Merge pull request #40 from cyverse/CUSTOM_UID_GID

Can spcify uid and gid of data owner
cyverse · Aug 24, 2021 · 2ab52c0 · 2ab52c0
2 parents 1dd7873 + 1331611
commit 2ab52c0
Show file tree

Hide file tree

Showing 10 changed files with 103 additions and 31 deletions.
diff --git a/Makefile b/Makefile
@@ -5,7 +5,7 @@ FUSE_CLIENT_BUILD_IMAGE=irods_fuse_client_build
 FUSE_CLIENT_BUILD_DOCKERFILE=deploy/image/irods_fuse_build.dockerfile
 CSI_DRIVER_IMAGE?=cyverse/irods-csi-driver
 CSI_DRIVER_DOCKERFILE=deploy/image/irods_csi_driver_image.dockerfile
-VERSION=v0.4.0
+VERSION=v0.4.1
 GIT_COMMIT?=$(shell git rev-parse HEAD)
 BUILD_DATE?=$(shell date -u +"%Y-%m-%dT%H:%M:%SZ")
 LDFLAGS?="-X ${PKG}/pkg/driver.driverVersion=${VERSION} -X ${PKG}/pkg/driver.gitCommit=${GIT_COMMIT} -X ${PKG}/pkg/driver.buildDate=${BUILD_DATE}"

diff --git a/README.md b/README.md
@@ -36,6 +36,8 @@ For dynamic volume provisioning, parameters are given via Storage Class (SC).
 | path | iRODS path to mount, starts with **zone** in string | "/iplant/home/irods_user" |
 | monitorURL | URL to irodsfs monitor service | "http://monitor.abc.com" |
 | pathMappingJSON | JSON string for custom path mappings | "{}" |
+| uid | host system UID to map owner | -1 (executor's UID, mostly UID of root, 0) |
+| gid | host system GID to map owner | -1 (executor's UID, mostly GID of root, 0) |
 | volumeRootPath | iRODS path to mount. Creates a subdirectory per persistent volume. (only for dynamic volume provisioning) | "/iplant/home/irods_user" |
 | retainData | "true" to not clear the volume after use. (only for dynamic volume provisioning) | "false". "false" by default. |
 | noVolumeDir | "true" to not create a subdirectory under `volumeRootPath`. It mounts the `volumeRootPath`. (only for dynamic volume provisioning) | "false". "false" by default. |

diff --git a/deploy/image/irods_fuse_build.dockerfile b/deploy/image/irods_fuse_build.dockerfile
@@ -15,7 +15,7 @@ LABEL description="iRODS FUSE Lite Build Image"
 WORKDIR /opt/
 RUN git clone https://github.com/cyverse/irodsfs.git
 WORKDIR /opt/irodsfs
-RUN git checkout tags/v0.3.2
+RUN git checkout tags/v0.3.3
 
 # Build
 RUN make build
diff --git a/deploy/kubernetes/overlays/stable/kustomization.yaml b/deploy/kubernetes/overlays/stable/kustomization.yaml
@@ -4,7 +4,7 @@ bases:
 - ../../base
 images:
 - name: cyverse/irods-csi-driver
-  newTag: v0.4.0
+  newTag: v0.4.1
 - name: quay.io/k8scsi/csi-provisioner
   newTag: v1.6.0
 - name: quay.io/k8scsi/livenessprobe

diff --git a/helm/Chart.yaml b/helm/Chart.yaml
@@ -1,8 +1,8 @@
 apiVersion: v2
-appVersion: "0.4.0"
+appVersion: "0.4.1"
 name: irods-csi-driver
 description: A Helm chart for iRODS CSI Driver
-version: 0.4.0
+version: 0.4.1
 kubeVersion: ">=1.14.0-0"
 home: https://github.com/cyverse/irods-csi-driver
 sources:

diff --git a/helm/README.md b/helm/README.md
@@ -38,7 +38,7 @@ helm install irods-csi-driver -f user_values.yaml --namespace kube-system .
 ```shell script
 helm upgrade irods-csi-driver \
     --install . \
-    --version 0.4.0 \
+    --version 0.4.1 \
     --namespace kube-system \
     -f values.yaml
 ```

diff --git a/helm/values.yaml b/helm/values.yaml
@@ -13,7 +13,7 @@ controllerService:
   irodsPlugin:
     image:
       repository: cyverse/irods-csi-driver
-      tag: v0.4.0
+      tag: v0.4.1
       pullPolicy: IfNotPresent
 
     extraArgs:
@@ -53,7 +53,7 @@ nodeService:
   irodsPlugin:
     image:
       repository: cyverse/irods-csi-driver
-      tag: v0.4.0
+      tag: v0.4.1
       pullPolicy: IfNotPresent
 
     extraArgs:

diff --git a/pkg/driver/irods_client.go b/pkg/driver/irods_client.go
@@ -2,6 +2,7 @@ package driver
 
 import (
 	"encoding/json"
+	"net/url"
 	"path/filepath"
 	"strconv"
 	"strings"
@@ -33,6 +34,9 @@ type IRODSConnectionInfo struct {
 	ClientUser   string // if this field has a value, user and password fields have proxy user info
 	MonitorURL   string
 	PathMappings []IRODSFSPathMapping
+	UID          int
+	GID          int
+	SystemUser   string
 }
 
 // IRODSWebDAVConnectionInfo class
@@ -50,7 +54,7 @@ type IRODSNFSConnectionInfo struct {
 }
 
 // NewIRODSConnectionInfo returns a new instance of IRODSConnectionInfo
-func NewIRODSConnectionInfo(hostname string, port int, zone string, user string, password string, clientUser string, monitorUrl string, pathMappings []IRODSFSPathMapping) *IRODSConnectionInfo {
+func NewIRODSConnectionInfo(hostname string, port int, zone string, user string, password string, clientUser string, monitorUrl string, pathMappings []IRODSFSPathMapping, uid int, gid int, systemUser string) *IRODSConnectionInfo {
 	return &IRODSConnectionInfo{
 		Hostname:     hostname,
 		Port:         port,
@@ -60,6 +64,9 @@ func NewIRODSConnectionInfo(hostname string, port int, zone string, user string,
 		ClientUser:   clientUser,
 		MonitorURL:   monitorUrl,
 		PathMappings: pathMappings,
+		UID:          uid,
+		GID:          gid,
+		SystemUser:   systemUser,
 	}
 }
 
@@ -135,6 +142,9 @@ func ExtractIRODSConnectionInfo(params map[string]string, secrets map[string]str
 	path := ""
 	pathMappings := []IRODSFSPathMapping{}
 	port := 0
+	uid := -1
+	gid := -1
+	sysuser := ""
 
 	for k, v := range secrets {
 		switch strings.ToLower(k) {
@@ -167,6 +177,20 @@ func ExtractIRODSConnectionInfo(params map[string]string, secrets map[string]str
 			if err != nil {
 				return nil, status.Errorf(codes.InvalidArgument, "Argument %q must be a valid json string - %s", k, err)
 			}
+		case "uid":
+			u, err := strconv.Atoi(v)
+			if err != nil {
+				return nil, status.Errorf(codes.InvalidArgument, "Argument %q must be a valid uid number - %s", k, err)
+			}
+			uid = u
+		case "gid":
+			g, err := strconv.Atoi(v)
+			if err != nil {
+				return nil, status.Errorf(codes.InvalidArgument, "Argument %q must be a valid gid number - %s", k, err)
+			}
+			gid = g
+		case "system_user", "systemuser", "sys_user", "sysuser":
+			sysuser = v
 		default:
 			// ignore
 		}
@@ -203,6 +227,20 @@ func ExtractIRODSConnectionInfo(params map[string]string, secrets map[string]str
 			if err != nil {
 				return nil, status.Errorf(codes.InvalidArgument, "Argument %q must be a valid json string - %s", k, err)
 			}
+		case "uid":
+			u, err := strconv.Atoi(v)
+			if err != nil {
+				return nil, status.Errorf(codes.InvalidArgument, "Argument %q must be a valid uid number - %s", k, err)
+			}
+			uid = u
+		case "gid":
+			g, err := strconv.Atoi(v)
+			if err != nil {
+				return nil, status.Errorf(codes.InvalidArgument, "Argument %q must be a valid gid number - %s", k, err)
+			}
+			gid = g
+		case "system_user", "systemuser", "sys_user", "sysuser":
+			sysuser = v
 		default:
 			// ignore
 		}
@@ -244,7 +282,15 @@ func ExtractIRODSConnectionInfo(params map[string]string, secrets map[string]str
 		})
 	}
 
-	conn := NewIRODSConnectionInfo(host, port, zone, user, password, clientUser, monitorUrl, pathMappings)
+	if len(monitorUrl) > 0 {
+		// check
+		_, err := url.ParseRequestURI(monitorUrl)
+		if err != nil {
+			return nil, status.Errorf(codes.InvalidArgument, "Invalid monitor URL - %s", monitorUrl)
+		}
+	}
+
+	conn := NewIRODSConnectionInfo(host, port, zone, user, password, clientUser, monitorUrl, pathMappings, uid, gid, sysuser)
 	return conn, nil
 }
 

diff --git a/pkg/driver/irodsfs_config.go b/pkg/driver/irodsfs_config.go
@@ -3,13 +3,15 @@ package driver
 import "time"
 
 const (
-	PortDefault                  int           = 1247
-	PerFileBlockCacheMaxDefault  int           = 3
-	ConnectionMaxDefault         int           = 10
-	OperationTimeoutDefault      time.Duration = 5 * time.Minute
-	ConnectionIdleTimeoutDefault time.Duration = 5 * time.Minute
-	CacheTimeoutDefault          time.Duration = 5 * time.Minute
-	CacheCleanupTimeDefault      time.Duration = 5 * time.Minute
+	PortDefault                     int           = 1247
+	ReadAheadMaxDefault             int           = 1024 * 64 // 64KB
+	ConnectionMaxDefault            int           = 10
+	OperationTimeoutDefault         time.Duration = 5 * time.Minute
+	ConnectionIdleTimeoutDefault    time.Duration = 5 * time.Minute
+	MetadataCacheTimeoutDefault     time.Duration = 5 * time.Minute
+	MetadataCacheCleanupTimeDefault time.Duration = 5 * time.Minute
+	FileBufferStoragePathDefault    string        = "/tmp/irodsfs"
+	FileBufferSizeMaxDefault        int64         = 1024 * 1024 * 1024 // 1GB
 )
 
 // PathMapping ...
@@ -29,16 +31,21 @@ type IRODSFSConfig struct {
 	Zone         string               `yaml:"zone"`
 	Password     string               `yaml:"password"`
 	PathMappings []IRODSFSPathMapping `yaml:"path_mappings"`
-	MonitorURL   string               `yaml:"monitor_url"`
+	UID          int                  `yaml:"uid"`
+	GID          int                  `yaml:"gid"`
+	SystemUser   string               `yaml:"system_user"`
 
-	PerFileBlockCacheMax  int           `yaml:"per_file_block_cache_max"`
-	OperationTimeout      time.Duration `yaml:"operation_timeout"`
-	ConnectionIdleTimeout time.Duration `yaml:"connection_idle_timeout"`
-	ConnectionMax         int           `yaml:"connection_max"`
-	CacheTimeout          time.Duration `yaml:"cache_timeout"`
-	CacheCleanupTime      time.Duration `yaml:"cache_cleanup_time"`
+	ReadAheadMax             int           `yaml:"read_ahead_max"`
+	OperationTimeout         time.Duration `yaml:"operation_timeout"`
+	ConnectionIdleTimeout    time.Duration `yaml:"connection_idle_timeout"`
+	ConnectionMax            int           `yaml:"connection_max"`
+	MetadataCacheTimeout     time.Duration `yaml:"metadata_cache_timeout"`
+	MetadataCacheCleanupTime time.Duration `yaml:"metadata_cache_cleanup_time"`
+	FileBufferStoragePath    string        `yaml:"file_buffer_storage_path"`
+	FileBufferSizeMax        int64         `yaml:"file_buffer_size_max"`
 
 	LogPath    string `yaml:"log_path,omitempty"`
+	MonitorURL string `yaml:"monitor_url,omitempty"`
 	AllowOther bool   `yaml:"allow_other,omitempty"`
 }
 
@@ -47,16 +54,21 @@ func NewDefaultIRODSFSConfig() *IRODSFSConfig {
 	return &IRODSFSConfig{
 		Port:         PortDefault,
 		PathMappings: []IRODSFSPathMapping{},
-		MonitorURL:   "",
+		UID:          -1,
+		GID:          -1,
+		SystemUser:   "",
 
-		PerFileBlockCacheMax:  PerFileBlockCacheMaxDefault,
-		OperationTimeout:      OperationTimeoutDefault,
-		ConnectionIdleTimeout: ConnectionIdleTimeoutDefault,
-		ConnectionMax:         ConnectionMaxDefault,
-		CacheTimeout:          CacheTimeoutDefault,
-		CacheCleanupTime:      CacheCleanupTimeDefault,
+		ReadAheadMax:             ReadAheadMaxDefault,
+		OperationTimeout:         OperationTimeoutDefault,
+		ConnectionIdleTimeout:    ConnectionIdleTimeoutDefault,
+		ConnectionMax:            ConnectionMaxDefault,
+		MetadataCacheTimeout:     MetadataCacheTimeoutDefault,
+		MetadataCacheCleanupTime: MetadataCacheCleanupTimeDefault,
+		FileBufferStoragePath:    FileBufferStoragePathDefault,
+		FileBufferSizeMax:        FileBufferSizeMaxDefault,
 
 		LogPath:    "",
+		MonitorURL: "",
 		AllowOther: true,
 	}
 }
diff --git a/pkg/driver/node.go b/pkg/driver/node.go
@@ -28,6 +28,7 @@ package driver
 import (
 	"context"
 	"fmt"
+	"net/url"
 	"os"
 
 	"github.com/container-storage-interface/spec/lib/go/csi"
@@ -409,6 +410,14 @@ func (driver *Driver) mountFuse(volContext map[string]string, volSecrets map[str
 		}
 	}
 
+	if len(irodsConn.MonitorURL) > 0 {
+		// check
+		_, err := url.ParseRequestURI(irodsConn.MonitorURL)
+		if err != nil {
+			return status.Errorf(codes.InvalidArgument, "Invalid monitor URL - %s", irodsConn.MonitorURL)
+		}
+	}
+
 	// test connection creation to check account info is correct
 	err = IRODSTestConnection(irodsConn)
 	if err != nil {
@@ -432,6 +441,9 @@ func (driver *Driver) mountFuse(volContext map[string]string, volSecrets map[str
 	irodsFsConfig.Password = irodsConn.Password
 	irodsFsConfig.MonitorURL = irodsConn.MonitorURL
 	irodsFsConfig.PathMappings = irodsConn.PathMappings
+	irodsFsConfig.UID = irodsConn.UID
+	irodsFsConfig.GID = irodsConn.GID
+	irodsFsConfig.SystemUser = irodsConn.SystemUser
 
 	irodsFsConfigBytes, err := yaml.Marshal(irodsFsConfig)
 	if err != nil {