Add deployment artifacts for iscsi csi driver on linux

- Get rid of Multipath field from the Connector build

As we have done refactoring of iscsi lib to have a multipath
logic from it, while builing the connector we dont need multipath
formation from the buildSCSIConnector anymore. This commit get rid
of the same and leave the logic to the iscsi lib.

- Add lun information to the connector builder

Signed-off-by: Humble Chirammal <[email protected]>

Dockerfile

@@ -12,13 +12,13 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-FROM centos:7.4.1708
+FROM ubuntu
 
 # Copy iscsiplugin.sh
 COPY iscsiplugin.sh /iscsiplugin.sh
 # Copy iscsiplugin from build _output directory
-COPY bin/iscsiplugin /iscsiplugin
+COPY ./bin/iscsiplugin /iscsiplugin
 
-RUN yum -y install iscsi-initiator-utils e2fsprogs xfsprogs && yum clean all
+#RUN yum -y install coreutils e2fsprogs xfsprogs && yum clean all
 
-ENTRYPOINT ["/iscsiplugin.sh"]
+ENTRYPOINT ["sh", "/iscsiplugin.sh"]

cmd/iscsiplugin/main.go

@@ -41,7 +41,7 @@ func main() {
 	flag.CommandLine.Parse([]string{})
 
 	cmd := &cobra.Command{
-		Use:   "ISCSI",
+		Use:   "iscsi.csi.k8s.io",
 		Short: "CSI based ISCSI driver",
 		Run: func(cmd *cobra.Command, args []string) {
 			handle()

deploy/csi-iscsi-driverinfo.yaml

@@ -0,0 +1,9 @@
+---
+apiVersion: storage.k8s.io/v1
+kind: CSIDriver
+metadata:
+  name: iscsi.csi.k8s.io
+spec:
+  attachRequired: false
+  volumeLifecycleModes:
+    - Persistent

deploy/csi-iscsi-node.yaml

@@ -0,0 +1,153 @@
+---
+# This YAML file contains driver-registrar & csi driver nodeplugin API objects
+# that are necessary to run CSI nodeplugin for iscsi
+kind: DaemonSet
+apiVersion: apps/v1
+metadata:
+  name: csi-iscsi-node
+spec:
+  selector:
+    matchLabels:
+      app: csi-iscsi-node
+  template:
+    metadata:
+      labels:
+        app: csi-iscsi-node
+    spec:
+      hostNetwork: true  # original iscsi connection would be broken without hostNetwork setting
+      dnsPolicy: ClusterFirstWithHostNet
+      nodeSelector:
+        kubernetes.io/os: linux
+      containers:
+        - name: liveness-probe
+          image: k8s.gcr.io/sig-storage/livenessprobe:v2.1.0
+          args:
+            - --csi-address=/csi/csi.sock
+            - --probe-timeout=3s
+            - --health-port=29653
+            - --v=2
+          volumeMounts:
+            - name: socket-dir
+              mountPath: /csi
+          resources:
+            limits:
+              cpu: 100m
+              memory: 100Mi
+            requests:
+              cpu: 10m
+              memory: 20Mi
+        - name: node-driver-registrar
+          # This is necessary only for systems with SELinux, where
+          # non-privileged sidecar containers cannot access unix domain socket
+          # created by privileged CSI driver container.
+          securityContext:
+            privileged: true
+          image: k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.1.0
+          args:
+            - --v=2
+            - --csi-address=/csi/csi.sock
+            - --kubelet-registration-path=/var/lib/kubelet/plugins/iscsi.csi.k8s.io/csi.sock
+          env:
+            - name: KUBE_NODE_NAME
+              valueFrom:
+                fieldRef:
+                  fieldPath: spec.nodeName
+          volumeMounts:
+            - name: socket-dir
+              mountPath: /csi
+            - name: registration-dir
+              mountPath: /registration
+        - name: iscsi
+          securityContext:
+            privileged: true
+            capabilities:
+              add: ["SYS_ADMIN"]
+            allowPrivilegeEscalation: true
+          image: quay.io/humble/csi-iscsi:test
+          args:
+            - "-v=5"
+            - "--nodeid=$(NODE_ID)"
+            - "--endpoint=$(CSI_ENDPOINT)"
+          env:
+            - name: NODE_ID
+              valueFrom:
+                fieldRef:
+                  fieldPath: spec.nodeName
+            - name: CSI_ENDPOINT
+              value: unix:///csi/csi.sock
+          ports:
+            - containerPort: 29653
+              name: healthz
+              protocol: TCP
+          livenessProbe:
+            failureThreshold: 5
+            httpGet:
+              path: /healthz
+              port: healthz
+            initialDelaySeconds: 30
+            timeoutSeconds: 10
+            periodSeconds: 30
+          imagePullPolicy: "IfNotPresent"
+          volumeMounts:
+            - name: socket-dir
+              mountPath: /csi
+            - name: pods-mount-dir
+              mountPath: /var/lib/kubelet/pods
+              mountPropagation: "Bidirectional"
+            - name: host-dev
+              mountPath: /dev
+            - name: host-root
+              mountPath: /host
+              mountPropagation: "HostToContainer"
+            - name: chroot-iscsiadm
+              mountPath: /sbin/iscsiadm
+              subPath: iscsiadm
+            - name: iscsi-csi-run-dir
+              mountPath: /var/run/iscsi.csi.k8s.io
+      volumes:
+        - name: socket-dir
+          hostPath:
+            path: /var/lib/kubelet/plugins/iscsi.csi.k8s.io
+            type: DirectoryOrCreate
+        - name: pods-mount-dir
+          hostPath:
+            path: /var/lib/kubelet/pods
+            type: Directory
+        - name: registration-dir
+          hostPath:
+            path: /var/lib/kubelet/plugins_registry
+            type: Directory
+        - name: host-dev
+          hostPath:
+            path: /dev
+        - name: host-root
+          hostPath:
+            path: /
+            type: Directory
+        - name: chroot-iscsiadm
+          configMap:
+            defaultMode: 0555
+            name: configmap-csi-iscsiadm
+        - name: iscsi-csi-run-dir
+          hostPath:
+            path: /var/run/iscsi.csi.k8s.io
+---
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: configmap-csi-iscsiadm
+data:
+  iscsiadm: |
+    #!/bin/sh
+    if [ -x /host/sbin/iscsiadm ]; then
+      chroot /host /sbin/iscsiadm "$@"
+    elif [ -x /host/usr/local/sbin/iscsiadm ]; then
+      chroot /host /usr/local/sbin/iscsiadm "$@"
+    elif [ -x /host/bin/iscsiadm ]; then
+      chroot /host /bin/iscsiadm "$@"
+    elif [ -x /host/usr/local/bin/iscsiadm ]; then
+      chroot /host /usr/local/bin/iscsiadm "$@"
+    else
+      chroot /host iscsiadm "$@"
+    fi
+---

deploy/install-driver.sh

@@ -0,0 +1,39 @@
+#!/bin/bash
+
+# Copyright 2021 The Kubernetes Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -euo pipefail
+
+ver="master"
+if [[ "$#" -gt 0 ]]; then
+  ver="$1"
+fi
+
+repo="https://raw.githubusercontent.com/kubernetes-csi/csi-driver-iscsi/$ver/deploy"
+if [[ "$#" -gt 1 ]]; then
+  if [[ "$2" == *"local"* ]]; then
+    echo "use local deploy"
+    repo="./deploy"
+  fi
+fi
+
+if [ $ver != "master" ]; then
+  repo="$repo/$ver"
+fi
+
+echo "Installing iscsi.csi.k8s.io CSI driver, version: $ver ..."
+kubectl apply -f $repo/csi-iscsi-driverinfo.yaml
+kubectl apply -f $repo/csi-iscsi-node.yaml
+echo 'iscsi.csi.k8s.io CSI driver installed successfully.'

examples/kubernetes/pv.yaml

@@ -12,12 +12,12 @@ spec:
   capacity:
     storage: 1Gi
   csi:
-    driver: ISCSI
+    driver: iscsi.csi.k8s.io
     volumeHandle: iscsi-data-id
     volumeAttributes:
-      targetPortal: "192.168.122.145:3260"
+      targetPortal: "192.168.0.107:3260"
       portals: "[]"
-      iqn: "iqn.2003-01.org.linux-iscsi.example:targeted"
+      iqn: "iqn.2015-06.com.example.test:target1"
       lun: "0"
       iscsiInterface: "default"
       discoveryCHAPAuth: "false"

pkg/iscsi/driver.go

@@ -17,8 +17,10 @@ limitations under the License.
 package iscsi
 
 import (
+	"fmt"
 	"github.com/container-storage-interface/spec/lib/go/csi"
 	"k8s.io/klog/v2"
+	"os"
 )
 
 type driver struct {
@@ -35,11 +37,11 @@ type driver struct {
 }
 
 const (
-	driverName = "ISCSI"
+	driverName = "iscsi.csi.k8s.io"
 )
 
 var (
-	version = "1.0.0-rc2"
+	version = "1.0.0"
 )
 
 func NewDriver(nodeID, endpoint string) *driver {
@@ -52,6 +54,9 @@ func NewDriver(nodeID, endpoint string) *driver {
 		endpoint: endpoint,
 	}
 
+	if err := os.MkdirAll(fmt.Sprintf("/var/run/%s", driverName), 0755); err != nil {
+		panic(err)
+	}
 	d.AddVolumeCapabilityAccessModes([]csi.VolumeCapability_AccessMode_Mode{csi.VolumeCapability_AccessMode_SINGLE_NODE_WRITER})
 	// iSCSI plugin does not support ControllerServiceCapability now.
 	// If support is added, it should set to appropriate

pkg/iscsi/iscsi.go

@@ -83,8 +83,7 @@ func getISCSIInfo(req *csi.NodePublishVolumeRequest) (*iscsiDisk, error) {
 		}
 		lunVal = int32(l)
 	}
-
-	return &iscsiDisk{
+	iscsiDisk := &iscsiDisk{
 		VolName:         volName,
 		Portals:         bkportal,
 		Iqn:             iqn,
@@ -95,15 +94,20 @@ func getISCSIInfo(req *csi.NodePublishVolumeRequest) (*iscsiDisk, error) {
 		secret:          secret,
 		sessionSecret:   sessionSecret,
 		discoverySecret: discoverySecret,
-		InitiatorName:   initiatorName}, nil
+		InitiatorName:   initiatorName}
+
+	return iscsiDisk, nil
 }
 
 func buildISCSIConnector(iscsiInfo *iscsiDisk) *iscsiLib.Connector {
+	if iscsiInfo == nil || iscsiInfo.VolName == "" || iscsiInfo.Iqn == "" || len(iscsiInfo.Portals) == 0 {
+		return nil
+	}
 	c := iscsiLib.Connector{
 		VolumeName:    iscsiInfo.VolName,
 		TargetIqn:     iscsiInfo.Iqn,
 		TargetPortals: iscsiInfo.Portals,
-		Multipath:     len(iscsiInfo.Portals) > 1,
+		Lun:           iscsiInfo.lun,
 	}
 
 	if iscsiInfo.sessionSecret != (iscsiLib.Secrets{}) {
@@ -121,7 +125,7 @@ func getISCSIDiskMounter(iscsiInfo *iscsiDisk, req *csi.NodePublishVolumeRequest
 	fsType := req.GetVolumeCapability().GetMount().GetFsType()
 	mountOptions := req.GetVolumeCapability().GetMount().GetMountFlags()
 
-	return &iscsiDiskMounter{
+	diskMounter := &iscsiDiskMounter{
 		iscsiDisk:    iscsiInfo,
 		fsType:       fsType,
 		readOnly:     readOnly,
@@ -132,6 +136,7 @@ func getISCSIDiskMounter(iscsiInfo *iscsiDisk, req *csi.NodePublishVolumeRequest
 		deviceUtil:   util.NewDeviceHandler(util.NewIOHandler()),
 		connector:    buildISCSIConnector(iscsiInfo),
 	}
+	return diskMounter
 }
 
 func getISCSIDiskUnmounter(req *csi.NodeUnpublishVolumeRequest) *iscsiDiskUnmounter {