From 7b336e9759b74a8ce5abb4bc11c6fb6a3e0a48b9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Aur=C3=A9lien=20Bombo?= Date: Mon, 18 Nov 2024 14:52:11 -0600 Subject: [PATCH] csi-kata-directvolume: Support CoCo ephemeral disk MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This enables support to pass confidential=true and ephemeral=true to the shim via a feature flag. Signed-off-by: Aurélien Bombo --- .../pkg/directvolume/controllerserver.go | 2 ++ .../pkg/directvolume/nodeserver.go | 9 +++++++++ src/tools/csi-kata-directvolume/pkg/utils/utils.go | 11 ++++++----- 3 files changed, 17 insertions(+), 5 deletions(-) diff --git a/src/tools/csi-kata-directvolume/pkg/directvolume/controllerserver.go b/src/tools/csi-kata-directvolume/pkg/directvolume/controllerserver.go index f99a1b1a50..381de9f201 100644 --- a/src/tools/csi-kata-directvolume/pkg/directvolume/controllerserver.go +++ b/src/tools/csi-kata-directvolume/pkg/directvolume/controllerserver.go @@ -62,6 +62,8 @@ func (dv *directVolume) CreateVolume(ctx context.Context, req *csi.CreateVolumeR volumeCtx[utils.KataContainersDirectFsType] = value case utils.KataContainersDirectLoop: volumeCtx[utils.KataContainersDirectLoop] = value + case utils.KataContainersDirectCoCoEphemeral: + volumeCtx[utils.KataContainersDirectCoCoEphemeral] = value default: klog.Warningf("unknown parameter: %s", key) } diff --git a/src/tools/csi-kata-directvolume/pkg/directvolume/nodeserver.go b/src/tools/csi-kata-directvolume/pkg/directvolume/nodeserver.go index 2e0c84aee1..d7e88f0dcb 100644 --- a/src/tools/csi-kata-directvolume/pkg/directvolume/nodeserver.go +++ b/src/tools/csi-kata-directvolume/pkg/directvolume/nodeserver.go @@ -106,6 +106,11 @@ func (dv *directVolume) NodePublishVolume(ctx context.Context, req *csi.NodePubl guestOptions = options } + if isCoCoEphemeralVolume(attrib) { + attrib["confidential"] = "true" + attrib["ephemeral"] = "true" + } + // kata-containers DirectVolume add mountInfo := utils.MountInfo{ VolumeType: volType, @@ -225,6 +230,10 @@ func isLoopDevice(VolumeCtx map[string]string) bool { return parseBool(VolumeCtx[utils.KataContainersDirectLoop]) } +func isCoCoEphemeralVolume(VolumeCtx map[string]string) bool { + return parseBool(VolumeCtx[utils.KataContainersDirectCoCoEphemeral]) +} + // getDeviceSymlinkPath returns the path of the symlink that is used to // point to the loop device from inside the specified stagingTargetPath // directory. diff --git a/src/tools/csi-kata-directvolume/pkg/utils/utils.go b/src/tools/csi-kata-directvolume/pkg/utils/utils.go index 1e1f1db4d8..fea4219101 100644 --- a/src/tools/csi-kata-directvolume/pkg/utils/utils.go +++ b/src/tools/csi-kata-directvolume/pkg/utils/utils.go @@ -24,11 +24,12 @@ import ( ) const ( - KataContainersDirectVolumeType = "katacontainers.direct.volume/volumetype" - KataContainersDirectFsType = "katacontainers.direct.volume/fstype" - KataContainersDirectLoop = "katacontainers.direct.volume/loop" - DirectVolumeTypeName = "directvol" - IsDirectVolume = "is_directvolume" + KataContainersDirectVolumeType = "katacontainers.direct.volume/volumetype" + KataContainersDirectFsType = "katacontainers.direct.volume/fstype" + KataContainersDirectLoop = "katacontainers.direct.volume/loop" + KataContainersDirectCoCoEphemeral = "katacontainers.direct.volume/cocoephemeral" + DirectVolumeTypeName = "directvol" + IsDirectVolume = "is_directvolume" ) const (