2023-04-10 15:36:59 +00:00
|
|
|
// Copyright (c) HashiCorp, Inc.
|
|
|
|
// SPDX-License-Identifier: MPL-2.0
|
|
|
|
|
2020-02-21 10:32:10 +00:00
|
|
|
package nomad
|
|
|
|
|
|
|
|
import (
|
2020-03-10 14:22:42 +00:00
|
|
|
"fmt"
|
2020-04-02 20:04:56 +00:00
|
|
|
"math/rand"
|
2020-08-11 14:25:43 +00:00
|
|
|
"strings"
|
2020-02-21 10:32:10 +00:00
|
|
|
"time"
|
|
|
|
|
|
|
|
metrics "github.com/armon/go-metrics"
|
|
|
|
log "github.com/hashicorp/go-hclog"
|
2020-04-02 20:04:56 +00:00
|
|
|
memdb "github.com/hashicorp/go-memdb"
|
2020-02-21 10:32:10 +00:00
|
|
|
cstructs "github.com/hashicorp/nomad/client/structs"
|
2023-01-26 21:40:58 +00:00
|
|
|
"github.com/hashicorp/nomad/nomad/structs"
|
2020-02-21 10:32:10 +00:00
|
|
|
)
|
|
|
|
|
2020-04-02 20:04:56 +00:00
|
|
|
// ClientCSI is used to forward RPC requests to the targed Nomad client's
|
2020-02-21 10:32:10 +00:00
|
|
|
// CSIController endpoint.
|
2020-04-02 20:04:56 +00:00
|
|
|
type ClientCSI struct {
|
2020-02-21 10:32:10 +00:00
|
|
|
srv *Server
|
2023-01-26 21:40:58 +00:00
|
|
|
ctx *RPCContext
|
2020-02-21 10:32:10 +00:00
|
|
|
logger log.Logger
|
|
|
|
}
|
|
|
|
|
2023-01-26 21:40:58 +00:00
|
|
|
func NewClientCSIEndpoint(srv *Server, ctx *RPCContext) *ClientCSI {
|
|
|
|
return &ClientCSI{srv: srv, ctx: ctx, logger: srv.logger.Named("client_csi")}
|
2022-12-01 15:05:15 +00:00
|
|
|
}
|
|
|
|
|
2020-04-02 20:04:56 +00:00
|
|
|
func (a *ClientCSI) ControllerAttachVolume(args *cstructs.ClientCSIControllerAttachVolumeRequest, reply *cstructs.ClientCSIControllerAttachVolumeResponse) error {
|
2020-02-21 10:32:10 +00:00
|
|
|
defer metrics.MeasureSince([]string{"nomad", "client_csi_controller", "attach_volume"}, time.Now())
|
2020-08-06 17:24:24 +00:00
|
|
|
|
2021-03-22 13:43:30 +00:00
|
|
|
err := a.sendCSIControllerRPC(args.PluginID,
|
|
|
|
"CSI.ControllerAttachVolume",
|
|
|
|
"ClientCSI.ControllerAttachVolume",
|
2023-01-26 21:40:58 +00:00
|
|
|
structs.RateMetricWrite,
|
2021-03-22 13:43:30 +00:00
|
|
|
args, reply)
|
2020-02-21 10:32:10 +00:00
|
|
|
if err != nil {
|
2020-08-06 17:24:24 +00:00
|
|
|
return fmt.Errorf("controller attach volume: %v", err)
|
2020-02-21 10:32:10 +00:00
|
|
|
}
|
2021-03-22 13:43:30 +00:00
|
|
|
return nil
|
|
|
|
}
|
2020-02-21 10:32:10 +00:00
|
|
|
|
2021-03-22 13:43:30 +00:00
|
|
|
func (a *ClientCSI) ControllerValidateVolume(args *cstructs.ClientCSIControllerValidateVolumeRequest, reply *cstructs.ClientCSIControllerValidateVolumeResponse) error {
|
|
|
|
defer metrics.MeasureSince([]string{"nomad", "client_csi_controller", "validate_volume"}, time.Now())
|
2020-02-21 10:32:10 +00:00
|
|
|
|
2021-03-22 13:43:30 +00:00
|
|
|
err := a.sendCSIControllerRPC(args.PluginID,
|
|
|
|
"CSI.ControllerValidateVolume",
|
|
|
|
"ClientCSI.ControllerValidateVolume",
|
2023-01-26 21:40:58 +00:00
|
|
|
structs.RateMetricWrite,
|
2021-03-22 13:43:30 +00:00
|
|
|
args, reply)
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("controller validate volume: %v", err)
|
2020-03-10 14:22:42 +00:00
|
|
|
}
|
2021-03-22 13:43:30 +00:00
|
|
|
return nil
|
2020-02-21 10:32:10 +00:00
|
|
|
}
|
|
|
|
|
2021-03-22 13:43:30 +00:00
|
|
|
func (a *ClientCSI) ControllerDetachVolume(args *cstructs.ClientCSIControllerDetachVolumeRequest, reply *cstructs.ClientCSIControllerDetachVolumeResponse) error {
|
|
|
|
defer metrics.MeasureSince([]string{"nomad", "client_csi_controller", "detach_volume"}, time.Now())
|
2020-02-21 10:32:10 +00:00
|
|
|
|
2021-03-22 13:43:30 +00:00
|
|
|
err := a.sendCSIControllerRPC(args.PluginID,
|
|
|
|
"CSI.ControllerDetachVolume",
|
|
|
|
"ClientCSI.ControllerDetachVolume",
|
2023-01-26 21:40:58 +00:00
|
|
|
structs.RateMetricWrite,
|
2021-03-22 13:43:30 +00:00
|
|
|
args, reply)
|
2020-02-21 10:32:10 +00:00
|
|
|
if err != nil {
|
2021-03-22 13:43:30 +00:00
|
|
|
return fmt.Errorf("controller detach volume: %v", err)
|
2020-02-21 10:32:10 +00:00
|
|
|
}
|
2021-03-22 13:43:30 +00:00
|
|
|
return nil
|
|
|
|
}
|
2020-02-21 10:32:10 +00:00
|
|
|
|
2021-03-22 13:43:30 +00:00
|
|
|
func (a *ClientCSI) ControllerCreateVolume(args *cstructs.ClientCSIControllerCreateVolumeRequest, reply *cstructs.ClientCSIControllerCreateVolumeResponse) error {
|
|
|
|
defer metrics.MeasureSince([]string{"nomad", "client_csi_controller", "create_volume"}, time.Now())
|
2020-02-21 10:32:10 +00:00
|
|
|
|
2021-03-22 13:43:30 +00:00
|
|
|
err := a.sendCSIControllerRPC(args.PluginID,
|
|
|
|
"CSI.ControllerCreateVolume",
|
|
|
|
"ClientCSI.ControllerCreateVolume",
|
2023-01-26 21:40:58 +00:00
|
|
|
structs.RateMetricWrite,
|
2021-03-22 13:43:30 +00:00
|
|
|
args, reply)
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("controller create volume: %v", err)
|
2020-03-10 14:22:42 +00:00
|
|
|
}
|
2021-03-22 13:43:30 +00:00
|
|
|
return nil
|
2020-02-21 10:32:10 +00:00
|
|
|
}
|
2020-03-16 19:59:42 +00:00
|
|
|
|
2021-03-22 13:43:30 +00:00
|
|
|
func (a *ClientCSI) ControllerDeleteVolume(args *cstructs.ClientCSIControllerDeleteVolumeRequest, reply *cstructs.ClientCSIControllerDeleteVolumeResponse) error {
|
|
|
|
defer metrics.MeasureSince([]string{"nomad", "client_csi_controller", "delete_volume"}, time.Now())
|
2020-03-16 19:59:42 +00:00
|
|
|
|
2021-03-22 13:43:30 +00:00
|
|
|
err := a.sendCSIControllerRPC(args.PluginID,
|
|
|
|
"CSI.ControllerDeleteVolume",
|
|
|
|
"ClientCSI.ControllerDeleteVolume",
|
2023-01-26 21:40:58 +00:00
|
|
|
structs.RateMetricWrite,
|
2021-03-22 13:43:30 +00:00
|
|
|
args, reply)
|
2020-03-16 19:59:42 +00:00
|
|
|
if err != nil {
|
2021-03-22 13:43:30 +00:00
|
|
|
return fmt.Errorf("controller delete volume: %v", err)
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (a *ClientCSI) ControllerListVolumes(args *cstructs.ClientCSIControllerListVolumesRequest, reply *cstructs.ClientCSIControllerListVolumesResponse) error {
|
|
|
|
defer metrics.MeasureSince([]string{"nomad", "client_csi_controller", "list_volumes"}, time.Now())
|
|
|
|
|
|
|
|
err := a.sendCSIControllerRPC(args.PluginID,
|
|
|
|
"CSI.ControllerListVolumes",
|
|
|
|
"ClientCSI.ControllerListVolumes",
|
2023-01-26 21:40:58 +00:00
|
|
|
structs.RateMetricList,
|
2021-03-22 13:43:30 +00:00
|
|
|
args, reply)
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("controller list volumes: %v", err)
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2021-04-01 15:16:52 +00:00
|
|
|
func (a *ClientCSI) ControllerCreateSnapshot(args *cstructs.ClientCSIControllerCreateSnapshotRequest, reply *cstructs.ClientCSIControllerCreateSnapshotResponse) error {
|
|
|
|
defer metrics.MeasureSince([]string{"nomad", "client_csi_controller", "create_snapshot"}, time.Now())
|
|
|
|
|
|
|
|
err := a.sendCSIControllerRPC(args.PluginID,
|
|
|
|
"CSI.ControllerCreateSnapshot",
|
|
|
|
"ClientCSI.ControllerCreateSnapshot",
|
2023-01-26 21:40:58 +00:00
|
|
|
structs.RateMetricWrite,
|
2021-04-01 15:16:52 +00:00
|
|
|
args, reply)
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("controller create snapshot: %v", err)
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (a *ClientCSI) ControllerDeleteSnapshot(args *cstructs.ClientCSIControllerDeleteSnapshotRequest, reply *cstructs.ClientCSIControllerDeleteSnapshotResponse) error {
|
|
|
|
defer metrics.MeasureSince([]string{"nomad", "client_csi_controller", "delete_snapshot"}, time.Now())
|
|
|
|
|
|
|
|
err := a.sendCSIControllerRPC(args.PluginID,
|
|
|
|
"CSI.ControllerDeleteSnapshot",
|
|
|
|
"ClientCSI.ControllerDeleteSnapshot",
|
2023-01-26 21:40:58 +00:00
|
|
|
structs.RateMetricWrite,
|
2021-04-01 15:16:52 +00:00
|
|
|
args, reply)
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("controller delete snapshot: %v", err)
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (a *ClientCSI) ControllerListSnapshots(args *cstructs.ClientCSIControllerListSnapshotsRequest, reply *cstructs.ClientCSIControllerListSnapshotsResponse) error {
|
|
|
|
defer metrics.MeasureSince([]string{"nomad", "client_csi_controller", "list_snapshots"}, time.Now())
|
|
|
|
|
|
|
|
err := a.sendCSIControllerRPC(args.PluginID,
|
|
|
|
"CSI.ControllerListSnapshots",
|
|
|
|
"ClientCSI.ControllerListSnapshots",
|
2023-01-26 21:40:58 +00:00
|
|
|
structs.RateMetricList,
|
2021-04-01 15:16:52 +00:00
|
|
|
args, reply)
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("controller list snapshots: %v", err)
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2023-01-26 21:40:58 +00:00
|
|
|
func (a *ClientCSI) sendCSIControllerRPC(pluginID, method, fwdMethod, op string, args cstructs.CSIControllerRequest, reply interface{}) error {
|
|
|
|
|
|
|
|
// client requests aren't RequestWithIdentity, so we use a placeholder here
|
|
|
|
// to populate the identity data for metrics
|
|
|
|
identityReq := &structs.GenericRequest{}
|
|
|
|
authErr := a.srv.Authenticate(a.ctx, identityReq)
|
|
|
|
a.srv.MeasureRPCRate("client_csi", op, identityReq)
|
|
|
|
|
|
|
|
// only servers can send these client RPCs
|
|
|
|
err := validateTLSCertificateLevel(a.srv, a.ctx, tlsCertificateLevelServer)
|
|
|
|
if authErr != nil || err != nil {
|
|
|
|
return structs.ErrPermissionDenied
|
|
|
|
}
|
2021-03-22 13:43:30 +00:00
|
|
|
|
|
|
|
clientIDs, err := a.clientIDsForController(pluginID)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
2020-03-16 19:59:42 +00:00
|
|
|
}
|
|
|
|
|
2020-08-06 17:24:24 +00:00
|
|
|
for _, clientID := range clientIDs {
|
2021-03-22 13:43:30 +00:00
|
|
|
args.SetControllerNodeID(clientID)
|
|
|
|
|
2020-08-06 17:24:24 +00:00
|
|
|
state, ok := a.srv.getNodeConn(clientID)
|
|
|
|
if !ok {
|
|
|
|
return findNodeConnAndForward(a.srv,
|
2021-03-22 13:43:30 +00:00
|
|
|
clientID, fwdMethod, args, reply)
|
2020-08-06 17:24:24 +00:00
|
|
|
}
|
2020-03-16 19:59:42 +00:00
|
|
|
|
2021-03-22 13:43:30 +00:00
|
|
|
err = NodeRpc(state.Session, method, args, reply)
|
2020-08-06 17:24:24 +00:00
|
|
|
if err == nil {
|
|
|
|
return nil
|
|
|
|
}
|
2020-08-11 13:13:52 +00:00
|
|
|
if a.isRetryable(err) {
|
2020-08-11 14:25:43 +00:00
|
|
|
a.logger.Debug("failed to reach controller on client",
|
2022-09-01 13:06:10 +00:00
|
|
|
"nodeID", clientID, "error", err)
|
2020-08-06 17:24:24 +00:00
|
|
|
continue
|
|
|
|
}
|
2021-03-22 13:43:30 +00:00
|
|
|
return err
|
2020-03-16 19:59:42 +00:00
|
|
|
}
|
2021-03-22 13:43:30 +00:00
|
|
|
return err
|
2020-08-06 17:24:24 +00:00
|
|
|
}
|
2020-03-16 19:59:42 +00:00
|
|
|
|
2020-08-06 17:24:24 +00:00
|
|
|
// we can retry the same RPC on a different controller in the cases where the
|
|
|
|
// client has stopped and been GC'd, or where the controller has stopped but
|
|
|
|
// we don't have the fingerprint update yet
|
2020-08-11 13:13:52 +00:00
|
|
|
func (a *ClientCSI) isRetryable(err error) bool {
|
2020-08-11 14:25:43 +00:00
|
|
|
// TODO: msgpack-rpc mangles the error so we lose the wrapping,
|
|
|
|
// but if that can be fixed upstream we should use that here instead
|
|
|
|
return strings.Contains(err.Error(), "CSI client error (retryable)") ||
|
|
|
|
strings.Contains(err.Error(), "Unknown node")
|
2020-03-16 19:59:42 +00:00
|
|
|
}
|
2020-04-02 20:04:56 +00:00
|
|
|
|
|
|
|
func (a *ClientCSI) NodeDetachVolume(args *cstructs.ClientCSINodeDetachVolumeRequest, reply *cstructs.ClientCSINodeDetachVolumeResponse) error {
|
|
|
|
defer metrics.MeasureSince([]string{"nomad", "client_csi_node", "detach_volume"}, time.Now())
|
|
|
|
|
2023-01-26 21:40:58 +00:00
|
|
|
// client requests aren't RequestWithIdentity, so we use a placeholder here
|
|
|
|
// to populate the identity data for metrics
|
|
|
|
identityReq := &structs.GenericRequest{}
|
|
|
|
authErr := a.srv.Authenticate(a.ctx, identityReq)
|
|
|
|
a.srv.MeasureRPCRate("client_csi", structs.RateMetricWrite, identityReq)
|
|
|
|
|
|
|
|
// only servers can send these client RPCs
|
|
|
|
err := validateTLSCertificateLevel(a.srv, a.ctx, tlsCertificateLevelServer)
|
|
|
|
if authErr != nil || err != nil {
|
|
|
|
return structs.ErrPermissionDenied
|
|
|
|
}
|
|
|
|
|
2020-04-02 20:04:56 +00:00
|
|
|
// Make sure Node is valid and new enough to support RPC
|
|
|
|
snap, err := a.srv.State().Snapshot()
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
_, err = getNodeForRpc(snap, args.NodeID)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
// Get the connection to the client
|
|
|
|
state, ok := a.srv.getNodeConn(args.NodeID)
|
|
|
|
if !ok {
|
|
|
|
return findNodeConnAndForward(a.srv, args.NodeID, "ClientCSI.NodeDetachVolume", args, reply)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Make the RPC
|
|
|
|
err = NodeRpc(state.Session, "CSI.NodeDetachVolume", args, reply)
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("node detach volume: %v", err)
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
|
|
|
|
}
|
|
|
|
|
2020-08-06 17:24:24 +00:00
|
|
|
// clientIDsForController returns a shuffled list of client IDs where the
|
|
|
|
// controller plugin is expected to be running.
|
|
|
|
func (a *ClientCSI) clientIDsForController(pluginID string) ([]string, error) {
|
2020-04-10 20:47:21 +00:00
|
|
|
|
|
|
|
snap, err := a.srv.State().Snapshot()
|
|
|
|
if err != nil {
|
2020-08-06 17:24:24 +00:00
|
|
|
return nil, err
|
2020-04-10 20:47:21 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if pluginID == "" {
|
2020-08-06 17:24:24 +00:00
|
|
|
return nil, fmt.Errorf("missing plugin ID")
|
2020-04-10 20:47:21 +00:00
|
|
|
}
|
2020-05-10 01:35:42 +00:00
|
|
|
|
2020-04-10 20:47:21 +00:00
|
|
|
ws := memdb.NewWatchSet()
|
|
|
|
|
|
|
|
// note: plugin IDs are not scoped to region/DC but volumes are.
|
|
|
|
// so any node we get for a controller is already in the same
|
|
|
|
// region/DC for the volume.
|
|
|
|
plugin, err := snap.CSIPluginByID(ws, pluginID)
|
|
|
|
if err != nil {
|
2020-08-06 17:24:24 +00:00
|
|
|
return nil, fmt.Errorf("error getting plugin: %s, %v", pluginID, err)
|
2020-04-10 20:47:21 +00:00
|
|
|
}
|
|
|
|
if plugin == nil {
|
2020-08-06 17:24:24 +00:00
|
|
|
return nil, fmt.Errorf("plugin missing: %s", pluginID)
|
2020-04-02 20:04:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// iterating maps is "random" but unspecified and isn't particularly
|
|
|
|
// random with small maps, so not well-suited for load balancing.
|
|
|
|
// so we shuffle the keys and iterate over them.
|
2020-08-06 17:24:24 +00:00
|
|
|
clientIDs := []string{}
|
2020-04-02 20:04:56 +00:00
|
|
|
|
2020-08-06 17:24:24 +00:00
|
|
|
for clientID, controller := range plugin.Controllers {
|
2020-04-02 20:04:56 +00:00
|
|
|
if !controller.IsController() {
|
|
|
|
// we don't have separate types for CSIInfo depending on
|
|
|
|
// whether it's a controller or node. this error shouldn't
|
|
|
|
// make it to production but is to aid developers during
|
|
|
|
// development
|
|
|
|
continue
|
|
|
|
}
|
2020-08-06 17:24:24 +00:00
|
|
|
node, err := getNodeForRpc(snap, clientID)
|
|
|
|
if err == nil && node != nil && node.Ready() {
|
|
|
|
clientIDs = append(clientIDs, clientID)
|
2020-04-02 20:04:56 +00:00
|
|
|
}
|
|
|
|
}
|
2020-08-06 17:24:24 +00:00
|
|
|
if len(clientIDs) == 0 {
|
|
|
|
return nil, fmt.Errorf("failed to find clients running controller plugin %q", pluginID)
|
|
|
|
}
|
|
|
|
|
|
|
|
rand.Shuffle(len(clientIDs), func(i, j int) {
|
|
|
|
clientIDs[i], clientIDs[j] = clientIDs[j], clientIDs[i]
|
|
|
|
})
|
2020-04-02 20:04:56 +00:00
|
|
|
|
2020-08-06 17:24:24 +00:00
|
|
|
return clientIDs, nil
|
2020-04-02 20:04:56 +00:00
|
|
|
}
|