github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-15 06:43:54 +00:00
Code Issues Projects Releases Wiki Activity

Apply fsGroup when accessMode is ReadWriteOncePod

Browse Source
This commit is contained in:
Hemant Kumar 2024-10-21 17:14:33 -04:00
parent 81ce66f059
commit 1e7b4406a3
4 changed files with 13 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/apis/storage/types.go
View File

@ -423,7 +423,7 @@ const (
// ReadWriteOnceWithFSTypeFSGroupPolicy indicates that each volume will be examined // ReadWriteOnceWithFSTypeFSGroupPolicy indicates that each volume will be examined
// to determine if the volume ownership and permissions // to determine if the volume ownership and permissions
// should be modified. If a fstype is defined and the volume's access mode // should be modified. If a fstype is defined and the volume's access mode
// contains ReadWriteOnce, then the defined fsGroup will be applied. // contains ReadWriteOnce or ReadWriteOncePod, then the defined fsGroup will be applied.
// This mode should be defined if it's expected that the // This mode should be defined if it's expected that the
// fsGroup may need to be modified depending on the pod's SecurityPolicy. // fsGroup may need to be modified depending on the pod's SecurityPolicy.
// This is the default behavior if no other FSGroupPolicy is defined. // This is the default behavior if no other FSGroupPolicy is defined.

9
pkg/volume/csi/csi_mounter_test.go
View File

@ -860,6 +860,15 @@ func TestMounterSetUpWithFSGroup(t *testing.T) {
setFsGroup: true, setFsGroup: true,
fsGroup: 3000, fsGroup: 3000,
}, },
{
name: "fstype, fsgroup, RWOP provided (should apply fsgroup)",
accessModes: []corev1.PersistentVolumeAccessMode{
corev1.ReadWriteOncePod,
},
fsType: "ext4",
setFsGroup: true,
fsGroup: 3000,
},
{ {
name: "fstype, fsgroup, RWO provided, FSGroupPolicy ReadWriteOnceWithFSType (should apply fsgroup)", name: "fstype, fsgroup, RWO provided, FSGroupPolicy ReadWriteOnceWithFSType (should apply fsgroup)",
accessModes: []corev1.PersistentVolumeAccessMode{ accessModes: []corev1.PersistentVolumeAccessMode{

3
pkg/volume/csi/csi_util.go
View File

@ -134,7 +134,8 @@ func hasReadWriteOnce(modes []api.PersistentVolumeAccessMode) bool {
return false return false
} }
for _, mode := range modes { for _, mode := range modes {
if mode == api.ReadWriteOnce { if mode == api.ReadWriteOnce ||
mode == api.ReadWriteOncePod {
return true return true
} }
} }

2
staging/src/k8s.io/api/storage/v1/types.go
View File

@ -433,7 +433,7 @@ const (
// ReadWriteOnceWithFSTypeFSGroupPolicy indicates that each volume will be examined // ReadWriteOnceWithFSTypeFSGroupPolicy indicates that each volume will be examined
// to determine if the volume ownership and permissions // to determine if the volume ownership and permissions
// should be modified. If a fstype is defined and the volume's access mode // should be modified. If a fstype is defined and the volume's access mode
// contains ReadWriteOnce, then the defined fsGroup will be applied. // contains ReadWriteOnce or ReadWriteOncePod, then the defined fsGroup will be applied.
// This mode should be defined if it's expected that the // This mode should be defined if it's expected that the
// fsGroup may need to be modified depending on the pod's SecurityPolicy. // fsGroup may need to be modified depending on the pod's SecurityPolicy.
// This is the default behavior if no other FSGroupPolicy is defined. // This is the default behavior if no other FSGroupPolicy is defined.