Skip to content

Commit 1e4d46e

Browse files
andyzhangxandyzhangx
authored
Merge pull request #1740 from k8s-infra-cherrypick-robot/cherry-pick-1739-to-release-1.25
[release-1.25] feat: match source account as first priority in volume restore
2 parents 3345886 + bbf2665 commit 1e4d46e

File tree

1 file changed

+22
-13
lines changed

1 file changed

+22
-13
lines changed

pkg/blob/controllerserver.go

Lines changed: 22 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -92,7 +92,7 @@ func (d *Driver) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequest)
9292
}
9393
var storageAccountType, subsID, resourceGroup, location, account, containerName, containerNamePrefix, protocol, customTags, secretName, secretNamespace, pvcNamespace, tagValueDelimiter string
9494
var isHnsEnabled, requireInfraEncryption, enableBlobVersioning, createPrivateEndpoint, enableNfsV3, allowSharedKeyAccess *bool
95-
var vnetResourceGroup, vnetName, subnetName, accessTier, networkEndpointType, storageEndpointSuffix, fsGroupChangePolicy string
95+
var vnetResourceGroup, vnetName, subnetName, accessTier, networkEndpointType, storageEndpointSuffix, fsGroupChangePolicy, srcAccountName string
9696
var matchTags, useDataPlaneAPI, getLatestAccountKey bool
9797
var softDeleteBlobs, softDeleteContainers int32
9898
var vnetResourceIDs []string
@@ -308,6 +308,25 @@ func (d *Driver) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequest)
308308
return nil, status.Errorf(codes.InvalidArgument, "storeAccountKey is not supported for account with shared access key disabled")
309309
}
310310

311+
requestName := "controller_create_volume"
312+
if volContentSource != nil {
313+
switch volContentSource.Type.(type) {
314+
case *csi.VolumeContentSource_Snapshot:
315+
return nil, status.Errorf(codes.InvalidArgument, "VolumeContentSource Snapshot is not yet implemented")
316+
case *csi.VolumeContentSource_Volume:
317+
requestName = "controller_create_volume_from_volume"
318+
if volContentSource.GetVolume() != nil {
319+
sourceID := volContentSource.GetVolume().VolumeId
320+
_, srcAccountName, _, _, _, err = GetContainerInfo(sourceID) //nolint:dogsled
321+
if err != nil {
322+
klog.Errorf("failed to get source volume info from sourceID(%s), error: %v", sourceID, err)
323+
} else {
324+
klog.V(2).Infof("source volume account name: %s, sourceID: %s", srcAccountName, sourceID)
325+
}
326+
}
327+
}
328+
}
329+
311330
accountOptions := &azure.AccountOptions{
312331
Name: account,
313332
Type: storageAccountType,
@@ -335,6 +354,7 @@ func (d *Driver) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequest)
335354
SoftDeleteBlobs: softDeleteBlobs,
336355
SoftDeleteContainers: softDeleteContainers,
337356
GetLatestAccountKey: getLatestAccountKey,
357+
SourceAccountName: srcAccountName,
338358
}
339359

340360
containerName = replaceWithMap(containerName, containerNameReplaceMap)
@@ -358,16 +378,6 @@ func (d *Driver) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequest)
358378
}
359379
defer d.volumeLocks.Release(volName)
360380

361-
requestName := "controller_create_volume"
362-
if volContentSource != nil {
363-
switch volContentSource.Type.(type) {
364-
case *csi.VolumeContentSource_Snapshot:
365-
return nil, status.Errorf(codes.InvalidArgument, "VolumeContentSource Snapshot is not yet implemented")
366-
case *csi.VolumeContentSource_Volume:
367-
requestName = "controller_create_volume_from_volume"
368-
}
369-
}
370-
371381
var volumeID string
372382
mc := metrics.NewMetricContext(blobCSIDriverName, requestName, d.cloud.ResourceGroup, d.cloud.SubscriptionID, d.Name)
373383
isOperationSucceeded := false
@@ -439,8 +449,7 @@ func (d *Driver) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequest)
439449
if err != nil {
440450
return nil, status.Errorf(codes.Internal, "failed to getAzcopyAuth on account(%s) rg(%s), error: %v", accountOptions.Name, accountOptions.ResourceGroup, err)
441451
}
442-
var copyErr error
443-
copyErr = d.copyVolume(ctx, req, accountName, accountSASToken, authAzcopyEnv, validContainerName, secretNamespace, accountOptions, storageEndpointSuffix)
452+
copyErr := d.copyVolume(ctx, req, accountName, accountSASToken, authAzcopyEnv, validContainerName, secretNamespace, accountOptions, storageEndpointSuffix)
444453
if accountSASToken == "" && copyErr != nil && strings.Contains(copyErr.Error(), authorizationPermissionMismatch) {
445454
klog.Warningf("azcopy copy failed with AuthorizationPermissionMismatch error, should assign \"Storage Blob Data Contributor\" role to controller identity, fall back to use sas token, original error: %v", copyErr)
446455
accountSASToken, authAzcopyEnv, err := d.getAzcopyAuth(ctx, accountName, accountKey, storageEndpointSuffix, accountOptions, secrets, secretName, secretNamespace, true)

0 commit comments

Comments
 (0)