Merge pull request #616 from andyzhangx/delete-vol-issue

andyzhangx · web-flow · commit 7b2dee778ddf · 2022-02-19T09:54:46.000+08:00
fix: delete volume failure when account is deleted
diff --git a/charts/README.md b/charts/README.md
@@ -98,17 +98,17 @@ The following table lists the configurable parameters of the latest Azure Blob S
 | `controller.runOnMaster`                              | run controller on master node                         | `true`                                                          |
 | `controller.logLevel`                                 | controller driver log level                           | `5`                                                            |
 | `controller.resources.csiProvisioner.limits.memory`   | csi-provisioner memory limits                         | 100Mi                                                          |
-| `controller.resources.csiProvisioner.requests.cpu`    | csi-provisioner cpu requests limits                   | 10m                                                            |
-| `controller.resources.csiProvisioner.requests.memory` | csi-provisioner memory requests limits                | 20Mi                                                           |
+| `controller.resources.csiProvisioner.requests.cpu`    | csi-provisioner cpu requests                   | 10m                                                            |
+| `controller.resources.csiProvisioner.requests.memory` | csi-provisioner memory requests                | 20Mi                                                           |
 | `controller.resources.livenessProbe.limits.memory`    | liveness-probe memory limits                          | 300Mi                                                          |
-| `controller.resources.livenessProbe.requests.cpu`     | liveness-probe cpu requests limits                    | 10m                                                            |
-| `controller.resources.livenessProbe.requests.memory`  | liveness-probe memory requests limits                 | 20Mi                                                           |
+| `controller.resources.livenessProbe.requests.cpu`     | liveness-probe cpu requests                    | 10m                                                            |
+| `controller.resources.livenessProbe.requests.memory`  | liveness-probe memory requests                 | 20Mi                                                           |
 | `controller.resources.blob.limits.memory`             | blob-csi-driver memory limits                         | 200Mi                                                          |
-| `controller.resources.blob.requests.cpu`              | blob-csi-driver cpu requests limits                   | 10m                                                            |
-| `controller.resources.blob.requests.memory`           | blob-csi-driver memory requests limits                | 20Mi                                                           |
+| `controller.resources.blob.requests.cpu`              | blob-csi-driver cpu requests                   | 10m                                                            |
+| `controller.resources.blob.requests.memory`           | blob-csi-driver memory requests                | 20Mi                                                           |
 | `controller.resources.csiResizer.limits.memory`       | csi-resizer memory limits                             | 300Mi                                                          |
-| `controller.resources.csiResizer.requests.cpu`        | csi-resizer cpu requests limits                       | 10m                                                            |
-| `controller.resources.csiResizer.requests.memory`     | csi-resizer memory requests limits                    | 20Mi                                                           |
+| `controller.resources.csiResizer.requests.cpu`        | csi-resizer cpu requests                       | 10m                                                            |
+| `controller.resources.csiResizer.requests.memory`     | csi-resizer memory requests                    | 20Mi                                                           |
 | `controller.affinity`                                 | controller pod affinity                               | {}                                                             |
 | `controller.nodeSelector`                             | controller pod node selector                          | {}                                                             |
 | `controller.tolerations`                              | controller pod tolerations                            | []                                                             |
@@ -129,14 +129,14 @@ The following table lists the configurable parameters of the latest Azure Blob S
 | `node.blobfuseProxy.disableUpdateDB`                  | whether disable updateDB on blobfuse (saving storage account list usage) | `true`                                                          |
 | `node.blobfuseCachePath`                              | blobfuse cache path(`tmp-path`)                       | `/mnt`                                                          |
 | `node.resources.livenessProbe.limits.memory`          | liveness-probe memory limits                          | 100Mi                                                          |
-| `node.resources.livenessProbe.requests.cpu`           | liveness-probe cpu requests limits                    | 10m                                                            |
-| `node.resources.livenessProbe.requests.memory`        | liveness-probe memory requests limits                 | 20Mi                                                           |
+| `node.resources.livenessProbe.requests.cpu`           | liveness-probe cpu requests                    | 10m                                                            |
+| `node.resources.livenessProbe.requests.memory`        | liveness-probe memory requests                 | 20Mi                                                           |
 | `node.resources.nodeDriverRegistrar.limits.memory`    | csi-node-driver-registrar memory limits               | 100Mi                                                          |
-| `node.resources.nodeDriverRegistrar.requests.cpu`     | csi-node-driver-registrar cpu requests limits         | 10m                                                            |
-| `node.resources.nodeDriverRegistrar.requests.memory`  | csi-node-driver-registrar memory requests limits      | 20Mi                                                           |
+| `node.resources.nodeDriverRegistrar.requests.cpu`     | csi-node-driver-registrar cpu requests         | 10m                                                            |
+| `node.resources.nodeDriverRegistrar.requests.memory`  | csi-node-driver-registrar memory requests      | 20Mi                                                           |
 | `node.resources.blob.limits.memory`                   | blob-csi-driver memory limits                         | 2100Mi                                                         |
-| `node.resources.blob.requests.cpu`                    | blob-csi-driver cpu requests limits                   | 10m                                                            |
-| `node.resources.blob.requests.memory`                 | blob-csi-driver memory requests limits                | 20Mi                                                           |
+| `node.resources.blob.requests.cpu`                    | blob-csi-driver cpu requests                   | 10m                                                            |
+| `node.resources.blob.requests.memory`                 | blob-csi-driver memory requests                | 20Mi                                                           |
 | `node.affinity`                                       | node pod affinity                                     | {}                                                             |
 | `node.nodeSelector`                                   | node pod node selector                                | {}                                                             |
 | `node.tolerations`                                    | node pod tolerations                                  | []                                                             |
diff --git a/deploy/example/storageclass-blob-nfs.yaml b/deploy/example/storageclass-blob-nfs.yaml
@@ -7,3 +7,4 @@ provisioner: blob.csi.azure.com
 parameters:
   protocol: nfs
 volumeBindingMode: Immediate
+allowVolumeExpansion: true
diff --git a/deploy/example/storageclass-blob-secret.yaml b/deploy/example/storageclass-blob-secret.yaml
@@ -4,6 +4,7 @@ kind: StorageClass
 metadata:
   name: blob
 provisioner: blob.csi.azure.com
+allowVolumeExpansion: true
 parameters:
   csi.storage.k8s.io/provisioner-secret-name: azure-secret
   csi.storage.k8s.io/provisioner-secret-namespace: default
diff --git a/deploy/example/storageclass-blobfuse-existing-container.yaml b/deploy/example/storageclass-blobfuse-existing-container.yaml
@@ -11,6 +11,7 @@ parameters:
   server: SERVER_ADDRESS  # optional, provide a new address to replace default "accountname.blob.core.windows.net"
 reclaimPolicy: Retain  # if set as "Delete" container would be removed after pvc deletion
 volumeBindingMode: Immediate
+allowVolumeExpansion: true
 mountOptions:
   - -o allow_other
   - --file-cache-timeout-in-seconds=120
diff --git a/deploy/example/storageclass-blobfuse-readonly.yaml b/deploy/example/storageclass-blobfuse-readonly.yaml
@@ -10,6 +10,7 @@ parameters:
   containerName: EXISTING_CONTAINER_NAME
 reclaimPolicy: Retain  # if set as "Delete" container would be removed after pvc deletion
 volumeBindingMode: Immediate
+allowVolumeExpansion: true
 mountOptions:
   - -o ro
   - -o allow_other
diff --git a/deploy/example/storageclass-blobfuse.yaml b/deploy/example/storageclass-blobfuse.yaml
@@ -5,9 +5,10 @@ metadata:
   name: blob
 provisioner: blob.csi.azure.com
 parameters:
-  skuName: Standard_LRS  # available values: Standard_LRS, Premium_LRS, Standard_GRS, Standard_RAGRS
+  skuName: Premium_LRS  # available values: Standard_LRS, Premium_LRS, Standard_GRS, Standard_RAGRS
 reclaimPolicy: Delete
 volumeBindingMode: Immediate
+allowVolumeExpansion: true
 mountOptions:
   - -o allow_other
   - --file-cache-timeout-in-seconds=120
diff --git a/pkg/blob/blob.go b/pkg/blob/blob.go
@@ -90,9 +90,10 @@ const (
 
 	accountNotProvisioned = "StorageAccountIsNotProvisioned"
 	tooManyRequests       = "TooManyRequests"
-	shareNotFound         = "The specified share does not exist"
-	shareBeingDeleted     = "The specified share is being deleted"
 	clientThrottled       = "client throttled"
+	containerBeingDeleted = "ContainerBeingDeleted"
+	statusCodeNotFound    = "StatusCode=404"
+	httpCodeNotFound      = "HTTPStatusCode: 404"
 
 	// containerMaxSize is the max size of the blob container. See https://docs.microsoft.com/en-us/azure/storage/blobs/scalability-targets#scale-targets-for-blob-storage
 	containerMaxSize = 100 * util.TiB
@@ -106,7 +107,7 @@ const (
 
 var (
 	supportedProtocolList = []string{fuse, nfs}
-	retriableErrors       = []string{accountNotProvisioned, tooManyRequests, shareNotFound, shareBeingDeleted, clientThrottled}
+	retriableErrors       = []string{accountNotProvisioned, tooManyRequests, statusCodeNotFound, containerBeingDeleted, clientThrottled}
 )
 
 // DriverOptions defines driver parameters specified in driver deployment
@@ -295,11 +296,11 @@ func isSASToken(key string) bool {
 }
 
 // GetAuthEnv return <accountName, containerName, authEnv, error>
-func (d *Driver) GetAuthEnv(ctx context.Context, volumeID, protocol string, attrib, secrets map[string]string) (string, string, []string, error) {
+func (d *Driver) GetAuthEnv(ctx context.Context, volumeID, protocol string, attrib, secrets map[string]string) (string, string, string, string, []string, error) {
 	rgName, accountName, containerName, err := GetContainerInfo(volumeID)
 	if err != nil {
 		// ignore volumeID parsing error
-		klog.Warningf("parsing volumeID(%s) return with error: %v", volumeID, err)
+		klog.V(2).Info("parsing volumeID(%s) return with error: %v", volumeID, err)
 		err = nil
 	}
 
@@ -364,7 +365,7 @@ func (d *Driver) GetAuthEnv(ctx context.Context, volumeID, protocol string, attr
 
 	if protocol == nfs {
 		// nfs protocol does not need account key, return directly
-		return accountName, containerName, authEnv, err
+		return rgName, accountName, accountKey, containerName, authEnv, err
 	}
 
 	// backward compatibility, old CSI driver PV does not have secretNamespace field
@@ -382,7 +383,7 @@ func (d *Driver) GetAuthEnv(ctx context.Context, volumeID, protocol string, attr
 	if keyVaultURL != "" {
 		key, err := d.getKeyVaultSecretContent(ctx, keyVaultURL, keyVaultSecretName, keyVaultSecretVersion)
 		if err != nil {
-			return accountName, containerName, authEnv, err
+			return rgName, accountName, accountKey, containerName, authEnv, err
 		}
 		if isSASToken(key) {
 			accountSasToken = key
@@ -407,7 +408,7 @@ func (d *Driver) GetAuthEnv(ctx context.Context, volumeID, protocol string, attr
 						accountName, secretNamespace, secretName, err)
 					accountKey, err = d.cloud.GetStorageAccesskey(ctx, accountName, rgName)
 					if err != nil {
-						return accountName, containerName, authEnv, fmt.Errorf("no key for storage account(%s) under resource group(%s), err %w", accountName, rgName, err)
+						return rgName, accountName, accountKey, containerName, authEnv, fmt.Errorf("no key for storage account(%s) under resource group(%s), err %w", accountName, rgName, err)
 					}
 				}
 			}
@@ -446,7 +447,7 @@ func (d *Driver) GetAuthEnv(ctx context.Context, volumeID, protocol string, attr
 		authEnv = append(authEnv, "AZURE_STORAGE_ACCESS_KEY="+accountKey)
 	}
 
-	return accountName, containerName, authEnv, err
+	return rgName, accountName, accountKey, containerName, authEnv, err
 }
 
 // GetStorageAccountAndContainer get storage account and container info
diff --git a/pkg/blob/blob_test.go b/pkg/blob/blob_test.go
@@ -249,16 +249,6 @@ func TestIsRetriableError(t *testing.T) {
 			rpcErr:       errors.New("could not get storage key for storage account : could not list storage accounts for account type Premium_LRS: Retriable: true, RetryAfter: 0001-01-01 00:00:00 +0000 UTC m=+231.866923225, HTTPStatusCode: 429, RawError: storage.AccountsClient#ListByResourceGroup: Failure responding to request: StatusCode=429 -- Original Error: autorest/azure: Service returned an error. Status=429 Code=\"TooManyRequests\" Message=\"The request is being throttled as the limit has been reached for operation type - List. For more information, see - https://aka.ms/srpthrottlinglimits\""),
 			expectedBool: true,
 		},
-		{
-			desc:         "shareNotFound",
-			rpcErr:       errors.New("storage.FileSharesClient#Get: Failure responding to request: StatusCode=404 -- Original Error: autorest/azure: Service returned an error. Status=404 Code=\"ShareNotFound\" Message=\"The specified share does not exist\""),
-			expectedBool: true,
-		},
-		{
-			desc:         "shareBeingDeleted",
-			rpcErr:       errors.New("storage.FileSharesClient#Create: Failure sending request: StatusCode=409 -- Original Error: autorest/azure: Service returned an error. Status=<nil> Code=\"ShareBeingDeleted\" Message=\"The specified share is being deleted. Try operation later.\""),
-			expectedBool: true,
-		},
 		{
 			desc:         "clientThrottled",
 			rpcErr:       errors.New("could not list storage accounts for account type : Retriable: true, RetryAfter: 16s, HTTPStatusCode: 0, RawError: azure cloud provider throttled for operation StorageAccountListByResourceGroup with reason \"client throttled\""),
@@ -471,7 +461,7 @@ func TestGetAuthEnv(t *testing.T) {
 					RawError: fmt.Errorf("test"),
 				}
 				mockStorageAccountsClient.EXPECT().ListKeys(gomock.Any(), gomock.Any(), gomock.Any()).Return(accountListKeysResult, rerr).AnyTimes()
-				_, _, _, err := d.GetAuthEnv(context.TODO(), volumeID, "", attrib, secret)
+				_, _, _, _, _, err := d.GetAuthEnv(context.TODO(), volumeID, "", attrib, secret)
 				expectedErr := fmt.Errorf("no key for storage account(storageaccountname) under resource group(rg), err Retriable: false, RetryAfter: 0s, HTTPStatusCode: 0, RawError: test")
 				if !strings.EqualFold(err.Error(), expectedErr.Error()) {
 					t.Errorf("actualErr: (%v), expectedErr: (%v)", err, expectedErr)
@@ -500,7 +490,7 @@ func TestGetAuthEnv(t *testing.T) {
 					Keys: &accountkeylist,
 				}
 				mockStorageAccountsClient.EXPECT().ListKeys(gomock.Any(), gomock.Any(), gomock.Any()).Return(list, nil).AnyTimes()
-				_, _, _, err := d.GetAuthEnv(context.TODO(), volumeID, "", attrib, secret)
+				_, _, _, _, _, err := d.GetAuthEnv(context.TODO(), volumeID, "", attrib, secret)
 				expectedErr := error(nil)
 				if !reflect.DeepEqual(err, expectedErr) {
 					t.Errorf("actualErr: (%v), expectedErr: (%v)", err, expectedErr)
@@ -521,11 +511,13 @@ func TestGetAuthEnv(t *testing.T) {
 				secret["azurestorageaccountsastoken"] = "unit-test"
 				secret["msisecret"] = "unit-test"
 				secret["azurestoragespnclientsecret"] = "unit-test"
-				accountName, containerName, _, err := d.GetAuthEnv(context.TODO(), volumeID, "", attrib, secret)
+				rg, accountName, accountkey, containerName, _, err := d.GetAuthEnv(context.TODO(), volumeID, "", attrib, secret)
 				if err != nil {
 					t.Errorf("actualErr: (%v), expectedErr: nil", err)
 				}
+				assert.Equal(t, rg, "rg")
 				assert.Equal(t, accountName, "accountname")
+				assert.Equal(t, accountkey, "unit-test")
 				assert.Equal(t, containerName, "containername")
 			},
 		},
@@ -538,12 +530,14 @@ func TestGetAuthEnv(t *testing.T) {
 				volumeID := "unique-volumeid"
 				attrib[storageAccountField] = "accountname"
 				attrib[containerNameField] = "containername"
-				accountName, containerName, authEnv, err := d.GetAuthEnv(context.TODO(), volumeID, nfs, attrib, secret)
+				rg, accountName, accountkey, containerName, authEnv, err := d.GetAuthEnv(context.TODO(), volumeID, nfs, attrib, secret)
 				if err != nil {
 					t.Errorf("actualErr: (%v), expect no error", err)
 				}
 
+				assert.Equal(t, rg, "")
 				assert.Equal(t, accountName, "accountname")
+				assert.Equal(t, accountkey, "")
 				assert.Equal(t, containerName, "containername")
 				assert.Equal(t, len(authEnv), 0)
 			},
diff --git a/pkg/blob/controllerserver.go b/pkg/blob/controllerserver.go
diff --git a/pkg/blob/controllerserver_test.go b/pkg/blob/controllerserver_test.go
diff --git a/pkg/blob/nodeserver.go b/pkg/blob/nodeserver.go
