From 7be042704582db2608240582db269f1cfd728c88 Mon Sep 17 00:00:00 2001 From: estevan <50840058+chaireze@users.noreply.github.com> Date: Thu, 3 Aug 2023 17:14:50 -0400 Subject: [PATCH 1/2] nodeserver, pvc_annotator: readd check to block stage volume from re adding annotations --- pkg/blob/nodeserver.go | 6 +++++- pkg/edgecache/cachevolume/pvc_annotator.go | 24 +++++++++++++++++++++- 2 files changed, 28 insertions(+), 2 deletions(-) diff --git a/pkg/blob/nodeserver.go b/pkg/blob/nodeserver.go index 69778547d..05550b69c 100644 --- a/pkg/blob/nodeserver.go +++ b/pkg/blob/nodeserver.go @@ -363,7 +363,11 @@ func (d *Driver) NodeStageVolume(ctx context.Context, req *csi.NodeStageVolumeRe err = annotator.SendProvisionVolume(pv, d.cloud.Config.AzureAuthConfig, providedAuth) if err != nil { - return nil, err + if err == cv.ErrVolumeAlreadyBeingProvisioned { + klog.V(2).Infof("NodeStageVolume: volume has already been provisioned") + } else { + return nil, err + } } if err = d.edgeCacheManager.MountVolume(accountName, containerName, targetPath); err != nil { diff --git a/pkg/edgecache/cachevolume/pvc_annotator.go b/pkg/edgecache/cachevolume/pvc_annotator.go index 419ce0d54..5d8ef95d3 100644 --- a/pkg/edgecache/cachevolume/pvc_annotator.go +++ b/pkg/edgecache/cachevolume/pvc_annotator.go @@ -17,6 +17,7 @@ limitations under the License. package cachevolume import ( + "errors" "fmt" "golang.org/x/exp/maps" @@ -41,7 +42,8 @@ const ( ) var ( - validStorageAuthentications = []string{"WorkloadIdentity", "AccountKey"} + validStorageAuthentications = []string{"WorkloadIdentity", "AccountKey"} + ErrVolumeAlreadyBeingProvisioned = errors.New("pv is already being provisioned") ) type BlobAuth struct { @@ -122,7 +124,27 @@ func (c *PVCAnnotator) buildAnnotations(pv *v1.PersistentVolume, cfg config.Azur return annotations, nil } +func (c *PVCAnnotator) needsToBeProvisioned(pvc *v1.PersistentVolumeClaim) bool { + // check if pv connected to the pvc has already been passed to be created + pvState, pvStateOk := pvc.ObjectMeta.Annotations[createVolumeAnnotation] + if pvStateOk && pvState == "no" { + return false + } + + return true +} + func (c *PVCAnnotator) SendProvisionVolume(pv *v1.PersistentVolume, cloudConfig config.AzureAuthConfig, providedAuth BlobAuth) error { + pvc, err := blobcsiutil.GetPVCByName(c.client, pv.Spec.ClaimRef.Name, pv.Spec.ClaimRef.Namespace) + if err != nil { + return err + } + + if prepare := c.needsToBeProvisioned(pvc); !prepare { + klog.Info("pv is already being provisioned") + return ErrVolumeAlreadyBeingProvisioned + } + if valid := c.requestAuthIsValid(providedAuth.authType); !valid { err := fmt.Errorf("requested storage auth %s is not a member of valid auths %+v", providedAuth.authType, validStorageAuthentications) klog.Error(err) From 1135f3ab14b02930feb4bdc46940d2dd604a8159 Mon Sep 17 00:00:00 2001 From: estevan <50840058+chaireze@users.noreply.github.com> Date: Mon, 7 Aug 2023 14:19:14 -0400 Subject: [PATCH 2/2] simon suggestions --- pkg/blob/nodeserver.go | 10 ++++------ pkg/edgecache/cachevolume/pvc_annotator.go | 2 +- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/pkg/blob/nodeserver.go b/pkg/blob/nodeserver.go index 05550b69c..3b3a7d5ed 100644 --- a/pkg/blob/nodeserver.go +++ b/pkg/blob/nodeserver.go @@ -362,12 +362,10 @@ func (d *Driver) NodeStageVolume(ctx context.Context, req *csi.NodeStageVolumeRe providedAuth := cv.NewBlobAuth(accountName, containerName, secretName, secretNamespace, storageAuthType) err = annotator.SendProvisionVolume(pv, d.cloud.Config.AzureAuthConfig, providedAuth) - if err != nil { - if err == cv.ErrVolumeAlreadyBeingProvisioned { - klog.V(2).Infof("NodeStageVolume: volume has already been provisioned") - } else { - return nil, err - } + if err == cv.ErrVolumeAlreadyBeingProvisioned { + klog.V(2).Infof("NodeStageVolume: volume has already been provisioned") + } else if err != nil { + return nil, err } if err = d.edgeCacheManager.MountVolume(accountName, containerName, targetPath); err != nil { diff --git a/pkg/edgecache/cachevolume/pvc_annotator.go b/pkg/edgecache/cachevolume/pvc_annotator.go index 5d8ef95d3..d02076891 100644 --- a/pkg/edgecache/cachevolume/pvc_annotator.go +++ b/pkg/edgecache/cachevolume/pvc_annotator.go @@ -140,7 +140,7 @@ func (c *PVCAnnotator) SendProvisionVolume(pv *v1.PersistentVolume, cloudConfig return err } - if prepare := c.needsToBeProvisioned(pvc); !prepare { + if !c.needsToBeProvisioned(pvc) { klog.Info("pv is already being provisioned") return ErrVolumeAlreadyBeingProvisioned }