internet/synology-csi
4
0
Fork 0
mirror of https://github.com/cristicalin/synology-csi.git synced 2026-03-26 19:03:12 +00:00
Code Issues Projects Releases Wiki Activity

Update to version 1.0.1

Browse Source
This commit is contained in:
chihyuwu
2022-02-14 07:56:51 +00:00
parent bca0c705f0
commit 515bc7f0ed
18 changed files with 525 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored Normal file
View File

@@ -0,0 +1,2 @@
bin/
config/client-info.yml

6
Dockerfile
View File

@@ -11,9 +11,13 @@ RUN go mod download
COPY Makefile .
ARG TARGETPLATFORM
COPY main.go .
COPY pkg ./pkg
RUN make
RUN env GOARCH=$(echo "$TARGETPLATFORM" | cut -f2 -d/) \
GOARM=$(echo "$TARGETPLATFORM" | cut -f3 -d/ | cut -c2-) \
make
############## Final stage ##############
FROM alpine:latest

12
Makefile
View File

@@ -2,12 +2,15 @@
REGISTRY_NAME=synology
IMAGE_NAME=synology-csi
IMAGE_VERSION=v1.0.0
IMAGE_VERSION=v1.0.1
IMAGE_TAG=$(REGISTRY_NAME)/$(IMAGE_NAME):$(IMAGE_VERSION)
# For now, only build linux/amd64 platform
GOARCH?=amd64
BUILD_ENV=CGO_ENABLED=0 GOOS=linux GOARCH=$(GOARCH)
ifeq ($(GOARCH),)
GOARCH:=amd64
endif
GOARM?=""
BUILD_ENV=CGO_ENABLED=0 GOOS=linux GOARCH=$(GOARCH) GOARM=$(GOARM)
BUILD_FLAGS="-extldflags \"-static\""
.PHONY: all clean synology-csi-driver synocli test docker-build
@@ -21,6 +24,9 @@ synology-csi-driver:
docker-build:
docker build -f Dockerfile -t $(IMAGE_TAG) .
docker-build-multiarch:
docker buildx build -t $(IMAGE_TAG) --platform linux/amd64,linux/arm/v7,linux/arm64 . --push
synocli:
@mkdir -p bin
$(BUILD_ENV) go build -v -ldflags $(BUILD_FLAGS) -o ./bin/synocli ./synocli

5
README.md
View File

@@ -6,7 +6,8 @@ The official [Container Storage Interface](https://github.com/container-storage-
Driver Name: csi.san.synology.com
| Driver Version | Image | Supported K8s Version |
| -------------- | --------------------------------------------------------------------- | --------------------- |
| v1.0.0 | [synology-csi:v1.0.0](https://hub.docker.com/r/synology/synology-csi) | 1.19 |
| [v1.0.1](https://github.com/SynologyOpenSource/synology-csi/tree/release-v1.0.1) | [synology-csi:v1.0.1](https://hub.docker.com/r/synology/synology-csi) | 1.20+ |
| [v1.0.0](https://github.com/SynologyOpenSource/synology-csi/tree/release-v1.0.0) | [synology-csi:v1.0.0](https://hub.docker.com/r/synology/synology-csi) | 1.19 |
@@ -18,7 +19,7 @@ The Synology CSI driver supports:
## Installation
### Prerequisites
- Kubernetes versions 1.19
- Kubernetes versions 1.19 or above
- Synology NAS running DSM 7.0 or above
- Go version 1.16 or above is recommended
- (Optional) Both [Volume Snapshot CRDs](https://github.com/kubernetes-csi/external-snapshotter/tree/v4.0.0/client/config/crd) and the [common snapshot controller](https://github.com/kubernetes-csi/external-snapshotter/tree/v4.0.0/deploy/kubernetes/snapshot-controller) must be installed in your Kubernetes cluster if you want to use the **Snapshot** feature

15
deploy/kubernetes/v1.19/controller.yml
View File

@@ -25,6 +25,9 @@ rules:
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["pods"]
verbs: ["get", "list", "watch"]
- apiGroups: ["storage.k8s.io"]
resources: ["csinodes"]
verbs: ["get", "list", "watch"]
@@ -32,7 +35,7 @@ rules:
resources: ["csinodeinfos"]
verbs: ["get", "list", "watch"]
- apiGroups: ["storage.k8s.io"]
resources: ["volumeattachments"]
resources: ["volumeattachments", "volumeattachments/status"]
verbs: ["get", "list", "watch", "update", "patch"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
@@ -85,7 +88,7 @@ spec:
capabilities:
add: ["SYS_ADMIN"]
allowPrivilegeEscalation: true
image: quay.io/k8scsi/csi-provisioner:v1.6.0
image: k8s.gcr.io/sig-storage/csi-provisioner:v2.2.2
args:
- --timeout=60s
- --csi-address=$(ADDRESS)
@@ -103,7 +106,7 @@ spec:
capabilities:
add: ["SYS_ADMIN"]
allowPrivilegeEscalation: true
image: quay.io/k8scsi/csi-attacher:v2.1.0
image: k8s.gcr.io/sig-storage/csi-attacher:v3.3.0
args:
- --v=5
- --csi-address=$(ADDRESS)
@@ -120,7 +123,7 @@ spec:
capabilities:
add: ["SYS_ADMIN"]
allowPrivilegeEscalation: true
image: quay.io/k8scsi/csi-resizer:v0.5.0
image: k8s.gcr.io/sig-storage/csi-resizer:v1.3.0
args:
- --v=5
- --csi-address=$(ADDRESS)
@@ -137,7 +140,7 @@ spec:
capabilities:
add: ["SYS_ADMIN"]
allowPrivilegeEscalation: true
image: synology/synology-csi:v1.0.0
image: synology/synology-csi:v1.0.1
args:
- --nodeid=NotUsed
- --endpoint=$(CSI_ENDPOINT)
@@ -147,7 +150,7 @@ spec:
env:
- name: CSI_ENDPOINT
value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock
imagePullPolicy: IfNotPresent
imagePullPolicy: Always
volumeMounts:
- name: socket-dir
mountPath: /var/lib/csi/sockets/pluginproxy/

6
deploy/kubernetes/v1.19/node.yml
View File

@@ -63,7 +63,7 @@ spec:
securityContext:
privileged: true
imagePullPolicy: Always
image: quay.io/k8scsi/csi-node-driver-registrar:v1.2.0
image: k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.3.0
args:
- --v=5
- --csi-address=$(ADDRESS) # the csi socket path inside the pod
@@ -85,8 +85,8 @@ spec:
- name: csi-plugin
securityContext:
privileged: true
imagePullPolicy: IfNotPresent
image: synology/synology-csi:v1.0.0
imagePullPolicy: Always
image: synology/synology-csi:v1.0.1
args:
- --nodeid=$(KUBE_NODE_NAME)
- --endpoint=$(CSI_ENDPOINT)

6
deploy/kubernetes/v1.19/snapshotter/snapshotter.yaml
View File

@@ -64,7 +64,7 @@ spec:
capabilities:
add: ["SYS_ADMIN"]
allowPrivilegeEscalation: true
image: quay.io/k8scsi/csi-snapshotter:v3.0.3
image: k8s.gcr.io/sig-storage/csi-snapshotter:v3.0.3
args:
- --v=5
- --csi-address=$(ADDRESS)
@@ -81,7 +81,7 @@ spec:
capabilities:
add: ["SYS_ADMIN"]
allowPrivilegeEscalation: true
image: synology/synology-csi:v1.0.0
image: synology/synology-csi:v1.0.1
args:
- --nodeid=NotUsed
- --endpoint=$(CSI_ENDPOINT)
@@ -91,7 +91,7 @@ spec:
env:
- name: CSI_ENDPOINT
value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock
imagePullPolicy: IfNotPresent
imagePullPolicy: Always
volumeMounts:
- name: socket-dir
mountPath: /var/lib/csi/sockets/pluginproxy/

165
deploy/kubernetes/v1.20/controller.yml Normal file
View File

@@ -0,0 +1,165 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: csi-controller-sa
namespace: synology-csi
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: synology-csi-controller-role
rules:
- apiGroups: [""]
resources: ["events"]
verbs: ["get", "list", "watch", "create", "update", "patch"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list", "watch", "update", "patch"]
- apiGroups: [""]
resources: ["persistentvolumeclaims/status"]
verbs: ["get", "list", "watch", "update", "patch"]
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["pods"]
verbs: ["get", "list", "watch"]
- apiGroups: ["storage.k8s.io"]
resources: ["csinodes"]
verbs: ["get", "list", "watch"]
- apiGroups: ["csi.storage.k8s.io"]
resources: ["csinodeinfos"]
verbs: ["get", "list", "watch"]
- apiGroups: ["storage.k8s.io"]
resources: ["volumeattachments", "volumeattachments/status"]
verbs: ["get", "list", "watch", "update", "patch"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: ["snapshot.storage.k8s.io"]
resources: ["volumesnapshots"]
verbs: ["get", "list"]
- apiGroups: ["snapshot.storage.k8s.io"]
resources: ["volumesnapshotcontents"]
verbs: ["get", "list"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: synology-csi-controller-role
namespace: synology-csi
subjects:
- kind: ServiceAccount
name: csi-controller-sa
namespace: synology-csi
roleRef:
kind: ClusterRole
name: synology-csi-controller-role
apiGroup: rbac.authorization.k8s.io
---
kind: StatefulSet
apiVersion: apps/v1
metadata:
name: synology-csi-controller
namespace: synology-csi
spec:
serviceName: "synology-csi-controller"
replicas: 1
selector:
matchLabels:
app: synology-csi-controller
template:
metadata:
labels:
app: synology-csi-controller
spec:
serviceAccountName: csi-controller-sa
hostNetwork: true
containers:
- name: csi-provisioner
securityContext:
privileged: true
capabilities:
add: ["SYS_ADMIN"]
allowPrivilegeEscalation: true
image: k8s.gcr.io/sig-storage/csi-provisioner:v3.0.0
args:
- --timeout=60s
- --csi-address=$(ADDRESS)
- --v=5
env:
- name: ADDRESS
value: /var/lib/csi/sockets/pluginproxy/csi.sock
imagePullPolicy: Always
volumeMounts:
- name: socket-dir
mountPath: /var/lib/csi/sockets/pluginproxy/
- name: csi-attacher
securityContext:
privileged: true
capabilities:
add: ["SYS_ADMIN"]
allowPrivilegeEscalation: true
image: k8s.gcr.io/sig-storage/csi-attacher:v3.3.0
args:
- --v=5
- --csi-address=$(ADDRESS)
env:
- name: ADDRESS
value: /var/lib/csi/sockets/pluginproxy/csi.sock
imagePullPolicy: Always
volumeMounts:
- name: socket-dir
mountPath: /var/lib/csi/sockets/pluginproxy/
- name: csi-resizer
securityContext:
privileged: true
capabilities:
add: ["SYS_ADMIN"]
allowPrivilegeEscalation: true
image: k8s.gcr.io/sig-storage/csi-resizer:v1.3.0
args:
- --v=5
- --csi-address=$(ADDRESS)
env:
- name: ADDRESS
value: /var/lib/csi/sockets/pluginproxy/csi.sock
imagePullPolicy: Always
volumeMounts:
- name: socket-dir
mountPath: /var/lib/csi/sockets/pluginproxy/
- name: csi-plugin
securityContext:
privileged: true
capabilities:
add: ["SYS_ADMIN"]
allowPrivilegeEscalation: true
image: synology/synology-csi:v1.0.1
args:
- --nodeid=NotUsed
- --endpoint=$(CSI_ENDPOINT)
- --client-info
- /etc/synology/client-info.yml
- --log-level=info
env:
- name: CSI_ENDPOINT
value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock
imagePullPolicy: Always
volumeMounts:
- name: socket-dir
mountPath: /var/lib/csi/sockets/pluginproxy/
- name: client-info
mountPath: /etc/synology
readOnly: true
volumes:
- name: socket-dir
emptyDir: {}
- name: client-info
secret:
secretName: client-info-secret

9
deploy/kubernetes/v1.20/csi-driver.yml Normal file
View File

@@ -0,0 +1,9 @@
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
name: csi.san.synology.com
spec:
attachRequired: true # Indicates the driver requires an attach operation (TODO: ControllerPublishVolume should be implemented)
podInfoOnMount: true
volumeLifecycleModes:
- Persistent

4
deploy/kubernetes/v1.20/namespace.yml Normal file
View File

@@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: synology-csi

139
deploy/kubernetes/v1.20/node.yml Normal file
View File

@@ -0,0 +1,139 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: csi-node-sa
namespace: synology-csi
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: synology-csi-node-role
rules:
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get", "list"]
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get", "list", "update"]
- apiGroups: [""]
resources: ["namespaces"]
verbs: ["get", "list"]
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "update"]
- apiGroups: ["storage.k8s.io"]
resources: ["volumeattachments"]
verbs: ["get", "list", "watch", "update"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: synology-csi-node-role
namespace: synology-csi
subjects:
- kind: ServiceAccount
name: csi-node-sa
namespace: synology-csi
roleRef:
kind: ClusterRole
name: synology-csi-node-role
apiGroup: rbac.authorization.k8s.io
---
kind: DaemonSet
apiVersion: apps/v1
metadata:
name: synology-csi-node
namespace: synology-csi
spec:
selector:
matchLabels:
app: synology-csi-node
template:
metadata:
labels:
app: synology-csi-node
spec:
serviceAccount: csi-node-sa
hostNetwork: true
containers:
- name: csi-driver-registrar
securityContext:
privileged: true
imagePullPolicy: Always
image: k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.3.0
args:
- --v=5
- --csi-address=$(ADDRESS) # the csi socket path inside the pod
- --kubelet-registration-path=$(REGISTRATION_PATH) # the csi socket path on the host node
env:
- name: ADDRESS
value: /csi/csi.sock
- name: REGISTRATION_PATH
value: /var/lib/kubelet/plugins/csi.san.synology.com/csi.sock
- name: KUBE_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
volumeMounts:
- name: plugin-dir
mountPath: /csi
- name: registration-dir
mountPath: /registration
- name: csi-plugin
securityContext:
privileged: true
imagePullPolicy: Always
image: synology/synology-csi:v1.0.1
args:
- --nodeid=$(KUBE_NODE_NAME)
- --endpoint=$(CSI_ENDPOINT)
- --client-info
- /etc/synology/client-info.yml
- --log-level=info
env:
- name: CSI_ENDPOINT
value: unix://csi/csi.sock
- name: KUBE_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
volumeMounts:
- name: kubelet-dir
mountPath: /var/lib/kubelet
mountPropagation: "Bidirectional"
- name: plugin-dir
mountPath: /csi
- name: client-info
mountPath: /etc/synology
readOnly: true
- name: host-root
mountPath: /host
- name: device-dir
mountPath: /dev
volumes:
- name: kubelet-dir
hostPath:
path: /var/lib/kubelet
type: Directory
- name: plugin-dir
hostPath:
path: /var/lib/kubelet/plugins/csi.san.synology.com/
type: DirectoryOrCreate
- name: registration-dir
hostPath:
path: /var/lib/kubelet/plugins_registry
type: Directory
- name: client-info
secret:
secretName: client-info-secret
- name: host-root
hostPath:
path: /
type: Directory
- name: device-dir
hostPath:
path: /dev
type: Directory

106
deploy/kubernetes/v1.20/snapshotter/snapshotter.yaml Normal file
View File

@@ -0,0 +1,106 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: csi-snapshotter-sa
namespace: synology-csi
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: synology-csi-snapshotter-role
rules:
- apiGroups: [""]
resources: ["events"]
verbs: ["list", "watch", "create", "update", "patch"]
- apiGroups: ["snapshot.storage.k8s.io"]
resources: ["volumesnapshotclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: ["snapshot.storage.k8s.io"]
resources: ["volumesnapshotcontents"]
verbs: ["create", "get", "list", "watch", "update", "delete"]
- apiGroups: ["snapshot.storage.k8s.io"]
resources: ["volumesnapshotcontents/status"]
verbs: ["update"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: synology-csi-snapshotter-role
namespace: synology-csi
subjects:
- kind: ServiceAccount
name: csi-snapshotter-sa
namespace: synology-csi
roleRef:
kind: ClusterRole
name: synology-csi-snapshotter-role
apiGroup: rbac.authorization.k8s.io
---
kind: StatefulSet
apiVersion: apps/v1
metadata:
name: synology-csi-snapshotter
namespace: synology-csi
spec:
serviceName: "synology-csi-snapshotter"
replicas: 1
selector:
matchLabels:
app: synology-csi-snapshotter
template:
metadata:
labels:
app: synology-csi-snapshotter
spec:
serviceAccountName: csi-snapshotter-sa
hostNetwork: true
containers:
- name: csi-snapshotter
securityContext:
privileged: true
capabilities:
add: ["SYS_ADMIN"]
allowPrivilegeEscalation: true
image: k8s.gcr.io/sig-storage/csi-snapshotter:v4.2.1
args:
- --v=5
- --csi-address=$(ADDRESS)
env:
- name: ADDRESS
value: /var/lib/csi/sockets/pluginproxy/csi.sock
imagePullPolicy: Always
volumeMounts:
- name: socket-dir
mountPath: /var/lib/csi/sockets/pluginproxy/
- name: csi-plugin
securityContext:
privileged: true
capabilities:
add: ["SYS_ADMIN"]
allowPrivilegeEscalation: true
image: synology/synology-csi:v1.0.1
args:
- --nodeid=NotUsed
- --endpoint=$(CSI_ENDPOINT)
- --client-info
- /etc/synology/client-info.yml
- --log-level=info
env:
- name: CSI_ENDPOINT
value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock
imagePullPolicy: Always
volumeMounts:
- name: socket-dir
mountPath: /var/lib/csi/sockets/pluginproxy/
- name: client-info
mountPath: /etc/synology
readOnly: true
volumes:
- name: socket-dir
emptyDir: {}
- name: client-info
secret:
secretName: client-info-secret

11
deploy/kubernetes/v1.20/snapshotter/volume-snapshot-class.yml Normal file
View File

@@ -0,0 +1,11 @@
apiVersion: snapshot.storage.k8s.io/v1
kind: VolumeSnapshotClass
metadata:
name: synology-snapshotclass
annotations:
storageclass.kubernetes.io/is-default-class: "false"
driver: csi.san.synology.com
deletionPolicy: Delete
# parameters:
# description: 'Kubernetes CSI'
# is_locked: 'false'

14
deploy/kubernetes/v1.20/storage-class.yml Normal file
View File

@@ -0,0 +1,14 @@
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: synology-iscsi-storage
# annotations:
# storageclass.kubernetes.io/is-default-class: "true"
provisioner: csi.san.synology.com
# if all params are empty, synology CSI will choose an available location to create volume
# parameters:
# dsm: '1.1.1.1'
# location: '/volume1'
# fsType: 'ext4'
reclaimPolicy: Retain
allowVolumeExpansion: true

2
pkg/driver/driver.go
View File

@@ -24,7 +24,7 @@ import (
const (
DriverName = "csi.san.synology.com" // CSI dirver name
DriverVersion = "1.0.0"
DriverVersion = "1.0.1"
)
type IDriver interface {

12
pkg/dsm/service/dsm.go
View File

@@ -394,6 +394,18 @@ func (service *DsmService) CreateVolume(spec *models.CreateK8sVolumeSpec) (webap
continue
}
// found source by snapshot id, check allowable
if spec.DsmIp != "" && spec.DsmIp != dsm.Ip {
msg := fmt.Sprintf("The source PVC and destination PVCs must be on the same DSM for cloning from snapshots. Source is on %s, but new PVC is on %s",
dsm.Ip, spec.DsmIp)
return webapi.LunInfo{}, "", status.Errorf(codes.InvalidArgument, msg)
}
if spec.Location != "" && spec.Location != snapshotInfo.RootPath {
msg := fmt.Sprintf("The source PVC and destination PVCs must be on the same location for cloning from snapshots. Source is on %s, but new PVC is on %s",
snapshotInfo.RootPath, spec.Location)
return webapi.LunInfo{}, "", status.Errorf(codes.InvalidArgument, msg)
}
lunInfo, err := service.createVolumeBySnapshot(dsm, spec, snapshotInfo)
return lunInfo, dsm.Ip, err
}

1
pkg/dsm/webapi/iscsi.go
View File

@@ -58,6 +58,7 @@ type SnapshotInfo struct {
Status string `json:"status"`
TotalSize int64 `json:"total_size"`
CreateTime int64 `json:"create_time"`
RootPath string `json:"root_path"`
}
type LunDevAttrib struct {

30
scripts/deploy.sh
View File

@@ -1,12 +1,39 @@
#!/bin/bash
plugin_name="csi.san.synology.com"
deploy_k8s_version="v1.19"
min_support_minor=19
max_support_minor=20
deploy_k8s_version="v1".$min_support_minor
SCRIPT_PATH="$(realpath "$0")"
SOURCE_PATH="$(realpath "$(dirname "${SCRIPT_PATH}")"/../)"
config_file="${SOURCE_PATH}/config/client-info.yml"
plugin_dir="/var/lib/kubelet/plugins/$plugin_name"
parse_version(){
ver=$(kubectl version --short | grep Server | awk '{print $3}')
major=$(echo "${ver##*v}" | cut -d'.' -f1)
minor=$(echo "${ver##*v}" | cut -d'.' -f2)
if [[ "$major" != 1 ]]; then
echo "Version not supported: $ver"
exit 1
fi
case "$minor" in
19|20)
deploy_k8s_version="v1".$minor
;;
*)
if [[ $minor -lt $min_support_minor ]]; then
deploy_k8s_version="v1".$min_support_minor
else
deploy_k8s_version="v1".$max_support_minor
fi
;;
esac
echo "Deploy Version: $deploy_k8s_version"
}
# 1. Build
csi_build(){
echo "==== Build synology-csi .... ===="
@@ -16,6 +43,7 @@ csi_build(){
# 2. Install
csi_install(){
echo "==== Creates namespace and secrets, then installs synology-csi ===="
parse_version
kubectl create ns synology-csi
kubectl create secret -n synology-csi generic client-info-secret --from-file="$config_file"