Update Trident backend to use TridentBackendConfig

Use TridentBackendConfig custom resource to let trident backend be created and managed by kubectl instead of tridentctl. Kubectl automatically update backend when status is not online, not being necessary to reapply it manually. Test Plan: Pass: AIO-SX - Install trident with TBC backend Pass: AIO-SX - Backup and Restore Pass: AIO-SX - Deliberately trigger error message when creating Trident Backend Config Secret and TridentBackendConfig. Closes-Bug: 2023330 Signed-off-by: Daian Cardoso Sganderlla <Daian.CardosoSganderlla@windriver.com> Change-Id: I5849d3d2edb58d27175e2f2e58238ef5e21d1bca
2023-06-05 07:28:35 -04:00
parent a97a2e273f
commit f0200de140
5 changed files with 131 additions and 21 deletions
--- a/playbookconfig/src/playbooks/host_vars/netapp/default.yml
+++ b/playbookconfig/src/playbooks/host_vars/netapp/default.yml
@@ -1,6 +1,6 @@
 ---
 #
-# Copyright (c) 2020 Wind River Systems, Inc.
+# Copyright (c) 2020-2023 Wind River Systems, Inc.
 #
 # SPDX-License-Identifier: Apache-2.0
 #
@@ -129,13 +129,26 @@ netapp_k8s_snapshotstorageclasses:
    driver: csi.trident.netapp.io
    deletionPolicy: Delete
-netapp_backends:
+# The code below must be overrided in a local yaml file for installation to be successful.
-  - version: 1
+# It is kept here just for the purpose of serving as a template.
-    storageDriverName: "ontap-nas"     # should be the same as storageclass.parameters.backendType
+#
-    backendName: "nas-backend"
+# netapp_backends:
-    managementLIF: "10.0.0.1"
+#   - metadata:
-    dataLIF: "10.0.0.2"
+#       name: backend-tbc
-    svm: "svm_nfs"
+#     spec:
-    username: "admin"
+#       version: 1
-    password: "secret"
+#       storageDriverName: "ontap-nas"
-    # nfsMountOptions: "nfsvers=4"
+#       backendName: "nas-backend"
 #       managementLIF: "10.0.0.1"
 #       dataLIF: "10.0.0.2"
 #       svm: "svm_nfs"
 #       credentials:
 #         name: backend-tbc-secret
 # tbc_secret:
 #   - metadata:
 #       name: backend-tbc-secret
 #     type: Opaque
 #     stringData:
 #       username: "admin"
 #       password: "secret"
--- a/playbookconfig/src/playbooks/roles/k8s-storage-backends/netapp/tasks/configure-storage-classes.yml
+++ b/playbookconfig/src/playbooks/roles/k8s-storage-backends/netapp/tasks/configure-storage-classes.yml
@@ -1,6 +1,6 @@
 ---
 #
-# Copyright (c) 2020 Wind River Systems, Inc.
+# Copyright (c) 2020,2023 Wind River Systems, Inc.
 #
 # SPDX-License-Identifier: Apache-2.0
 #
@@ -29,8 +29,11 @@
    dest: "{{ storageclass_file }}"
 - name: Remove StorageClass if it exists
-  command: "kubectl --kubeconfig=/etc/kubernetes/admin.conf delete storageclass {{ storage_class.metadata.name }}"
+  command: >
    "kubectl --kubeconfig=/etc/kubernetes/admin.conf
    -n {{ trident_namespace }}
    delete storageclass {{ storage_class.metadata.name }}"
  failed_when: false
 - name: Create K8s StorageClass
-  command: "kubectl --kubeconfig=/etc/kubernetes/admin.conf apply -f {{ storageclass_file }}"
+  command: "kubectl --kubeconfig=/etc/kubernetes/admin.conf -n {{ trident_namespace }} apply -f {{ storageclass_file }}"
--- a/playbookconfig/src/playbooks/roles/k8s-storage-backends/netapp/tasks/configure-trident-backend-config-secret.yml
+++ b/playbookconfig/src/playbooks/roles/k8s-storage-backends/netapp/tasks/configure-trident-backend-config-secret.yml
@@ -0,0 +1,44 @@
 ---
 #
 # Copyright (c) 2023 Wind River Systems, Inc.
 #
 # SUB-TASKS DESCRIPTION:
 #   These tasks configure the credentials used in TridentBackendConfig
 #
 - name: Configure the credentials used in TridentBackendConfig
  block:
    - name: Set Trident backend config secret filename
      set_fact:
        secret_file: "{{ trident_setup_dir }}/backend_secret-{{ backend_secret.metadata.name }}.yml"
    - name: Set Trident backend config secret headers
      set_fact:
        secret_headers:
          apiVersion: v1
          kind: Secret
    - name: Prepare Trident backend config secret content
      set_fact:
        secret_yaml: "{{ secret_headers | combine(backend_secret) }}"
    - name: Create Trident backend config secret yaml file
      copy:
        content: "{{ secret_yaml | to_nice_yaml }}"
        dest: "{{ secret_file }}"
    - name: Remove Trident backend config secret if it exists
      command: >
        "kubectl -n {{ trident_namespace }}
        --kubeconfig=/etc/kubernetes/admin.conf
        delete secret {{ backend_secret.metadata.name }}"
      failed_when: false
    - name: Create Trident backend config secret
      command: "kubectl -n {{ trident_namespace }} --kubeconfig=/etc/kubernetes/admin.conf apply -f {{ secret_file }}"
  always:
    - name: Remove Trident backend config secret yaml file
      file:
        path: "{{ secret_file }}"
        state: absent
--- a/playbookconfig/src/playbooks/roles/k8s-storage-backends/netapp/tasks/configure-trident-backend-config.yml
+++ b/playbookconfig/src/playbooks/roles/k8s-storage-backends/netapp/tasks/configure-trident-backend-config.yml
@@ -0,0 +1,44 @@
 ---
 #
 # Copyright (c) 2023 Wind River Systems, Inc.
 #
 # SUB-TASKS DESCRIPTION:
 #   These tasks configure TridentBackendConfig custom resource
 #
 - name: Configure Trident Backend Config custom resource
  block:
    - name: Set TridentBackendConfig filename
      set_fact:
        tbc_file: "{{ trident_setup_dir }}/tbc-{{ backend.metadata.name }}.yml"
    - name: Set TridentBackendConfig headers
      set_fact:
        tbc_headers:
          apiVersion: trident.netapp.io/v1
          kind: TridentBackendConfig
    - name: Prepare TridentBackendConfig content
      set_fact:
        tbc_yaml: "{{ tbc_headers | combine(backend) }}"
    - name: Create TridentBackendConfig yaml file
      copy:
        content: "{{ tbc_yaml | to_nice_yaml }}"
        dest: "{{ tbc_file }}"
    - name: Remove TridentBackendConfig if it exists
      command: >
        "kubectl -n {{ trident_namespace }}
        --kubeconfig=/etc/kubernetes/admin.conf
        delete tbc {{ backend.metadata.name }}"
      failed_when: false
    - name: Create K8s TridentBackendConfig
      command: "kubectl -n {{ trident_namespace }} --kubeconfig=/etc/kubernetes/admin.conf apply -f {{ tbc_file }}"
  always:
    - name: Remove Trident backend config yaml file
      file:
        path: "{{ tbc_file }}"
        state: absent
--- a/playbookconfig/src/playbooks/roles/k8s-storage-backends/netapp/tasks/main.yml
+++ b/playbookconfig/src/playbooks/roles/k8s-storage-backends/netapp/tasks/main.yml
@@ -1,6 +1,6 @@
 ---
 #
-# Copyright (c) 2020 Wind River Systems, Inc.
+# Copyright (c) 2020-2023 Wind River Systems, Inc.
 #
 # SPDX-License-Identifier: Apache-2.0
 #
@@ -91,21 +91,27 @@
        trident_force_reinstall
 # Configure NetApp backends
- name: Configure backends
+- name: Configure tbc secret
-  include: configure-backend.yml
+  include_tasks: configure-trident-backend-config-secret.yml
-  with_items: "{{ vault_netapp_backends | default(netapp_backends) }}"
+  with_items: "{{ tbc_secret }}"
  loop_control:
    loop_var: backend_secret
 - name: Configure tbc backends
  include_tasks: configure-trident-backend-config.yml
  with_items: "{{ netapp_backends }}"
  loop_control:
    loop_var: backend
 - name: Configure kubernetes storage classes
-  include: configure-storage-classes.yml
+  include_tasks: configure-storage-classes.yml
  with_items: "{{ netapp_k8s_storageclasses }}"
  loop_control:
    loop_var: storage_class
 - name: Configure kubernetes snapshot storage classes
-  include: configure-snapshot-storage-classes.yml
+  include_tasks: configure-snapshot-storage-classes.yml
-  with_items: "{{ netapp_k8s_snapshotstorageclasses | default([]) }}"
+  with_items: "{{ netapp_k8s_snapshotstorageclasses }}"
  loop_control:
    loop_var: snapshot_storage_class