Containerized mount utilities #53440
Conversation
|
/sig storage |
|
Needs a |
pkg/kubelet/mountpod/mount_pod.go
Outdated
| PodName string | ||
| PodNamespace string | ||
| PodUID string | ||
| ContainerName string |
There was a problem hiding this comment.
nit: in the proposal, field names are lowercase in json. I think you need json tags to match.
pkg/kubelet/mountpod/mount_pod.go
Outdated
| return path.Join(m.registrationDirectory, safePluginName) | ||
| } | ||
|
|
||
| func (m *basicManager) GetMountPod(pluginName string) (*v1.Pod, string, error) { |
There was a problem hiding this comment.
Name return values (i.e. what is the string?)
| if !ok { | ||
| return nil, "", fmt.Errorf("unable to process %s: pod %s/%s not found", regPath, reg.PodNamespace, reg.PodName) | ||
| } | ||
| if string(pod.UID) != reg.PodUID { |
There was a problem hiding this comment.
I think this will be OK, but double check that this works with static/mirror pods.
There was a problem hiding this comment.
Static pod gets a different UID via dawnward API than it's in the API server :-(
Can we require that pods with mount utilities are not static?
There was a problem hiding this comment.
Scratch the previous comment. Pod indeed gets different UID via downward API than it's in the API server, however kubelet sees the right ("downward") UID in this check and everything works.
pkg/util/mount/exec_mount.go
Outdated
| output, err := m.exec.Run("mount", mountArgs...) | ||
| glog.V(5).Infof("Exec mounted %v: %v: %s", mountArgs, err, string(output)) | ||
| if err != nil { | ||
| glog.Errorf("Mount failed: %v\nMounting command: %s\nMounting arguments: %s %s %s %v\nOutput: %s\n", err, "mount", source, target, fstype, options, string(output)) |
There was a problem hiding this comment.
nit: errors shouldn't be logged if they're also propagated
pkg/util/mount/exec_mount.go
Outdated
| outputBytes, err := m.exec.Run("umount", target) | ||
| glog.V(5).Infof("Exec unmounted %v: %s", err, string(outputBytes)) | ||
| if len(outputBytes) != 0 { | ||
| glog.V(5).Infof("Output of unmounting %s: %v", target, string(outputBytes)) |
There was a problem hiding this comment.
combine this with the above log message
There was a problem hiding this comment.
reworked a bit to have higher log level on error
2d93066
to
ff9dd61
Compare
|
Polished the PR a bit, namely introduced |
ff9dd61
to
af13753
Compare
|
/assign @tallclair |
Automatic merge from submit-queue (batch tested with PRs 54635, 54250, 54657, 54696, 54700). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. Don't cache exec and mounter in RBD volume plugin #51608 has broken containerized RBD mount utilities proposed in #53440. Volume plugin can get a different exec and mounter implementation with every call, it must not be cached. ```release-note NONE ``` /sig storage /assign @rootfs
af13753
to
7981dd2
Compare
|
Rebased |
|
Looks good, just a couple nits. |
pkg/kubelet/mountpod/mount_pod.go
Outdated
| for i := range pod.Spec.Containers { | ||
| if pod.Spec.Containers[i].Name == reg.ContainerName { | ||
| found = true | ||
| break |
There was a problem hiding this comment.
nit: just return here, and get rid of found
pkg/kubelet/volume_host.go
Outdated
| return mount.NewOsExec() | ||
| exec, err := kvh.getMountExec(pluginName) | ||
| if err != nil { | ||
| glog.V(2).Info(err.Error()) |
There was a problem hiding this comment.
nit: give this a little context
There was a problem hiding this comment.
Added context:
Error finding mount pod for plugin %s: %s", pluginName, err.Error()
pkg/kubelet/volume_host.go
Outdated
| return kvh.kubelet.mounter | ||
| exec, err := kvh.getMountExec(pluginName) | ||
| if err != nil { | ||
| glog.V(2).Info(err.Error()) |
There was a problem hiding this comment.
Added context:
Error finding mount pod for plugin %s: %s", pluginName, err.Error()
7981dd2
to
1ddc6eb
Compare
|
rebased + fixed review remarks |
|
/lgtm |
|
/assign @thockin |
|
/approve no-issue |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: jsafrane, tallclair, thockin Associated issue requirement bypassed by: thockin The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these OWNERS Files:
You can indicate your approval by writing |
|
Automatic merge from submit-queue (batch tested with PRs 54005, 55127, 53850, 55486, 53440). If you want to cherry-pick this change to another branch, please follow the instructions here. |
| exec Exec | ||
| } | ||
|
|
||
| func NewExecMounter(exec Exec, wrapped Interface) Interface { |
There was a problem hiding this comment.
Is it intentional that this does not touches SafeFormat portions of work?
There was a problem hiding this comment.
SafeFormat is itself a wrapper over mount.Interface. It will work if it wraps ExecMounter instead of the generic Linux Mounter
|
Question... how was flex volume support done? Is it broken up into one container per plugin, or one for all flexvolumes? |
|
Flex is out of scope of this PR, at least in alpha. Flex has their own method of dynamic registration of drivers that could be used by flex driver running in a container. See https://github.com/kubernetes/community/blob/master/contributors/design-proposals/storage/flexvolume-deployment.md |
|
ok, thanks. I'll see if I can get that to work. |
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. Fix test images These commits fix volume_io tests for iSCSI and Ceph RBD. Both server images were quite old (Fedora 22), so I updated them to ~~something more stable (CentOS 7) and to newer Ceph (Jewel, 10.2.7).~~ something newer (Fedora 26). The most important fix is that the test volumes have 120 MB so volume_io test can actually run - the tests put 100MB file to the volume to check its persistence. When mount containers in #53440 are merged I'll try to run the tests regularly with every PR (or merge) so we catch regressions quickly. ```release-note NONE ``` /sig testing /sig storage /assign @jeffvance Fixes: #56725
This is implementation of kubernetes/community#589
@tallclair @vishh @dchen1107 PTAL
@kubernetes/sig-node-pr-reviews
Release note: