUserID and UnixGroupID and updated generated files accordingly.
Please wait for tests to pass then review that as there may still be tests that are failing.
Fixes#47448
Adding release note just because the original PR has a release note. If possible, we should remove both release notes as they cancel each other.
**Release note**: (removed by caesarxuchao)
UnixUserID and UnixGroupID is reverted back as int64 to keep backward compatibility.
Automatic merge from submit-queue (batch tested with PRs 34515, 47236, 46694, 47819, 47792)
not allow backsteps in local volume plugin
**Which issue this PR fixes** : fixes#47207
**Special notes for your reviewer**:
cc @msau42 @ddysher
Just follow @liggitt [commented](https://github.com/kubernetes/kubernetes/issues/47107#issuecomment-306831175).
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 34515, 47236, 46694, 47819, 47792)
remove unused constant
**What this PR does / why we need it**:
In flexvolume constant definitions, fix typo StatusFailure string to "Failure", not "Failed" at
b359034817/pkg/volume/flexvolume/flexvolume_util.go (L45)
**Which issue this PR fixes** _(optional, in `fixes #<issue number>(, #<issue_number>, ...)` format, will close that issue when PR gets merged)_: fixes #
#34510
**Special notes for your reviewer**:
Simple string literal change, but hopefully will prevent future confusion for developers.
Automatic merge from submit-queue (batch tested with PRs 47626, 47674, 47683, 47290, 47688)
validate host paths on the kubelet for backsteps
**What this PR does / why we need it**:
This PR adds validation on the kubelet to ensure the host path does not contain backsteps that could allow the volume to escape the PSP's allowed host paths. Currently, there is validation done at in API server; however, that does not account for mismatch of OS's on the kubelet vs api server.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#47107
**Special notes for your reviewer**:
cc @liggitt
**Release note**:
```release-note
Paths containing backsteps (for example, "../bar") are no longer allowed in hostPath volume paths, or in volumeMount subpaths
```
Automatic merge from submit-queue (batch tested with PRs 38751, 44282, 46382, 47603, 47606)
Adding 'flexvolume' prefix to FlexVolume plugin names.
**What this PR does / why we need it**: Adds a prefix to FlexVolume plugin names in order to more easily identify plugins as FlexVolume. Improves debugging.
**Special notes for your reviewer**: Unfortunately the delimiter after 'flexvolume' is restricted to either '-' or '.' . This makes the prefix seem like it's part of the vendor name. Not sure if this could cause issues later on.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 47204, 46808, 47432, 47400, 47099)
Remove broken getvolumename and pass PV or volume name to attach call
Cherry-picking https://github.com/kubernetes/kubernetes/pull/46249 to master
What this PR does / why we need it:
Flex getvolumename is broken in 1.6. It needs to be fixed comprehensively in 1.7 release. Removing the api in 1.6. Also pass PV or volume name to the driver during attach call. Detach uses PV or volume name, so plugin can use that information to map to PV.
Which issue this PR fixes (optional, in fixes #(, fixes #<issue_number>, ...) format, will close that issue when PR gets merged): fixes #
Fixes - #44737
Automatic merge from submit-queue (batch tested with PRs 47084, 46016, 46372)
Warn, instead of failing, if 'modprobe rbd' fails
Modprobe is a kernel operation that should only be done once to load the
RBD module. The admin could've done this on the Kubernetes nodes. The
RBD plugin can still try to load the module but it shouldnt fail the
workflow if it doesnt succeed.
Partially addresses #45190
Automatic merge from submit-queue (batch tested with PRs 46929, 47391, 47399, 47428, 47274)
Don't provision for PVCs with AccessModes unsupported by plugin
Fail early in case the user actually expects e.g. RWM from AWS when in reality that isn't possible.
@eparis @gnufied
edit: this needs release note because it's a breaking bugfix; will write one.
https://github.com/kubernetes/kubernetes/issues/46540
```release-note
Fix dynamic provisioning of PVs with inaccurate AccessModes by refusing to provision when PVCs ask for AccessModes that can't be satisfied by the PVs' underlying volume plugin
```
Automatic merge from submit-queue (batch tested with PRs 47075, 46342)
Remove hardcode for blocksize, use stat(), fixes test failure on SLES
**What this PR does / why we need it**:
Removes hardcoding for blocksize, fixes test failure on SLES
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#44022
**Special notes for your reviewer**:
**Release note**:
```release-note
```
If iscsiTransport is not tcp, iSCSI plugin tries to
find devicepath using filepath.Glob but never updates
devicepath with the filepath.Glob result.
This patch fixes the problem.
Fixes#47253
Automatic merge from submit-queue (batch tested with PRs 46977, 47005, 47018, 47061, 46809)
Waiting attach operation to be finished rather than returning nil
Fixes#46882
Automatic merge from submit-queue
Add SuccessfulMountVolume message to the events of pod
**What this PR does / why we need it:**
When creating a pod with volume, the volume mount may failed at first, but eventually succeed after retry several times. kubectl describe pod can only see the failed messages, so i think it will be better to add the SuccessfulMountVolume message to the pod events too.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
Fixes#42867
Automatic merge from submit-queue (batch tested with PRs 46239, 46627, 46346, 46388, 46524)
move labels to components which own the APIs
During the apimachinery split in 1.6, we accidentally moved several label APIs into apimachinery. They don't belong there, since the individual APIs are not general machinery concerns, but instead are the concern of particular components: most commonly the kubelet. This pull moves the labels into their owning components and out of API machinery.
@kubernetes/sig-api-machinery-misc @kubernetes/api-reviewers @kubernetes/api-approvers
@derekwaynecarr since most of these are related to the kubelet
Automatic merge from submit-queue
Log out from multiple target portals when using iscsi storage plugin
**What this PR does / why we need it**:
When using iscsi storage with multiple target portal (TP) addresses
and multipathing the volume manager logs on to the IQN for all
portal addresses, but when a pod gets destroyed the volume manager
only logs out for the primary TP and sessions for another TPs are
always remained.
This patch adds mount points for all TPs, and then log out from all
TPs when a pod is destroyed. If a TP is referred from another pods,
the connection will be remained as usual.
**Which issue this PR fixes**
fixes#45394
**Special notes for your reviewer**:
**Release note**:
```
NONE
```
Automatic merge from submit-queue
Migrate kubelet to ConfigMapManager interface and use TTL-based caching manager
Fixes#41379
Sometime ago we moved to a secret manager interface for kubelet to manage secrets.
This PR's first commit moves config map management also to a similar interface.
The second commit adds TTL-based CachingConfigMapManager (similar to CachingSecretManager) and makes kubelet use it.
/cc @kubernetes/sig-node-pr-reviews @kubernetes/sig-scalability-misc @wojtek-t @dchen1107
When using iscsi storage with multiple target portal (TP)
addresses and multipathing the volume manager logs on to
the IQN for all portal addresses, but when a pod gets
destroyed the volume manager only logs out for the primary
TP and sessions for another TPs are always remained.
This patch adds methods to store and load iscsi disk
configrations, then uses the stored config at DetachDisk
path.
Fix#45394
Automatic merge from submit-queue
Check volume's status before detaching volume
When volume's status is 'detaching', controllermanager will detach
it again and return err. It is necessary to check volume's status
before detaching volume.
same issue: #44536
Automatic merge from submit-queue (batch tested with PRs 46661, 46562, 46657, 46655, 46640)
remove redundant carriage return for readable
**What this PR does / why we need it**:
remove redundant carriage to make it more readable.
Automatic merge from submit-queue (batch tested with PRs 46076, 43879, 44897, 46556, 46654)
Local storage plugin
**What this PR does / why we need it**:
Volume plugin implementation for local persistent volumes. Scheduler predicate will direct already-bound PVCs to the node that the local PV is at. PVC binding still happens independently.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*:
Part of #43640
**Release note**:
```
Alpha feature: Local volume plugin allows local directories to be created and consumed as a Persistent Volume. These volumes have node affinity and pods will only be scheduled to the node that the volume is at.
```
When volume's status is 'detaching', controllermanager will detach
it again and return err. It is necessary to wait for detach
operation to complete within the alloted time.
Automatic merge from submit-queue (batch tested with PRs 46450, 46272, 46453, 46019, 46367)
Move MountVolume.SetUp succeeded to debug level
This message is verbose and repeated over and over again in log files
creating a lot of noise. Leave the message in, but require a -v in
order to actually log it.
**What this PR does / why we need it**: Moves a verbose log message to actually be verbose.
**Which issue this PR fixes** fixes#46364Fixes#29059
Automatic merge from submit-queue (batch tested with PRs 46383, 45645, 45923, 44884, 46294)
Node status updater now deletes the node entry in attach updates...
… when node is missing in NodeInformer cache.
- Added RemoveNodeFromAttachUpdates as part of node status updater operations.
**What this PR does / why we need it**: Fixes issue of unnecessary node status updates when node is deleted.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#42438
**Special notes for your reviewer**: Unit tested added, but a more comprehensive test involving the attach detach controller requires certain testing functionality that is currently absent, and will require larger effort. Will be added at a later time.
There is an edge case caused by the following steps:
1) A node is deleted and restarted. The node exists, but is not yet recognized by Kubernetes.
2) A pod requiring a volume attach with nodeName specifically set to this node.
This would make the pod stuck in ContainerCreating state. This is low-pri since it's a specific edge case that can be avoided.
**Release note**:
```release-note
NONE
```
This message is verbose and repeated over and over again in log files
creating a lot of noise. Leave the messsage in, but require a -v in
order to actually log it.
Fixes#29059
Automatic merge from submit-queue (batch tested with PRs 46429, 46308, 46395, 45867, 45492)
Implement FakeVolumePlugin's ConstructVolumeSpec method according to interface expectation.
This fixes#45803 and #46204.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 45518, 46127, 46146, 45932, 45003)
Remove requirement to run the Portworx volume driver on master node
**What this PR does / why we need it**:
This change removes requirement to run the Portworx volume driver on Kubernetes master node.
**Special notes for your reviewer**:
Before this pull request, in order to use a Portworx volume, users had to run the Portworx container on the master node. Since it isn't ideal (and impossible on GKE) to schedule any pods on the master node, this PR removes that requirement.
Automatic merge from submit-queue
fix regression in UX experience for double attach volume
send event when volume is not allowed to multi-attach
Fixes#46012
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 38505, 41785, 46315)
Only retrieve relevant volumes
**What this PR does / why we need it**:
Improves performance for Cinder volume attach/detach calls.
Currently when Cinder volumes are attached or detached, functions try to retrieve details about the volume from the Nova API. Because some only have the volume name not its UUID, they use the list function in gophercloud to iterate over all volumes to find a match. This incurs severe performance problems on OpenStack projects with lots of volumes (sometimes thousands) since it needs to send a new request when the current page does not contain a match. A better way of doing this is use the `?name=XXX` query parameter to refine the results.
**Which issue this PR fixes**:
https://github.com/kubernetes/kubernetes/issues/26404
**Special notes for your reviewer**:
There were 2 ways of addressing this problem:
1. Use the `name` query parameter
2. Instead of using the list function, switch to using volume UUIDs and use the GET function instead. You'd need to change the signature of a few functions though, such as [`DeleteVolume`](https://github.com/kubernetes/kubernetes/blob/master/pkg/volume/cinder/cinder.go#L49), so I'm not sure how backwards compatible that is.
Since #1 does effectively the same as #2, I went with it because it ensures BC.
One assumption that is made is that the `volumeName` being retrieved matches exactly the name of the volume in Cinder. I'm not sure how accurate that is, but I see no reason why cloud providers would want to append/prefix things arbitrarily.
**Release note**:
```release-note
Improves performance of Cinder volume attach/detach operations
```
An admin wants to specify in which AWS availability zone(s) users may create persistent volumes using dynamic provisioning.
That's why the admin can now configure in StorageClass object a comma separated list of zones. Dynamically created PVs for PVCs that use the StorageClass are created in one of the configured zones.
An admin wants to specify in which GCE availability zone(s) users may create persistent volumes using dynamic provisioning.
That's why the admin can now configure in StorageClass object a comma separated list of zones. Dynamically created PVs for PVCs that use the StorageClass are created in one of the configured zones.
The zone parameter provided in a Storage Class may erroneously be an empty string or contain only spaces and tab characters. Such situation shall be detected and reported as an error.
That's why the func ValidateZone was added.
An admin shall be able to configure a comma separated list of zones for a StorageClass.
That's why the func ZonesToSet (string) (set.String, error) is added. The func ZonesToSet converts a string containing a comma separated list of zones to a set. In case the list contains an empty zone an error is returned.
Automatic merge from submit-queue
Add `auto_unmount` mount option for glusterfs fuse mount.
libfuse has an auto_unmount option which, if enabled, ensures that
the file system is unmounted at FUSE server termination by running a
separate monitor process that performs the unmount when that occurs.
(This feature would probably better be called "robust auto-unmount",
as FUSE servers usually do try to unmount their file systems upon
termination, it's just this mechanism is not crash resilient.)
This change implements that option and behavior for glusterfs.
This option will be only supported for clients with version >3.11.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
libfuse has an auto_unmount option which, if enabled, ensures that
the file system is unmounted at FUSE server termination by running a
separate monitor process that performs the unmount when that occurs.
(This feature would probably better be called "robust auto-unmount",
as FUSE servers usually do try to unmount their file systems upon
termination, it's just this mechanism is not crash resilient.)
This change implements that option and behavior for glusterfs.
This option will be only supported for clients with version >3.11.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
Modprobe is a kernel operation that should only be done once to load the
RBD module. The admin could've done this on the Kubernetes nodes. The
RBD plugin can still try to load the module but it shouldnt fail the
workflow if it doesnt succeed.
Partially addresses #45190
Automatic merge from submit-queue (batch tested with PRs 45374, 44537, 45739, 44474, 45888)
Fix attach volume to instance repeatedly
1.When volume's status is 'attaching', controllermanager will attach
it again and return err. So it is necessary to check volume's
status before attach/detach volume.
2. When volume's status is 'attaching', its attachments will be None,
controllermanager can't get device path and make some failed event.
But it is normal, so don't return err when attachments is None
Fix bug: #44536
Automatic merge from submit-queue (batch tested with PRs 45408, 45355, 45528)
Make createEndpointService() and deleteEndpointService() plugin interface methods.
Why this change?
In some setups, after creation of dynamic PVs and before mounting/using these PVs in a pod, the endpoint/service got mistakenly deleted by the user/developer. By making these methods 'plugin' specific, we can call it from mounter if there are scenarios where the endpoint and service got wiped in between accidentally.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
In some setups, after creation of dynamic PVs and before mounting/using
these PVs in a pod, the endpoint/service got mistakenly deleted by the
user/developer. By making these methods 'plugin' specific, we can call
it from mounter if there are scenarios where the endpoint and service
got wiped in between accidentally.
Signed-off-by: Humble Chirammal hchiramm@redhat.com
When volume's status is 'attaching', its attachments will be None,
controllermanager can't get device path and make some failed event.
But it is normal, let's fix it.
Automatic merge from submit-queue (batch tested with PRs 44798, 45537, 45448, 45432)
nfs.go: cleancode err
**What this PR does / why we need it**:
The modification makes code clean, simple, and easy to inspect.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
Statefulsets for cinder: allow multi-AZ deployments, spread pods across zones
**What this PR does / why we need it**: Currently if we do not specify availability zone in cinder storageclass, the cinder is provisioned to zone called nova. However, like mentioned in issue, we have situation that we want spread statefulset across 3 different zones. Currently this is not possible with statefulsets and cinder storageclass. In this new solution, if we leave it empty the algorithm will choose the zone for the cinder drive similar style like in aws and gce storageclass solutions.
**Which issue this PR fixes** fixes#44735
**Special notes for your reviewer**:
example:
```
kind: StorageClass
apiVersion: storage.k8s.io/v1beta1
metadata:
name: all
provisioner: kubernetes.io/cinder
---
apiVersion: v1
kind: Service
metadata:
annotations:
service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
name: galera
labels:
app: mysql
spec:
ports:
- port: 3306
name: mysql
clusterIP: None
selector:
app: mysql
---
apiVersion: apps/v1beta1
kind: StatefulSet
metadata:
name: mysql
spec:
serviceName: "galera"
replicas: 3
template:
metadata:
labels:
app: mysql
annotations:
pod.alpha.kubernetes.io/initialized: "true"
spec:
containers:
- name: mysql
image: adfinissygroup/k8s-mariadb-galera-centos:v002
imagePullPolicy: Always
ports:
- containerPort: 3306
name: mysql
- containerPort: 4444
name: sst
- containerPort: 4567
name: replication
- containerPort: 4568
name: ist
volumeMounts:
- name: storage
mountPath: /data
readinessProbe:
exec:
command:
- /usr/share/container-scripts/mysql/readiness-probe.sh
initialDelaySeconds: 15
timeoutSeconds: 5
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
volumeClaimTemplates:
- metadata:
name: storage
annotations:
volume.beta.kubernetes.io/storage-class: all
spec:
accessModes: [ "ReadWriteOnce" ]
resources:
requests:
storage: 12Gi
```
If this example is deployed it will automatically create one replica per AZ. This helps us a lot making HA databases.
Current storageclass for cinder is not perfect in case of statefulsets. Lets assume that cinder storageclass is defined to be in zone called nova, but because labels are not added to pv - pods can be started in any zone. The problem is that at least in our openstack it is not possible to use cinder drive located in zone x from zone y. However, should we have possibility to choose between cross-zone cinder mounts or not? Imo it is not good way of doing things that they mount volume from another zone where the pod is located(means more network traffic between zones)? What you think? Current new solution does not allow that anymore (should we have possibility to allow it? it means removing the labels from pv).
There might be some things that needs to be fixed still in this release and I need help for that. Some parts of the code is not perfect.
Issues what i am thinking about (I need some help for these):
1) Can everybody see in openstack what AZ their servers are? Can there be like access policy that do not show that? If AZ is not found from server specs, I have no idea how the code behaves.
2) In GetAllZones() function, is it really needed to make new serviceclient using openstack.NewComputeV2 or could I somehow use existing one
3) This fetches all servers from some openstack tenant(project). However, in some cases kubernetes is maybe deployed only to specific zone. If kube servers are located for instance in zone 1, and then there are another servers in same tenant in zone 2. There might be usecase that cinder drive is provisioned to zone-2 but it cannot start pod, because kubernetes does not have any nodes in zone-2. Could we have better way to fetch kubernetes nodes zones? Currently that information is not added to kubernetes node labels automatically in openstack (which should I think). I have added those labels manually to nodes. If that zone information is not added to nodes, the new solution does not start stateful pods at all, because it cannot target pods.
cc @rootfs @anguslees @jsafrane
```release-note
Default behaviour in cinder storageclass is changed. If availability is not specified, the zone is chosen by algorithm. It makes possible to spread stateful pods across many zones.
```
Automatic merge from submit-queue
add rootfs gnufied and childsb to volume approver
**What this PR does / why we need it**:
add me and @gnufied @childsb to volume approver
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
Remove unnecessary constants and add type to secret
**What this PR does / why we need it**:
Adds the type field to the secret for the `persistent-volume-provisioning` example of Quobyte. Also remove unnecessary constants in Quobyte Code base.
FYI
@rootfs @saad-ali @quolix
Automatic merge from submit-queue (batch tested with PRs 44590, 44969, 45325, 45208, 44714)
Use dedicated UnixUserID and UnixGroupID types
**What this PR does / why we need it**:
DRYs up type definitions by using the dedicated types in apimachinery
**Which issue this PR fixes**
#38120
**Release note**:
```release-note
UIDs and GIDs now use apimachinery types
```
Automatic merge from submit-queue (batch tested with PRs 44590, 44969, 45325, 45208, 44714)
Refactor volume operation log and error messages
What this PR does / why we need it:
Adds wrappers for volume-specific error and log messages. Each message has a simple version that can be displayed to the user and a detailed version that can be used in logs. The messages that are used for events was also cleaned up. @msau42
Which issue this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close that issue when PR gets merged): fixes#40905
Special notes for your reviewer:
pkg/kubelet/volumemanager/reconciler/reconciler.go can be refactored. I can do that refactoring after this one.
Release note:
NONE
Automatic merge from submit-queue (batch tested with PRs 45283, 45289, 45248, 44295)
Azure disk: dealing with missing disk probe
**What this PR does / why we need it**:
While Azure disks are expected to attach to SCSI host 3 and above on general purpose instances, on certain Azure instances disks are under SCSI host 2.
This fix searches all LUNs but excludes those used by Azure sys disks, based on udev rules [here](https://raw.githubusercontent.com/Azure/WALinuxAgent/master/config/66-azure-storage.rules)
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue
Log node name when error attaching volume
Helps with debugging to know immediately which node the volume failed to atach to. Went through all plugins, added this to 3. @gnufied
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 44601, 44842, 44893, 44491, 44588)
Define const annotation variable once
We do not need to define the const annotation var twice in pkg/volume and pkg/volume/validation
**Release note**:
```release-note
NONE
```
When the attach/detach controller crashes and a pod with attached PV is deleted
afterwards the controller will never detach the pod's attached volumes. To
prevent this the controller should try to recover the state from the nodes
status.
Automatic merge from submit-queue (batch tested with PRs 40055, 42085, 44509, 44568, 43956)
Fix gofmt errors
**What this PR does / why we need it**:
There were some gofmt errors on master. Ran the following to fix:
```
hack/verify-gofmt.sh | grep ^diff | awk '{ print $2 }' | xargs gofmt -w -s
```
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: none
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 40777, 43673)
remove an unnecassary variable assignment in glusterfs_test
**What this PR does / why we need it**:
`path` is exactly the same variable as `volumePath`, which is defined in line 122 . So no needs to assign it.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 44362, 44421, 44468, 43878, 44480)
Delete EmptyDir volume directly instead of renaming the directory.
**What this PR does / why we need it**:
The volume operation executor can handle duplicate requests on the same volume now, so it is not necessary to rename the directory anymore. This change can cause pod deletion to take longer for large emptydir volumes because now the pod waits for the volume to be deleted until it continues pod cleanup. But this is actually required for local disk scheduling so that we don't schedule new pods that need emptydir volumes on the node if the previous emptydir has not be fully reclaimed yet.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#43534
**Special notes for your reviewer**:
**Release note**:
NONE
cc @kubernetes/sig-storage-pr-reviews
Automatic merge from submit-queue
Update owners to include kerneltime
**What this PR does / why we need it**: Update owners to include kerneltime to help with PRs
Automatic merge from submit-queue
Catch error when failed to make directory in NFS volume plugin
NFS: Catch error when failed to make directory
Currently, NFS volume plugin doesn't catch the error from
os.MkdirAll. That makes it difficult to debug why failed to make the
directory. This patch adds error catch to os.MkdirAll.
Automatic merge from submit-queue
azure disk: add logging on disk attach
**What this PR does / why we need it**:
While we were debugging a failed azure disk attach, we were missing logging information to identify the root cause. This fix logs information at each stage of attach to help identify where problem is once it happens again.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
NONE
Automatic merge from submit-queue (batch tested with PRs 44119, 42538, 43802, 42336, 43396)
iSCSI CHAP support
**What this PR does / why we need it**:
To support CHAP authentication in a multi-tenant setup
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
Support iSCSI CHAP authentication
```
Automatic merge from submit-queue
relocate FC multipath readme to examples from pkg/volume
Signed-off-by: rootfs <hchen@redhat.com>
**What this PR does / why we need it**:
`pkg/volume/README.md` is not a good place for Fiber Channel specific doc. Move the block into FC README.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 44008, 41929)
vSphere Cloud Provider: Fstype in storage class
This PR does following,
1. Adds fstype support in storage class for vSphere Cloud Provider.
2. Modify examples to include fstype in storage class.
3. Adds fstype support in storage class for Photon Controller Cloud Provider (@luomiao)
Internally reviewed [here](https://github.com/vmware/kubernetes/pull/88).
cc @pdhamdhere @tusharnt @kerneltime @BaluDontu @divyenpatel @luomiao
Automatic merge from submit-queue (batch tested with PRs 42038, 42083)
Add backup-volfile-servers to mount option.
This feature ensures the `backup servers` in the trusted pool is contacted if there is a failure in the connected server.
Mount option becomes:
mount -t glusterfs -o log-level=ERROR,log-file=/var/lib/kubelet/plugins/kubernetes.io/glusterfs/glustermount/glusterpod-glusterfs.log,backup-volfile-servers=192.168.100.0:192.168.200.0:192.168.43.149 ..
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
Automatic merge from submit-queue
Remove unused method from operation_generator
This is only a removal of the GerifyVolumeIsSafeToDetach [sic] method from operation_executor. The method is not called from anywhere, moreover there is a private method named verifyVolumeIsSafeToDetach (which is being used). This looks like a cut&paste mistake that deserves to be cleaned.
```release-note
NONE
```
Automatic merge from submit-queue
Curate owners for pkg/volume/aws_ebs
The previous list was algorithmically generated; applying some curation.
```release-note
NONE
```
The cloudprovider is being refactored out of kubernetes core. This is being
done by moving all the cloud-specific calls from kube-apiserver, kubelet and
kube-controller-manager into a separately maintained binary(by vendors) called
cloud-controller-manager. The Kubelet relies on the cloudprovider to detect information
about the node that it is running on. Some of the cloudproviders worked by
querying local information to obtain this information. In the new world of things,
local information cannot be relied on, since cloud-controller-manager will not
run on every node. Only one active instance of it will be run in the cluster.
Today, all calls to the cloudprovider are based on the nodename. Nodenames are
unqiue within the kubernetes cluster, but generally not unique within the cloud.
This model of addressing nodes by nodename will not work in the future because
local services cannot be queried to uniquely identify a node in the cloud. Therefore,
I propose that we perform all cloudprovider calls based on ProviderID. This ID is
a unique identifier for identifying a node on an external database (such as
the instanceID in aws cloud).
Automatic merge from submit-queue (batch tested with PRs 42835, 42974)
VSAN policy support for storage volume provisioning inside kubernetes
The vsphere users will have the ability to specify custom Virtual SAN Storage Capabilities during dynamic volume provisioning. You can now define storage requirements, such as performance and availability, in the form of storage capabilities during dynamic volume provisioning. The storage capability requirements are converted into a Virtual SAN policy which are then pushed down to the Virtual SAN layer when a storage volume (virtual disk) is being created. The virtual disk is distributed across the Virtual SAN datastore to meet the requirements.
For example, User creates a storage class with VSAN storage capabilities:
> kind: StorageClass
> apiVersion: storage.k8s.io/v1beta1
> metadata:
> name: slow
> provisioner: kubernetes.io/vsphere-volume
> parameters:
> hostFailuresToTolerate: "2"
> diskStripes: "1"
> cacheReservation: "20"
> datastore: VSANDatastore
The vSphere Cloud provider provisions a virtual disk (VMDK) on VSAN with the policy configured to the disk.
When you know storage requirements of your application that is being deployed on a container, you can specify these storage capabilities when you create a storage class inside Kubernetes.
@pdhamdhere @tthole @abrarshivani @divyenpatel
**Release note**:
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 43642, 43170, 41813, 42170, 41581)
Enable storage class support in Azure File volume
**What this PR does / why we need it**:
Support StorageClass in Azure file volume
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
Support StorageClass in Azure file volume
```
Automatic merge from submit-queue (batch tested with PRs 42522, 42545, 42556, 42006, 42631)
Fixes MountVolume.NewMounter errors not displayed to users via describe events
Fixes#42004
This fixes the problem of mount errors being eaten and not displayed to users again. Specifically erros caught in MountVolume.NewMounter (like missing endpoints, etc...)
Current behavior for any mount failure:
```
Events:
FirstSeen LastSeen Count From SubObjectPath Type Reason Message
--------- -------- ----- ---- ------------- -------- ------ -------
12m 12m 1 default-scheduler Normal Scheduled Successfully assigned glusterfs-bb-pod1 to 127.0.0.1
10m 1m 5 kubelet, 127.0.0.1 Warning FailedMount Unable to mount volumes for pod "glusterfs-bb-pod1_default(67c9dfa7-f9f5-11e6-aee2-5254003a59cf)": timeout expired waiting for volumes to attach/mount for pod "default"/"glusterfs-bb-pod1". list of unattached/unmounted volumes=[glusterfsvol]
10m 1m 5 kubelet, 127.0.0.1 Warning FailedSync Error syncing pod, skipping: timeout expired waiting for volumes to attach/mount for pod "default"/"glusterfs-bb-pod1". list of unattached/unmounted volumes=[glusterfsvol]
```
New Behavior:
For example on glusterfs - deliberately didn't create endpoints, now correct message is displayed:
```
Events:
FirstSeen LastSeen Count From SubObjectPath Type Reason Message
--------- -------- ----- ---- ------------- -------- ------ -------
2m 2m 1 default-scheduler Normal Scheduled Successfully assigned glusterfs-bb-pod1 to 127.0.0.1
54s 54s 1 kubelet, 127.0.0.1 Warning FailedMount Unable to mount volumes for pod "glusterfs-bb-pod1_default(8edd2c25-fa09-11e6-92ae-5254003a59cf)": timeout expired waiting for volumes to attach/mount for pod "default"/"glusterfs-bb-pod1". With error timed out waiting for the condition. list of unattached/unmounted volumes=[glusterfsvol]
54s 54s 1 kubelet, 127.0.0.1 Warning FailedSync Error syncing pod, skipping: timeout expired waiting for volumes to attach/mount for pod "default"/"glusterfs-bb-pod1". With error timed out waiting for the condition. list of unattached/unmounted volumes=[glusterfsvol]
2m 6s 814 kubelet, 127.0.0.1 Warning FailedMount MountVolume.NewMounter failed for volume "kubernetes.io/glusterfs/8edd2c25-fa09-11e6-92ae-5254003a59cf-glusterfsvol" (spec.Name: "glusterfsvol") pod "8edd2c25-fa09-11e6-92ae-5254003a59cf" (UID: "8edd2c25-fa09-11e6-92ae-5254003a59cf") with: endpoints "glusterfs-cluster" not found
```
Automatic merge from submit-queue (batch tested with PRs 42237, 42297, 42279, 42436, 42551)
should replace errors.New(fmt.Sprintf(...)) with fmt.Errorf(...)
Signed-off-by: yupengzte <yu.peng36@zte.com.cn>
**What this PR does / why we need it**:
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue
Add gnufied as reviewer for pkg/volume
I have helped review and contributed code to this
area already.
cc @saad-ali @jsafrane @childsb
Automatic merge from submit-queue
fc: Drop multipath.conf snippet
**What this PR does / why we need it**:
Removes multipath.conf - The code does not make use of it - or ensure s that it's getting used - and it should in addition be handled elsewehre.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
```
A minimalistic multipath.conf got written, but it was useless, as
it is unclear if multipathd is running and there was also no
config reload triggered.
This patch drops this snippet. In general it's probably a better idea
to leave the multipath.conf to the component managing the host.
Signed-off-by: Fabian Deutsch <fabiand@fedoraproject.org>
Auto-generated via:
git grep -l [Ss]uccesfully | xargs sed -ri 's/([sS])uccesfully/\1uccessfully/g'
I noticed this when running kube-scheduler with --v4 and it is annoying.
Then manually reverted changed to the vendored bits.
Automatic merge from submit-queue
recycle pod can't get the event since channel closed
What this PR does / why we need it:
We create a hostPath type PV with "Recycle" persistentVolumeReclaimPolicy, and bind a PVC to it, but after deleted the PVC, the PV cannot become to available status. This is happened after we upgrade etcd to 3.0. The reason is:
If the channel used to get the pod message and events been abnormal closed(for example, the event channel maybe closed because of "required revision has been compacted" error), the function internalRecycleVolumeByWatchingPodUntilCompletion will stuck in a loop, and the recycle pod will not been deleted, the PV can not become into available status
Special notes for your reviewer:
None
Release note:
This commit updates the code to set the default value of the readOnly attribute to false.
It also updates the example docs to add full list of supported plugin attributes and doc.
Automatic merge from submit-queue (batch tested with PRs 42369, 42375, 42397, 42435, 42455)
[Bug Fix]: Avoid evicting more pods than necessary by adding Timestamps for fsstats and ignoring stale stats
Continuation of #33121. Credit for most of this goes to @sjenning. I added volume fs timestamps.
**why is this a bug**
This PR attempts to fix part of https://github.com/kubernetes/kubernetes/issues/31362 which results in multiple pods getting evicted unnecessarily whenever the node runs into resource pressure. This PR reduces the chances of such disruptions by avoiding reacting to old/stale metrics.
Without this PR, kubernetes nodes under resource pressure will cause unnecessary disruptions to user workloads.
This PR will also help deflake a node e2e test suite.
The eviction manager currently avoids evicting pods if metrics are old. However, timestamp data is not available for filesystem data, and this causes lots of extra evictions.
See the [inode eviction test flakes](https://k8s-testgrid.appspot.com/google-node#kubelet-flaky-gce-e2e) for examples.
This should probably be treated as a bugfix, as it should help mitigate extra evictions.
cc: @kubernetes/sig-storage-pr-reviews @kubernetes/sig-node-pr-reviews @vishh @derekwaynecarr @sjenning
Automatic merge from submit-queue (batch tested with PRs 41306, 42187, 41666, 42275, 42266)
Implement bulk polling of volumes
This implements Bulk volume polling using ideas presented by
justin in https://github.com/kubernetes/kubernetes/pull/39564
But it changes the implementation to use an interface
and doesn't affect other implementations.
cc @justinsb
This implements Bulk volume polling using ideas presented by
justin in https://github.com/kubernetes/kubernetes/pull/39564
But it changes the implementation to use an interface
and doesn't affect other implementations.
Automatic merge from submit-queue (batch tested with PRs 41597, 42185, 42075, 42178, 41705)
force rbd image unlock if the image is not used
**What this PR does / why we need it**:
Ceph RBD image could be locked if the host that holds the lock is down. In such case, the image cannot be used by other Pods.
The fix is to detect the orphaned locks and force unlock.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#31790
**Special notes for your reviewer**:
Note, previously, RBD volume plugin maps the image, mount it, and create a lock on the image. Since the proposed fix uses `rbd status` output to determine if the image is being used, the sequence has to change to: rbd lock checking (through `rbd lock list`), mapping check (through `rbd status`), forced unlock if necessary (through `rbd lock rm`), image lock, image mapping, and mount.
**Release note**:
```release-note
force unlock rbd image if the image is not used
```
- Add a new type PortworxVolumeSource
- Implement the kubernetes volume plugin for Portworx Volumes under pkg/volume/portworx
- The Portworx Volume Driver uses the libopenstorage/openstorage specifications and apis for volume operations.
Changes for k8s configuration and examples for portworx volumes.
- Add PortworxVolume hooks in kubectl, kube-controller-manager and validation.
- Add a README for PortworxVolume usage as PVs, PVCs and StorageClass.
- Add example spec files
Handle code review comments.
- Modified READMEs to incorporate to suggestions.
- Add a test for ReadWriteMany access mode.
- Use util.UnmountPath in TearDown.
- Add ReadOnly flag to PortworxVolumeSource
- Use hostname:port instead of unix sockets
- Delete the mount dir in TearDown.
- Fix link issue in persistentvolumes README
- In unit test check for mountpath after Setup is done.
- Add PVC Claim Name as a Portworx Volume Label
Generated code and documentation.
- Updated swagger spec
- Updated api-reference docs
- Updated generated code under pkg/api/v1
Godeps update for Portworx Volume Driver
- Adds github.com/libopenstorage/openstorage
- Adds go.pedge.io/pb/go/google/protobuf
- Updates Godep Licenses
Automatic merge from submit-queue (batch tested with PRs 41116, 41804, 42104, 42111, 42120)
Add support for attacher/detacher interface in Flex volume
Add support for attacher/detacher interface in Flex volume
This change breaks backward compatibility and requires to be release noted.
```release-note
Flex volume plugin is updated to support attach/detach interfaces. It broke backward compatibility. Please update your drivers and implement the new callouts.
```
Add some lines about how to enable multipath for block storage.
A new README was added, because multipath is relevant for at least
FC and iSCSI.
Signed-off-by: Fabian Deutsch <fabiand@fedoraproject.org>
A minimalistic multipath.conf got written, but it was useless, as
it is unclear if multipathd is running and there was also no
config reload triggered.
This patch drops this snippet. In general it's probably a better idea
to leave the multipath.conf to the component managing the host.
Signed-off-by: Fabian Deutsch <fabiand@fedoraproject.org>
is contacted if there is a failure in the connected server.
Mount option becomes:
mount -t glusterfs -o log-level=ERROR,log-file=/var/lib/kubelet/plugins/kubernetes.io/glusterfs/glustermount/glusterpod-glusterfs.log,backup-volfile-servers=192.168.100.0:192.168.200.0:192.168.43.149 ..
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
Automatic merge from submit-queue
Fix for Support selection of datastore for dynamic provisioning in vS…
Fixes#40558
Current vSphere Cloud provider doesn't allow a user to select a datastore for dynamic provisioning. All the volumes are created in default datastore provided by the user in the global vsphere configuration file.
With this fix, the user will be able to provide the datastore in the storage class definition. This will allow the volumes to be created in the datastore specified by the user in the storage class definition. This field is optional. If no datastore is specified, the volume will be created in the default datastore specified in the global config file.
For example:
User creates a storage class with the datastore
kind: StorageClass
apiVersion: storage.k8s.io/v1beta1
metadata:
name: slow
provisioner: kubernetes.io/vsphere-volume
parameters:
diskformat: thin
datastore: VMFSDatastore
Now the volume will be created in the datastore - "VMFSDatastore" specified by the user.
If the user creates a storage class without any datastore
kind: StorageClass
apiVersion: storage.k8s.io/v1beta1
metadata:
name: slow
provisioner: kubernetes.io/vsphere-volume
parameters:
diskformat: thin
Now the volume will be created in the datastore which in the global configuration file (vsphere.conf)
@pdhamdhere @kerneltime
Automatic merge from submit-queue (batch tested with PRs 41667, 41820, 40910, 41645, 41361)
Allow multiple mounts in StatefulSet volume zone placement
We have some heuristics that ensure that volumes (and hence stateful set
pods) are spread out across zones. Sadly they forgot to account for
multiple mounts. This PR updates the heuristic to ignore the mount name
when we see something that looks like a statefulset volume, thus
ensuring that multiple mounts end up in the same AZ.
Fix#35695
```release-note
Fix zone placement heuristics so that multiple mounts in a StatefulSet pod are created in the same zone
```
Automatic merge from submit-queue (batch tested with PRs 41364, 40317, 41326, 41783, 41782)
changes to cleanup the volume plugin for recycle
**What this PR does / why we need it**:
Code cleanup. Changing from creating a new interface from the plugin, that then calls a function to recycle a volume, to adding the function to the plugin itself.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#26230
**Special notes for your reviewer**:
Took same approach from closed PR #28432.
Do you want the approach to be the same for NewDeleter(), NewMounter(), NewUnMounter() and should they be in this same PR or submit different PR's for those?
**Release note**:
```NONE
```
Automatic merge from submit-queue (batch tested with PRs 39373, 41585, 41617, 41707, 39958)
Fix ConfigMaps for Windows
**What this PR does / why we need it**: ConfigMaps were broken for Windows as the existing code used linux specific file paths. Updated the code in `kubelet_getters.go` to use `path/filepath` to get the directories. Also reverted back the code in `secret.go` as updating `kubelet_getters.go` to use `path/filepath` also fixes `secrets`
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes https://github.com/kubernetes/kubernetes/issues/39372
```release-note
Fix ConfigMap for Windows Containers.
```
cc: @pires
We have some heuristics that ensure that volumes (and hence stateful set
pods) are spread out across zones. Sadly they forgot to account for
multiple mounts. This PR updates the heuristic to ignore the mount name
when we see something that looks like a statefulset volume, thus
ensuring that multiple mounts end up in the same AZ.
Fix#35695
Automatic merge from submit-queue (batch tested with PRs 41531, 40417, 41434)
Always detach volumes in operator executor
**What this PR does / why we need it**:
Instead of marking a volume as detached immediately in Kubelet's
reconciler, delegate the marking asynchronously to the operator
executor. This is necessary to prevent race conditions with other
operations mutating the same volume state.
An example of one such problem:
1. pod is created, volume is added to desired state of the world
2. reconciler process starts
3. reconciler starts MountVolume, which is kicked off asynchronously via
operation_executor.go
4. MountVolume mounts the volume, but hasn't yet marked it as mounted
5. pod is deleted, volume is removed from desired state of the world
6. reconciler reaches detach volume section, detects volume is no longer in desired state of world,
removes it from volumes in use
7. MountVolume tries to mark mount, throws an error because
volume is no longer in actual state of world list. After this, kubelet isn't aware of the mount
so doesn't try to unmount again.
8. controller-manager tries to detach the volume, this fails because it
is still mounted to the OS.
9. EBS gets stuck indefinitely in busy state trying to detach.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#32881, fixes ##37854 (maybe)
**Special notes for your reviewer**:
**Release note**:
```release-note
```
To safely mark a volume detached when the volume controller manager is used.
An example of one such problem:
1. pod is created, volume is added to desired state of the world
2. reconciler process starts
3. reconciler starts MountVolume, which is kicked off asynchronously via
operation_executor.go
4. MountVolume mounts the volume, but hasn't yet marked it as mounted
5. pod is deleted, volume is removed from desired state of the world
6. reconciler detects volume is no longer in desired state of world,
removes it from volumes in use
7. MountVolume tries to mark volume in use, throws an error because
volume is no longer in actual state of world list.
8. controller-manager tries to detach the volume, this fails because it
is still mounted to the OS.
9. EBS gets stuck indefinitely in busy state trying to detach.
Automatic merge from submit-queue (batch tested with PRs 41246, 39998)
Cinder volume attacher: use instanceID instead of NodeID when verifying attachment
**What this PR does / why we need it**: Cinder volume attacher incorrectly uses NodeID instead of openstack instance id, so that reconciliation fails.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#39978
**Special notes for your reviewer**:
**Release note**:
```release-note
```
Automatic merge from submit-queue
Add gnufied as reviewer for aws and gce volumes
Adding myself as reviewer for aws and gce volume plugins. I understand the code well enough and have helped with review in those areas already.
cc @childsb @justinsb @saad-ali
This fix prevents the PV controller from forcefully overwriting the provisioned volume's name with the generated PV name. Instead, it allows dynamic provisioner implementers to set the name of the volume to a value that they choose.
Automatic merge from submit-queue (batch tested with PRs 38772, 38797, 40732, 40740)
Synchronous spellcheck for pkg/volume/*
**What this PR does / why we need it**: Increase code readability
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**: Minor contribution
**Release note**:
```release-note
```
Automatic merge from submit-queue (batch tested with PRs 40299, 40311)
move authoritative client-go util out of pkg
Move `client-go/pkg/util` which are authoritative to `client-go/util` to make it easier to reason about what comes from where.
Automatic merge from submit-queue
Adding rescan scsi controller for cinder
For lsilogic scsi controller, attached cinder volume does not
appear under /dev/ automatically unless do a rescan.
This approach was used in vSphere volume provider before PR #27496
dropped support for lsilogic scsi controller.
Automatic merge from submit-queue
Optional configmaps and secrets
Allow configmaps and secrets for environment variables and volume sources to be optional
Implements approved proposal c9f881b7bb
Release note:
```release-note
Volumes and environment variables populated from ConfigMap and Secret objects can now tolerate the named source object or specific keys being missing, by adding `optional: true` to the volume or environment variable source specifications.
```
Automatic merge from submit-queue (batch tested with PRs 37228, 40146, 40075, 38789, 40189)
Cleanup temp dirs
So funny story my /tmp ran out of space running the unit tests so I am cleaning up all the temp dirs we create.
Automatic merge from submit-queue (batch tested with PRs 39826, 40030)
azure disk: restrict length of name
**What this PR does / why we need it**:
Fixes dynamic disk provisioning on Azure by properly truncating the disk name to conform to the Azure API spec.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
n/a
**Special notes for your reviewer**:
n/a
**Release note**:
```release-note
azure disk: restrict name length for Azure specifications
```
cc: @rootfs
Automatic merge from submit-queue
Curating Owners: pkg/volume
cc @jsafrane @spothanis @agonzalezro @justinsb @johscheuer @simonswine @nelcy @pmorie @quofelix @sdminonne @thockin @saad-ali @rootfs
In an effort to expand the existing pool of reviewers and establish a
two-tiered review process (first someone lgtms and then someone
experienced in the project approves), we are adding new reviewers to
existing owners files.
If You Care About the Process:
------------------------------
We did this by algorithmically figuring out who’s contributed code to
the project and in what directories. Unfortunately, that doesn’t work
well: people that have made mechanical code changes (e.g change the
copyright header across all directories) end up as reviewers in lots of
places.
Instead of using pure commit data, we generated an excessively large
list of reviewers and pruned based on all time commit data, recent
commit data and review data (number of PRs commented on).
At this point we have a decent list of reviewers, but it needs one last
pass for fine tuning.
Also, see https://github.com/kubernetes/contrib/issues/1389.
TLDR:
-----
As an owner of a sig/directory and a leader of the project, here’s what
we need from you:
1. Use PR https://github.com/kubernetes/kubernetes/pull/35715 as an example.
2. The pull-request is made editable, please edit the `OWNERS` file to
remove the names of people that shouldn't be reviewing code in the
future in the **reviewers** section. You probably do NOT need to modify
the **approvers** section. Names asre sorted by relevance, using some
secret statistics.
3. Notify me if you want some OWNERS file to be removed. Being an
approver or reviewer of a parent directory makes you a reviewer/approver
of the subdirectories too, so not all OWNERS files may be necessary.
4. Please use ALIAS if you want to use the same list of people over and
over again (don't hesitate to ask me for help, or use the pull-request
above as an example)
Automatic merge from submit-queue (batch tested with PRs 39807, 37505, 39844, 39525, 39109)
fix bug not using volumetype config in create volume
fixes#39843
@humblec
we are building the volumetype config but I don't see where we are using it in the CreateVolume for dyn provisioning, this is why volumetype parameter from the Storage Class was being overlooked because we are hard coding constants like replicaCount which is always 3.
unless I'm missing something?
Automatic merge from submit-queue (batch tested with PRs 39486, 37288, 39477, 39455, 39542)
Fix wc zombie goroutine issue in volume util
See [Cadvisor #1558](https://github.com/google/cadvisor/pull/1558). This should solve problems for those using images that do not support "wc".
cc: @timstclair
Automatic merge from submit-queue (batch tested with PRs 39433, 39413)
"Attach" function records information collation
In the "attach" function, the log information, for the variable "instanceid", has been described as "node", as well as recorded as "instance", recorded as "instance" should be better.
Automatic merge from submit-queue
Add unit tests for operation_executor
Add unit test for `Unmount operations should start in parallel for all volume plugins`
cc: @saad-ali
Automatic merge from submit-queue (batch tested with PRs 39092, 39126, 37380, 37093, 39237)
Improve error reporting in Ceph RBD provisioner.
- We should report an error when user references a secret that cannot be found
- We should report output of rbd create/delete commands, logging "exit code 1"
is not enough.
Before:
```
Events:
FirstSeen LastSeen Count From SubobjectPath Type Reason Message
--------- -------- ----- ---- ------------- -------- ------ -------
33m 33m 1 {persistentvolume-controller } Warning ProvisioningFailed Failed to provision volume with StorageClass "cephrbdprovisioner": rbd: create volume failed, err: exit status 1
```
After:
```
Events:
FirstSeen LastSeen Count From SubobjectPath Type Reason Message
--------- -------- ----- ---- ------------- -------- ------ -------
33m 33m 1 {persistentvolume-controller } Warning ProvisioningFailed Failed to provision volume with StorageClass "cephrbdprovisioner": failed to create rbd image: exit status 1, command output: rbd: couldn't connect to the cluster
```
@rootfs, PTAL
Automatic merge from submit-queue (batch tested with PRs 37959, 36221)
Recycle Pod Template Check
The kube-controller-manager has two command line arguments (--pv-recycler-pod-template-filepath-hostpath and --pv-recycler-pod-template-filepath-nfs) that specify a recycle pod template. The recycle pod template may not contain the volume that shall be recycled.
A check is added to make sure that the recycle pod template contains at least a volume.
cc: @jsafrane
Automatic merge from submit-queue
Refactor operation_executor to make it testable
**What this PR does / why we need it**:
To refactor operation_executor to make it unit testable
**Release note**:
`NONE`
Automatic merge from submit-queue (batch tested with PRs 39152, 39142, 39055)
openstack: Forcibly detach an attached cinder volume before attaching elsewhere
Fixes#33288
**What this PR does / why we need it**:
Without this fix, we can't preemptively reschedule pods with persistent volumes to other hosts (for rebalancing or hardware failure recovery).
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#33288
**Special notes for your reviewer**:
(This is a resurrection/cleanup of PR #33734, originally authored by @Rotwang)
**Release note**:
Automatic merge from submit-queue (batch tested with PRs 39029, 39014)
[Glusterfs Vol Plugin]: Check kube client is invalid and return error
Fixes: #38939
In volume plugins, we need to create a kube client to make api call. And this kube client can be nil when, for example, wrong api-server configuration, but kubelet should not crash in this case.
I have also checked other plugins and found only glusterfs need this fix.
The kube-controller-manager has two command line arguments (--pv-recycler-pod-template-filepath-hostpath and --pv-recycler-pod-template-filepath-nfs) that specify a recycle pod template. The recycle pod template may not contain the volume that shall be recycled.
A check is added to make sure that the recycle pod template contains at least a volume.
Automatic merge from submit-queue (batch tested with PRs 36888, 38180, 38855, 38590)
wrong pod reference in error message for volume attach timeout
**What this PR does / why we need it**:
when a disk mount times out you get the following error:
```
Warning FailedSync Error syncing pod, skipping: timeout expired waiting for volumes to attach/mount for pod "nginx"/"default". list of unattached/unmounted volumes=[data]
```
where the pod is referenced by "podname"/"namespace", but should be "namespace"/"podname".
**Which issue this PR fixes**
no issue number
**Special notes for your reviewer**:
untested :(
Automatic merge from submit-queue (batch tested with PRs 38284, 38403, 38265, 38378)
glusterfs: properly check gidMin and gidMax values from SC individually
<!-- Thanks for sending a pull request! Here are some tips for you:
1. If this is your first time, read our contributor guidelines https://github.com/kubernetes/kubernetes/blob/master/CONTRIBUTING.md and developer guide https://github.com/kubernetes/kubernetes/blob/master/docs/devel/development.md
2. If you want *faster* PR reviews, read how: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/faster_reviews.md
3. Follow the instructions for writing a release note: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/pull-requests.md#release-notes
-->
**What this PR does / why we need it**:
This fixes a misleading debug message, and also prevents the glusterfs provisioner from adapting a misconfiguration of the gid-range in the storage class. Instead it will fail with proper error messages.
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
https://bugzilla.redhat.com/show_bug.cgi?id=1402286
**Special notes for your reviewer**:
**Release note**:
<!-- Steps to write your release note:
1. Use the release-note-* labels to set the release note state (if you have access)
2. Enter your extended release note in the below block; leaving it blank means using the PR title as the release note. If no release note is required, just write `NONE`.
-->
```release-note
```
Don't override explict out-of max-range configuration, but
fail with an error message instead.
Signed-off-by: Michael Adam <obnox@redhat.com>
Automatic merge from submit-queue (batch tested with PRs 36071, 32752, 37998, 38350, 38401)
Pass addressable values to DeepCopy
Extracted from https://github.com/kubernetes/kubernetes/pull/35728
These are the places we are currently calling DeepCopy incorrectly, and we need to fix, even if we don't pick up the changes to DeepCopy in #35728:
* creating a new cloner means we have no generated functions registered
* passing non-addressable values doesn't pick up generated deep copy functions, and forces us into reflective mode
Automatic merge from submit-queue
Fix unmountDevice issue caused by shared mount in GCI
This is a fix on top #38124. In this fix, we move the logic to filter
out shared mount references into operation_executor's UnmountDevice
function to avoid this part is being used by other types volumes such as
rdb, azure etc. This filter function should be only needed during
unmount device for GCI image.
Automatic merge from submit-queue (batch tested with PRs 36310, 37349, 38319, 38402, 38338)
Fix space issue in volumePath with vSphere Cloud Provider
I tried to create a kubernetes deployment with vSphere volume with volume path
"[datastore] kubevols/redis-master".
In this case the cloud provider queries the getDeviceNameFromMount() to return the path of the volume mounted. Since getDeviceNameFromMount() queries the filesystem to get the mount references, it returns a volume path "[datastore]\\040kubevols/redis-master". Later the kubelet searches for this volume path in both the actual and desired states. Th actual and desired states contains volume with path "[datastore] kubevols/redis-master". So, it couldn't find such volume path and therefore kubernetes stalls unable to make any progress further similar to one described in #37022.
This PR will fix the space issue in volume path by replacing \\040 to empty space. This fixes#37712.
Also fixes#38148
@kerneltime @pdhamdhere
This is a fix on top #38124. In this fix, we move the logic to filter
out shared mount references into operation_executor's UnmountDevice
function to avoid this part is being used by other types volumes such as
rdb, azure etc. This filter function should be only needed during
unmount device for GCI image.
Automatic merge from submit-queue (batch tested with PRs 38294, 37009, 36778, 38130, 37835)
fix permissions when using fsGroup
Currently, when an fsGroup is specified, the permissions of the defaultMode are not respected and all files created by the atomic writer have mode 777. This is because in `SetVolumeOwnership()` the `filepath.Walk` includes the symlinks created by the atomic writer. The symlinks have mode 777 when read from `info.Mode()`. However, when the are chmod'ed later, the chmod applies to the file the symlink points to, not the symlink itself, resulting in the wrong mode for the underlying file.
This PR skips chmod/chown for symlinks in the walk since those operations are carried out on the underlying file which will be included elsewhere in the walk.
xref https://bugzilla.redhat.com/show_bug.cgi?id=1384458
@derekwaynecarr @pmorie
this is a workaround for the unmount device issue caused by gci mounter. In GCI cluster, if gci mounter is used for mounting, the container started by mounter script will cause additional mounts created in the container. Since these mounts are irrelavant to the original mounts, they should be not considered when checking the mount references. By comparing the mount path prefix, those additional mounts can be filtered out.
Plan to work on better approach to solve this issue.
Automatic merge from submit-queue (batch tested with PRs 38076, 38137, 36882, 37634, 37558)
glusterfs: Fix all gid types to int to prevent failures on 32bit systems
<!-- Thanks for sending a pull request! Here are some tips for you:
1. If this is your first time, read our contributor guidelines https://github.com/kubernetes/kubernetes/blob/master/CONTRIBUTING.md and developer guide https://github.com/kubernetes/kubernetes/blob/master/docs/devel/development.md
2. If you want *faster* PR reviews, read how: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/faster_reviews.md
3. Follow the instructions for writing a release note: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/pull-requests.md#release-notes
-->
**What this PR does / why we need it**:
The glusterfs dynamic provisioner with GID security has an issue on 32 bit systems.
This fixes that issue by forcing all gid types to int internally.
<!--
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
-->
**Release note**:
<!-- Steps to write your release note:
1. Use the release-note-* labels to set the release note state (if you have access)
2. Enter your extended release note in the below block; leaving it blank means using the PR title as the release note. If no release note is required, just write `NONE`.
-->
```release-note
Fix the glusterfs dynamic provisioner for 32bit systems by limiting the gids to type int internally, and allowing 2147483647 as the highest GID.
```
This makes all types int until we hand the GID to heketi/gluster,
at which point it's converted to int64.
It also limits the maximum usable GID ti math.MaxInt32 = 2147483647.
Signed-off-by: Michael Adam <obnox@redhat.com>
This makes all types int until we hand the GID to heketi/gluster,
at which point it's converted to int64.
It also limits the maximum usable GID ti math.MaxInt32 = 2147483647.
Signed-off-by: Michael Adam <obnox@redhat.com>
Automatic merge from submit-queue
Implement GID security for the GlusterFS dynamic provisioner.
<!-- Thanks for sending a pull request! Here are some tips for you:
1. If this is your first time, read our contributor guidelines https://github.com/kubernetes/kubernetes/blob/master/CONTRIBUTING.md and developer guide https://github.com/kubernetes/kubernetes/blob/master/docs/devel/development.md
2. If you want *faster* PR reviews, read how: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/faster_reviews.md
3. Follow the instructions for writing a release note: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/pull-requests.md#release-notes
-->
**What this PR does / why we need it**:
This PR implements GID security for the glusterfs dynamic provisioner.
It is a reworked version of PR #37549 .
<!--
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
-->
**Release note**:
<!-- Steps to write your release note:
1. Use the release-note-* labels to set the release note state (if you have access)
2. Enter your extended release note in the below block; leaving it blank means using the PR title as the release note. If no release note is required, just write `NONE`.
-->
```release-note
The glusterfs dynamic volume provisioner will now choose a unique GID for new persistent volumes from a range that can be configured in the storage class with the "gidMin" and "gidMax" parameters. The default range is 2000 - 4294967295 (max uint32).
```
An allocator of integers that allows for changing the range.
Previously allocated numbers are not lost, and can be
released later even if they have fallen outside of the range.
Signed-off-by: Michael Adam <obnox@redhat.com>
Automatic merge from submit-queue
Add `clusterid`, an optional parameter to storageclass.
At present, admin doesn't have the privilege to chose the
trusted storage pool from which persistent gluster volume
has to be provided.
This patch introduce a new storage class parameter which allows
the admin to specify storage pool/cluster if required.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
Automatic merge from submit-queue
kubernetes attempts to unmount a wrong vSphere volume and stops making any progress after that
This is in reference to the bug #37332 which was accidentally closed. So created this new PR.
The code is already reviewed as part of PR #37332
Fixes issue #37022
@saad-ali @jingxu97 @abrarshivani @kerneltime
Automatic merge from submit-queue
Fix photon controller plugin to construct with correct PdID
**What this PR does / why we need it**:
This PR is to fix a mismatching of unmount path in photon volume plugin, which is resulted from the assigning volume spec name to persistent disk ID. Without this path, unmounting process is stalling in reconciler when a pod is deleted. Restart the same pod will see a mount failure because the previous unmounting is still going on.
The input variable of function ConstructVolumeSpec is the volume spec name instead of persistent disk ID. Previously the function directly construct new volume spec by assigning volume spec name to persistent disk ID, which will result in mismatching of mount path. The fix will find the pdID according to mount path and construct volume spec with the correct pdID.
I have tested the patch with back-to-back pod creation/deletion and mounting/unmounting of photon persistent disk volume source performs normal now.
This need to be cherry-picked to 1.5 release branch.
Automatic merge from submit-queue
Reduce verbosity of volume reconciler
**What this PR does / why we need it**:
It reduces the log verbosity for attaching of volumes
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
Reduce verbosity of volume reconciler when attaching volumes
```
Set logging level for information about attaching of volumes to from 1 to 4
Otherwise the log is spammed with one line per 100ms while attaching is
in progress and afterwards as long as the volume is attached.
- We should report an error when user references a secret that cannot be found
- We should report output of rbd create/delete commands, logging "exit code 1"
is not enough.
Before:
```
Events:
FirstSeen LastSeen Count From SubobjectPath Type Reason Message
--------- -------- ----- ---- ------------- -------- ------ -------
33m 33m 1 {persistentvolume-controller } Warning ProvisioningFailed Failed to provision volume with StorageClass "cephrbdprovisioner": rbd: create volume failed, err: exit status 1
```
After:
```
Events:
FirstSeen LastSeen Count From SubobjectPath Type Reason Message
--------- -------- ----- ---- ------------- -------- ------ -------
33m 33m 1 {persistentvolume-controller } Warning ProvisioningFailed Failed to provision volume with StorageClass "cephrbdprovisioner": failed to create rbd image: exit status 1, command output: rbd: couldn't connect to the cluster
```
The input variable of function ConstructVolumeSpec is the volume spec
name instead of persistent disk ID. Previously the function directly
construct new volume spec by assigning volume spec name to persistent
disk ID, which will result in mismatching of mount path. The fix will
find the pdID according to mount path and construct volume spec with the
correct pdID.
trusted storage pool from which persistent gluster volume
has to be provided.
This patch introduce a new storage class parameter which allows
the admin to specify storage pool/cluster if required.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
Automatic merge from submit-queue
Add more logging around Pod deletion
After this PR we'll have at least V(2) level log near all Pod deletions.
@saad-ali - this is required by GKE to help with diagnosing possible problem.
cc @dchen1107 @wojtek-t
For lsilogic scsi controller, attached cinder volume does not
appear under /dev/ automatically unless do a rescan.
This approach was used in vSphere volume provider before PR #27496
dropped support for lsilogic scsi controller.
Automatic merge from submit-queue
Revert "Use Gid when provisioning Gluster Volumes."
On further inspection the design in #35460 was not secure enough. This PR reverts the change.
This reverts commit 7a0d219d12.
Automatic merge from submit-queue
fix issue in converting aws volume id from mount paths
This PR is to fix the issue in converting aws volume id from mount
paths. Currently there are three aws volume id formats supported. The
following lists example of those three formats and their corresponding
global mount paths:
1. aws:///vol-123456
(/var/lib/kubelet/plugins/kubernetes.io/aws-ebs/mounts/aws/vol-123456)
2. aws://us-east-1/vol-123456
(/var/lib/kubelet/plugins/kubernetes.io/mounts/aws/us-est-1/vol-123455)
3. vol-123456
(/var/lib/kubelet/plugins/kubernetes.io/mounts/aws/us-est-1/vol-123455)
For the first two cases, we need to check the mount path and convert
them back to the original format.
This PR fixes#36269
Automatic merge from submit-queue
Fix recycler pod deletion race.
We should use clone of recycler pod template instead of reusing the same
one for two or more recyclers running in parallel.
Also add some logs to relevant places to spot the error easily next time.
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1392338
This PR is to fix the issue in converting aws volume id from mount
paths. Currently there are three aws volume id formats supported. The
following lists example of those three formats and their corresponding
global mount paths:
1. aws:///vol-123456
(/var/lib/kubelet/plugins/kubernetes.io/aws-ebs/mounts/aws/vol-123456)
2. aws://us-east-1/vol-123456
(/var/lib/kubelet/plugins/kubernetes.io/mounts/aws/us-est-1/vol-123455)
3. vol-123456
(/var/lib/kubelet/plugins/kubernetes.io/mounts/aws/us-est-1/vol-123455)
For the first two cases, we need to check the mount path and convert
them back to the original format.
We should use clone of recycler pod template instead of reusing the same
one for two or more recyclers running in parallel.
Also add some logs to relevant places to spot the error easily next time.
Automatic merge from submit-queue
Avoid setting S_ISGID on files in volumes
Some applications are having issues with setting the S_ISGID bit on files in volumes. We intend to do this for directories so that the group ID is inherited, but not files for which S_ISGID indicates madatory file locking https://linux.die.net/man/2/stat
xref https://bugzilla.redhat.com/show_bug.cgi?id=1387306
@ncdc @derekwaynecarr @pmorie
Automatic merge from submit-queue
Make a consistent name ( GlusterFS instead of Gluster) in variables a…
Signed-off-by: Humble Chirammal hchiramm@redhat.com
Directories in volumes are set S_ISGID to ensure files created inside
them inherit group ownership. Currently, files are also set S_ISGID
however this is not relevant to the original intent, and indicates
'mandatory file locking' (stat(2)).
With this commit, only directories are set S_ISGID.
struct hostPathPlugin contains newRecyclerFunc, newDeleterFunc and newProvisionerFunc items that have only one instance, i.e. newRecycler, newDeleter or newProvisioner function.
That's why the newRecyclerFunc, newDeleterFunc and newProvisionerFunc items are removed and the newRecycler, newDeleter or newProvisioner functions are called directly.
In addition, the TestRecycler tests whether NewFakeRecycler function is called and returns nil. This is no longer needed so this particular part of the test is removed. In addition, the no longer used NewFakeRecycler function is removed also.
Similarly for the NFS plugin, struct nfsPlugin contains newRecyclerFunc item that has only one instance, i.e. newRecycler function. That's why the newRecyclerFunc item is removed and the newRecycler function is called directly. In addition, the TestRecycler tests whether newMockRecycler function is called and returns nil. This is no longer needed so this particular part of the test is removed. In addition, the no longer used newMockRecycler function is removed also.
Automatic merge from submit-queue
Remove PV annotations for quobyte provisioner
This is the last provisioner that uses annotations to pass secrets from provisioner to deleter.
Fixes#34822
@johscheuer, I don't have access to quobyte, please take look and retest the plugin. An e2e test for quobyte would be nice!
@kubernetes/sig-storage
Automatic merge from submit-queue
Remove unused WaitForDetach from Detacher interface and plugins
See issue #33128 and PR #33270
We can't rely on the device name provided by OpenStack Cinder, and thus
must perform detection based on the drive serial number (aka It's cinder ID)
on the kubelet itself.
This needs to be removed now, as part of #33128, as the code can't be
updated to attempt device detection and fallback through to the Cinder
provided deviceName, as detection "fails" when the device is gone, and
if cinder has reported a deviceName that another volume has used in
relaity, then this will block forever (or until the other, unreleated,
volume has been detached)
Automatic merge from submit-queue
Remove GetRootContext method from VolumeHost interface
Remove the `GetRootContext` call from the `VolumeHost` interface, since Kubernetes no longer needs to know the SELinux context of the Kubelet directory.
Per #33951 and #35127.
Depends on #33663; only the last commit is relevant to this PR.
Automatic merge from submit-queue
Initial work on running windows containers on Kubernetes
<!-- Thanks for sending a pull request! Here are some tips for you:
1. If this is your first time, read our contributor guidelines https://github.com/kubernetes/kubernetes/blob/master/CONTRIBUTING.md and developer guide https://github.com/kubernetes/kubernetes/blob/master/docs/devel/development.md
2. If you want *faster* PR reviews, read how: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/faster_reviews.md
3. Follow the instructions for writing a release note: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/pull-requests.md#release-notes
-->
This is the first stab at getting the Kubelet running on Windows (fixes#30279), and getting it to deploy network-accessible pods that consist of Windows containers. Thanks @csrwng, @jbhurat for helping out.
The main challenge with Windows containers at this point is that container networking is not supported. In other words, each container in the pod will get it's own IP address. For this reason, we had to make a couple of changes to the kubelet when it comes to setting the pod's IP in the Pod Status. Instead of using the infra-container's IP, we use the IP address of the first container.
Other approaches we investigated involved "disabling" the infra container, either conditionally on `runtime.GOOS` or having a separate windows-docker container runtime that re-implemented some of the methods (would require some refactoring to avoid maintainability nightmare).
Other changes:
- The default docker endpoint was removed. This results in the docker client using the default for the specific underlying OS.
More detailed documentation on how to setup the Windows kubelet can be found at https://docs.google.com/document/d/1IjwqpwuRdwcuWXuPSxP-uIz0eoJNfAJ9MWwfY20uH3Q.
cc: @ikester @brendandburns @jstarks
Automatic merge from submit-queue
Per Volume Inode Accounting
Collects volume inode stats using the same find command as cadvisor. The command is "find _path_ -xdev -printf '.' | wc -c". The output is passed to the summary api, and will be consumed by the eviction manager.
This cannot be merged yet, as it depends on changes adding the InodesUsed field to the summary api, and the eviction manager consuming this. Expect tests to fail until this happens.
DEPENDS ON #35137
Automatic merge from submit-queue
refactor DeviceOpened() so it won't return error if device doesn't exist
<!-- Thanks for sending a pull request! Here are some tips for you:
1. If this is your first time, read our contributor guidelines https://github.com/kubernetes/kubernetes/blob/master/CONTRIBUTING.md and developer guide https://github.com/kubernetes/kubernetes/blob/master/docs/devel/development.md
2. If you want *faster* PR reviews, read how: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/faster_reviews.md
3. Follow the instructions for writing a release note: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/pull-requests.md#release-notes
-->
**What this PR does / why we need it**:
DeviceOpened() is called after device is unmounted but before detached. Some volumes such as rbd don't support 3rd party detach, they have to be detached during unmount. Once detached, the device path vanishes. This causes false alarm when DeviceOpened() is called.
The fix is to ignore error IsNotExist
**Which issue this PR fixes** _(optional, in `fixes #<issue number>(, #<issue_number>, ...)` format, will close that issue when PR gets merged)_: fixes #
**Special notes for your reviewer**:
@kubernetes/sig-storage
**Release note**:
<!-- Steps to write your release note:
1. Use the release-note-* labels to set the release note state (if you have access)
2. Enter your extended release note in the below block; leaving it blank means using the PR title as the release note. If no release note is required, just write `NONE`.
-->
``` release-note
```
Signed-off-by: Huamin Chen hchen@redhat.com
See issue #33128
We can't rely on the device name provided by Cinder, and thus must perform
detection based on the drive serial number (aka It's cinder ID) on the
kubelet itself.
This patch re-works the cinder volume attacher to ignore the supplied
deviceName, and instead defer to the pre-existing GetDevicePath method to
discover the device path based on it's serial number and /dev/disk/by-id
mapping.
This new behavior is controller by a config option, as falling back
to the cinder value when we can't discover a device would risk devices
not showing up, falling back to cinder's guess, and detecting the wrong
disk as attached.
We are more liberal in what we accept as a volume id in k8s, and indeed
we ourselves generate names that look like `aws://<zone>/<id>` for
dynamic volumes.
This volume id (hereafter a KubernetesVolumeID) cannot directly be
compared to an AWS volume ID (hereafter an awsVolumeID).
We introduce types for each, to prevent accidental comparison or
confusion.
Issue #35746
This has been unused since 542f2dc7, and relies on deviceName, which
can no longer be relied upon (see issue #33128).
This needs to be removed now, as part of #33128, as the code can't be
updated to attempt device detection and fallback through to the Cinder
provided deviceName, as detection "fails" when the device is gone, and
if cinder has reported a deviceName that another volume has used in
relaity, then this will block forever (or until the other, unreleated,
volume has been detached)
Automatic merge from submit-queue
SELinux Overhaul
Overhauls handling of SELinux in Kubernetes. TLDR: Kubelet dir no longer has to be labeled `svirt_sandbox_file_t`.
Fixes#33351 and #33510. Implements #33951.
Automatic merge from submit-queue
Remove stale volumes if endpoint/svc creation fails.
Remove stale volumes if endpoint/svc creation fails.
Signed-off-by: Humble Chirammal hchiramm@redhat.com
Automatic merge from submit-queue
Require PV provisioner secrets to match type
In 1.5, PV provisioners are allowing targeting namespaced secrets via storageclass params. This adds a requirement that those secrets' type match the volume provisioner plugin name, to prevent targeting and extraction of arbitrary secrets
Helps limit secret targeting issues mentioned in https://github.com/kubernetes/kubernetes/issues/34822
Automatic merge from submit-queue
Add sync state loop in master's volume reconciler
At master volume reconciler, the information about which volumes are
attached to nodes is cached in actual state of world. However, this
information might be out of date in case that node is terminated (volume
is detached automatically). In this situation, reconciler assume volume
is still attached and will not issue attach operation when node comes
back. Pods created on those nodes will fail to mount.
This PR adds the logic to periodically sync up the truth for attached
volumes kept in
the actual state cache. If the volume is no longer attached to the node,
the actual state will be updated to reflect the truth. In turn,
reconciler will take actions if needed.
To avoid issuing many concurrent operations on cloud provider, this PR
tries to add batch operation to check whether a list of volumes are
attached to the node instead of one request per volume.
At master volume reconciler, the information about which volumes are
attached to nodes is cached in actual state of world. However, this
information might be out of date in case that node is terminated (volume
is detached automatically). In this situation, reconciler assume volume
is still attached and will not issue attach operation when node comes
back. Pods created on those nodes will fail to mount.
This PR adds the logic to periodically sync up the truth for attached volumes kept in the actual state cache. If the volume is no longer attached to the node, the actual state will be updated to reflect the truth. In turn, reconciler will take actions if needed.
To avoid issuing many concurrent operations on cloud provider, this PR
tries to add batch operation to check whether a list of volumes are
attached to the node instead of one request per volume.
More details are explained in PR #33760
When kubelet restarts, all the information about the volumes will be
gone from actual/desired states. When update node status with mounted
volumes, the volume list might be empty although there are still volumes
are mounted and in turn causing master to detach those volumes since
they are not in the mounted volumes list. This fix is to make sure only
update mounted volumes list after reconciler starts sync states process.
This sync state process will scan the existing volume directories and
reconstruct actual states if they are missing.
This PR also fixes the problem during orphaned pods' directories. In
case of the pod directory is unmounted but has not yet deleted (e.g.,
interrupted with kubelet restarts), clean up routine will delete the
directory so that the pod directoriy could be cleaned up (it is safe to
delete directory since it is no longer mounted)
The third issue this PR fixes is that during reconstruct volume in
actual state, mounter could not be nil since it is required for creating
container.VolumeMap. If it is nil, it might cause nil pointer exception
in kubelet.
Details are in proposal PR #33203
