Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FEATURE] Additional CSI volumes read-write #934

Open
jurox83 opened this issue Jan 9, 2025 · 2 comments
Open

[FEATURE] Additional CSI volumes read-write #934

jurox83 opened this issue Jan 9, 2025 · 2 comments
Labels
enhancement New feature or request

Comments

@jurox83
Copy link

jurox83 commented Jan 9, 2025
edited
Loading

Is your feature request related to a problem?

As the current gcs-snapshots plugin does not allow workload identity federation but instead, requires a json file with keys (which is not considered compliant in many regulated environments), an acceptable workaround would be using gcsfuse to mount a gcs storage bucket.
Althought the definition works well via additionalVolumes and annotations, the resulting mount point is set to readOnly! (Even though, the CSI parameter is set to readOnly: false)

What solution would you like?

Propagate the CSI driver parameter for readOnly instead of forcing the value to true.

What alternatives have you considered?

As said, gcs-plugin was considered but also lacks a feature that might be even more effort to implement (unsure about that though)

Do you have any additional context?

opensearch-k8s-operator/opensearch-operator/pkg/reconcilers/util/util.go

Lines 130 to 137 in 2e78967

if volumeConfig.CSI != nil {
retVolumes = append(retVolumes, corev1.Volume{
Name: volumeConfig.Name,
VolumeSource: corev1.VolumeSource{
CSI: volumeConfig.CSI,
},
})
}

an initial suggestion from my team would be to adjust the above block to this:

    if volumeConfig.CSI != nil {
        readOnly = volumeConfig.CSI.ReadOnly // Set readOnly based on the CSI configuration
        retVolumes = append(retVolumes, corev1.Volume{
            Name: volumeConfig.Name,
            VolumeSource: corev1.VolumeSource{
                CSI: volumeConfig.CSI,
            },
        })
    }

It would be amazing if this change could make it quickly through the release cycle!!! Meanwhile, we'll try to fork and patch the code for our needs especially to have working snapshots. Thanks for reading <3
@jurox83 jurox83 added enhancement New feature or request untriaged Issues that have not yet been triaged labels Jan 9, 2025
@swoehrl-mw
Copy link
Collaborator

Hi @jurox83. Since you are already creating a fork, please contribute that change yourself by creating a PR, then we can see about getting that merged.

@swoehrl-mw swoehrl-mw removed the untriaged Issues that have not yet been triaged label Jan 10, 2025
@jurox83 jurox83 mentioned this issue Jan 10, 2025
Open
6 tasks
@jurox83
Copy link
Author

jurox83 commented Jan 10, 2025

Hi @swoehrl-mw, thanks for your response. I tried my best and hopefully did it all correct. If not, please let me know 🙏

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
Engineering Effectiveness Board
Status: 🆕 New
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jurox83 @swoehrl-mw