alexlebens/external-snapshotter
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

- Introduce new flag to enable feature to prevent unauthorised volume mode conversion

Browse Source 
- Changes to snapshot controller to read the volume mode from the PV and add it to SourceVolumeMode field in VolumeSnapshotContent
This commit is contained in:
Raunak Pradip Shah
2022-03-30 10:20:55 +05:30
parent 019a59a10f
commit 5b578e8573
4 changed files with 21 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
pkg/common-controller/framework_test.go
View File

@@ -844,6 +844,7 @@ func newTestController(kubeClient kubernetes.Interface, clientset clientset.Inte
workqueue.NewItemExponentialFailureRateLimiter(1*time.Millisecond, 1*time.Minute),
workqueue.NewItemExponentialFailureRateLimiter(1*time.Millisecond, 1*time.Minute),
false,
false,
)
ctrl.eventRecorder = record.NewFakeRecorder(1000)

14
pkg/common-controller/snapshot_controller.go
View File

@@ -684,6 +684,20 @@ func (ctrl *csiSnapshotCommonController) createSnapshotContent(snapshot *crdv1.V
}
}
if ctrl.preventVolumeModeConversion {
volumeMode := volume.Spec.VolumeMode
if volumeMode != nil {
snapshotContent.Spec.SourceVolumeMode = new(crdv1.SourceVolumeMode)
switch *volumeMode {
case v1.PersistentVolumeBlock:
*snapshotContent.Spec.SourceVolumeMode = crdv1.SourceVolumeModeBlock
case v1.PersistentVolumeFilesystem:
*snapshotContent.Spec.SourceVolumeMode = crdv1.SourceVolumeModeFilesystem
}
}
klog.V(5).Infof("snapcontent %s has volume mode %s", snapshotContent.Name, *snapshotContent.Spec.SourceVolumeMode)
}
// Set AnnDeletionSecretRefName and AnnDeletionSecretRefNamespace
if snapshotterSecretRef != nil {
klog.V(5).Infof("createSnapshotContent: set annotation [%s] on content [%s].", utils.AnnDeletionSecretRefName, snapshotContent.Name)

4
pkg/common-controller/snapshot_controller_base.go
View File

@@ -68,6 +68,7 @@ type csiSnapshotCommonController struct {
resyncPeriod time.Duration
enableDistributedSnapshotting bool
preventVolumeModeConversion bool
}
// NewCSISnapshotController returns a new *csiSnapshotCommonController
@@ -84,6 +85,7 @@ func NewCSISnapshotCommonController(
snapshotRateLimiter workqueue.RateLimiter,
contentRateLimiter workqueue.RateLimiter,
enableDistributedSnapshotting bool,
preventVolumeModeConversion bool,
) *csiSnapshotCommonController {
broadcaster := record.NewBroadcaster()
broadcaster.StartLogging(klog.Infof)
@@ -138,6 +140,8 @@ func NewCSISnapshotCommonController(
ctrl.nodeListerSynced = nodeInformer.Informer().HasSynced
}
ctrl.preventVolumeModeConversion = preventVolumeModeConversion
return ctrl
}