Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Error in return value should be tested and fix Description Info in e2e test
**What this PR does / why we need it**:
1. Error in return value should be tested
2. fix Description Info
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Just after creating a PV, its phase is "Pending" and its finalizers
doesn't contain "kubernetes.io/pv-protection". If the e2e test performs
so faster than the target k8s cluster, the test fails because the PV is
not ready. This adds WaitForPersistentVolumePhase() for waiting the
phase "Available" to avoid such situation.
Currently, the PVC protection controller will remove its finalizer when
all Pods using a PVC reach at least a Terminating state. However,
certain volumes cannot be guaranteed to be umounted until a Pod is
deleted. Only Pods not in the current pods list can be considered
deleted, so we're removing the exception to not check Terminating Pods.
Signed-off-by: Jose A. Rivera <jarrpa@redhat.com>
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
End2End tests for DynamicVolumeProvisioning of EBS
**What this PR does / why we need it**:
Add end2end tests to exercise `DynamicProvisioningScheduling` features for EBS. The tests make sure `WaitForFirstConsumer` and `AllowedTopologies` specified in a EBS storage class has the desired effect.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
Tests features added to 217a3d8902
**Release note**:
```
NONE
```
/sig storage
/assign @msau42 @jsafrane
CI has shown occasional failures stemming from an -EBUSY when
test/e2e/storage/persistent_volumes-local.go aka "PersistentVolumes-local"
attempts to do losetup.
Looking at the code, it has a clear race between querying the current
free loopback device and later explicitly attempting to loopback setup a
file at the queried device node. Losetup nowadays includes the logic to
handle this for the user, if the '-f' option is used instead of naming
the desired target loopback device explicitly. It is safe to presume
a suitable losetup is present as the '-f' option is used elsewhere in
the test, and it is safe to not record the allocated device, as it is
already queried on the fly elsewhere in the test ahead of other commands
which need to know an already created loopback device's node name.
This patch should result in less flakes for this test case.
Signed-off-by: Tim Pepper <tpepper@vmware.com>
Use the same pattern everywhere in the e2e test
harness, use busybox (from dockerhub) instead
of using the one from k8s.gcr.io registry.
Change-Id: I57c3b867408c1f9478a8909c26744ea0368ff003
Automatic merge from submit-queue (batch tested with PRs 66933, 66925). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Rework multi-volume test to use StatefulSet
**What this PR does / why we need it**:
The e2e test that got added as part of https://github.com/kubernetes/kubernetes/pull/66832 fails in a multi-zone environment because the volumes get provisioned in random zones. This PR reworks the test to use StatefulSet instead, which handles provisioning multiple PVCs in the same zone.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 64645, 66832). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Detect if GCE PD udev link is wrong and try to correct it
**What this PR does / why we need it**:
udev can miss scsi events and not update device links properly when disks are detached and reattached to the same node in a different order. This PR workarounds the issue by comparing the udev link name, which is the PD disk name, with the scsi disk serial number returned from scsi_id, and prevents mounting of the disk if the link is wrong. It will also run `udevadm trigger` on the disk to try to correct the bad link.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
This fix prevents a GCE PD volume from being mounted if the udev device link is stale and tries to correct the link.
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Part 1: Allowing volumes to choose when to use securityContext
This PR is the result of [splitting this PR]( https://github.com/kubernetes/kubernetes/pull/65793) into 2 sections:
1) This part, addressing the refactor so eligible-test-for-conformance can use get rid of privileged security context.
2) a second part that will address the promotion of the testcases to be in conformance suite.
Changes:
a) demoted privileged mode for these tests (not needed)
b) regular tests (the other ones existing in the file) will still be using privileged security context.
b) adding privilegedSecurityContext field to VolInfo, so each volume-flavor can let the test know if the security context has to be privileged or not.
This allows granular changes and updates per volume).
this PR is the result of splitting https://github.com/kubernetes/kubernetes/pull/65793 into 2 sections
1) This part, addressing the refactor so eligible-test-for-conformance can use get rid of privileged security context.
2) a second part that will address the promotion of the testcases to be in conformance suite
Changes:
a) demoted privileged mode for these tests (not needed)
b) regular tests (the other ones existing in the file) will still be using privileged security context.
c) adding privilegedSecurityContext field to VolInfo, so each volume-flavor can let the test know if the security context has to be privileged or not.
This allows granular changes and updates per volume).
d) fixing formatting issue.
Automatic merge from submit-queue (batch tested with PRs 66341, 66405, 66403, 66264, 66447). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Bump subpath test pod timeout to 5 minutes
Fixes: #66376
It seems that sometimes `Attach` on GCP side can take multiple minutes (when recently detached from another node) and therefore the old timeout of 1 minute is not long enough. 5 minutes is standard elsewhere and seems to be long enough for the long tail of GCE Attach time.
Also the ext4 test was really hard to debug because all the old PD tests call all the pods "pd-injector" and all the volume mounts "pd-volume." Made a change to make that more readable by adding a length 4 random string suffix.
/kind flake
/sig storage
/assign @msau42
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 66172, 66254). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Reverting commit #56600 as GCE PD is allocated in chunks of GiB inste…
**What this PR does / why we need it:**
This PR reverts the changes made in commit https://github.com/kubernetes/kubernetes/pull/56600 which considered GCE PDs are allocated in chunks of GBs. The following set of operations demonstrate the allocation is in GiBs.
Manually create a PD in GB, and manually attach it to a node:
```
$ gcloud compute disks create msau-test --zone=us-central1-b --size=1GB
```
Run lsblk on it, and it shows the bytes of the disk are 1GiB:
```
$ lsblk -b
sdc 8:32 0 1073741824 0 disk
```
**Which issue(s) this PR fixes**:
[65285](https://github.com/kubernetes/kubernetes/issues/65285)
**Special notes for your reviewer**:
```release-note
none
```
Automatic merge from submit-queue (batch tested with PRs 63877, 64559, 65952). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Typo fix in the returned message: dynamicly->dynamically
Line 541: a typo in the returned message:
dynamicly->dynamically
Automatic merge from submit-queue (batch tested with PRs 66064, 66040). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Re-enable write-read pv check in volume provisioning tests
**What this PR does / why we need it**: Except for the recently-added CSI tests, every test that uses testDynamicProvisioning in volume_provisioning has been skipping the
`By("checking the created volume is writable and has the PV's mount options")`
and
`By("checking the created volume is readable and retains data")`
steps due to an unintentional change in https://github.com/kubernetes/kubernetes/pull/59879
**Special notes for your reviewer**: The 'attach' variable name is not descriptive at all, default behaviour is unclear. Tests will take longer of course, but that was always the intention, to not only test provisioning of PV is according to PVC but that you can actually r/w it (hence e2e).
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add local volume pod affinity tests.
**What this PR does / why we need it**:
Add local volume pod affinity tests.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#56100 (with already merged prs #59682, #60260)
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 64593, 65117, 65629, 65827, 65686). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add e2e tests for volumeMode of persistent volume
This set of e2e tests is to confirm that persistent volume works well for all volumeModes.
Coverage of the tests are shown in the figure of [Test cases], below.
Once implementation policy is confirmed to be good, we can add plugins and test cases to this.
[Test cases]
```
# plugin volumeMode Test case Expectation
--- ---------- -------------- ------------------------------------------------------ ------------
1 iSCSI Block (a) Create Pod with PV and confirm Read/Write to PV Success
2 iSCSI Block (b) Create Pod and restart kubelet and confirm PV Success
3 iSCSI Block (c) Create Pod and restart kubelet while deleting PV Success
4 iSCSI FileSystem (a) Create Pod with PV and confirm Read/Write to PV Success
5 iSCSI FileSystem (b) Create Pod and restart kubelet and confirm PV Success
6 iSCSI FileSystem (c) Create Pod and restart kubelet while deleting PV Success
7 RBD Block (a) Create Pod with PV and confirm Read/Write to PV Success
8 RBD Block (b) Create Pod and restart kubelet and confirm PV Success
9 RBD Block (c) Create Pod and restart kubelet while deleting PV Success
10 RBD FileSystem (a) Create Pod with PV and confirm Read/Write to PV Success
11 RBD FileSystem (b) Create Pod and restart kubelet and confirm PV Success
12 RBD FileSystem (c) Create Pod and restart kubelet while deleting PV Success
13 CephFS Block (a) Create Pod with PV and confirm Read/Write to PV Fail
14 CephFS FileSystem (a) Create Pod with PV and confirm Read/Write to PV Success
15 CephFS FileSystem (b) Create Pod and restart kubelet and confirm PV Success
16 CephFS FileSystem (c) Create Pod and restart kubelet while deleting PV Success
17 NFS Block (a) Create Pod with PV and confirm Read/Write to PV Fail
18 NFS FileSystem (a) Create Pod with PV and confirm Read/Write to PV Success
19 NFS FileSystem (b) Create Pod and restart kubelet and confirm PV Success
20 NFS FileSystem (c) Create Pod and restart kubelet while deleting PV Success
```
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#56803
**Special notes for your reviewer**:
/sig storage
@gnufied @rootfs @jsafrane @jeffvance
This PR is intend to reflect the comments for the below PR.
https://github.com/kubernetes/kubernetes/pull/56804
**Release note**:
```release-note
NONE
```
This set of e2e tests is to confirm that persistent volume works well for all volumeModes.
Coverage of the tests are shown in the figure of [Test cases], below.
Once implementation policy is confirmed to be good, we can add plugins and test cases to this.
[Test cases]
# plugin volumeMode Test case Expectation
--- ---------- -------------- ------------------------------------------------------ ------------
1 iSCSI Block (a) Create Pod with PV and confirm Read/Write to PV Success
2 iSCSI FileSystem (a) Create Pod with PV and confirm Read/Write to PV Success
3 RBD Block (a) Create Pod with PV and confirm Read/Write to PV Success
4 RBD FileSystem (a) Create Pod with PV and confirm Read/Write to PV Success
5 CephFS Block (a) Create Pod with PV and confirm Read/Write to PV Fail
6 CephFS FileSystem (a) Create Pod with PV and confirm Read/Write to PV Success
7 NFS Block (a) Create Pod with PV and confirm Read/Write to PV Fail
8 NFS FileSystem (a) Create Pod with PV and confirm Read/Write to PV Success
fixes: #56803
Automatic merge from submit-queue (batch tested with PRs 65064, 65218, 65260, 65241, 64372). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Added attach/mount/check steps to CSI Driver E2E tests
This PR makes the CSI Volume E2E tests actually go through the entire dynamic provisioning pipeline and test attach/mount/check file etc.
Fixes#64927
```release-note
None
```
Automatic merge from submit-queue (batch tested with PRs 65187, 65206, 65223, 64752, 65238). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fixed detection of inaccessible AWS encryption key.
AWS provisioner now checks if created encrypted volume gets "Available" or it gets silently deleted by AWS because StorageClass referenced invalid (e.g. non-existing) KMS key for encryption.
This seems to be the only way how to detect such invalid key, because Kubernetes may not have enough permission to check if the key exists.
**Which issue(s) this PR fixes**
Fixes#62171
**Special notes for your reviewer**:
**Release note**:
```release-note
AWS now checks for validity of ecryption key when creating encrypted volumes. Dynamic provisioning of encrypted volume may get slower due to these checks.
```
/sig aws
/sig storage
@kubernetes/sig-aws-misc
Automatic merge from submit-queue (batch tested with PRs 65123, 65176, 65139, 65084, 65056). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Enable dynamic provisioning tests on AWS.
The tests are not slow, they finish on GCE in ~46 seconds and on AWS
in ~103 seconds.
**Release note**:
```release-note
NONE
```
Automatic merge from submit-queue (batch tested with PRs 64416, 63625, 60967, 64767, 64588). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove Feature:Volume from tests
These tests don't depend on any alpha/beta feature and they have correct `SkipUnlessProviderIs` tests so they run only on proper cloud.
/kind feature
/sig storage
**Release note**:
```release-note
NONE
```
