public_git
/
democratic-csi
mirror of https://github.com/democratic-csi/democratic-csi.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

adding nsenter and ISCSIADM_HOST_STRATEGY variable

This commit is contained in:
5cat 2022-08-06 03:48:56 +08:00
parent cf38cb5d3d
commit c0b8590e1b
2 changed files with 28 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
README.md
View File

@ -158,34 +158,15 @@ upgrade all of the nodes in the cluster to get the extension
talosctl -e <endpoint ip/hostname> -n <node ip/hostname> upgrade --image=ghcr.io/siderolabs/installer:v1.1.1 talosctl -e <endpoint ip/hostname> -n <node ip/hostname> upgrade --image=ghcr.io/siderolabs/installer:v1.1.1
``` ```
since the default [iscsi](https://github.com/democratic-csi/democratic-csi/blob/master/docker/iscsiadm) does not work with talos, this config map is needed to be applied in the same namespace as the democratic-csi installation
```yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: talos-iscsiadm
data:
iscsiadm: |
#!/bin/bash
iscsid_pid=$(for proc in /proc/*/cmdline; do grep -q "iscsid -f" <<< $(cat $proc 2>/dev/null | tr "\0" " ") && echo $(basename $(dirname $proc)) && break; done)
nsenter --mount="/proc/${iscsid_pid}/ns/mnt" --net="/proc/${iscsid_pid}/ns/net" -- /usr/local/sbin/iscsiadm "${@:1}"
```
in your `values.yaml` file make sure to enable these settings in your `values.yaml` file make sure to enable these settings
```yaml ```yaml
node: node:
hostPID: true hostPID: true
extraVolumes:
- name: talos-iscsiadm
configMap:
name: talos-iscsiadm
defaultMode: 0777
driver: driver:
extraVolumeMounts: extraEnv:
- name: talos-iscsiadm - name: ISCSIADM_HOST_STRATEGY
mountPath: /usr/local/sbin/iscsiadm value: nsenter
subPath: iscsiadm
iscsiDirHostPath: /usr/local/etc/iscsi iscsiDirHostPath: /usr/local/etc/iscsi
iscsiDirHostPathCheckDirectory: false iscsiDirHostPathCheckDirectory: false
``` ```

27
docker/iscsiadm
View File

@ -1,5 +1,28 @@
#!/bin/bash #!/bin/bash
# https://engineering.docker.com/2019/07/road-to-containing-iscsi/
chroot /host /usr/bin/env -i PATH="/usr/sbin:/usr/bin:/sbin:/bin" iscsiadm "${@:1}" iscsiadm_host_strategy=$([ $ISCSIADM_HOST_STRATEGY ] && echo $ISCSIADM_HOST_STRATEGY || echo "chroot")
echo "using $iscsiadm_host_strategy strategy"
case $iscsiadm_host_strategy in
chroot)
# https://engineering.docker.com/2019/07/road-to-containing-iscsi/
chroot /host /usr/bin/env -i PATH="/usr/sbin:/usr/bin:/sbin:/bin" iscsiadm "${@:1}"
;;
nsenter)
# https://github.com/siderolabs/extensions/issues/38#issuecomment-1125403043
iscsid_pid=$(for proc in /proc/*/cmdline; do grep -q "iscsid -f" <<< $(cat $proc 2>/dev/null | tr "\0" " ") && echo $(basename $(dirname $proc)) && break; done)
if [ "$iscsid_pid" = "" ]; then
echo "could not find the iscsid process"
exit 1
fi
nsenter --mount="/proc/${iscsid_pid}/ns/mnt" --net="/proc/${iscsid_pid}/ns/net" -- /usr/local/sbin/iscsiadm "${@:1}"
;;
*)
echo "$iscsiadm_host_strategy is not a valid strategy, choose either 'chroot' or 'nsenter'"
exit 1
;;
esac