From a5e645b43d1dcf74a31b577909e65a7b569d778e Mon Sep 17 00:00:00 2001 From: Pawan Prakash Sharma Date: Mon, 7 Sep 2020 21:12:31 +0530 Subject: [PATCH] feat(zfspv): mounting the root filesystem to remove the dependency on the Operating system (#204) * feat(zfspv): mounting the root filesystem to remove the dependency on the OS We are mounting the individual library to run the zfs binary inside the ZFS-LocalPV daemonset. The problem with this is each OS has different sets of libraries. We need to have different Operator yamls for different OS versions. Here we are mounting the root directory inside the ZFS-LocalPV daemonset Pod which does chroot to this path and run the command. As all the libraries will be available which are present on the host inside the Pod, so we don't need to mount each library here and also it will work for all the Operating systems. To be on the safe side, we are mounting the host's root directory as Readonly filesystem. Signed-off-by: Pawan * adding comment for namespace Signed-off-by: Pawan --- changelogs/unreleased/204-pawanpraka1 | 1 + deploy/yamls/ubuntu/zfs-driver.yaml | 65 +++++++++++++-------------- deploy/zfs-operator.yaml | 65 +++++++++++++-------------- 3 files changed, 63 insertions(+), 68 deletions(-) create mode 100644 changelogs/unreleased/204-pawanpraka1 diff --git a/changelogs/unreleased/204-pawanpraka1 b/changelogs/unreleased/204-pawanpraka1 new file mode 100644 index 0000000..1458e34 --- /dev/null +++ b/changelogs/unreleased/204-pawanpraka1 @@ -0,0 +1 @@ +mounting the root filesystem to remove the dependency on the Operating system diff --git a/deploy/yamls/ubuntu/zfs-driver.yaml b/deploy/yamls/ubuntu/zfs-driver.yaml index 05aeb4c..f64f3ec 100644 --- a/deploy/yamls/ubuntu/zfs-driver.yaml +++ b/deploy/yamls/ubuntu/zfs-driver.yaml @@ -701,6 +701,24 @@ roleRef: --- +kind: ConfigMap +apiVersion: v1 +metadata: + name: openebs-zfspv-bin + namespace: kube-system # should be the same namespace where it is getting mounted +data: + zfs: | + #!/bin/sh + if [ -x /host/sbin/zfs ]; then + chroot /host /sbin/zfs "$@" + elif [ -x /host/usr/sbin/zfs ]; then + chroot /host /usr/sbin/zfs "$@" + else + chroot /host zfs "$@" + fi + +--- + kind: DaemonSet apiVersion: apps/v1 metadata: @@ -777,18 +795,13 @@ spec: mountPath: /dev - name: encr-keys mountPath: /home/keys - - name: zfs-bin + - name: chroot-zfs mountPath: /sbin/zfs - - name: libzpool - mountPath: /lib/libzpool.so.2 - - name: libzfscore - mountPath: /lib/libzfs_core.so.1 - - name: libzfs - mountPath: /lib/libzfs.so.2 - - name: libuutil - mountPath: /lib/libuutil.so.1 - - name: libnvpair - mountPath: /lib/libnvpair.so.1 + subPath: zfs + - name: host-root + mountPath: /host + mountPropagation: "HostToContainer" + readOnly: true - name: pods-mount-dir mountPath: /var/lib/kubelet/ # needed so that any mounts setup inside this container are @@ -803,30 +816,14 @@ spec: hostPath: path: /home/keys type: DirectoryOrCreate - - name: zfs-bin + - name: chroot-zfs + configMap: + defaultMode: 0555 + name: openebs-zfspv-bin + - name: host-root hostPath: - path: /sbin/zfs - type: File - - name: libzpool - hostPath: - path: /lib/libzpool.so.2.0.0 - type: File - - name: libzfscore - hostPath: - path: /lib/libzfs_core.so.1.0.0 - type: File - - name: libzfs - hostPath: - path: /lib/libzfs.so.2.0.0 - type: File - - name: libuutil - hostPath: - path: /lib/libuutil.so.1.0.1 - type: File - - name: libnvpair - hostPath: - path: /lib/libnvpair.so.1.0.1 - type: File + path: / + type: Directory - name: registration-dir hostPath: path: /var/lib/kubelet/plugins_registry/ diff --git a/deploy/zfs-operator.yaml b/deploy/zfs-operator.yaml index 1428d33..42a9e92 100644 --- a/deploy/zfs-operator.yaml +++ b/deploy/zfs-operator.yaml @@ -1531,6 +1531,24 @@ roleRef: --- +kind: ConfigMap +apiVersion: v1 +metadata: + name: openebs-zfspv-bin + namespace: kube-system # should be the same namespace where it is getting mounted +data: + zfs: | + #!/bin/sh + if [ -x /host/sbin/zfs ]; then + chroot /host /sbin/zfs "$@" + elif [ -x /host/usr/sbin/zfs ]; then + chroot /host /usr/sbin/zfs "$@" + else + chroot /host zfs "$@" + fi + +--- + kind: DaemonSet apiVersion: apps/v1 metadata: @@ -1607,18 +1625,13 @@ spec: mountPath: /dev - name: encr-keys mountPath: /home/keys - - name: zfs-bin + - name: chroot-zfs mountPath: /sbin/zfs - - name: libzpool - mountPath: /lib/libzpool.so.2 - - name: libzfscore - mountPath: /lib/libzfs_core.so.1 - - name: libzfs - mountPath: /lib/libzfs.so.2 - - name: libuutil - mountPath: /lib/libuutil.so.1 - - name: libnvpair - mountPath: /lib/libnvpair.so.1 + subPath: zfs + - name: host-root + mountPath: /host + mountPropagation: "HostToContainer" + readOnly: true - name: pods-mount-dir mountPath: /var/lib/kubelet/ # needed so that any mounts setup inside this container are @@ -1633,30 +1646,14 @@ spec: hostPath: path: /home/keys type: DirectoryOrCreate - - name: zfs-bin + - name: chroot-zfs + configMap: + defaultMode: 0555 + name: openebs-zfspv-bin + - name: host-root hostPath: - path: /sbin/zfs - type: File - - name: libzpool - hostPath: - path: /lib/libzpool.so.2.0.0 - type: File - - name: libzfscore - hostPath: - path: /lib/libzfs_core.so.1.0.0 - type: File - - name: libzfs - hostPath: - path: /lib/libzfs.so.2.0.0 - type: File - - name: libuutil - hostPath: - path: /lib/libuutil.so.1.0.1 - type: File - - name: libnvpair - hostPath: - path: /lib/libnvpair.so.1.0.1 - type: File + path: / + type: Directory - name: registration-dir hostPath: path: /var/lib/kubelet/plugins_registry/