Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for adding CSI volumes as Additional Volumes #784

Merged
merged 3 commits into from
Apr 22, 2024
Merged

Add support for adding CSI volumes as Additional Volumes #784

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
f7e022e
Add support for adding CSI volumes as Additional Volumes
nilushancosta Apr 16, 2024
52e63da
Merge remote-tracking branch 'upstream/main' into csi
nilushancosta Apr 20, 2024
e6a83b8
Copy CRD file to Helm chart and document CRD changes
nilushancosta Apr 20, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
90 changes: 90 additions & 0 deletions charts/opensearch-operator/files/opensearch.opster.io_opensearchclusters.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1022,6 +1022,51 @@ spec:
type: boolean
type: object
x-kubernetes-map-type: atomic
csi:
description: CSI object to use to populate the volume
properties:
driver:
description: |-
driver is the name of the CSI driver that handles this volume.
Consult with your admin for the correct name as registered in the cluster.
type: string
fsType:
description: |-
fsType to mount. Ex. "ext4", "xfs", "ntfs".
If not provided, the empty value is passed to the associated CSI driver
which will determine the default filesystem to apply.
type: string
nodePublishSecretRef:
description: |-
nodePublishSecretRef is a reference to the secret object containing
sensitive information to pass to the CSI driver to complete the CSI
NodePublishVolume and NodeUnpublishVolume calls.
This field is optional, and may be empty if no secret is required. If the
secret object contains more than one secret, all secret references are passed.
properties:
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
type: object
x-kubernetes-map-type: atomic
readOnly:
description: |-
readOnly specifies a read-only configuration for the volume.
Defaults to false (read/write).
type: boolean
volumeAttributes:
additionalProperties:
type: string
description: |-
volumeAttributes stores driver-specific properties that are passed to the CSI
driver. Consult your driver's documentation for supported values.
type: object
required:
- driver
type: object
emptyDir:
description: EmptyDir to use to populate the volume
properties:
Expand Down Expand Up @@ -2645,6 +2690,51 @@ spec:
type: boolean
type: object
x-kubernetes-map-type: atomic
csi:
description: CSI object to use to populate the volume
properties:
driver:
description: |-
driver is the name of the CSI driver that handles this volume.
Consult with your admin for the correct name as registered in the cluster.
type: string
fsType:
description: |-
fsType to mount. Ex. "ext4", "xfs", "ntfs".
If not provided, the empty value is passed to the associated CSI driver
which will determine the default filesystem to apply.
type: string
nodePublishSecretRef:
description: |-
nodePublishSecretRef is a reference to the secret object containing
sensitive information to pass to the CSI driver to complete the CSI
NodePublishVolume and NodeUnpublishVolume calls.
This field is optional, and may be empty if no secret is required. If the
secret object contains more than one secret, all secret references are passed.
properties:
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
type: object
x-kubernetes-map-type: atomic
readOnly:
description: |-
readOnly specifies a read-only configuration for the volume.
Defaults to false (read/write).
type: boolean
volumeAttributes:
additionalProperties:
type: string
description: |-
volumeAttributes stores driver-specific properties that are passed to the CSI
driver. Consult your driver's documentation for supported values.
type: object
required:
- driver
type: object
emptyDir:
description: EmptyDir to use to populate the volume
properties:
Expand Down
56 changes: 40 additions & 16 deletions docs/designs/crd.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -672,22 +672,31 @@ Monitoring TLS configuration options

Every Keystore Value defines a secret to pull secrets from.
<table>
<tbody>
<tr>
<td><b>secret</b></td>
<td>corev1.LocalObjectReference</td>
<td>Define secret that contains key value pairs</td>
<td>true</td>
<td>-</td>
</tr>
<tr>
<td><b>keyMappings</b></td>
<td>map</td>
<td>Define key mappings from secret to keystore entry. Example: "old: new" creates a keystore entry "new" with the value from the secret entry "old". When a map is provided, only the specified keys are loaded from the secret, so use "key: key" to load a key that should not be renamed.</td>
<td>false</td>
<td>-</td>
</tr>
</tbody>
<thead>
<tr>
<th>Name</th>
<th>Type</th>
<th>Description</th>
<th>Required</th>
<th>default</th>
</tr>
</thead>
<tbody>
<tr>
<td><b>secret</b></td>
<td>corev1.LocalObjectReference</td>
<td>Define secret that contains key value pairs</td>
<td>true</td>
<td>-</td>
</tr>
<tr>
<td><b>keyMappings</b></td>
<td>map</td>
<td>Define key mappings from secret to keystore entry. Example: "old: new" creates a keystore entry "new" with the value from the secret entry "old". When a map is provided, only the specified keys are loaded from the secret, so use "key: key" to load a key that should not be renamed.</td>
<td>false</td>
<td>-</td>
</tr>
</tbody>
</table>

<h3 id="AdditionalVolume">
Expand All @@ -696,6 +705,15 @@ Every Keystore Value defines a secret to pull secrets from.

AdditionalVolume object define additional volume and volumeMount
<table>
<thead>
<tr>
<th>Name</th>
<th>Type</th>
<th>Description</th>
<th>Required</th>
<th>default</th>
</tr>
</thead>
<tbody>
<tr>
<td><b>name</b></td>
Expand Down Expand Up @@ -739,6 +757,12 @@ AdditionalVolume object define additional volume and volumeMount
<td>Defines Secret object to be mounted</td>
<td>false</td>
<td>-</td>
</tr><tr>
<td><b>csi</b></td>
<td>corev1.CSIVolumeSource</td>
<td>Defines the CSI object to be mounted</td>
<td>false</td>
<td>-</td>
</tr>
</tbody>
</table>
Expand Down
10 changes: 9 additions & 1 deletion docs/userguide/main.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -698,7 +698,7 @@ spec:

### Additional Volumes

Sometimes it is neccessary to mount ConfigMaps, Secrets or emptyDir into the Opensearch pods as volumes to provide additional configuration (e.g. plugin config files). This can be achieved by providing an array of additional volumes to mount to the custom resource. This option is located in either `spec.general.additionalVolumes` or `spec.dashboards.additionalVolumes`. The format is as follows:
Sometimes it is neccessary to mount ConfigMaps, Secrets, emptyDir or CSI volumes into the Opensearch pods as volumes to provide additional configuration (e.g. plugin config files). This can be achieved by providing an array of additional volumes to mount to the custom resource. This option is located in either `spec.general.additionalVolumes` or `spec.dashboards.additionalVolumes`. The format is as follows:

```yaml
spec:
Expand All @@ -713,6 +713,14 @@ spec:
- name: temp
path: /tmp
emptyDir: {}
- name: example-csi-volume
path: /path/to/mount/volume
#subPath: "subpath" # Add this to mount the CSI volume at a specific subpath
csi:
driver: csi-driver-name
readOnly: true
volumeAttributes:
secretProviderClass: example-secret-provider-class
dashboards:
additionalVolumes:
- name: example-secret
Expand Down
2 changes: 2 additions & 0 deletions opensearch-operator/api/v1/opensearch_types.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -293,6 +293,8 @@ type AdditionalVolume struct {
ConfigMap *corev1.ConfigMapVolumeSource `json:"configMap,omitempty"`
// EmptyDir to use to populate the volume
EmptyDir *corev1.EmptyDirVolumeSource `json:"emptyDir,omitempty"`
// CSI object to use to populate the volume
CSI *corev1.CSIVolumeSource `json:"csi,omitempty"`
// Whether to restart the pods on content change
RestartPods bool `json:"restartPods,omitempty"`
}
Expand Down
5 changes: 5 additions & 0 deletions opensearch-operator/api/v1/zz_generated.deepcopy.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

90 changes: 90 additions & 0 deletions opensearch-operator/config/crd/bases/opensearch.opster.io_opensearchclusters.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1022,6 +1022,51 @@ spec:
type: boolean
type: object
x-kubernetes-map-type: atomic
csi:
description: CSI object to use to populate the volume
properties:
driver:
description: |-
driver is the name of the CSI driver that handles this volume.
Consult with your admin for the correct name as registered in the cluster.
type: string
fsType:
description: |-
fsType to mount. Ex. "ext4", "xfs", "ntfs".
If not provided, the empty value is passed to the associated CSI driver
which will determine the default filesystem to apply.
type: string
nodePublishSecretRef:
description: |-
nodePublishSecretRef is a reference to the secret object containing
sensitive information to pass to the CSI driver to complete the CSI
NodePublishVolume and NodeUnpublishVolume calls.
This field is optional, and may be empty if no secret is required. If the
secret object contains more than one secret, all secret references are passed.
properties:
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
type: object
x-kubernetes-map-type: atomic
readOnly:
description: |-
readOnly specifies a read-only configuration for the volume.
Defaults to false (read/write).
type: boolean
volumeAttributes:
additionalProperties:
type: string
description: |-
volumeAttributes stores driver-specific properties that are passed to the CSI
driver. Consult your driver's documentation for supported values.
type: object
required:
- driver
type: object
emptyDir:
description: EmptyDir to use to populate the volume
properties:
Expand Down Expand Up @@ -2645,6 +2690,51 @@ spec:
type: boolean
type: object
x-kubernetes-map-type: atomic
csi:
description: CSI object to use to populate the volume
properties:
driver:
description: |-
driver is the name of the CSI driver that handles this volume.
Consult with your admin for the correct name as registered in the cluster.
type: string
fsType:
description: |-
fsType to mount. Ex. "ext4", "xfs", "ntfs".
If not provided, the empty value is passed to the associated CSI driver
which will determine the default filesystem to apply.
type: string
nodePublishSecretRef:
description: |-
nodePublishSecretRef is a reference to the secret object containing
sensitive information to pass to the CSI driver to complete the CSI
NodePublishVolume and NodeUnpublishVolume calls.
This field is optional, and may be empty if no secret is required. If the
secret object contains more than one secret, all secret references are passed.
properties:
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
type: object
x-kubernetes-map-type: atomic
readOnly:
description: |-
readOnly specifies a read-only configuration for the volume.
Defaults to false (read/write).
type: boolean
volumeAttributes:
additionalProperties:
type: string
description: |-
volumeAttributes stores driver-specific properties that are passed to the CSI
driver. Consult your driver's documentation for supported values.
type: object
required:
- driver
type: object
emptyDir:
description: EmptyDir to use to populate the volume
properties:
Expand Down
12 changes: 10 additions & 2 deletions opensearch-operator/pkg/reconcilers/util/util.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -127,14 +127,22 @@ func CreateAdditionalVolumes(
},
})
}
if volumeConfig.CSI != nil {
retVolumes = append(retVolumes, corev1.Volume{
Name: volumeConfig.Name,
VolumeSource: corev1.VolumeSource{
CSI: volumeConfig.CSI,
},
})
}
if volumeConfig.RestartPods {
namesIndex[volumeConfig.Name] = i
names = append(names, volumeConfig.Name)
}

subPath := ""
// SubPaths are only supported for ConfigMaps and Secrets
if volumeConfig.ConfigMap != nil || volumeConfig.Secret != nil {
// SubPaths are only supported for ConfigMaps, Secrets and CSI volumes
if volumeConfig.ConfigMap != nil || volumeConfig.Secret != nil || volumeConfig.CSI != nil {
subPath = strings.TrimSpace(volumeConfig.SubPath)
}

Expand Down
Loading