From 4ed770977443cf0cf34cab743085d5c31b2f8034 Mon Sep 17 00:00:00 2001 From: jornshen Date: Mon, 26 Oct 2020 15:11:31 +0800 Subject: [PATCH] Report a metric for time taken to perform recursive permission change --- pkg/volume/awsebs/aws_ebs.go | 2 +- pkg/volume/azuredd/azure_mounter.go | 2 +- pkg/volume/cinder/cinder.go | 2 +- pkg/volume/configmap/configmap.go | 2 +- pkg/volume/csi/csi_mounter.go | 3 ++- pkg/volume/downwardapi/downwardapi.go | 2 +- pkg/volume/emptydir/empty_dir.go | 2 +- pkg/volume/fc/disk_manager.go | 4 ++-- pkg/volume/fc/fc.go | 2 +- pkg/volume/flexvolume/mounter.go | 3 ++- pkg/volume/flocker/flocker.go | 3 ++- pkg/volume/gcepd/gce_pd.go | 2 +- pkg/volume/git_repo/git_repo.go | 2 +- pkg/volume/iscsi/disk_manager.go | 4 ++-- pkg/volume/iscsi/iscsi.go | 2 +- pkg/volume/local/local.go | 2 +- pkg/volume/portworx/portworx.go | 2 +- pkg/volume/projected/projected.go | 2 +- pkg/volume/rbd/disk_manager.go | 4 ++-- pkg/volume/rbd/rbd.go | 2 +- pkg/volume/scaleio/sio_volume.go | 2 +- pkg/volume/secret/secret.go | 2 +- pkg/volume/storageos/storageos.go | 2 +- pkg/volume/util/metrics.go | 5 +++++ pkg/volume/volume_linux.go | 15 +++++++++++---- pkg/volume/volume_linux_test.go | 2 +- pkg/volume/volume_unsupported.go | 2 +- pkg/volume/vsphere_volume/vsphere_volume.go | 2 +- 28 files changed, 48 insertions(+), 33 deletions(-) diff --git a/pkg/volume/awsebs/aws_ebs.go b/pkg/volume/awsebs/aws_ebs.go index ff5c0ab46ec..f2f75cb714a 100644 --- a/pkg/volume/awsebs/aws_ebs.go +++ b/pkg/volume/awsebs/aws_ebs.go @@ -428,7 +428,7 @@ func (b *awsElasticBlockStoreMounter) SetUpAt(dir string, mounterArgs volume.Mou } if !b.readOnly { - volume.SetVolumeOwnership(b, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy) + volume.SetVolumeOwnership(b, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy, util.FSGroupCompleteHook(b.plugin.GetPluginName())) } klog.V(4).Infof("Successfully mounted %s", dir) diff --git a/pkg/volume/azuredd/azure_mounter.go b/pkg/volume/azuredd/azure_mounter.go index b71448fd932..bd061299b1c 100644 --- a/pkg/volume/azuredd/azure_mounter.go +++ b/pkg/volume/azuredd/azure_mounter.go @@ -164,7 +164,7 @@ func (m *azureDiskMounter) SetUpAt(dir string, mounterArgs volume.MounterArgs) e } if volumeSource.ReadOnly == nil || !*volumeSource.ReadOnly { - volume.SetVolumeOwnership(m, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy) + volume.SetVolumeOwnership(m, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy, util.FSGroupCompleteHook(m.plugin.GetPluginName())) } klog.V(2).Infof("azureDisk - successfully mounted disk %s on %s", diskName, dir) diff --git a/pkg/volume/cinder/cinder.go b/pkg/volume/cinder/cinder.go index 8247047d165..c8ad32c15f9 100644 --- a/pkg/volume/cinder/cinder.go +++ b/pkg/volume/cinder/cinder.go @@ -448,7 +448,7 @@ func (b *cinderVolumeMounter) SetUpAt(dir string, mounterArgs volume.MounterArgs } if !b.readOnly { - volume.SetVolumeOwnership(b, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy) + volume.SetVolumeOwnership(b, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy, util.FSGroupCompleteHook(b.plugin.GetPluginName())) } klog.V(3).Infof("Cinder volume %s mounted to %s", b.pdName, dir) diff --git a/pkg/volume/configmap/configmap.go b/pkg/volume/configmap/configmap.go index c3b9324075c..017a874e478 100644 --- a/pkg/volume/configmap/configmap.go +++ b/pkg/volume/configmap/configmap.go @@ -256,7 +256,7 @@ func (b *configMapVolumeMounter) SetUpAt(dir string, mounterArgs volume.MounterA return err } - err = volume.SetVolumeOwnership(b, mounterArgs.FsGroup, nil /*fsGroupChangePolicy*/) + err = volume.SetVolumeOwnership(b, mounterArgs.FsGroup, nil /*fsGroupChangePolicy*/, volumeutil.FSGroupCompleteHook(b.plugin.GetPluginName())) if err != nil { klog.Errorf("Error applying volume ownership settings for group: %v", mounterArgs.FsGroup) return err diff --git a/pkg/volume/csi/csi_mounter.go b/pkg/volume/csi/csi_mounter.go index b4f135317c2..478b5c2870e 100644 --- a/pkg/volume/csi/csi_mounter.go +++ b/pkg/volume/csi/csi_mounter.go @@ -35,6 +35,7 @@ import ( "k8s.io/client-go/kubernetes" "k8s.io/kubernetes/pkg/features" "k8s.io/kubernetes/pkg/volume" + "k8s.io/kubernetes/pkg/volume/util" volumetypes "k8s.io/kubernetes/pkg/volume/util/types" "k8s.io/mount-utils" utilstrings "k8s.io/utils/strings" @@ -278,7 +279,7 @@ func (c *csiMountMgr) SetUpAt(dir string, mounterArgs volume.MounterArgs) error } if c.supportsFSGroup(fsType, mounterArgs.FsGroup, c.fsGroupPolicy) { - err := volume.SetVolumeOwnership(c, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy) + err := volume.SetVolumeOwnership(c, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy, util.FSGroupCompleteHook(c.plugin.GetPluginName())) if err != nil { // At this point mount operation is successful: // 1. Since volume can not be used by the pod because of invalid permissions, we must return error diff --git a/pkg/volume/downwardapi/downwardapi.go b/pkg/volume/downwardapi/downwardapi.go index 9fd3e26b3e2..830ab5d1b63 100644 --- a/pkg/volume/downwardapi/downwardapi.go +++ b/pkg/volume/downwardapi/downwardapi.go @@ -227,7 +227,7 @@ func (b *downwardAPIVolumeMounter) SetUpAt(dir string, mounterArgs volume.Mounte return err } - err = volume.SetVolumeOwnership(b, mounterArgs.FsGroup, nil /*fsGroupChangePolicy*/) + err = volume.SetVolumeOwnership(b, mounterArgs.FsGroup, nil /*fsGroupChangePolicy*/, volumeutil.FSGroupCompleteHook(b.plugin.GetPluginName())) if err != nil { klog.Errorf("Error applying volume ownership settings for group: %v", mounterArgs.FsGroup) return err diff --git a/pkg/volume/emptydir/empty_dir.go b/pkg/volume/emptydir/empty_dir.go index d619765c875..8a2d813c96c 100644 --- a/pkg/volume/emptydir/empty_dir.go +++ b/pkg/volume/emptydir/empty_dir.go @@ -227,7 +227,7 @@ func (ed *emptyDir) SetUpAt(dir string, mounterArgs volume.MounterArgs) error { err = fmt.Errorf("unknown storage medium %q", ed.medium) } - volume.SetVolumeOwnership(ed, mounterArgs.FsGroup, nil /*fsGroupChangePolicy*/) + volume.SetVolumeOwnership(ed, mounterArgs.FsGroup, nil /*fsGroupChangePolicy*/, volumeutil.FSGroupCompleteHook(ed.plugin.GetPluginName())) // If setting up the quota fails, just log a message but don't actually error out. // We'll use the old du mechanism in this case, at least until we support diff --git a/pkg/volume/fc/disk_manager.go b/pkg/volume/fc/disk_manager.go index 328db7278fa..4f23bded15d 100644 --- a/pkg/volume/fc/disk_manager.go +++ b/pkg/volume/fc/disk_manager.go @@ -40,7 +40,7 @@ type diskManager interface { } // utility to mount a disk based filesystem -func diskSetUp(manager diskManager, b fcDiskMounter, volPath string, mounter mount.Interface, fsGroup *int64, fsGroupChangePolicy *v1.PodFSGroupChangePolicy) error { +func diskSetUp(manager diskManager, b fcDiskMounter, volPath string, mounter mount.Interface, fsGroup *int64, fsGroupChangePolicy *v1.PodFSGroupChangePolicy, plugin volume.VolumePlugin) error { globalPDPath := manager.MakeGlobalPDName(*b.fcDisk) noMnt, err := mounter.IsLikelyNotMountPoint(volPath) @@ -91,7 +91,7 @@ func diskSetUp(manager diskManager, b fcDiskMounter, volPath string, mounter mou } if !b.readOnly { - volume.SetVolumeOwnership(&b, fsGroup, fsGroupChangePolicy) + volume.SetVolumeOwnership(&b, fsGroup, fsGroupChangePolicy, util.FSGroupCompleteHook(b.plugin.GetPluginName())) } return nil diff --git a/pkg/volume/fc/fc.go b/pkg/volume/fc/fc.go index ef605b64f45..5b1728ebd0d 100644 --- a/pkg/volume/fc/fc.go +++ b/pkg/volume/fc/fc.go @@ -362,7 +362,7 @@ func (b *fcDiskMounter) SetUp(mounterArgs volume.MounterArgs) error { func (b *fcDiskMounter) SetUpAt(dir string, mounterArgs volume.MounterArgs) error { // diskSetUp checks mountpoints and prevent repeated calls - err := diskSetUp(b.manager, *b, dir, b.mounter, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy) + err := diskSetUp(b.manager, *b, dir, b.mounter, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy, b.plugin) if err != nil { klog.Errorf("fc: failed to setup") } diff --git a/pkg/volume/flexvolume/mounter.go b/pkg/volume/flexvolume/mounter.go index 2573acb850f..604ffcf85c3 100644 --- a/pkg/volume/flexvolume/mounter.go +++ b/pkg/volume/flexvolume/mounter.go @@ -21,6 +21,7 @@ import ( "strconv" "k8s.io/kubernetes/pkg/volume" + "k8s.io/kubernetes/pkg/volume/util" "k8s.io/utils/exec" ) @@ -93,7 +94,7 @@ func (f *flexVolumeMounter) SetUpAt(dir string, mounterArgs volume.MounterArgs) if !f.readOnly { if f.plugin.capabilities.FSGroup { - volume.SetVolumeOwnership(f, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy) + volume.SetVolumeOwnership(f, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy, util.FSGroupCompleteHook(f.plugin.GetPluginName())) } } diff --git a/pkg/volume/flocker/flocker.go b/pkg/volume/flocker/flocker.go index b34d78cf37f..a58530eb23b 100644 --- a/pkg/volume/flocker/flocker.go +++ b/pkg/volume/flocker/flocker.go @@ -31,6 +31,7 @@ import ( "k8s.io/apimachinery/pkg/types" "k8s.io/kubernetes/pkg/util/env" "k8s.io/kubernetes/pkg/volume" + "k8s.io/kubernetes/pkg/volume/util" ) // ProbeVolumePlugins is the primary entrypoint for volume plugins. @@ -361,7 +362,7 @@ func (b *flockerVolumeMounter) SetUpAt(dir string, mounterArgs volume.MounterArg } if !b.readOnly { - volume.SetVolumeOwnership(b, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy) + volume.SetVolumeOwnership(b, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy, util.FSGroupCompleteHook(b.plugin.GetPluginName())) } klog.V(4).Infof("successfully mounted %s", dir) diff --git a/pkg/volume/gcepd/gce_pd.go b/pkg/volume/gcepd/gce_pd.go index 39fe43e3e84..3d572d2cb90 100644 --- a/pkg/volume/gcepd/gce_pd.go +++ b/pkg/volume/gcepd/gce_pd.go @@ -429,7 +429,7 @@ func (b *gcePersistentDiskMounter) SetUpAt(dir string, mounterArgs volume.Mounte } if !b.readOnly { - volume.SetVolumeOwnership(b, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy) + volume.SetVolumeOwnership(b, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy, util.FSGroupCompleteHook(b.plugin.GetPluginName())) } return nil } diff --git a/pkg/volume/git_repo/git_repo.go b/pkg/volume/git_repo/git_repo.go index d01e28a7258..af22a7b4ff2 100644 --- a/pkg/volume/git_repo/git_repo.go +++ b/pkg/volume/git_repo/git_repo.go @@ -236,7 +236,7 @@ func (b *gitRepoVolumeMounter) SetUpAt(dir string, mounterArgs volume.MounterArg return fmt.Errorf("failed to exec 'git reset --hard': %s: %v", output, err) } - volume.SetVolumeOwnership(b, mounterArgs.FsGroup, nil /*fsGroupChangePolicy*/) + volume.SetVolumeOwnership(b, mounterArgs.FsGroup, nil /*fsGroupChangePolicy*/, volumeutil.FSGroupCompleteHook(b.plugin.GetPluginName())) volumeutil.SetReady(b.getMetaDir()) return nil diff --git a/pkg/volume/iscsi/disk_manager.go b/pkg/volume/iscsi/disk_manager.go index 48ed9168376..674ce81aeed 100644 --- a/pkg/volume/iscsi/disk_manager.go +++ b/pkg/volume/iscsi/disk_manager.go @@ -42,7 +42,7 @@ type diskManager interface { // utility to mount a disk based filesystem // globalPDPath: global mount path like, /var/lib/kubelet/plugins/kubernetes.io/iscsi/{ifaceName}/{portal-some_iqn-lun-lun_id} // volPath: pod volume dir path like, /var/lib/kubelet/pods/{podUID}/volumes/kubernetes.io~iscsi/{volumeName} -func diskSetUp(manager diskManager, b iscsiDiskMounter, volPath string, mounter mount.Interface, fsGroup *int64, fsGroupChangePolicy *v1.PodFSGroupChangePolicy) error { +func diskSetUp(manager diskManager, b iscsiDiskMounter, volPath string, mounter mount.Interface, fsGroup *int64, fsGroupChangePolicy *v1.PodFSGroupChangePolicy, plugin volume.VolumePlugin) error { notMnt, err := mounter.IsLikelyNotMountPoint(volPath) if err != nil && !os.IsNotExist(err) { klog.Errorf("cannot validate mountpoint: %s", volPath) @@ -96,7 +96,7 @@ func diskSetUp(manager diskManager, b iscsiDiskMounter, volPath string, mounter } if !b.readOnly { - volume.SetVolumeOwnership(&b, fsGroup, fsGroupChangePolicy) + volume.SetVolumeOwnership(&b, fsGroup, fsGroupChangePolicy, util.FSGroupCompleteHook(b.plugin.GetPluginName())) } return nil diff --git a/pkg/volume/iscsi/iscsi.go b/pkg/volume/iscsi/iscsi.go index a4dd8cf3868..83913631834 100644 --- a/pkg/volume/iscsi/iscsi.go +++ b/pkg/volume/iscsi/iscsi.go @@ -345,7 +345,7 @@ func (b *iscsiDiskMounter) SetUp(mounterArgs volume.MounterArgs) error { func (b *iscsiDiskMounter) SetUpAt(dir string, mounterArgs volume.MounterArgs) error { // diskSetUp checks mountpoints and prevent repeated calls - err := diskSetUp(b.manager, *b, dir, b.mounter, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy) + err := diskSetUp(b.manager, *b, dir, b.mounter, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy, b.plugin) if err != nil { klog.Errorf("iscsi: failed to setup") } diff --git a/pkg/volume/local/local.go b/pkg/volume/local/local.go index 2b558730705..756c7c2255b 100644 --- a/pkg/volume/local/local.go +++ b/pkg/volume/local/local.go @@ -566,7 +566,7 @@ func (m *localVolumeMounter) SetUpAt(dir string, mounterArgs volume.MounterArgs) if !m.readOnly { // Volume owner will be written only once on the first volume mount if len(refs) == 0 { - return volume.SetVolumeOwnership(m, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy) + return volume.SetVolumeOwnership(m, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy, util.FSGroupCompleteHook(m.plugin.GetPluginName())) } } return nil diff --git a/pkg/volume/portworx/portworx.go b/pkg/volume/portworx/portworx.go index a19f0442251..81ade25da57 100644 --- a/pkg/volume/portworx/portworx.go +++ b/pkg/volume/portworx/portworx.go @@ -328,7 +328,7 @@ func (b *portworxVolumeMounter) SetUpAt(dir string, mounterArgs volume.MounterAr return err } if !b.readOnly { - volume.SetVolumeOwnership(b, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy) + volume.SetVolumeOwnership(b, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy, util.FSGroupCompleteHook(b.plugin.GetPluginName())) } klog.Infof("Portworx Volume %s setup at %s", b.volumeID, dir) return nil diff --git a/pkg/volume/projected/projected.go b/pkg/volume/projected/projected.go index 21bd164aa2b..25908049a30 100644 --- a/pkg/volume/projected/projected.go +++ b/pkg/volume/projected/projected.go @@ -239,7 +239,7 @@ func (s *projectedVolumeMounter) SetUpAt(dir string, mounterArgs volume.MounterA return err } - err = volume.SetVolumeOwnership(s, mounterArgs.FsGroup, nil /*fsGroupChangePolicy*/) + err = volume.SetVolumeOwnership(s, mounterArgs.FsGroup, nil /*fsGroupChangePolicy*/, volumeutil.FSGroupCompleteHook(s.plugin.GetPluginName())) if err != nil { klog.Errorf("Error applying volume ownership settings for group: %v", mounterArgs.FsGroup) return err diff --git a/pkg/volume/rbd/disk_manager.go b/pkg/volume/rbd/disk_manager.go index 8545b743c66..003f8437ada 100644 --- a/pkg/volume/rbd/disk_manager.go +++ b/pkg/volume/rbd/disk_manager.go @@ -58,7 +58,7 @@ type diskManager interface { } // utility to mount a disk based filesystem -func diskSetUp(manager diskManager, b rbdMounter, volPath string, mounter mount.Interface, fsGroup *int64, fsGroupChangePolicy *v1.PodFSGroupChangePolicy) error { +func diskSetUp(manager diskManager, b rbdMounter, volPath string, mounter mount.Interface, fsGroup *int64, fsGroupChangePolicy *v1.PodFSGroupChangePolicy, plugin volume.VolumePlugin) error { globalPDPath := manager.MakeGlobalPDName(*b.rbd) notMnt, err := mounter.IsLikelyNotMountPoint(globalPDPath) if err != nil && !os.IsNotExist(err) { @@ -96,7 +96,7 @@ func diskSetUp(manager diskManager, b rbdMounter, volPath string, mounter mount. klog.V(3).Infof("rbd: successfully bind mount %s to %s with options %v", globalPDPath, volPath, mountOptions) if !b.ReadOnly { - volume.SetVolumeOwnership(&b, fsGroup, fsGroupChangePolicy) + volume.SetVolumeOwnership(&b, fsGroup, fsGroupChangePolicy, util.FSGroupCompleteHook(b.plugin.GetPluginName())) } return nil diff --git a/pkg/volume/rbd/rbd.go b/pkg/volume/rbd/rbd.go index 436c1c3f267..55f5e6bf2ab 100644 --- a/pkg/volume/rbd/rbd.go +++ b/pkg/volume/rbd/rbd.go @@ -837,7 +837,7 @@ func (b *rbdMounter) SetUp(mounterArgs volume.MounterArgs) error { func (b *rbdMounter) SetUpAt(dir string, mounterArgs volume.MounterArgs) error { // diskSetUp checks mountpoints and prevent repeated calls klog.V(4).Infof("rbd: attempting to setup at %s", dir) - err := diskSetUp(b.manager, *b, dir, b.mounter, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy) + err := diskSetUp(b.manager, *b, dir, b.mounter, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy, b.plugin) if err != nil { klog.Errorf("rbd: failed to setup at %s %v", dir, err) } diff --git a/pkg/volume/scaleio/sio_volume.go b/pkg/volume/scaleio/sio_volume.go index 02cae9c8a1d..23328428ca0 100644 --- a/pkg/volume/scaleio/sio_volume.go +++ b/pkg/volume/scaleio/sio_volume.go @@ -161,7 +161,7 @@ func (v *sioVolume) SetUpAt(dir string, mounterArgs volume.MounterArgs) error { if !v.readOnly && mounterArgs.FsGroup != nil { klog.V(4).Info(log("applying value FSGroup ownership")) - volume.SetVolumeOwnership(v, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy) + volume.SetVolumeOwnership(v, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy, util.FSGroupCompleteHook(v.plugin.GetPluginName())) } klog.V(4).Info(log("successfully setup PV %s: volume %s mapped as %s mounted at %s", v.volSpecName, v.volName, devicePath, dir)) diff --git a/pkg/volume/secret/secret.go b/pkg/volume/secret/secret.go index c033cd57a18..a014c708631 100644 --- a/pkg/volume/secret/secret.go +++ b/pkg/volume/secret/secret.go @@ -251,7 +251,7 @@ func (b *secretVolumeMounter) SetUpAt(dir string, mounterArgs volume.MounterArgs return err } - err = volume.SetVolumeOwnership(b, mounterArgs.FsGroup, nil /*fsGroupChangePolicy*/) + err = volume.SetVolumeOwnership(b, mounterArgs.FsGroup, nil /*fsGroupChangePolicy*/, volumeutil.FSGroupCompleteHook(b.plugin.GetPluginName())) if err != nil { klog.Errorf("Error applying volume ownership settings for group: %v", mounterArgs.FsGroup) return err diff --git a/pkg/volume/storageos/storageos.go b/pkg/volume/storageos/storageos.go index b5b9e796e8e..ac034961fdf 100644 --- a/pkg/volume/storageos/storageos.go +++ b/pkg/volume/storageos/storageos.go @@ -430,7 +430,7 @@ func (b *storageosMounter) SetUpAt(dir string, mounterArgs volume.MounterArgs) e } if !b.readOnly { - volume.SetVolumeOwnership(b, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy) + volume.SetVolumeOwnership(b, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy, util.FSGroupCompleteHook(b.plugin.GetPluginName())) } klog.V(4).Infof("StorageOS volume setup complete on %s", dir) return nil diff --git a/pkg/volume/util/metrics.go b/pkg/volume/util/metrics.go index 5542f8e534b..6c70722d06e 100644 --- a/pkg/volume/util/metrics.go +++ b/pkg/volume/util/metrics.go @@ -109,6 +109,11 @@ func OperationCompleteHook(plugin, operationName string) func(*error) { return opComplete } +// FSGroupCompleteHook returns a hook to call when volume recursive permission is changed +func FSGroupCompleteHook(pluginName string) func(*error) { + return OperationCompleteHook(pluginName, "volume_fsgroup_recursive_apply") +} + // GetFullQualifiedPluginNameForVolume returns full qualified plugin name for // given volume. For CSI plugin, it appends plugin driver name at the end of // plugin name, e.g. kubernetes.io/csi:csi-hostpath. It helps to distinguish diff --git a/pkg/volume/volume_linux.go b/pkg/volume/volume_linux.go index ebef818d2a9..17a1d3ef738 100644 --- a/pkg/volume/volume_linux.go +++ b/pkg/volume/volume_linux.go @@ -40,7 +40,7 @@ const ( // SetVolumeOwnership modifies the given volume to be owned by // fsGroup, and sets SetGid so that newly created files are owned by // fsGroup. If fsGroup is nil nothing is done. -func SetVolumeOwnership(mounter Mounter, fsGroup *int64, fsGroupChangePolicy *v1.PodFSGroupChangePolicy) error { +func SetVolumeOwnership(mounter Mounter, fsGroup *int64, fsGroupChangePolicy *v1.PodFSGroupChangePolicy, completeFunc func(*error)) error { if fsGroup == nil { return nil } @@ -55,7 +55,11 @@ func SetVolumeOwnership(mounter Mounter, fsGroup *int64, fsGroupChangePolicy *v1 // This code exists for legacy purposes, so as old behaviour is entirely preserved when feature gate is disabled // TODO: remove this when ConfigurableFSGroupPolicy turns GA. if !fsGroupPolicyEnabled { - return legacyOwnershipChange(mounter, fsGroup) + err := legacyOwnershipChange(mounter, fsGroup) + if completeFunc != nil { + completeFunc(&err) + } + return err } if skipPermissionChange(mounter, fsGroup, fsGroupChangePolicy) { @@ -63,13 +67,16 @@ func SetVolumeOwnership(mounter Mounter, fsGroup *int64, fsGroupChangePolicy *v1 return nil } - return walkDeep(mounter.GetPath(), func(path string, info os.FileInfo, err error) error { + err := walkDeep(mounter.GetPath(), func(path string, info os.FileInfo, err error) error { if err != nil { return err } return changeFilePermission(path, fsGroup, mounter.GetAttributes().ReadOnly, info) }) - + if completeFunc != nil { + completeFunc(&err) + } + return err } func legacyOwnershipChange(mounter Mounter, fsGroup *int64) error { diff --git a/pkg/volume/volume_linux_test.go b/pkg/volume/volume_linux_test.go index e1a912bc839..c395106e29b 100644 --- a/pkg/volume/volume_linux_test.go +++ b/pkg/volume/volume_linux_test.go @@ -314,7 +314,7 @@ func TestSetVolumeOwnership(t *testing.T) { } mounter := &localFakeMounter{path: tmpDir} - err = SetVolumeOwnership(mounter, &expectedGid, test.fsGroupChangePolicy) + err = SetVolumeOwnership(mounter, &expectedGid, test.fsGroupChangePolicy, nil) if err != nil { t.Errorf("for %s error changing ownership with: %v", test.description, err) } diff --git a/pkg/volume/volume_unsupported.go b/pkg/volume/volume_unsupported.go index 3c9a50bcbba..9cb094fe9e8 100644 --- a/pkg/volume/volume_unsupported.go +++ b/pkg/volume/volume_unsupported.go @@ -22,6 +22,6 @@ import ( v1 "k8s.io/api/core/v1" ) -func SetVolumeOwnership(mounter Mounter, fsGroup *int64, fsGroupChangePolicy *v1.PodFSGroupChangePolicy) error { +func SetVolumeOwnership(mounter Mounter, fsGroup *int64, fsGroupChangePolicy *v1.PodFSGroupChangePolicy, completeFunc func(*error)) error { return nil } diff --git a/pkg/volume/vsphere_volume/vsphere_volume.go b/pkg/volume/vsphere_volume/vsphere_volume.go index 59c4e696264..333d5484ec6 100644 --- a/pkg/volume/vsphere_volume/vsphere_volume.go +++ b/pkg/volume/vsphere_volume/vsphere_volume.go @@ -278,7 +278,7 @@ func (b *vsphereVolumeMounter) SetUpAt(dir string, mounterArgs volume.MounterArg os.Remove(dir) return err } - volume.SetVolumeOwnership(b, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy) + volume.SetVolumeOwnership(b, mounterArgs.FsGroup, mounterArgs.FSGroupChangePolicy, util.FSGroupCompleteHook(b.plugin.GetPluginName())) klog.V(3).Infof("vSphere volume %s mounted to %s", b.volPath, dir) return nil