diff --git a/.werf/consts.yaml b/.werf/consts.yaml index a0e26f8d..bc9ea18e 100644 --- a/.werf/consts.yaml +++ b/.werf/consts.yaml @@ -2,7 +2,7 @@ {{- $_ := set $ "BASE_ALT" "registry.deckhouse.io/base_images/alt:p10@sha256:f105773c682498700680d7cd61a702a4315c4235aee3622757591fd510fb8b4a" }} {{- $_ := set $ "BASE_ALT_DEV" "registry.deckhouse.io/base_images/dev-alt:p10@sha256:76e6e163fa982f03468166203488b569e6d9fc10855d6a259c662706436cdcad" }} {{- $_ := set $ "BASE_ALT_P11" "registry.deckhouse.io/base_images/alt:p11@sha256:e47d84424485d3674240cb2f67d3a1801b37d327e6d1eb8cc8d01be8ed3b34f3" }} -{{- $_ := set $ "BASE_GOLANG_1_23" "registry.deckhouse.io/base_images/golang:1.23.4-bookworm@sha256:a9147a48ac5e925a66764afae7cf4b1cfd37a6e94ad7519eca74c1fd8993ae45" }} +{{- $_ := set $ "BASE_GOLANG_1_23" "registry.deckhouse.io/base_images/golang:1.23.6-bookworm@sha256:ca569d98545ab5a090449da29d637fb3f5a273d3a002554af328be9873777cef" }} {{- $_ := set $ "BASE_SCRATCH" "registry.deckhouse.io/base_images/scratch@sha256:653ae76965c98c8cd1c8c9ff7725316d2983986f896655b30e0f44d2f8b2dd7e" }} # Edition module settings, default ce diff --git a/api/v1alpha1/local_storage_class.go b/api/v1alpha1/local_storage_class.go index c57f4ff1..f53d9b93 100644 --- a/api/v1alpha1/local_storage_class.go +++ b/api/v1alpha1/local_storage_class.go @@ -60,5 +60,6 @@ type LocalStorageClassLVMThinPoolSpec struct { } type LocalStorageClassLVMThickSpec struct { - Contiguous bool `json:"contiguous"` + Contiguous bool `json:"contiguous"` + VolumeCleanup string `json:"volumeCleanup"` } diff --git a/crds/doc-ru-localstorageclass.yaml b/crds/doc-ru-localstorageclass.yaml index 16c48e6e..3b5f3c58 100644 --- a/crds/doc-ru-localstorageclass.yaml +++ b/crds/doc-ru-localstorageclass.yaml @@ -34,6 +34,14 @@ spec: contiguous: description: | Если true, логический том будет создан с флагом contiguous. Примечание: Этот флаг следует использовать с осторожностью, так как он может привести к плохому планированию подов, использующих постоянный том. Наш шедулер проверяет свободное место в VG и выбирает для подов узлы с наибольшим количеством свободного места, но он не может определить максимальное количество последовательного свободного места. В результате могут возникнуть ситуации, когда под будет запланирован на узел, на котором том не сможет быть создан из-за недостатка последовательного свободного места. В случае возникновения такой ситуации потребуется ручное вмешательство администратора. + volumeCleanup: + description: | + Метод очистки тома после удаления PV. + Если параметр не задан, после удаления PV данные могут удалиться, либо остаться. Гарантий удаления или неудаления нет. + Допустимые значения: + - `RandomFillSinglePass` - том будет перезаписан случайными данными один раз перед удалением. Использовать эту опцию не рекомендуется для твердотельных накопителей, так как она уменьшает ресурс накопителя. + - `RandomFillThreePass` - том будет перезаписан случайными данными три раза перед удалением. Использовать эту опцию не рекомендуется для твердотельных накопителей, так как она уменьшает ресурс накопителя. + - `Discard` - все блоки тома будут отмечены как свободные с использованием системного вызова `discard` перед удалением. Эта опция имеет смысл только для твердотельных накопителей. lvmVolumeGroups: description: | LVMVolumeGroup ресурсы, на которых будут размещены Persistent Volume. diff --git a/crds/localstorageclass.yaml b/crds/localstorageclass.yaml index 1b7036a1..9469a03d 100644 --- a/crds/localstorageclass.yaml +++ b/crds/localstorageclass.yaml @@ -108,6 +108,16 @@ spec: message: Value is immutable. description: | If true, the Logical Volume will be created with the contiguous flag. Note: This flag should be used with caution because it may lead to poor scheduling of pods using the Persistent Volume. Our scheduler checks the free space in VG and selects nodes with the most free space for pods. However, it cannot determine the maximum amount of sequential free space available. Consequently, there may be situations where a pod is scheduled to a node, but the volume cannot be created due to insufficient contiguous free space. If such a situation arises, manual intervention will be required. + volumeCleanup: + type: string + enum: [RandomFillThreePass, RandomFillSinglePass, Discard] + description: | + The method of the volume cleanup before deletion. + If the parameter is not set, after deleting the PV, the data may be deleted or it may remain. There is no guarantee of deletion or non-deletion. + Allowed values: + - `RandomFillSinglePass`: The volume will be overwritten with random data once before deletion. This option is not recommended for solid-state drives, as it reduces the lifespan of the drive. + - `RandomFillThreePass`: The volume will be overwritten with random data three times before deletion. This option is also not recommended for solid-state drives, as it reduces the lifespan of the drive. + - `Discard`: All blocks of the volume will be marked as free using the `discard`` system call before deletion. This option is only applicable to solid-state drives. lvmVolumeGroups: type: array description: | diff --git a/docs/README.md b/docs/README.md index 76bdbc14..27eae064 100644 --- a/docs/README.md +++ b/docs/README.md @@ -251,6 +251,25 @@ kubectl -n d8-sds-local-volume get pod -owide If StorageClass with the name `local-storage-class` is shown, then the configuration of the `sds-local-volume` module is complete. Now users can create PVCs by specifying StorageClass with the name `local-storage-class`. +### Selects the method to clean the volume before deleting the PV + +Files with user data may remain on the volume being deleted and may be available to other clients to which the PV is allocated. + +You can prevent this by configuring a file cleanup procedure before deleting the PV. +To do this, use the `volumeCleanup` parameter. +It allows you to select the method of cleaning the volume before deleting the PV. + +Possible values of the `volumeCleanup` parameter: + +- Parameter not specified - the volume will not be cleaned after PV deletion. There is no guarantee of deletion or non-deletion: data may be deleted or data may remain after PV deletion. +- `RandomFillSinglePass` - the volume will be overwritten with random data once before deletion. Using this option is not recommended for solid-state drives as it reduces the lifespan of the drive. +- `RandomFillThreePass` - the volume will be overwritten with random data three times before deletion. This option is not recommended for solid-state drives as it reduces the lifespan of the drive. +- `Discard` - all blocks of the volume will be marked as free using the `discard` system call before deletion. This option is only applicable to solid-state drives. + +Most modern solid-state drives ensure that a `discard` marked block will not return previous data when read. This makes the `Discard' option the most effective way to prevent leakage when using solid-state drives. +However, clearing a cell is a relatively long operation, so it is performed in the background by the device. In addition, many drives cannot clear individual cells, only groups - pages. Because of this, not all drives guarantee immediate unavailability of the freed data. In addition, not all drives that do guarantee this keep the promise. +If the device does not guarantee Deterministic TRIM (DRAT), Deterministic Read Zero after TRIM (RZAT) and is not tested, then it is not recommended. + ## System requirements and recommendations - Use the stock kernels provided with the [supported distributions](https://deckhouse.io/documentation/v1/supported_versions.html#linux). diff --git a/docs/README.ru.md b/docs/README.ru.md index 90d677d3..69185bfd 100644 --- a/docs/README.ru.md +++ b/docs/README.ru.md @@ -249,6 +249,25 @@ kubectl -n d8-sds-local-volume get pod -owide Если StorageClass с именем `local-storage-class` появился, значит настройка модуля `sds-local-volume` завершена. Теперь пользователи могут создавать PVC, указывая StorageClass с именем `local-storage-class`. +### Выбор метода очистки тома после удаления PV + +На удаляемом томе могут остаться файлы с пользовательскими данными, которые могут оказаться доступными другим клиентам, которым выделяется PV. + +Предотвратить это можно, настроив процедуру очистки файлов перед удалением PV. +Для этого используйте параметр `volumeCleanup`. +Он позволяет выбрать метод очистки тома перед удалением PV. + +Возможные значения параметра `volumeCleanup`: + +- Параметр не задан — том не будет очищен после удаления PV. Гарантий удаления или неудаления нет: после удаления PV данные могут удалиться, либо остаться. +- `RandomFillSinglePass` — том будет перезаписан случайными данными один раз перед удалением. Использовать эту опцию не рекомендуется для твердотельных накопителей, так как она уменьшает ресурс накопителя. +- `RandomFillThreePass` — том будет перезаписан случайными данными три раза перед удалением. Использовать эту опцию не рекомендуется для твердотельных накопителей, так как она уменьшает ресурс накопителя. +- `Discard` — все блоки тома будут отмечены как свободные с использованием системного вызова `discard` перед удалением. Эта опция имеет смысл только для твердотельных накопителей. + +Большинство современных твердотельных накопителей гарантирует, что помеченный `discard` блок при чтении не вернет предыдущие данные. Это делает опцию `Discard` самым эффективным способом предотвращения утечек при использовании твердотельных накопителей. +Однако очистка ячейки относительно долгая операция, поэтому выполняется устройством в фоне. К тому-же многие диски не могут очищать индивидуальные ячейки, а только группы - страницы. Из-за этого не все накопители гарантируют немедленную недоступность освобожденных данных. К тому-же не все накопители, гарантирующие это, держат обещание. +Если устройство не гарантирует Deterministic TRIM (DRAT), Deterministic Read Zero after TRIM (RZAT) и не является проверенным, то использовать его не рекомендуется. + ## Системные требования и рекомендации - Используйте стоковые ядра, поставляемые вместе с [поддерживаемыми дистрибутивами](https://deckhouse.ru/documentation/v1/supported_versions.html#linux). diff --git a/images/sds-local-volume-controller/src/go.mod b/images/sds-local-volume-controller/src/go.mod index c28fc843..dd43da77 100644 --- a/images/sds-local-volume-controller/src/go.mod +++ b/images/sds-local-volume-controller/src/go.mod @@ -4,7 +4,7 @@ go 1.23.4 require ( github.com/deckhouse/sds-local-volume/api v0.0.0-20250114155747-5d75d401a787 - github.com/deckhouse/sds-node-configurator/api v0.0.0-20250114161813-c1a8b09cd47d + github.com/deckhouse/sds-node-configurator/api v0.0.0-20250225084914-1778068d1911 github.com/go-logr/logr v1.4.2 github.com/onsi/ginkgo/v2 v2.20.0 github.com/onsi/gomega v1.34.1 @@ -78,3 +78,5 @@ require ( replace github.com/imdario/mergo => github.com/imdario/mergo v0.3.16 replace github.com/deckhouse/sds-local-volume/api => ../../../api + +replace github.com/deckhouse/sds-local-volume/lib/go/common => ../../../lib/go/common diff --git a/images/sds-local-volume-controller/src/go.sum b/images/sds-local-volume-controller/src/go.sum index 5faf975c..3f5393f4 100644 --- a/images/sds-local-volume-controller/src/go.sum +++ b/images/sds-local-volume-controller/src/go.sum @@ -6,8 +6,8 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/deckhouse/sds-node-configurator/api v0.0.0-20250114161813-c1a8b09cd47d h1:I5Bv75VPlH9AdBIOF4a1RIVRAr+zas8CMjeZ6pzJ7eE= -github.com/deckhouse/sds-node-configurator/api v0.0.0-20250114161813-c1a8b09cd47d/go.mod h1:ro/TIWC/cbDPgjaCzJkbrekzp1CqPzgAzGdNUnww+Ps= +github.com/deckhouse/sds-node-configurator/api v0.0.0-20250225084914-1778068d1911 h1:FSADbTFYKY3eOTvXEV5LxUzOmJ+BsZ6+WO8hQsbJN7s= +github.com/deckhouse/sds-node-configurator/api v0.0.0-20250225084914-1778068d1911/go.mod h1:bhgBeuAdLlDc9EQ5qI+/18iRj8Jfr2qfFwE1QnIoQM4= github.com/emicklei/go-restful/v3 v3.12.1 h1:PJMDIM/ak7btuL8Ex0iYET9hxM3CI2sjZtzpL63nKAU= github.com/emicklei/go-restful/v3 v3.12.1/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/evanphx/json-patch v4.12.0+incompatible h1:4onqiflcdA9EOZ4RxV643DvftH5pOlLGNtQ5lPWQu84= diff --git a/images/sds-local-volume-csi/src/driver/controller.go b/images/sds-local-volume-csi/src/driver/controller.go index 3724abea..a51f2152 100644 --- a/images/sds-local-volume-csi/src/driver/controller.go +++ b/images/sds-local-volume-csi/src/driver/controller.go @@ -254,7 +254,15 @@ func (d *Driver) CreateVolume(ctx context.Context, request *csi.CreateVolumeRequ if err != nil { d.log.Error(err, fmt.Sprintf("[CreateVolume][traceID:%s][volumeID:%s] error WaitForStatusUpdate. Delete LVMLogicalVolume %s", traceID, volumeID, request.Name)) - deleteErr := utils.DeleteLVMLogicalVolume(ctx, d.cl, d.log, traceID, request.Name) + volumeCleanup := "disable" + if feature.VolumeCleanupEnabled() { + localStorageClass, _ := utils.GetLSCBeforeLLVDelete(ctx, d.cl, *d.log, request.Name, traceID) + if localStorageClass != nil && localStorageClass.Spec.LVM != nil && localStorageClass.Spec.LVM.Thick != nil && localStorageClass.Spec.LVM.Thick.VolumeCleanup != "" { + volumeCleanup = localStorageClass.Spec.LVM.Thick.VolumeCleanup + } + } + + deleteErr := utils.DeleteLVMLogicalVolume(ctx, d.cl, d.log, traceID, request.Name, volumeCleanup) if deleteErr != nil { d.log.Error(deleteErr, fmt.Sprintf("[CreateVolume][traceID:%s][volumeID:%s] error DeleteLVMLogicalVolume", traceID, volumeID)) } @@ -296,17 +304,26 @@ func (d *Driver) CreateVolume(ctx context.Context, request *csi.CreateVolumeRequ func (d *Driver) DeleteVolume(ctx context.Context, request *csi.DeleteVolumeRequest) (*csi.DeleteVolumeResponse, error) { traceID := uuid.New().String() - d.log.Info("[DeleteVolume][traceID:%s] ========== Start DeleteVolume ============", traceID) + d.log.Info(fmt.Sprintf("[DeleteVolume][traceID:%s] ========== Start DeleteVolume ============", traceID)) if len(request.VolumeId) == 0 { return nil, status.Error(codes.InvalidArgument, "Volume ID cannot be empty") } - err := utils.DeleteLVMLogicalVolume(ctx, d.cl, d.log, traceID, request.VolumeId) + volumeCleanup := "disable" + if feature.VolumeCleanupEnabled() { + localStorageClass, _ := utils.GetLSCBeforeLLVDelete(ctx, d.cl, *d.log, request.VolumeId, traceID) + if localStorageClass != nil && localStorageClass.Spec.LVM != nil && localStorageClass.Spec.LVM.Thick != nil && localStorageClass.Spec.LVM.Thick.VolumeCleanup != "" { + volumeCleanup = localStorageClass.Spec.LVM.Thick.VolumeCleanup + } + } + + err := utils.DeleteLVMLogicalVolume(ctx, d.cl, d.log, traceID, request.VolumeId, volumeCleanup) if err != nil { d.log.Error(err, "error DeleteLVMLogicalVolume") + return nil, err } d.log.Info(fmt.Sprintf("[DeleteVolume][traceID:%s][volumeID:%s] Volume deleted successfully", traceID, request.VolumeId)) - d.log.Info("[DeleteVolume][traceID:%s] ========== END DeleteVolume ============", traceID) + d.log.Info(fmt.Sprintf("[DeleteVolume][traceID:%s] ========== END DeleteVolume ============", traceID)) return &csi.DeleteVolumeResponse{}, nil } diff --git a/images/sds-local-volume-csi/src/go.mod b/images/sds-local-volume-csi/src/go.mod index efe83720..2eaa96a7 100644 --- a/images/sds-local-volume-csi/src/go.mod +++ b/images/sds-local-volume-csi/src/go.mod @@ -6,7 +6,7 @@ require ( github.com/container-storage-interface/spec v1.10.0 github.com/deckhouse/sds-local-volume/api v0.0.0-20250114155747-5d75d401a787 github.com/deckhouse/sds-local-volume/lib/go/common v0.0.0-20250215220933-9c8f9f5ab53d - github.com/deckhouse/sds-node-configurator/api v0.0.0-20250213122438-37fad98a996a + github.com/deckhouse/sds-node-configurator/api v0.0.0-20250225084914-1778068d1911 github.com/go-logr/logr v1.4.2 github.com/golang/protobuf v1.5.4 github.com/google/uuid v1.6.0 diff --git a/images/sds-local-volume-csi/src/go.sum b/images/sds-local-volume-csi/src/go.sum index 5871b69e..d315ea3c 100644 --- a/images/sds-local-volume-csi/src/go.sum +++ b/images/sds-local-volume-csi/src/go.sum @@ -6,8 +6,8 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/deckhouse/sds-node-configurator/api v0.0.0-20250213122438-37fad98a996a h1:C/WUqgXGuPx9gEFLNPGh4sNZDW2zEW35yqcicovYCuE= -github.com/deckhouse/sds-node-configurator/api v0.0.0-20250213122438-37fad98a996a/go.mod h1:ro/TIWC/cbDPgjaCzJkbrekzp1CqPzgAzGdNUnww+Ps= +github.com/deckhouse/sds-node-configurator/api v0.0.0-20250225084914-1778068d1911 h1:FSADbTFYKY3eOTvXEV5LxUzOmJ+BsZ6+WO8hQsbJN7s= +github.com/deckhouse/sds-node-configurator/api v0.0.0-20250225084914-1778068d1911/go.mod h1:bhgBeuAdLlDc9EQ5qI+/18iRj8Jfr2qfFwE1QnIoQM4= github.com/emicklei/go-restful/v3 v3.12.1 h1:PJMDIM/ak7btuL8Ex0iYET9hxM3CI2sjZtzpL63nKAU= github.com/emicklei/go-restful/v3 v3.12.1/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0/FOJfg= diff --git a/images/sds-local-volume-csi/src/pkg/utils/func.go b/images/sds-local-volume-csi/src/pkg/utils/func.go index 0eafba9b..425031a4 100644 --- a/images/sds-local-volume-csi/src/pkg/utils/func.go +++ b/images/sds-local-volume-csi/src/pkg/utils/func.go @@ -24,8 +24,12 @@ import ( "time" "github.com/container-storage-interface/spec/lib/go/csi" + slv "github.com/deckhouse/sds-local-volume/api/v1alpha1" snc "github.com/deckhouse/sds-node-configurator/api/v1alpha1" + "google.golang.org/grpc/codes" + "google.golang.org/grpc/status" "gopkg.in/yaml.v2" + corev1 "k8s.io/api/core/v1" kerrors "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -198,6 +202,46 @@ func GetLVMLogicalVolumeSnapshot(ctx context.Context, kc client.Client, lvmLogic return &llvs, err } +func GetLSCBeforeLLVDelete(ctx context.Context, cl client.Client, log logger.Logger, volumeID, traceID string) (*slv.LocalStorageClass, error) { + log.Info(fmt.Sprintf("[DeleteVolume][traceID:%s] Fetching PersistentVolume with VolumeId: %s", traceID, volumeID)) + var pv corev1.PersistentVolume + if err := cl.Get(ctx, client.ObjectKey{Name: volumeID}, &pv); err != nil { + if kerrors.IsNotFound(err) { + log.Error(err, fmt.Sprintf("[DeleteVolume][traceID:%s] PersistentVolume %s not found: %v", traceID, volumeID, err)) + return nil, status.Errorf(codes.NotFound, "PersistentVolume %s not found: %v", volumeID, err) + } + log.Error(err, "[DeleteVolume][traceID:%s] Failed to fetch PersistentVolume: %v", traceID, err) + return nil, status.Errorf(codes.Internal, "Failed to fetch PersistentVolume %s: %v", volumeID, err) + } + + log.Info("[DeleteVolume][traceID:%s] PersistentVolume %s successfully fetched", traceID, volumeID) + + storageClassName := pv.Spec.StorageClassName + if storageClassName == "" { + log.Error(nil, "[DeleteVolume][traceID:%s] PersistentVolume %s does not have a StorageClassName defined", traceID, volumeID) + return nil, status.Error(codes.InvalidArgument, "PersistentVolume does not have a StorageClassName defined") + } + log.Info(fmt.Sprintf("[DeleteVolume][traceID:%s] StorageClassName for PersistentVolume %s: %s", traceID, volumeID, storageClassName)) + + log.Info(fmt.Sprintf("[DeleteVolume][traceID:%s] Fetching LocalStorageClass with name: %s", traceID, storageClassName)) + + var localStorageClass slv.LocalStorageClass + + err := cl.Get(ctx, client.ObjectKey{Name: storageClassName}, &localStorageClass) + if err != nil { + if kerrors.IsNotFound(err) { + log.Error(err, fmt.Sprintf("[DeleteVolume][traceID:%s] LocalStorageClass %s not found: %v", traceID, storageClassName, err)) + } else { + log.Error(err, fmt.Sprintf("[DeleteVolume][traceID:%s] Error fetching LocalStorageClass %s: %v", traceID, storageClassName, err)) + return nil, status.Errorf(codes.Internal, "Failed to fetch LocalStorageClass: %v", err) + } + } else { + log.Info(fmt.Sprintf("[DeleteVolume][traceID:%s] Successfully fetched LocalStorageClass: %s", traceID, storageClassName)) + } + + return &localStorageClass, nil +} + func CreateLVMLogicalVolume(ctx context.Context, kc client.Client, log *logger.Logger, traceID, name string, lvmLogicalVolumeSpec snc.LVMLogicalVolumeSpec) (*snc.LVMLogicalVolume, error) { var err error llv := &snc.LVMLogicalVolume{ @@ -215,7 +259,7 @@ func CreateLVMLogicalVolume(ctx context.Context, kc client.Client, log *logger.L return llv, err } -func DeleteLVMLogicalVolume(ctx context.Context, kc client.Client, log *logger.Logger, traceID, lvmLogicalVolumeName string) error { +func DeleteLVMLogicalVolume(ctx context.Context, kc client.Client, log *logger.Logger, traceID, lvmLogicalVolumeName, volumeCleanup string) error { var err error log.Trace(fmt.Sprintf("[DeleteLVMLogicalVolume][traceID:%s][volumeID:%s] Trying to find LVMLogicalVolume", traceID, lvmLogicalVolumeName)) @@ -224,6 +268,24 @@ func DeleteLVMLogicalVolume(ctx context.Context, kc client.Client, log *logger.L return fmt.Errorf("get LVMLogicalVolume %s: %w", lvmLogicalVolumeName, err) } + if volumeCleanup != "disable" { + if llv.Spec.Thick != nil { + llv.Spec.Thick.VolumeCleanup = &volumeCleanup + } else { + llv.Spec.Thick = &snc.LVMLogicalVolumeThickSpec{ + VolumeCleanup: &volumeCleanup, + } + } + } else { + if llv.Spec.Thick != nil { + llv.Spec.Thick.VolumeCleanup = nil + } + } + err = kc.Update(ctx, llv) + if err != nil { + return fmt.Errorf("update LVMLogicalVolume %s: %w", lvmLogicalVolumeName, err) + } + log.Trace(fmt.Sprintf("[DeleteLVMLogicalVolume][traceID:%s][volumeID:%s] LVMLogicalVolume found: %+v (status: %+v)", traceID, lvmLogicalVolumeName, llv, llv.Status)) log.Trace(fmt.Sprintf("[DeleteLVMLogicalVolume][traceID:%s][volumeID:%s] Removing finalizer %s if exists", traceID, lvmLogicalVolumeName, SDSLocalVolumeCSIFinalizer)) diff --git a/images/sds-local-volume-scheduler-extender/src/cmd/access_log_test.go b/images/sds-local-volume-scheduler-extender/src/cmd/access_log_test.go index 00cdd8a5..5c1c349f 100644 --- a/images/sds-local-volume-scheduler-extender/src/cmd/access_log_test.go +++ b/images/sds-local-volume-scheduler-extender/src/cmd/access_log_test.go @@ -54,7 +54,11 @@ func TestAccessLogHandler(t *testing.T) { mux := http.NewServeMux() mux.HandleFunc("/hello", func(w http.ResponseWriter, _ *http.Request) { w.WriteHeader(http.StatusOK) - w.Write([]byte("hello")) + // w.Write([]byte("hello")) + _, err := w.Write([]byte("hello")) + if err != nil { + t.Fatal(err) + } }) serv := httptest.NewServer(accessLogHandler(ctx, mux)) defer serv.Close() diff --git a/images/sds-local-volume-scheduler-extender/src/go.mod b/images/sds-local-volume-scheduler-extender/src/go.mod index 1f66653e..e8f70901 100644 --- a/images/sds-local-volume-scheduler-extender/src/go.mod +++ b/images/sds-local-volume-scheduler-extender/src/go.mod @@ -4,7 +4,7 @@ go 1.23.4 require ( github.com/deckhouse/sds-local-volume/api v0.0.0-20250114155747-5d75d401a787 - github.com/deckhouse/sds-node-configurator/api v0.0.0-20250114161813-c1a8b09cd47d + github.com/deckhouse/sds-node-configurator/api v0.0.0-20250225084914-1778068d1911 github.com/go-logr/logr v1.4.2 github.com/go-logr/zapr v1.3.0 github.com/spf13/cobra v1.8.1 @@ -77,3 +77,5 @@ require ( replace github.com/imdario/mergo => github.com/imdario/mergo v0.3.16 replace github.com/deckhouse/sds-local-volume/api => ../../../api + +replace github.com/deckhouse/sds-local-volume/lib/go/common => ../../../lib/go/common diff --git a/images/sds-local-volume-scheduler-extender/src/go.sum b/images/sds-local-volume-scheduler-extender/src/go.sum index 42ca4f40..a8d86c19 100644 --- a/images/sds-local-volume-scheduler-extender/src/go.sum +++ b/images/sds-local-volume-scheduler-extender/src/go.sum @@ -7,8 +7,8 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/deckhouse/sds-node-configurator/api v0.0.0-20250114161813-c1a8b09cd47d h1:I5Bv75VPlH9AdBIOF4a1RIVRAr+zas8CMjeZ6pzJ7eE= -github.com/deckhouse/sds-node-configurator/api v0.0.0-20250114161813-c1a8b09cd47d/go.mod h1:ro/TIWC/cbDPgjaCzJkbrekzp1CqPzgAzGdNUnww+Ps= +github.com/deckhouse/sds-node-configurator/api v0.0.0-20250225084914-1778068d1911 h1:FSADbTFYKY3eOTvXEV5LxUzOmJ+BsZ6+WO8hQsbJN7s= +github.com/deckhouse/sds-node-configurator/api v0.0.0-20250225084914-1778068d1911/go.mod h1:bhgBeuAdLlDc9EQ5qI+/18iRj8Jfr2qfFwE1QnIoQM4= github.com/emicklei/go-restful/v3 v3.12.1 h1:PJMDIM/ak7btuL8Ex0iYET9hxM3CI2sjZtzpL63nKAU= github.com/emicklei/go-restful/v3 v3.12.1/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/evanphx/json-patch v0.5.2 h1:xVCHIVMUu1wtM/VkR9jVZ45N3FhZfYMMYGorLCR8P3k= diff --git a/images/webhooks/src/go.mod b/images/webhooks/src/go.mod index af958340..f5b3e9ba 100644 --- a/images/webhooks/src/go.mod +++ b/images/webhooks/src/go.mod @@ -4,7 +4,7 @@ go 1.23.4 require ( github.com/deckhouse/sds-local-volume/api v0.0.0-20250114155747-5d75d401a787 - github.com/deckhouse/sds-node-configurator/api v0.0.0-20250114161813-c1a8b09cd47d + github.com/deckhouse/sds-node-configurator/api v0.0.0-20250225084914-1778068d1911 github.com/sirupsen/logrus v1.9.3 github.com/slok/kubewebhook/v2 v2.6.0 k8s.io/api v0.30.3 @@ -56,3 +56,7 @@ require ( sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect sigs.k8s.io/yaml v1.4.0 // indirect ) + +replace github.com/deckhouse/sds-local-volume/api => ../../../api + +replace github.com/deckhouse/sds-local-volume/lib/go/common => ../../../lib/go/common diff --git a/images/webhooks/src/go.sum b/images/webhooks/src/go.sum index ce5396b2..9e1cfe03 100644 --- a/images/webhooks/src/go.sum +++ b/images/webhooks/src/go.sum @@ -2,10 +2,8 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/deckhouse/sds-local-volume/api v0.0.0-20250114155747-5d75d401a787 h1:YYeoWACJsEOqNcQ/RWDsF82hihNYZKlYZAJopvdeKrQ= -github.com/deckhouse/sds-local-volume/api v0.0.0-20250114155747-5d75d401a787/go.mod h1:LBLI26oEmeAMYTSRFFFljP8AOk4kqJEwHcf4fYnyzME= -github.com/deckhouse/sds-node-configurator/api v0.0.0-20250114161813-c1a8b09cd47d h1:I5Bv75VPlH9AdBIOF4a1RIVRAr+zas8CMjeZ6pzJ7eE= -github.com/deckhouse/sds-node-configurator/api v0.0.0-20250114161813-c1a8b09cd47d/go.mod h1:ro/TIWC/cbDPgjaCzJkbrekzp1CqPzgAzGdNUnww+Ps= +github.com/deckhouse/sds-node-configurator/api v0.0.0-20250225084914-1778068d1911 h1:FSADbTFYKY3eOTvXEV5LxUzOmJ+BsZ6+WO8hQsbJN7s= +github.com/deckhouse/sds-node-configurator/api v0.0.0-20250225084914-1778068d1911/go.mod h1:bhgBeuAdLlDc9EQ5qI+/18iRj8Jfr2qfFwE1QnIoQM4= github.com/emicklei/go-restful/v3 v3.12.0 h1:y2DdzBAURM29NFF94q6RaY4vjIH1rtwDapwQtU84iWk= github.com/emicklei/go-restful/v3 v3.12.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/evanphx/json-patch v4.12.0+incompatible h1:4onqiflcdA9EOZ4RxV643DvftH5pOlLGNtQ5lPWQu84= diff --git a/lib/go/common/pkg/feature/const_ce.go b/lib/go/common/pkg/feature/const_ce.go index f1240f87..aec6ce27 100644 --- a/lib/go/common/pkg/feature/const_ce.go +++ b/lib/go/common/pkg/feature/const_ce.go @@ -16,3 +16,4 @@ limitations under the License. package feature const snapshotsEnabled = false +const volumeCleanupEnabled = false diff --git a/lib/go/common/pkg/feature/const_csepro.go b/lib/go/common/pkg/feature/const_csepro.go index 3a0b2587..bdd208fb 100644 --- a/lib/go/common/pkg/feature/const_csepro.go +++ b/lib/go/common/pkg/feature/const_csepro.go @@ -9,3 +9,4 @@ See https://github.com/deckhouse/deckhouse/blob/main/ee/LICENSE package feature const snapshotsEnabled = true +const volumeCleanupEnabled = true diff --git a/lib/go/common/pkg/feature/const_ee.go b/lib/go/common/pkg/feature/const_ee.go index cf1d2165..0fd07f6b 100644 --- a/lib/go/common/pkg/feature/const_ee.go +++ b/lib/go/common/pkg/feature/const_ee.go @@ -9,3 +9,4 @@ See https://github.com/deckhouse/deckhouse/blob/main/ee/LICENSE package feature const snapshotsEnabled = true +const volumeCleanupEnabled = true diff --git a/lib/go/common/pkg/feature/const_se.go b/lib/go/common/pkg/feature/const_se.go index 8a5bbca0..fdb30460 100644 --- a/lib/go/common/pkg/feature/const_se.go +++ b/lib/go/common/pkg/feature/const_se.go @@ -9,3 +9,4 @@ See https://github.com/deckhouse/deckhouse/blob/main/ee/LICENSE package feature const snapshotsEnabled = true +const volumeCleanupEnabled = false diff --git a/lib/go/common/pkg/feature/const_seplus.go b/lib/go/common/pkg/feature/const_seplus.go index d2445b57..61f6352c 100644 --- a/lib/go/common/pkg/feature/const_seplus.go +++ b/lib/go/common/pkg/feature/const_seplus.go @@ -9,3 +9,4 @@ See https://github.com/deckhouse/deckhouse/blob/main/ee/LICENSE package feature const snapshotsEnabled = true +const volumeCleanupEnabled = false diff --git a/lib/go/common/pkg/feature/feature.go b/lib/go/common/pkg/feature/feature.go index 18ed9940..c82186b8 100644 --- a/lib/go/common/pkg/feature/feature.go +++ b/lib/go/common/pkg/feature/feature.go @@ -3,3 +3,7 @@ package feature func SnapshotsEnabled() bool { return snapshotsEnabled } + +func VolumeCleanupEnabled() bool { + return volumeCleanupEnabled +} diff --git a/templates/sds-local-volume-csi/controller.yaml b/templates/sds-local-volume-csi/controller.yaml index 29492ad9..7bf7eda4 100644 --- a/templates/sds-local-volume-csi/controller.yaml +++ b/templates/sds-local-volume-csi/controller.yaml @@ -301,8 +301,8 @@ spec: - name: {{ .Chart.Name }}-module-registry restartPolicy: Always schedulerName: default-scheduler - serviceAccount: default - serviceAccountName: default + serviceAccount: csi + serviceAccountName: csi terminationGracePeriodSeconds: 30 volumes: - hostPath: diff --git a/templates/sds-local-volume-csi/rbac-for-us.yaml b/templates/sds-local-volume-csi/rbac-for-us.yaml index 78a7f701..6431fe27 100644 --- a/templates/sds-local-volume-csi/rbac-for-us.yaml +++ b/templates/sds-local-volume-csi/rbac-for-us.yaml @@ -13,6 +13,7 @@ rules: - lvmvolumegroups - lvmlogicalvolumes - lvmlogicalvolumesnapshots + - localstorageclasses verbs: - get - list