Skip to content

Commit

Permalink
Merge pull request #714 from andyzhangx/kerberos-dir-fix
Browse files Browse the repository at this point in the history
fix: krb5CacheDirectory mount path issue
  • Loading branch information
andyzhangx authored Dec 18, 2023
2 parents ea24799 + 07808e4 commit c3b9e57
Show file tree
Hide file tree
Showing 6 changed files with 41 additions and 21 deletions.
4 changes: 2 additions & 2 deletions charts/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -102,8 +102,8 @@ The following table lists the configurable parameters of the latest SMB CSI Driv
| `linux.dsName` | name of driver daemonset on linux | `csi-smb-node` |
| `linux.dnsPolicy` | dnsPolicy of driver node daemonset, available values: `Default`, `ClusterFirstWithHostNet`, `ClusterFirst` | `ClusterFirstWithHostNet` |
| `linux.kubelet` | configure kubelet directory path on Linux agent node node | `/var/lib/kubelet` |
| `linux.krb5CacheDirectory` | directory for kerberos cache on Linux agent node node | `/var/lib/kubelet/kerberos/` |
| `linux.krb5Prefix` | prefix for kerberos cache on Linux agent node node | `krb5cc_` |
| `linux.krb5CacheDirectory` | directory for kerberos cache on Linux agent node node, empty string means default | `/var/lib/kubelet/kerberos/` |
| `linux.krb5Prefix` | prefix for kerberos cache on Linux agent node node, empty string means default | `krb5cc_` |
| `linux.resources.livenessProbe.limits.memory` | liveness-probe memory limits | `100Mi` |
| `linux.resources.livenessProbe.requests.cpu` | liveness-probe cpu requests limits | `10m` |
| `linux.resources.livenessProbe.requests.memory` | liveness-probe memory requests limits | `20Mi` |
Expand Down
Binary file modified charts/latest/csi-driver-smb-v0.0.0.tgz
Binary file not shown.
11 changes: 11 additions & 0 deletions charts/latest/csi-driver-smb/templates/csi-smb-node.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -139,6 +139,11 @@ spec:
- mountPath: /var/lib/kubelet/
mountPropagation: Bidirectional
name: mountpoint-dir
{{- if ne .Values.linux.krb5CacheDirectory "" }}
- mountPath: {{ .Values.linux.krb5CacheDirectory }}
mountPropagation: Bidirectional
name: krb5Cache-dir
{{- end }}
resources: {{- toYaml .Values.linux.resources.smb | nindent 12 }}
volumes:
- hostPath:
Expand All @@ -153,4 +158,10 @@ spec:
path: {{ .Values.linux.kubelet }}/plugins_registry/
type: DirectoryOrCreate
name: registration-dir
{{- if ne .Values.linux.krb5CacheDirectory "" }}
- hostPath:
path: {{ .Values.linux.krb5CacheDirectory }}
type: DirectoryOrCreate
name: krb5Cache-dir
{{- end }}
{{- end -}}
4 changes: 2 additions & 2 deletions charts/latest/csi-driver-smb/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -92,8 +92,8 @@ linux:
dsName: csi-smb-node # daemonset name
dnsPolicy: ClusterFirstWithHostNet # available values: Default, ClusterFirstWithHostNet, ClusterFirst
kubelet: /var/lib/kubelet
krb5CacheDirectory: /var/lib/kubelet/kerberos/ # directory for kerberos credential cache
krb5Prefix: "krb5cc_" # prefix for kerberos credential cache
krb5CacheDirectory: "" # directory for kerberos credential cache, empty string means default(/var/lib/kubelet/kerberos/)
krb5Prefix: "" # prefix for kerberos credential cache, empty string means default(krb5cc_)
tolerations:
- operator: "Exists"
resources:
Expand Down
4 changes: 2 additions & 2 deletions cmd/smbplugin/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -45,8 +45,8 @@ var (
removeSMBMappingDuringUnmount = flag.Bool("remove-smb-mapping-during-unmount", true, "remove SMBMapping during unmount on Windows node")
workingMountDir = flag.String("working-mount-dir", "/tmp", "working directory for provisioner to mount smb shares temporarily")
volStatsCacheExpireInMinutes = flag.Int("vol-stats-cache-expire-in-minutes", 10, "The cache expire time in minutes for volume stats cache")
krb5CacheDirectory = flag.String("krb5-cache-directory", "/var/lib/kubelet/kerberos/", "The directory for kerberos cache")
krb5Prefix = flag.String("krb5-prefix", "krb5cc_", "The prefix for kerberos cache")
krb5CacheDirectory = flag.String("krb5-cache-directory", smb.DefaultKrb5CacheDirectory, "The directory for kerberos cache")
krb5Prefix = flag.String("krb5-prefix", smb.DefaultKrb5CCName, "The prefix for kerberos cache")
)

func main() {
Expand Down
39 changes: 24 additions & 15 deletions pkg/smb/smb.go
Original file line number Diff line number Diff line change
Expand Up @@ -32,20 +32,22 @@ import (
)

const (
DefaultDriverName = "smb.csi.k8s.io"
usernameField = "username"
passwordField = "password"
sourceField = "source"
subDirField = "subdir"
domainField = "domain"
mountOptionsField = "mountoptions"
defaultDomainName = "AZURE"
pvcNameKey = "csi.storage.k8s.io/pvc/name"
pvcNamespaceKey = "csi.storage.k8s.io/pvc/namespace"
pvNameKey = "csi.storage.k8s.io/pv/name"
pvcNameMetadata = "${pvc.metadata.name}"
pvcNamespaceMetadata = "${pvc.metadata.namespace}"
pvNameMetadata = "${pv.metadata.name}"
DefaultDriverName = "smb.csi.k8s.io"
usernameField = "username"
passwordField = "password"
sourceField = "source"
subDirField = "subdir"
domainField = "domain"
mountOptionsField = "mountoptions"
defaultDomainName = "AZURE"
pvcNameKey = "csi.storage.k8s.io/pvc/name"
pvcNamespaceKey = "csi.storage.k8s.io/pvc/namespace"
pvNameKey = "csi.storage.k8s.io/pv/name"
pvcNameMetadata = "${pvc.metadata.name}"
pvcNamespaceMetadata = "${pvc.metadata.namespace}"
pvNameMetadata = "${pv.metadata.name}"
DefaultKrb5CCName = "krb5cc_"
DefaultKrb5CacheDirectory = "/var/lib/kubelet/kerberos/"
)

// DriverOptions defines driver parameters specified in driver deployment
Expand Down Expand Up @@ -88,9 +90,16 @@ func NewDriver(options *DriverOptions) *Driver {
driver.enableGetVolumeStats = options.EnableGetVolumeStats
driver.removeSMBMappingDuringUnmount = options.RemoveSMBMappingDuringUnmount
driver.workingMountDir = options.WorkingMountDir
driver.volumeLocks = newVolumeLocks()

driver.krb5CacheDirectory = options.Krb5CacheDirectory
if driver.krb5CacheDirectory == "" {
driver.krb5CacheDirectory = DefaultKrb5CacheDirectory
}
driver.krb5Prefix = options.Krb5Prefix
driver.volumeLocks = newVolumeLocks()
if driver.krb5Prefix == "" {
driver.krb5Prefix = DefaultKrb5CCName
}

if options.VolStatsCacheExpireInMinutes <= 0 {
options.VolStatsCacheExpireInMinutes = 10 // default expire in 10 minutes
Expand Down

0 comments on commit c3b9e57

Please sign in to comment.