VAST Data CSI Plugin - v2.4.0

  (from f135e15)

.github/workflows/prepare_releaser_configuration.py

@@ -14,7 +14,10 @@
 BRANCH = os.environ["GITHUB_REF_NAME"]
 SHA = os.environ["GITHUB_SHA"][:7]
 VERSION = ROOT.joinpath("version.txt").read_text().strip().lstrip("v")
-CHART = ROOT / "charts" / "vastcsi" / "Chart.yaml"
+CHARTS = [
+    ROOT / "charts" / "vastcsi" / "Chart.yaml",
+    ROOT / "charts" / "vastcosi" / "Chart.yaml",
+]
 
 if __name__ == '__main__':
     if not re.search('[0-9]+\.[0-9]+\.?[0-9]*', BRANCH):
@@ -25,15 +28,16 @@
         sys.exit(0)
     is_beta = "beta" in BRANCH
 
-    release_name_template = "helm-{{ .Version }}"
+    release_name_template = "helm-{{ .Name }}-{{ .Version }}"
     pages_branch = "gh-pages-beta" if is_beta else "gh-pages"
     version = f"{VERSION}-beta.{SHA}" if is_beta else VERSION
 
     # Create unique release name based on version and commit sha
-    for line in fileinput.input(CHART, inplace=True):
-        if line.startswith("version:"):
-            line = line.replace(line, f"version: {version}\n")
-        sys.stdout.write(line)
+    for chart in CHARTS:
+        for line in fileinput.input(chart, inplace=True):
+            if line.startswith("version:"):
+                line = line.replace(line, f"version: {version}\n")
+            sys.stdout.write(line)
 
     ROOT.joinpath("releaser-config.yml").open("w").write(
         f"""

CHANGELOG.md

@@ -1,5 +1,12 @@
 # CHANGELOG
 
+## Version 2.4.0
+* added Container Object Storage Interface (COSI) support (VCSI-159)
+* added formal support for multitenancy via StorageClasses (VCSI-147)
+* added support for mounting using fixed-ips instead of VIP pool (VCSI-170)
+* added support for host mount options propagation via /etc/nfsmount.conf.d (VCSI-169)
+* changed Controller pod to use 'Deployment' instead of 'Statefulset' (VCSI-166)
+
 ## Version 2.3.1
 * added volume stats metrics on Node (VCSI-125)
 

charts/vastcosi/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

charts/vastcosi/Chart.yaml

@@ -0,0 +1,14 @@
+apiVersion: v2
+name: vastcosi
+description: Helm chart for Deployment of VAST Container Object Storage Interface (COSI)
+type: application
+version: "0.1.0" #  will be updated by the release ci
+keywords:
+  - vast
+  - csi
+  - driver
+  - vastdata
+  - cosi
+  - cosi-driver
+icon: "https://uploads.vastdata.com/2020/04/vast-white-1.svg"
+home: "https://support.vastdata.com/hc/en-us/articles/8022914098716"

charts/vastcosi/README.md

@@ -0,0 +1,49 @@
+# Install COSI driver with Helm 3
+
+## Prerequisites
+ - [install Helm](https://helm.sh/docs/intro/quickstart/#install-helm)
+
+
+### install production version of the driver:
+```console
+helm repo add vast https://vast-data.github.io/vastcsi
+helm install cosi-driver vast/vastcosi -f values.yaml -n vast-cosi --create-namespace
+```
+
+### install beta version of the driver:
+```console
+helm repo add vast https://raw.githubusercontent.com/vast-data/vast-csi/gh-pages-beta
+helm install cosi-driver vast/vastcosi -f values.yaml -n vast-cosi --create-namespace
+```
+
+> **NOTE:** Optionally modify values.yaml or set overrides via Helm command line 
+
+
+### install a specific version
+```console
+helm install cosi-driver vast/vastcosi -f values.yaml -n vast-cosi --create-namespace --version 2.4.0
+```
+
+### Upgrade driver
+```console
+helm upgrade cosi-driver vast/vastcosi -f values.yaml -n vast-cosi
+```
+
+### Upgrade helm repository
+```console
+helm repo update vast
+```
+
+### Uninstall driver
+```console
+helm uninstall cosi-driver  -n vast-cosi
+```
+
+### search for all available chart versions
+```console
+helm search repo -l vast
+```
+
+### troubleshooting
+ - Add `--wait -v=5 --debug` in `helm install` command to get detailed error
+ - Use `kubectl describe` to acquire more info

charts/vastcosi/templates/NOTES.txt

@@ -0,0 +1,9 @@
+Thank you for installing {{ .Chart.Name }}.
+
+Your release is named {{ .Release.Name }}.
+The release is installed in namespace {{ .Release.Namespace }}
+
+To learn more about the release, try:
+
+  $ helm status -n {{ .Release.Namespace}} {{ .Release.Name }}
+  $ helm get all -n {{ .Release.Namespace}} {{ .Release.Name }}

charts/vastcosi/templates/bucket-class.yaml

@@ -0,0 +1,44 @@
+{{/* Generate one or more bucket classes from 'bucketClasses' section. */}}
+
+{{/* Iterate over BucketClasses from manifest */}}
+{{- range $name, $options := .Values.bucketClasses }}
+
+{{- $deletion_policy :=  pluck "deletionPolicy" $options $.Values.bucketClassDefaults | first | quote -}}
+{{- $view_policy :=  pluck "viewPolicy" $options $.Values.bucketClassDefaults | first | quote -}}
+{{- $vip_pool_name := pluck "vipPool" $options $.Values.bucketClassDefaults | first | quote -}}
+{{- if eq $vip_pool_name ( quote "" ) -}}
+  {{- fail "vipPool is required value. Please specify valid vip pool" -}}
+{{- end }}
+{{- $scheme := pluck "scheme" $options $.Values.bucketClassDefaults | first | quote -}}
+{{- if not ( $scheme | mustRegexMatch "http|https" ) -}}
+  {{- fail "scheme should be either 'http' or 'https'" -}}
+{{- end }}
+{{- $storage_path := pluck "storagePath" $options $.Values.bucketClassDefaults | first | quote -}}
+{{- if eq $storage_path ( quote "" ) -}}
+  {{- fail "storagePath is required value. Please specify valid storage path" -}}
+{{- end }}
+
+kind: BucketClass
+apiVersion: objectstorage.k8s.io/v1alpha1
+metadata:
+  name: {{ required "A BucketClass name must be not empty" $name }}
+  namespace: {{ include "vastcosinamespace" $ }}
+  labels:
+{{- include "vastcosilabels" $ | nindent 4 }}
+driverName: csi.vastdata.com
+deletionPolicy: {{ $deletion_policy }}
+parameters:
+  root_export: {{ $storage_path }}
+  vip_pool_name: {{ $vip_pool_name }}
+  scheme: {{ $scheme }}
+{{- if ne $view_policy ( quote "" ) }}
+  view_policy: {{ $view_policy }}
+{{- end }}
+{{- with omit $options "deletionPolicy" "viewPolicy" "vipPool" "scheme" "storagePath" }}
+  {{- range $key, $value := . }}
+  {{ $key }}: {{ $value | quote }}
+{{- end }}
+{{- end }}
+
+---
+{{- end }}

charts/vastcosi/templates/cosi-provisioner.yaml

@@ -0,0 +1,65 @@
+{{- $csi_images := .Values.image -}}
+{{- $ca_bundle := empty .Values.sslCert | ternary .Values.sslCertsSecretName "csi-vast-ca-bundle" -}}
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: cosi-vast-provisioner
+  labels:
+    app.kubernetes.io/csi-role: "cosi-provisioner"
+{{- include "vastcosilabels" . | nindent 4 }}
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: cosi-provisioner
+{{- include "vastcosiselectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      labels:
+        app: cosi-provisioner
+{{- include "vastcosilabels" . | nindent 8 }}
+    spec:
+{{- if .Values.imagePullSecrets }}
+      imagePullSecrets:
+{{ toYaml .Values.imagePullSecrets | indent 8 }}
+      {{- end }}
+      affinity:
+{{ toYaml .Values.cosiplugin.affinity | indent 8 }}
+      serviceAccountName: {{ .Release.Name }}-objectstorage-provisioner-sa
+      containers:
+      - name: cosi-vast-plugin
+        image: {{ printf "%s:%s" $csi_images.csiVastPlugin.repository $csi_images.csiVastPlugin.tag }}
+        args:
+          - "serve"
+        imagePullPolicy: {{ $csi_images.csiVastPlugin.imagePullPolicy | default  "IfNotPresent" }}
+        env:
+{{- include "vastcosicommonEnv" . | indent 10 }}
+          - name: CSI_ENDPOINT
+            value: unix:///var/lib/cosi/cosi.sock
+          - name: X_CSI_MODE
+            value: cosi_plugin
+        volumeMounts:
+{{- include "vastcosivmsAuthVolumeMount" (merge (dict "ca_bundle" $ca_bundle) .) | indent 10 }}
+          - mountPath: /var/lib/cosi
+            name: socket-dir
+        resources: {{- toYaml .Values.cosiplugin.resources.cosiVastPlugin | nindent 10 }}
+      - name: objectstorage-provisioner
+        image: {{ printf "%s:%s" $csi_images.objectstorageProvisioner.repository $csi_images.objectstorageProvisioner.tag }}
+        imagePullPolicy: {{ $csi_images.objectstorageProvisioner.imagePullPolicy | default  "IfNotPresent" }}
+        args:
+        - "--v=5"
+        volumeMounts:
+        - mountPath: /var/lib/cosi
+          name: socket-dir
+        resources: {{- toYaml .Values.cosiplugin.resources.objectstorageProvisioner | nindent 10 }}
+      dnsPolicy: {{ .Values.cosiplugin.dnsPolicy }}
+      nodeSelector:
+{{ toYaml .Values.cosiplugin.nodeSelector | indent 8 }}
+      priorityClassName: {{ .Values.cosiplugin.priorityClassName }}
+      tolerations:
+{{ toYaml .Values.cosiplugin.tolerations | indent 8 }}
+      volumes:
+        - name: socket-dir
+          emptyDir: {}
+{{- include "vastcosivmsAuthVolume" (merge (dict "ca_bundle" $ca_bundle) .) | indent 8 }}

charts/vastcosi/templates/cosi-rbac.yaml

@@ -0,0 +1,48 @@
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: {{ .Release.Name }}-objectstorage-provisioner-role
+  namespace: {{ include "vastcosinamespace" . }}
+  labels:
+    {{- include "vastcosilabels" . | nindent 4 }}
+rules:
+- apiGroups: ["objectstorage.k8s.io"]
+  resources: ["buckets", "bucketaccesses", "bucketclaims", "bucketaccessclasses", "buckets/status", "bucketaccesses/status", "bucketclaims/status", "bucketaccessclasses/status"]
+  verbs: ["get", "list", "watch", "update", "create", "delete"]
+- apiGroups: ["coordination.k8s.io"]
+  resources: ["leases"]
+  verbs: ["get", "watch", "list", "delete", "update", "create"]
+- apiGroups: [""]
+  resources: ["secrets", "events"]
+  verbs: ["get", "delete", "update", "create"]
+
+---
+
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: {{ .Release.Name }}-objectstorage-provisioner-role-binding
+  namespace: {{ include "vastcosinamespace" . }}
+  labels:
+    {{- include "vastcosilabels" . | nindent 4 }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ .Release.Name }}-objectstorage-provisioner-sa
+    namespace: {{ include "vastcosinamespace" . }}
+roleRef:
+  kind: ClusterRole
+  name: {{ .Release.Name }}-objectstorage-provisioner-role
+  apiGroup: rbac.authorization.k8s.io
+
+---
+
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ .Release.Name }}-objectstorage-provisioner-sa
+  namespace: {{ include "vastcosinamespace" . }}
+  labels:
+    {{- include "vastcosilabels" . | nindent 4 }}
+
+---

charts/vastcosi/templates/secret.yaml

@@ -0,0 +1,17 @@
+{{/* Optional ssl certificate for comminication with Vast Cluster host */}}
+
+{{- if .Values.sslCert }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: csi-vast-ca-bundle
+  namespace: {{ include "vastcosinamespace" . }}
+  labels:
+{{- include "vastcosilabels" . | nindent 4 }}
+  annotations:
+    checksum/vast-vms-authority-secret: {{ .Values.sslCert | sha256sum | trim }}
+type: Opaque
+data:
+  ca-bundle.crt: |-
+    {{ .Values.sslCert  | b64enc }}
+{{- end -}}

charts/vastcosi/templates/shared/_chart_name.tpl

@@ -0,0 +1,5 @@
+{{/*Create chart name and version as used by the chart label.*/}}
+
+{{- define "vastcosichart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}

charts/vastcosi/templates/shared/_common_env.tpl

@@ -0,0 +1,24 @@
+{{- /*
+# IMPORTANT: cosi and csi helm charts share similar templates.
+# If you make changes to a template in one chart, make sure to replicate those
+# changes in the corresponding template in the other chart.
+*/}}
+
+{{- define "vastcosicommonEnv" -}}
+
+{{- if (urlParse (required "endpoint is required" $.Values.endpoint )).scheme }}
+    {{- fail "endpoint requires only host to be provided. Please exclude 'http//|https//' from url." -}}
+{{- end  }}
+- name: X_CSI_PLUGIN_NAME
+  value: "csi.vastdata.com"
+- name: X_CSI_VMS_HOST
+  value: {{ $.Values.endpoint | quote }}
+- name: X_CSI_ENABLE_VMS_SSL_VERIFICATION
+  value: {{ $.Values.verifySsl | quote }}
+- name: X_CSI_WORKER_THREADS
+  value: {{ $.Values.numWorkers | quote }}
+{{ if $.Values.truncateVolumeName -}}
+- name: X_CSI_TRUNCATE_VOLUME_NAME
+  value: {{ $.Values.truncateVolumeName | quote }}
+{{- end }}
+{{- end }}

charts/vastcosi/templates/shared/_common_namespace.tpl

@@ -0,0 +1,3 @@
+{{- define "vastcosinamespace" -}}
+{{- coalesce $.Release.Namespace "vast-csi" | quote -}}
+{{- end }}

charts/vastcosi/templates/shared/_common_selectors_and_labels.tpl

@@ -0,0 +1,23 @@
+{{/* Common labels and selectors */}}
+
+{{- define "vastcosiname" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+
+{{/* Common labels */}}
+{{- define "vastcosilabels" -}}
+helm.sh/chart: {{ include "vastcosichart" . }}
+{{ include "vastcosiselectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+
+{{/* Common selectors */}}
+{{- define "vastcosiselectorLabels" -}}
+app.kubernetes.io/name: {{ include "vastcosiname" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}