Merge pull request #42170 from rootfs/azure-file-prv

Automatic merge from submit-queue (batch tested with PRs 43642, 43170, 41813, 42170, 41581) Enable storage class support in Azure File volume **What this PR does / why we need it**: Support StorageClass in Azure file volume **Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes # **Special notes for your reviewer**: **Release note**: ```release-note Support StorageClass in Azure file volume ```
2026-01-29 21:29:24 +00:00 · 2017-03-24 19:04:28 -07:00
parent 20b01be016 6782a48dfa
commit 3fcb7cb377
11 changed files with 377 additions and 5 deletions
--- a/pkg/volume/azure_file/BUILD
+++ b/pkg/volume/azure_file/BUILD
@@ -12,17 +12,22 @@ go_library(
    name = "go_default_library",
    srcs = [
        "azure_file.go",
+        "azure_provision.go",
        "azure_util.go",
        "doc.go",
    ],
    tags = ["automanaged"],
    deps = [
        "//pkg/api/v1:go_default_library",
+        "//pkg/cloudprovider:go_default_library",
+        "//pkg/cloudprovider/providers/azure:go_default_library",
        "//pkg/util/mount:go_default_library",
        "//pkg/util/strings:go_default_library",
        "//pkg/volume:go_default_library",
        "//pkg/volume/util:go_default_library",
        "//vendor:github.com/golang/glog",
+        "//vendor:k8s.io/apimachinery/pkg/api/errors",
+        "//vendor:k8s.io/apimachinery/pkg/api/resource",
        "//vendor:k8s.io/apimachinery/pkg/apis/meta/v1",
        "//vendor:k8s.io/apimachinery/pkg/types",
    ],
--- a/pkg/volume/azure_file/azure_file.go
+++ b/pkg/volume/azure_file/azure_file.go
@@ -151,6 +151,7 @@ func (plugin *azureFilePlugin) ConstructVolumeSpec(volName, mountPath string) (*
 // azureFile volumes represent mount of an AzureFile share.
 type azureFile struct {
 	volName string
+	podUID  types.UID
 	pod     *v1.Pod
 	mounter mount.Interface
 	plugin  *azureFilePlugin
@@ -202,7 +203,7 @@ func (b *azureFileMounter) SetUpAt(dir string, fsGroup *int64) error {
 		return nil
 	}
 	var accountKey, accountName string
-	if accountName, accountKey, err = b.util.GetAzureCredentials(b.plugin.host, b.pod.Namespace, b.secretName, b.shareName); err != nil {
+	if accountName, accountKey, err = b.util.GetAzureCredentials(b.plugin.host, b.pod.Namespace, b.secretName); err != nil {
 		return err
 	}
 	os.MkdirAll(dir, 0750)
--- a/pkg/volume/azure_file/azure_file_test.go
+++ b/pkg/volume/azure_file/azure_file_test.go
@@ -201,9 +201,12 @@ func TestPersistentClaimReadOnlyFlag(t *testing.T) {

 type fakeAzureSvc struct{}

-func (s *fakeAzureSvc) GetAzureCredentials(host volume.VolumeHost, nameSpace, secretName, shareName string) (string, string, error) {
+func (s *fakeAzureSvc) GetAzureCredentials(host volume.VolumeHost, nameSpace, secretName string) (string, string, error) {
 	return "name", "key", nil
 }
+func (s *fakeAzureSvc) SetAzureCredentials(host volume.VolumeHost, nameSpace, accountName, accountKey string) (string, error) {
+	return "secret", nil
+}

 func TestMounterAndUnmounterTypeAssert(t *testing.T) {
 	tmpDir, err := ioutil.TempDir(os.TempDir(), "azurefileTest")
--- a/pkg/volume/azure_file/azure_provision.go
+++ b/pkg/volume/azure_file/azure_provision.go
@@ -0,0 +1,203 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package azure_file
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/golang/glog"
+	"k8s.io/apimachinery/pkg/api/resource"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/kubernetes/pkg/api/v1"
+	"k8s.io/kubernetes/pkg/cloudprovider"
+	"k8s.io/kubernetes/pkg/cloudprovider/providers/azure"
+	utilstrings "k8s.io/kubernetes/pkg/util/strings"
+	"k8s.io/kubernetes/pkg/volume"
+)
+
+var _ volume.DeletableVolumePlugin = &azureFilePlugin{}
+var _ volume.ProvisionableVolumePlugin = &azureFilePlugin{}
+
+// Abstract interface to file share operations.
+// azure cloud provider should implement it
+type azureCloudProvider interface {
+	// create a file share
+	CreateFileShare(name, storageAccount, storageType, location string, requestGB int) (string, string, error)
+	// delete a file share
+	DeleteFileShare(accountName, key, name string) error
+}
+
+type azureFileDeleter struct {
+	*azureFile
+	accountName, accountKey, shareName string
+	azureProvider                      azureCloudProvider
+}
+
+func (plugin *azureFilePlugin) NewDeleter(spec *volume.Spec) (volume.Deleter, error) {
+	azure, err := getAzureCloudProvider(plugin.host.GetCloudProvider())
+	if err != nil {
+		glog.V(4).Infof("failed to get azure provider")
+		return nil, err
+	}
+
+	return plugin.newDeleterInternal(spec, &azureSvc{}, azure)
+}
+
+func (plugin *azureFilePlugin) newDeleterInternal(spec *volume.Spec, util azureUtil, azure azureCloudProvider) (volume.Deleter, error) {
+	if spec.PersistentVolume != nil && spec.PersistentVolume.Spec.AzureFile == nil {
+		return nil, fmt.Errorf("invalid PV spec")
+	}
+	pvSpec := spec.PersistentVolume
+	if pvSpec.Spec.ClaimRef.Namespace == "" {
+		glog.Errorf("namespace cannot be nil")
+		return nil, fmt.Errorf("invalid PV spec: nil namespace")
+	}
+	nameSpace := pvSpec.Spec.ClaimRef.Namespace
+	secretName := pvSpec.Spec.AzureFile.SecretName
+	shareName := pvSpec.Spec.AzureFile.ShareName
+	if accountName, accountKey, err := util.GetAzureCredentials(plugin.host, nameSpace, secretName); err != nil {
+		return nil, err
+	} else {
+		return &azureFileDeleter{
+			azureFile: &azureFile{
+				volName: spec.Name(),
+				plugin:  plugin,
+			},
+			shareName:     shareName,
+			accountName:   accountName,
+			accountKey:    accountKey,
+			azureProvider: azure,
+		}, nil
+	}
+}
+
+func (plugin *azureFilePlugin) NewProvisioner(options volume.VolumeOptions) (volume.Provisioner, error) {
+	azure, err := getAzureCloudProvider(plugin.host.GetCloudProvider())
+	if err != nil {
+		glog.V(4).Infof("failed to get azure provider")
+		return nil, err
+	}
+	if len(options.PVC.Spec.AccessModes) == 0 {
+		options.PVC.Spec.AccessModes = plugin.GetAccessModes()
+	}
+	return plugin.newProvisionerInternal(options, azure)
+}
+
+func (plugin *azureFilePlugin) newProvisionerInternal(options volume.VolumeOptions, azure azureCloudProvider) (volume.Provisioner, error) {
+	return &azureFileProvisioner{
+		azureFile: &azureFile{
+			plugin: plugin,
+		},
+		azureProvider: azure,
+		util:          &azureSvc{},
+		options:       options,
+	}, nil
+}
+
+var _ volume.Deleter = &azureFileDeleter{}
+
+func (f *azureFileDeleter) GetPath() string {
+	name := azureFilePluginName
+	return f.plugin.host.GetPodVolumeDir(f.podUID, utilstrings.EscapeQualifiedNameForDisk(name), f.volName)
+}
+
+func (f *azureFileDeleter) Delete() error {
+	glog.V(4).Infof("deleting volume %s", f.shareName)
+	return f.azureProvider.DeleteFileShare(f.accountName, f.accountKey, f.shareName)
+}
+
+type azureFileProvisioner struct {
+	*azureFile
+	azureProvider azureCloudProvider
+	util          azureUtil
+	options       volume.VolumeOptions
+}
+
+var _ volume.Provisioner = &azureFileProvisioner{}
+
+func (a *azureFileProvisioner) Provision() (*v1.PersistentVolume, error) {
+	var sku, location, account string
+
+	name := volume.GenerateVolumeName(a.options.ClusterName, a.options.PVName, 75)
+	capacity := a.options.PVC.Spec.Resources.Requests[v1.ResourceName(v1.ResourceStorage)]
+	requestBytes := capacity.Value()
+	requestGB := int(volume.RoundUpSize(requestBytes, 1024*1024*1024))
+
+	// Apply ProvisionerParameters (case-insensitive). We leave validation of
+	// the values to the cloud provider.
+	for k, v := range a.options.Parameters {
+		switch strings.ToLower(k) {
+		case "skuname":
+			sku = v
+		case "location":
+			location = v
+		case "storageaccount":
+			account = v
+		default:
+			return nil, fmt.Errorf("invalid option %q for volume plugin %s", k, a.plugin.GetPluginName())
+		}
+	}
+	// TODO: implement c.options.ProvisionerSelector parsing
+	if a.options.PVC.Spec.Selector != nil {
+		return nil, fmt.Errorf("claim.Spec.Selector is not supported for dynamic provisioning on Azure file")
+	}
+
+	account, key, err := a.azureProvider.CreateFileShare(name, account, sku, location, requestGB)
+	if err != nil {
+		return nil, err
+	}
+	// create a secret for storage account and key
+	secretName, err := a.util.SetAzureCredentials(a.plugin.host, a.options.PVC.Namespace, account, key)
+	if err != nil {
+		return nil, err
+	}
+	// create PV
+	pv := &v1.PersistentVolume{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:   a.options.PVName,
+			Labels: map[string]string{},
+			Annotations: map[string]string{
+				"kubernetes.io/createdby": "azure-file-dynamic-provisioner",
+			},
+		},
+		Spec: v1.PersistentVolumeSpec{
+			PersistentVolumeReclaimPolicy: a.options.PersistentVolumeReclaimPolicy,
+			AccessModes:                   a.options.PVC.Spec.AccessModes,
+			Capacity: v1.ResourceList{
+				v1.ResourceName(v1.ResourceStorage): resource.MustParse(fmt.Sprintf("%dGi", requestGB)),
+			},
+			PersistentVolumeSource: v1.PersistentVolumeSource{
+				AzureFile: &v1.AzureFileVolumeSource{
+					SecretName: secretName,
+					ShareName:  name,
+				},
+			},
+		},
+	}
+	return pv, nil
+}
+
+// Return cloud provider
+func getAzureCloudProvider(cloudProvider cloudprovider.Interface) (azureCloudProvider, error) {
+	azureCloudProvider, ok := cloudProvider.(*azure.Cloud)
+	if !ok || azureCloudProvider == nil {
+		return nil, fmt.Errorf("Failed to get Azure Cloud Provider. GetCloudProvider returned %v instead", cloudProvider)
+	}
+
+	return azureCloudProvider, nil
+}
--- a/pkg/volume/azure_file/azure_util.go
+++ b/pkg/volume/azure_file/azure_util.go
@@ -19,18 +19,21 @@ package azure_file
 import (
 	"fmt"

+	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	v1 "k8s.io/kubernetes/pkg/api/v1"
 	"k8s.io/kubernetes/pkg/volume"
 )

 // Abstract interface to azure file operations.
 type azureUtil interface {
-	GetAzureCredentials(host volume.VolumeHost, nameSpace, secretName, shareName string) (string, string, error)
+	GetAzureCredentials(host volume.VolumeHost, nameSpace, secretName string) (string, string, error)
+	SetAzureCredentials(host volume.VolumeHost, nameSpace, accountName, accountKey string) (string, error)
 }

 type azureSvc struct{}

-func (s *azureSvc) GetAzureCredentials(host volume.VolumeHost, nameSpace, secretName, shareName string) (string, string, error) {
+func (s *azureSvc) GetAzureCredentials(host volume.VolumeHost, nameSpace, secretName string) (string, string, error) {
 	var accountKey, accountName string
 	kubeClient := host.GetKubeClient()
 	if kubeClient == nil {
@@ -54,3 +57,30 @@ func (s *azureSvc) GetAzureCredentials(host volume.VolumeHost, nameSpace, secret
 	}
 	return accountName, accountKey, nil
 }
+
+func (s *azureSvc) SetAzureCredentials(host volume.VolumeHost, nameSpace, accountName, accountKey string) (string, error) {
+	kubeClient := host.GetKubeClient()
+	if kubeClient == nil {
+		return "", fmt.Errorf("Cannot get kube client")
+	}
+	secretName := "azure-storage-account-" + accountName + "-secret"
+	secret := &v1.Secret{
+		ObjectMeta: metav1.ObjectMeta{
+			Namespace: nameSpace,
+			Name:      secretName,
+		},
+		Data: map[string][]byte{
+			"azurestorageaccountname": []byte(accountName),
+			"azurestorageaccountkey":  []byte(accountKey),
+		},
+		Type: "Opaque",
+	}
+	_, err := kubeClient.Core().Secrets(nameSpace).Create(secret)
+	if errors.IsAlreadyExists(err) {
+		err = nil
+	}
+	if err != nil {
+		return "", fmt.Errorf("Couldn't create secret %v", err)
+	}
+	return secretName, err
+}