Skip to content

Commit

Permalink
Add support for adding CSI volumes as Additional Volumes
Browse files Browse the repository at this point in the history 
Signed-off-by: Nilushan Costa <[email protected]>
  • Loading branch information
@nilushancosta
nilushancosta committed Apr 16, 2024
1 parent 9fff407 commit f7e022e
Show file tree
Hide file tree
Showing 6 changed files with 159 additions and 3 deletions.
10 changes: 9 additions & 1 deletion docs/userguide/main.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -698,7 +698,7 @@ spec:

### Additional Volumes

Sometimes it is neccessary to mount ConfigMaps, Secrets or emptyDir into the Opensearch pods as volumes to provide additional configuration (e.g. plugin config files). This can be achieved by providing an array of additional volumes to mount to the custom resource. This option is located in either `spec.general.additionalVolumes` or `spec.dashboards.additionalVolumes`. The format is as follows:
Sometimes it is neccessary to mount ConfigMaps, Secrets, emptyDir or CSI volumes into the Opensearch pods as volumes to provide additional configuration (e.g. plugin config files). This can be achieved by providing an array of additional volumes to mount to the custom resource. This option is located in either `spec.general.additionalVolumes` or `spec.dashboards.additionalVolumes`. The format is as follows:

```yaml
spec:
Expand All @@ -713,6 +713,14 @@ spec:
- name: temp
path: /tmp
emptyDir: {}
- name: example-csi-volume
path: /path/to/mount/volume
#subPath: "subpath" # Add this to mount the CSI volume at a specific subpath
csi:
driver: csi-driver-name
readOnly: true
volumeAttributes:
secretProviderClass: example-secret-provider-class
dashboards:
additionalVolumes:
- name: example-secret
Expand Down
2 changes: 2 additions & 0 deletions opensearch-operator/api/v1/opensearch_types.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -287,6 +287,8 @@ type AdditionalVolume struct {
ConfigMap *corev1.ConfigMapVolumeSource `json:"configMap,omitempty"`
// EmptyDir to use to populate the volume
EmptyDir *corev1.EmptyDirVolumeSource `json:"emptyDir,omitempty"`
// CSI object to use to populate the volume
CSI *corev1.CSIVolumeSource `json:"csi,omitempty"`
// Whether to restart the pods on content change
RestartPods bool `json:"restartPods,omitempty"`
}
Expand Down
5 changes: 5 additions & 0 deletions opensearch-operator/api/v1/zz_generated.deepcopy.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

90 changes: 90 additions & 0 deletions opensearch-operator/config/crd/bases/opensearch.opster.io_opensearchclusters.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1022,6 +1022,51 @@ spec:
type: boolean
type: object
x-kubernetes-map-type: atomic
csi:
description: CSI object to use to populate the volume
properties:
driver:
description: |-
driver is the name of the CSI driver that handles this volume.
Consult with your admin for the correct name as registered in the cluster.
type: string
fsType:
description: |-
fsType to mount. Ex. "ext4", "xfs", "ntfs".
If not provided, the empty value is passed to the associated CSI driver
which will determine the default filesystem to apply.
type: string
nodePublishSecretRef:
description: |-
nodePublishSecretRef is a reference to the secret object containing
sensitive information to pass to the CSI driver to complete the CSI
NodePublishVolume and NodeUnpublishVolume calls.
This field is optional, and may be empty if no secret is required. If the
secret object contains more than one secret, all secret references are passed.
properties:
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
type: object
x-kubernetes-map-type: atomic
readOnly:
description: |-
readOnly specifies a read-only configuration for the volume.
Defaults to false (read/write).
type: boolean
volumeAttributes:
additionalProperties:
type: string
description: |-
volumeAttributes stores driver-specific properties that are passed to the CSI
driver. Consult your driver's documentation for supported values.
type: object
required:
- driver
type: object
emptyDir:
description: EmptyDir to use to populate the volume
properties:
Expand Down Expand Up @@ -2645,6 +2690,51 @@ spec:
type: boolean
type: object
x-kubernetes-map-type: atomic
csi:
description: CSI object to use to populate the volume
properties:
driver:
description: |-
driver is the name of the CSI driver that handles this volume.
Consult with your admin for the correct name as registered in the cluster.
type: string
fsType:
description: |-
fsType to mount. Ex. "ext4", "xfs", "ntfs".
If not provided, the empty value is passed to the associated CSI driver
which will determine the default filesystem to apply.
type: string
nodePublishSecretRef:
description: |-
nodePublishSecretRef is a reference to the secret object containing
sensitive information to pass to the CSI driver to complete the CSI
NodePublishVolume and NodeUnpublishVolume calls.
This field is optional, and may be empty if no secret is required. If the
secret object contains more than one secret, all secret references are passed.
properties:
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
type: object
x-kubernetes-map-type: atomic
readOnly:
description: |-
readOnly specifies a read-only configuration for the volume.
Defaults to false (read/write).
type: boolean
volumeAttributes:
additionalProperties:
type: string
description: |-
volumeAttributes stores driver-specific properties that are passed to the CSI
driver. Consult your driver's documentation for supported values.
type: object
required:
- driver
type: object
emptyDir:
description: EmptyDir to use to populate the volume
properties:
Expand Down
12 changes: 10 additions & 2 deletions opensearch-operator/pkg/reconcilers/util/util.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -127,14 +127,22 @@ func CreateAdditionalVolumes(
},
})
}
if volumeConfig.CSI != nil {
retVolumes = append(retVolumes, corev1.Volume{
Name: volumeConfig.Name,
VolumeSource: corev1.VolumeSource{
CSI: volumeConfig.CSI,
},
})
}
if volumeConfig.RestartPods {
namesIndex[volumeConfig.Name] = i
names = append(names, volumeConfig.Name)
}

subPath := ""
// SubPaths are only supported for ConfigMaps and Secrets
if volumeConfig.ConfigMap != nil || volumeConfig.Secret != nil {
// SubPaths are only supported for ConfigMaps, Secrets and CSI volumes
if volumeConfig.ConfigMap != nil || volumeConfig.Secret != nil || volumeConfig.CSI != nil {
subPath = strings.TrimSpace(volumeConfig.SubPath)
}

Expand Down
43 changes: 43 additions & 0 deletions opensearch-operator/pkg/reconcilers/util/util_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,4 +88,47 @@ var _ = Describe("Additional volumes", func() {
Expect(volumeMount[0].SubPath).To(BeEmpty())
})
})

When("CSI volume is added", func() {
It("Should have CSIVolumeSource fields", func() {
readOnly := true
volumeConfigs[0].CSI = &v1.CSIVolumeSource{
Driver: "testDriver",
ReadOnly: &readOnly,
VolumeAttributes: map[string]string{
"secretProviderClass": "testSecretProviderClass",
},
NodePublishSecretRef: &v1.LocalObjectReference{
Name: "testSecret",
},
}

volume, _, _, _ := CreateAdditionalVolumes(mockClient, namespace, volumeConfigs)
Expect(volume[0].CSI.Driver).To(Equal("testDriver"))
Expect(*volume[0].CSI.ReadOnly).Should(BeTrue())
Expect(volume[0].CSI.VolumeAttributes["secretProviderClass"]).To(Equal("testSecretProviderClass"))
Expect(volume[0].CSI.NodePublishSecretRef.Name).To(Equal("testSecret"))
})
})

When("CSI volume is added with subPath", func() {
It("Should have the subPath", func() {
volumeConfigs[0].CSI = &v1.CSIVolumeSource{}
volumeConfigs[0].SubPath = "c"

_, volumeMount, _, _ := CreateAdditionalVolumes(mockClient, namespace, volumeConfigs)
Expect(volumeMount[0].MountPath).To(Equal("myPath/a/b"))
Expect(volumeMount[0].SubPath).To(Equal("c"))
})
})

When("CSI volume is added without subPath", func() {
It("Should not have the subPath", func() {
volumeConfigs[0].CSI = &v1.CSIVolumeSource{}

_, volumeMount, _, _ := CreateAdditionalVolumes(mockClient, namespace, volumeConfigs)
Expect(volumeMount[0].MountPath).To(Equal("myPath/a/b"))
Expect(volumeMount[0].SubPath).To(BeEmpty())
})
})
})

0 comments on commit f7e022e

Please sign in to comment.