This patch moves the ExecMounter found in pkg/util/mount to
pkg/volume/util/exec. This is done in preparation for pkg/util/mount to
move out of tree. This specific implemention of mount.Interface is only
used internally to K8s and does not need to move out of tree.
At times, for some reason endpoint/service creation can fail in a setup. As we
currently create endpoint/service after volume creation, later we need rollback
of this volume transaction if endpoint/service creation failed. Considering
endpoint/service creation is light weight, this patch promote endpoint/service
creation to an early stage.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
As part of moving pkg/util/mount out of tree, the NSEnter implementation
of mount.Interface needs to be relocated out of pkg/util/mount, as it is
K8s specific. This patch relocates that mounter implementation to
pkg/volume/util/nsenter.
Since the NSEnter mounter shares a lot of its logic with the Linux
mounter implementation, many of the previously private methods of the
Linux mounter are now made public to maintain that shared code.
Additionaly, it was observed that *all* mount.Interface implemenations
were using the same common method for IsNotMountPoint, so this patch
removes that method from the mount.Interface definition and just exports
the common implementation instead.
If the pvc name is more than 63 chars, the endpoint creation
will fail due to the validation of objectmeta length of fields ie 63 chars at max.
This patch introduce an enhancement where if the pvc name is >=63 the pvc uid
is recorded at label instead of name. To preserve backward compatibility, the pvcname
has been kept in endpoint metadata label if length of pvc name is <63chars.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
Currently OpenStack cloud provider reads user credentials from config
file, where data is stored in clear text. This approach is not recommended,
as it is a serious security issue.
This commit add an ability to read the config from secrets, if necessary.
To do so, two new parameters are added to the config: SecretNamespace and
SecretName. If they are specified, the provider will try to read config
from the secret.
