From 0a1d6aeb94937a4be49b29b5387c4ad7791eecfd Mon Sep 17 00:00:00 2001 From: "Huang, Sophie (sh879n)" Date: Fri, 8 Jan 2021 23:02:29 +0000 Subject: [PATCH] [cinder] Enable volume backup for iSCSI based volumes This patchset added the necessary hostPath, hostIpc and hostNetwork to enable the volume backup for iSCSI based Cinder volumes. Change-Id: Ief3cc723650a6c42e24dfd6159c0de6f81e56fce --- cinder/Chart.yaml | 2 +- cinder/templates/deployment-backup.yaml | 47 +++++++++++++++++++++++ cinder/values.yaml | 1 + cinder/values_overrides/backend_pure.yaml | 5 +++ 4 files changed, 54 insertions(+), 1 deletion(-) diff --git a/cinder/Chart.yaml b/cinder/Chart.yaml index 2be5bc0149..e7bae19905 100644 --- a/cinder/Chart.yaml +++ b/cinder/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Cinder name: cinder -version: 0.1.5 +version: 0.1.6 home: https://docs.openstack.org/cinder/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Cinder/OpenStack_Project_Cinder_vertical.png sources: diff --git a/cinder/templates/deployment-backup.yaml b/cinder/templates/deployment-backup.yaml index 62f3f20256..6ec3f478cc 100755 --- a/cinder/templates/deployment-backup.yaml +++ b/cinder/templates/deployment-backup.yaml @@ -53,6 +53,12 @@ spec: {{ tuple $envAll "cinder" "backup" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }} nodeSelector: {{ .Values.labels.backup.node_selector_key }}: {{ .Values.labels.backup.node_selector_value }} +{{- if .Values.pod.useHostNetwork.backup }} + hostNetwork: true +{{- end }} +{{- if .Values.conf.enable_iscsi }} + hostIPC: true +{{- end }} initContainers: {{ tuple $envAll "backup" $mounts_cinder_backup_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} {{- if (contains "cinder.backup.drivers.ceph" .Values.conf.cinder.DEFAULT.backup_driver) }} @@ -151,6 +157,7 @@ spec: {{ dict "envAll" $envAll "application" "cinder_backup" "container" "cinder_backup" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }} command: - /tmp/cinder-backup.sh + terminationMessagePath: /var/log/termination-log volumeMounts: - name: pod-tmp mountPath: /tmp @@ -235,6 +242,30 @@ spec: mountPath: /etc/cinder/rootwrap.d/volume.filters subPath: volume.filters readOnly: true + {{- if .Values.conf.enable_iscsi }} + - name: host-rootfs + mountPath: /mnt/host-rootfs + {{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "10" ) }} + mountPropagation: HostToContainer + {{- end }} + - name: host-dev + mountPath: /dev + {{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "10" ) }} + mountPropagation: Bidirectional + {{- end }} + - name: runlock + mountPath: /run/lock + - name: etciscsi + mountPath: /etc/iscsi + {{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "10" ) }} + mountPropagation: Bidirectional + {{- end }} + - name: usrlocalsbin + mountPath: /usr/local/sbin + - name: cinder-bin + mountPath: /usr/local/sbin/iscsiadm + subPath: iscsiadm + {{- end }} {{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_db.auth.admin.secret.tls.internal "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }} {{ if $mounts_cinder_backup.volumeMounts }}{{ toYaml $mounts_cinder_backup.volumeMounts | indent 12 }}{{ end }} volumes: @@ -284,6 +315,22 @@ spec: - name: cinder-coordination emptyDir: {} {{- end }} + {{- if .Values.conf.enable_iscsi }} + - name: host-rootfs + hostPath: + path: / + - name: host-dev + hostPath: + path: /dev + - name: runlock + hostPath: + path: /run/lock + - name: etciscsi + hostPath: + path: /etc/iscsi + - name: usrlocalsbin + emptyDir: {} + {{- end }} {{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_db.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }} {{ if $mounts_cinder_backup.volumes }}{{ toYaml $mounts_cinder_backup.volumes | indent 8 }}{{ end }} {{- end }} diff --git a/cinder/values.yaml b/cinder/values.yaml index d21d980492..6d3099f452 100644 --- a/cinder/values.yaml +++ b/cinder/values.yaml @@ -175,6 +175,7 @@ pod: default: 10 useHostNetwork: volume: false + backup: false mounts: cinder_api: init_container: null diff --git a/cinder/values_overrides/backend_pure.yaml b/cinder/values_overrides/backend_pure.yaml index e4916025d3..fb90168153 100644 --- a/cinder/values_overrides/backend_pure.yaml +++ b/cinder/values_overrides/backend_pure.yaml @@ -5,12 +5,17 @@ pod: useHostNetwork: volume: true + backup: true security_context: cinder_volume: container: cinder_volume: readOnlyRootFilesystem: true privileged: true + cinder_backup: + container: + cinder_backup: + privileged: true conf: cinder: DEFAULT: