public_git
/
democratic-csi
mirror of https://github.com/democratic-csi/democratic-csi.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

enable smb in csi, only force host mount/umount if the operator has not explicitly set a preference 

Signed-off-by: Travis Glenn Hansen <travisghansen@yahoo.com>
This commit is contained in:
Travis Glenn Hansen 2022-04-17 14:41:34 -06:00
parent 3f51f5b7a6
commit 8ac44c0a67
11 changed files with 105 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
.github/workflows/main.yml vendored
View File

@ -74,7 +74,7 @@ jobs:
- truenas/scale/22.02/scale-iscsi.yaml
- truenas/scale/22.02/scale-nfs.yaml
# 80 char limit
#- truenas/scale-smb.yaml
- truenas/scale/22.02/scale-smb.yaml
runs-on:
- self-hosted
- csi-sanity-zfs-local
@ -103,10 +103,10 @@ jobs:
matrix:
config:
# 63 char limit
#- truenas/core-iscsi.yaml
- truenas/core/12.0/core-iscsi.yaml
- truenas/core/12.0/core-nfs.yaml
# 80 char limit
#- truenas/core-smb.yaml
- truenas/core/12.0/core-smb.yaml
runs-on:
- self-hosted
- csi-sanity-zfs-local
@ -137,7 +137,7 @@ jobs:
- truenas/core/13.0/core-iscsi.yaml
- truenas/core/13.0/core-nfs.yaml
# 80 char limit
#- truenas/core-smb.yaml
- truenas/core/13.0/core-smb.yaml
runs-on:
- self-hosted
- csi-sanity-zfs-local

7
ci/configs/truenas/core/12.0/core-iscsi.yaml
View File

@ -35,3 +35,10 @@ iscsi:
targetGroupAuthGroup:
# 0-100 (0 == ignore)
extentAvailThreshold: 0
# overcome the 63 char limit for testing purposes only
_private:
csi:
volume:
idHash:
strategy: crc16

2
ci/configs/truenas/core/12.0/core-nfs.yaml
View File

@ -19,7 +19,7 @@ zfs:
detachedSnapshotsDatasetParentName: tank/ci/${CI_BUILD_KEY}/s
datasetEnableQuotas: true
datasetEnableReservation: true
datasetEnableReservation: false
datasetPermissionsMode: "0777"
datasetPermissionsUser: 0
datasetPermissionsGroup: 0

28
ci/configs/truenas/core/12.0/core-smb.yaml
View File

@ -17,28 +17,24 @@ sshConnection:
zfs:
datasetProperties:
# smb options
#aclmode: restricted
#casesensitivity: mixed
aclmode: restricted
aclinherit: passthrough
acltype: nfsv4
casesensitivity: insensitive
datasetParentName: tank/ci/${CI_BUILD_KEY}/v
detachedSnapshotsDatasetParentName: tank/ci/${CI_BUILD_KEY}/s
datasetEnableQuotas: true
datasetEnableReservation: true
datasetPermissionsMode: "0777"
datasetPermissionsUser: 0
datasetPermissionsGroup: 0
datasetEnableReservation: false
datasetPermissionsMode: "0770"
datasetPermissionsUser: 1001
datasetPermissionsGroup: 1001
# for smb with guest
#datasetPermissionsUser: nobody
#datasetPermissionsGroup: nobody
#datasetPermissionsGroup: root
#datasetPermissionsAcls:
#- "-m everyone@:full_set:allow"
#datasetPermissionsAcls:
#- "-m u:kube:full_set:allow"
datasetPermissionsAcls:
- "-m g:builtin_users:full_set:fd:allow"
- "-m group@:modify_set:fd:allow"
- "-m owner@:full_set:fd:allow"
smb:
shareHost: ${TRUENAS_HOST}

2
ci/configs/truenas/core/13.0/core-nfs.yaml
View File

@ -19,7 +19,7 @@ zfs:
detachedSnapshotsDatasetParentName: tank/ci/${CI_BUILD_KEY}/s
datasetEnableQuotas: true
datasetEnableReservation: true
datasetEnableReservation: false
datasetPermissionsMode: "0777"
datasetPermissionsUser: 0
datasetPermissionsGroup: 0

40
ci/configs/truenas/core/13.0/core-smb.yaml
View File

@ -17,28 +17,24 @@ sshConnection:
zfs:
datasetProperties:
# smb options
#aclmode: restricted
#casesensitivity: mixed
aclmode: restricted
aclinherit: passthrough
acltype: nfsv4
casesensitivity: insensitive
datasetParentName: tank/ci/${CI_BUILD_KEY}/v
detachedSnapshotsDatasetParentName: tank/ci/${CI_BUILD_KEY}/s
datasetEnableQuotas: true
datasetEnableReservation: true
datasetPermissionsMode: "0777"
datasetPermissionsUser: 0
datasetPermissionsGroup: 0
datasetEnableReservation: false
datasetPermissionsMode: "0770"
datasetPermissionsUser: 1001
datasetPermissionsGroup: 1001
# for smb with guest
#datasetPermissionsUser: nobody
#datasetPermissionsGroup: nobody
#datasetPermissionsGroup: root
#datasetPermissionsAcls:
#- "-m everyone@:full_set:allow"
#datasetPermissionsAcls:
#- "-m u:kube:full_set:allow"
datasetPermissionsAcls:
- "-m g:builtin_users:full_set:fd:allow"
- "-m group@:modify_set:fd:allow"
- "-m owner@:full_set:fd:allow"
smb:
shareHost: ${TRUENAS_HOST}
@ -52,7 +48,7 @@ smb:
shareAllowedHosts: []
shareDeniedHosts: []
#shareDefaultPermissions: true
shareGuestOk: true
shareGuestOk: false
#shareGuestOnly: true
#shareShowHiddenFiles: true
shareRecycleBin: true
@ -60,3 +56,13 @@ smb:
shareAccessBasedEnumeration: true
shareTimeMachine: false
#shareStorageTask:
node:
mount:
mount_flags: "username=smbroot,password=smbroot"
_private:
csi:
volume:
idHash:
strategy: crc16

2
ci/configs/truenas/scale/22.02/scale-nfs.yaml
View File

@ -13,7 +13,7 @@ zfs:
detachedSnapshotsDatasetParentName: tank/ci/${CI_BUILD_KEY}/s
datasetEnableQuotas: true
datasetEnableReservation: true
datasetEnableReservation: false
datasetPermissionsMode: "0777"
datasetPermissionsUser: 0
datasetPermissionsGroup: 0

36
ci/configs/truenas/scale/22.02/scale-smb.yaml
View File

@ -9,30 +9,14 @@ httpConnection:
password: ${TRUENAS_PASSWORD}
zfs:
datasetProperties:
# smb options
#aclmode: restricted
#casesensitivity: mixed
datasetParentName: tank/ci/${CI_BUILD_KEY}/v
detachedSnapshotsDatasetParentName: tank/ci/${CI_BUILD_KEY}/s
datasetEnableQuotas: true
datasetEnableReservation: true
datasetPermissionsMode: "0777"
datasetPermissionsUser: 0
datasetPermissionsGroup: 0
# for smb with guest
#datasetPermissionsUser: nobody
#datasetPermissionsGroup: nobody
#datasetPermissionsGroup: root
#datasetPermissionsAcls:
#- "-m everyone@:full_set:allow"
#datasetPermissionsAcls:
#- "-m u:kube:full_set:allow"
datasetEnableReservation: false
datasetPermissionsMode: "0770"
datasetPermissionsUser: 1001
datasetPermissionsGroup: 1001
smb:
shareHost: ${TRUENAS_HOST}
@ -46,7 +30,7 @@ smb:
shareAllowedHosts: []
shareDeniedHosts: []
#shareDefaultPermissions: true
shareGuestOk: true
shareGuestOk: false
#shareGuestOnly: true
#shareShowHiddenFiles: true
shareRecycleBin: true
@ -54,3 +38,13 @@ smb:
shareAccessBasedEnumeration: true
shareTimeMachine: false
#shareStorageTask:
node:
mount:
mount_flags: "username=smbroot,password=smbroot"
_private:
csi:
volume:
idHash:
strategy: crc16

2
docker/mount
View File

@ -20,10 +20,12 @@ container_supported_filesystems=(
while getopts "t:" opt; do
case "$opt" in
t)
if [[ "x${USE_HOST_MOUNT_TOOLS}" == "x" ]]; then
[[ "${OPTARG,,}" == "zfs" ]] && USE_HOST_MOUNT_TOOLS=1
[[ "${OPTARG,,}" == "lustre" ]] && USE_HOST_MOUNT_TOOLS=1
[[ "${OPTARG,,}" == "onedata" ]] && USE_HOST_MOUNT_TOOLS=1
#(printf '%s\0' "${container_supported_filesystems[@]}" | grep -Fqxz -- "${OPTARG}") || USE_HOST_MOUNT_TOOLS=1
fi
;;
esac
done

2
docker/umount
View File

@ -20,10 +20,12 @@ container_supported_filesystems=(
while getopts "t:" opt; do
case "$opt" in
t)
if [[ "x${USE_HOST_MOUNT_TOOLS}" == "x" ]]; then
[[ "${OPTARG,,}" == "zfs" ]] && USE_HOST_MOUNT_TOOLS=1
[[ "${OPTARG,,}" == "lustre" ]] && USE_HOST_MOUNT_TOOLS=1
[[ "${OPTARG,,}" == "onedata" ]] && USE_HOST_MOUNT_TOOLS=1
#(printf '%s\0' "${container_supported_filesystems[@]}" | grep -Fqxz -- "${OPTARG}") || USE_HOST_MOUNT_TOOLS=1
fi
;;
esac
done

27
examples/node-common.yaml
View File

@ -30,3 +30,30 @@ node:
# ...
btrfs:
customOptions: []
csiProxy:
# should be left unset in most situation, will be auto-detected
#enabled: true
# connection attributes can be set to grpc endpoint
# ie: hostname:port, or /some/path, or \\.\pipe\foo
# connection and version will use internal defaults and should generally be left unset
services:
filesystem:
#version: v1
#connection:
disk:
#version: v1
#connection:
volume:
#version: v1
#connection:
smb:
#version: v1
#connection:
system:
#version: v1alpha1
#connection:
iscsi:
#version: v1alpha2
#connection: