[cinder] Enable volume backup for iSCSI based volumes

This patchset added the necessary hostPath, hostIpc and hostNetwork to enable the volume backup for iSCSI based Cinder volumes. Change-Id: Ief3cc723650a6c42e24dfd6159c0de6f81e56fce
2021-01-08 23:02:29 +00:00 · 2021-01-08 23:02:29 +00:00 · 0a1d6aeb94
commit 0a1d6aeb94
parent 73f6f5695b
4 changed files with 54 additions and 1 deletions
--- a/cinder/Chart.yaml
+++ b/cinder/Chart.yaml
@ -14,7 +14,7 @@ apiVersion: v1
 appVersion: v1.0.0
 description: OpenStack-Helm Cinder
 name: cinder
-version: 0.1.5
+version: 0.1.6
 home: https://docs.openstack.org/cinder/latest/
 icon: https://www.openstack.org/themes/openstack/images/project-mascots/Cinder/OpenStack_Project_Cinder_vertical.png
 sources:
--- a/cinder/templates/deployment-backup.yaml
+++ b/cinder/templates/deployment-backup.yaml
@ -53,6 +53,12 @@ spec:
 {{ tuple $envAll "cinder" "backup" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
      nodeSelector:
        {{ .Values.labels.backup.node_selector_key }}: {{ .Values.labels.backup.node_selector_value }}
+{{- if .Values.pod.useHostNetwork.backup }}
+      hostNetwork: true
+{{- end }}
+{{- if .Values.conf.enable_iscsi }}
+      hostIPC: true
+{{- end }}
      initContainers:
 {{ tuple $envAll "backup" $mounts_cinder_backup_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
        {{- if (contains "cinder.backup.drivers.ceph" .Values.conf.cinder.DEFAULT.backup_driver) }}
@ -151,6 +157,7 @@ spec:
 {{ dict "envAll" $envAll "application" "cinder_backup" "container" "cinder_backup" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
          command:
            - /tmp/cinder-backup.sh
+          terminationMessagePath: /var/log/termination-log
          volumeMounts:
            - name: pod-tmp
              mountPath: /tmp
@ -235,6 +242,30 @@ spec:
              mountPath: /etc/cinder/rootwrap.d/volume.filters
              subPath: volume.filters
              readOnly: true
+            {{- if .Values.conf.enable_iscsi }}
+            - name: host-rootfs
+              mountPath: /mnt/host-rootfs
+              {{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "10" ) }}
+              mountPropagation: HostToContainer
+              {{- end }}
+            - name: host-dev
+              mountPath: /dev
+              {{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "10" ) }}
+              mountPropagation: Bidirectional
+              {{- end }}
+            - name: runlock
+              mountPath: /run/lock
+            - name: etciscsi
+              mountPath: /etc/iscsi
+              {{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "10" ) }}
+              mountPropagation: Bidirectional
+              {{- end }}
+            - name: usrlocalsbin
+              mountPath: /usr/local/sbin
+            - name: cinder-bin
+              mountPath: /usr/local/sbin/iscsiadm
+              subPath: iscsiadm
+            {{- end }}
 {{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_db.auth.admin.secret.tls.internal "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
 {{ if $mounts_cinder_backup.volumeMounts }}{{ toYaml $mounts_cinder_backup.volumeMounts | indent 12 }}{{ end }}
      volumes:
@ -284,6 +315,22 @@ spec:
        - name: cinder-coordination
          emptyDir: {}
        {{- end }}
+        {{- if .Values.conf.enable_iscsi }}
+        - name: host-rootfs
+          hostPath:
+            path: /
+        - name: host-dev
+          hostPath:
+            path: /dev
+        - name: runlock
+          hostPath:
+            path: /run/lock
+        - name: etciscsi
+          hostPath:
+            path: /etc/iscsi
+        - name: usrlocalsbin
+          emptyDir: {}
+        {{- end }}
 {{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_db.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
 {{ if $mounts_cinder_backup.volumes }}{{ toYaml $mounts_cinder_backup.volumes | indent 8 }}{{ end }}
 {{- end }}
--- a/cinder/values.yaml
+++ b/cinder/values.yaml
@ -175,6 +175,7 @@ pod:
        default: 10
  useHostNetwork:
    volume: false
+    backup: false
  mounts:
    cinder_api:
      init_container: null
--- a/cinder/values_overrides/backend_pure.yaml
+++ b/cinder/values_overrides/backend_pure.yaml
@ -5,12 +5,17 @@
 pod:
  useHostNetwork:
    volume: true
+    backup: true
  security_context:
    cinder_volume:
      container:
        cinder_volume:
          readOnlyRootFilesystem: true
          privileged: true
+    cinder_backup:
+      container:
+        cinder_backup:
+          privileged: true
 conf:
  cinder:
    DEFAULT: