Skip to content

Commit c981932

Browse files
andyzhangxandyzhangx
authored
Merge pull request #1013 from andyzhangx/fix-createPrivateEndpoint
fix: match account if PrivateEndpoint is not set in storage class
2 parents ffd9952 + d2d4d81 commit c981932

File tree

22 files changed

+1114
-26
lines changed

22 files changed

+1114
-26
lines changed

go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ require (
2929
k8s.io/kubernetes v1.28.1
3030
k8s.io/mount-utils v0.28.1
3131
k8s.io/utils v0.0.0-20230406110748-d93618cff8a2
32-
sigs.k8s.io/cloud-provider-azure v1.27.1-0.20230825065334-8b1cf948b7ed
32+
sigs.k8s.io/cloud-provider-azure v1.27.1-0.20230907063607-e9994a5f9c7a
3333
sigs.k8s.io/yaml v1.3.0
3434
)
3535

go.sum

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -777,8 +777,8 @@ rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
777777
rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
778778
sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.1.2 h1:trsWhjU5jZrx6UvFu4WzQDrN7Pga4a7Qg+zcfcj64PA=
779779
sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.1.2/go.mod h1:+qG7ISXqCDVVcyO8hLn12AKVYYUjM7ftlqsqmrhMZE0=
780-
sigs.k8s.io/cloud-provider-azure v1.27.1-0.20230825065334-8b1cf948b7ed h1:tT1CT8ff+GPVYtcPxeopAnUbyapzZ0MaCFz2vgAp14U=
781-
sigs.k8s.io/cloud-provider-azure v1.27.1-0.20230825065334-8b1cf948b7ed/go.mod h1:T86YMaSDRFlMqX5Kmb+KqeASg4Px75GQfcs0sD0yqAw=
780+
sigs.k8s.io/cloud-provider-azure v1.27.1-0.20230907063607-e9994a5f9c7a h1:7/WSpSvXdr/mwDoEMjz0tqlyaACPT9dL/+c1FnbhV6U=
781+
sigs.k8s.io/cloud-provider-azure v1.27.1-0.20230907063607-e9994a5f9c7a/go.mod h1:T86YMaSDRFlMqX5Kmb+KqeASg4Px75GQfcs0sD0yqAw=
782782
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo=
783783
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0=
784784
sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE=

pkg/blob/controllerserver.go

Lines changed: 6 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -73,10 +73,11 @@ func (d *Driver) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequest)
7373
parameters = make(map[string]string)
7474
}
7575
var storageAccountType, subsID, resourceGroup, location, account, containerName, containerNamePrefix, protocol, customTags, secretName, secretNamespace, pvcNamespace string
76-
var isHnsEnabled, requireInfraEncryption, enableBlobVersioning *bool
76+
var isHnsEnabled, requireInfraEncryption, enableBlobVersioning, createPrivateEndpoint, enableNfsV3 *bool
7777
var vnetResourceGroup, vnetName, subnetName, accessTier, networkEndpointType, storageEndpointSuffix string
7878
var matchTags, useDataPlaneAPI, getLatestAccountKey bool
7979
var softDeleteBlobs, softDeleteContainers int32
80+
var vnetResourceIDs []string
8081
var err error
8182
// set allowBlobPublicAccess as false by default
8283
allowBlobPublicAccess := pointer.Bool(false)
@@ -240,21 +241,16 @@ func (d *Driver) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequest)
240241
}
241242

242243
enableHTTPSTrafficOnly := true
243-
createPrivateEndpoint := false
244244
if strings.EqualFold(networkEndpointType, privateEndpoint) {
245-
createPrivateEndpoint = true
245+
createPrivateEndpoint = pointer.BoolPtr(true)
246246
}
247247
accountKind := string(storage.KindStorageV2)
248-
var (
249-
vnetResourceIDs []string
250-
enableNfsV3 *bool
251-
)
252248
if protocol == NFS {
253249
isHnsEnabled = pointer.Bool(true)
254250
enableNfsV3 = pointer.Bool(true)
255251
// NFS protocol does not need account key
256252
storeAccountKey = false
257-
if !createPrivateEndpoint {
253+
if !pointer.BoolDeref(createPrivateEndpoint, false) {
258254
// set VirtualNetworkResourceIDs for storage account firewall setting
259255
vnetResourceID := d.getSubnetResourceID(vnetResourceGroup, vnetName, subnetName)
260256
klog.V(2).Infof("set vnetResourceID(%s) for NFS protocol", vnetResourceID)
@@ -323,7 +319,7 @@ func (d *Driver) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequest)
323319
if v, ok := d.volMap.Load(volName); ok {
324320
accountName = v.(string)
325321
} else {
326-
lockKey := fmt.Sprintf("%s%s%s%s%s%v", storageAccountType, accountKind, resourceGroup, location, protocol, createPrivateEndpoint)
322+
lockKey := fmt.Sprintf("%s%s%s%s%s%v", storageAccountType, accountKind, resourceGroup, location, protocol, pointer.BoolDeref(createPrivateEndpoint, false))
327323
// search in cache first
328324
cache, err := d.accountSearchCache.Get(lockKey, azcache.CacheReadTypeDefault)
329325
if err != nil {
@@ -352,7 +348,7 @@ func (d *Driver) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequest)
352348
}
353349
}
354350

355-
if createPrivateEndpoint && protocol == NFS {
351+
if pointer.BoolDeref(createPrivateEndpoint, false) && protocol == NFS {
356352
// As for blobfuse/blobfuse2, serverName, i.e.,AZURE_STORAGE_BLOB_ENDPOINT env variable can't include
357353
// "privatelink", issue: https://github.com/Azure/azure-storage-fuse/issues/1014
358354
//

vendor/k8s.io/cloud-provider/api/retry_error.go

Lines changed: 46 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/k8s.io/cloud-provider/api/well_known_annotations.go

Lines changed: 26 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/k8s.io/cloud-provider/api/well_known_taints.go

Lines changed: 28 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/k8s.io/cloud-provider/node/helpers/address.go

Lines changed: 146 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)