Merge pull request #1696 from pwschuurman/list-volumes-instances-api

Use instances.list to determine PublishedNodeIds in ListVolume API

Author: k8s-ci-robot

cmd/gce-pd-csi-driver/main.go

@@ -79,7 +79,9 @@ var (
 	computeEndpoint           *url.URL
 	allowedComputeEnvironment = []gce.Environment{gce.EnvironmentStaging, gce.EnvironmentProduction}
 
-	useInstanceAPIOnWaitForAttachDiskTypesFlag = flag.String("use-instance-api-to-poll-attachment-disk-types", "", "Comma separated list of disk types that should use instances.get API when polling for disk attach during ControllerPublish")
+	useInstanceAPIOnWaitForAttachDiskTypesFlag     = flag.String("use-instance-api-to-poll-attachment-disk-types", "", "Comma separated list of disk types that should use instances.get API when polling for disk attach during ControllerPublish")
+	useInstanceAPIForListVolumesPublishedNodesFlag = flag.Bool("use-instance-api-to-list-volumes-published-nodes", false, "Enables using the instances.list API to determine published_node_ids in ListVolumes. When false (default), the disks.list API is used")
+	instancesListFiltersFlag                       = flag.String("instances-list-filters", "", "Comma separated list of filters to use when calling the instances.list API. By default instances.list fetches all instances in a region")
 
 	extraTagsStr = flag.String("extra-tags", "", "Extra tags to attach to each Compute Disk, Image, Snapshot created. It is a comma separated list of parent id, key and value like '<parent_id1>/<tag_key1>/<tag_value1>,...,<parent_idN>/<tag_keyN>/<tag_valueN>'. parent_id is the Organization or the Project ID or Project name where the tag key and the tag value resources exist. A maximum of 50 tags bindings is allowed for a resource. See https://cloud.google.com/resource-manager/docs/tags/tags-overview, https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing for details")
 
@@ -188,16 +190,25 @@ func handle() {
 		UseInstancesAPIForDiskTypes: useInstanceAPIOnWaitForAttachDiskTypes,
 	}
 
+	// Initialize listVolumes config
+	instancesListFilters := strings.Split(*instancesListFiltersFlag, ",")
+	listInstancesConfig := gce.ListInstancesConfig{
+		Filters: instancesListFilters,
+	}
+	listVolumesConfig := driver.ListVolumesConfig{
+		UseInstancesAPIForPublishedNodes: *useInstanceAPIForListVolumesPublishedNodesFlag,
+	}
+
 	// Initialize requirements for the controller service
 	var controllerServer *driver.GCEControllerServer
 	if *runControllerService {
-		cloudProvider, err := gce.CreateCloudProvider(ctx, version, *cloudConfigFilePath, computeEndpoint, computeEnvironment, waitForAttachConfig)
+		cloudProvider, err := gce.CreateCloudProvider(ctx, version, *cloudConfigFilePath, computeEndpoint, computeEnvironment, waitForAttachConfig, listInstancesConfig)
 		if err != nil {
 			klog.Fatalf("Failed to get cloud provider: %v", err.Error())
 		}
 		initialBackoffDuration := time.Duration(*errorBackoffInitialDurationMs) * time.Millisecond
 		maxBackoffDuration := time.Duration(*errorBackoffMaxDurationMs) * time.Millisecond
-		controllerServer = driver.NewControllerServer(gceDriver, cloudProvider, initialBackoffDuration, maxBackoffDuration, fallbackRequisiteZones, *enableStoragePoolsFlag, multiZoneVolumeHandleConfig)
+		controllerServer = driver.NewControllerServer(gceDriver, cloudProvider, initialBackoffDuration, maxBackoffDuration, fallbackRequisiteZones, *enableStoragePoolsFlag, multiZoneVolumeHandleConfig, listVolumesConfig)
 	} else if *cloudConfigFilePath != "" {
 		klog.Warningf("controller service is disabled but cloud config given - it has no effect")
 	}

pkg/gce-cloud-provider/compute/fake-gce.go

@@ -127,14 +127,22 @@ func (cloud *FakeCloudProvider) ListZones(ctx context.Context, region string) ([
 	return []string{cloud.zone, "country-region-fakesecondzone"}, nil
 }
 
-func (cloud *FakeCloudProvider) ListDisks(ctx context.Context) ([]*computev1.Disk, string, error) {
+func (cloud *FakeCloudProvider) ListDisks(ctx context.Context, fields []googleapi.Field) ([]*computev1.Disk, string, error) {
 	d := []*computev1.Disk{}
 	for _, cd := range cloud.disks {
 		d = append(d, cd.disk)
 	}
 	return d, "", nil
 }
 
+func (cloud *FakeCloudProvider) ListInstances(ctx context.Context, fields []googleapi.Field) ([]*computev1.Instance, string, error) {
+	instances := []*computev1.Instance{}
+	for _, instance := range cloud.instances {
+		instances = append(instances, instance)
+	}
+	return instances, "", nil
+}
+
 func (cloud *FakeCloudProvider) ListSnapshots(ctx context.Context, filter string) ([]*computev1.Snapshot, string, error) {
 	var sourceDisk string
 	snapshots := []*computev1.Snapshot{}

pkg/gce-cloud-provider/compute/gce-compute.go

@@ -33,6 +33,7 @@ import (
 	"golang.org/x/oauth2"
 	computebeta "google.golang.org/api/compute/v0.beta"
 	computev1 "google.golang.org/api/compute/v1"
+	"google.golang.org/api/googleapi"
 	"google.golang.org/api/iterator"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"
@@ -106,7 +107,8 @@ type GCECompute interface {
 	GetDiskTypeURI(project string, volKey *meta.Key, diskType string) string
 	WaitForAttach(ctx context.Context, project string, volKey *meta.Key, diskType, instanceZone, instanceName string) error
 	ResizeDisk(ctx context.Context, project string, volKey *meta.Key, requestBytes int64) (int64, error)
-	ListDisks(ctx context.Context) ([]*computev1.Disk, string, error)
+	ListDisks(ctx context.Context, fields []googleapi.Field) ([]*computev1.Disk, string, error)
+	ListInstances(ctx context.Context, fields []googleapi.Field) ([]*computev1.Instance, string, error)
 	// Regional Disk Methods
 	GetReplicaZoneURI(project string, zone string) string
 	// Instance Methods
@@ -135,7 +137,7 @@ func (cloud *CloudProvider) GetDefaultZone() string {
 
 // ListDisks lists disks based on maxEntries and pageToken only in the project
 // and region that the driver is running in.
-func (cloud *CloudProvider) ListDisks(ctx context.Context) ([]*computev1.Disk, string, error) {
+func (cloud *CloudProvider) ListDisks(ctx context.Context, fields []googleapi.Field) ([]*computev1.Disk, string, error) {
 	region, err := common.GetRegionFromZones([]string{cloud.zone})
 	if err != nil {
 		return nil, "", fmt.Errorf("failed to get region from zones: %w", err)
@@ -148,6 +150,7 @@ func (cloud *CloudProvider) ListDisks(ctx context.Context) ([]*computev1.Disk, s
 
 	// listing out regional disks in the region
 	rlCall := cloud.service.RegionDisks.List(cloud.project, region)
+	rlCall.Fields(fields...)
 	nextPageToken := "pageToken"
 	for nextPageToken != "" {
 		rDiskList, err := rlCall.Do()
@@ -162,6 +165,7 @@ func (cloud *CloudProvider) ListDisks(ctx context.Context) ([]*computev1.Disk, s
 	// listing out zonal disks in all zones of the region
 	for _, zone := range zones {
 		lCall := cloud.service.Disks.List(cloud.project, zone)
+		lCall.Fields(fields...)
 		nextPageToken := "pageToken"
 		for nextPageToken != "" {
 			diskList, err := lCall.Do()
@@ -176,6 +180,41 @@ func (cloud *CloudProvider) ListDisks(ctx context.Context) ([]*computev1.Disk, s
 	return items, "", nil
 }
 
+// ListInstances lists instances based on maxEntries and pageToken for the project and region
+// that the driver is running in. Filters from cloud.listInstancesConfig.Filters are applied
+// to the request.
+func (cloud *CloudProvider) ListInstances(ctx context.Context, fields []googleapi.Field) ([]*computev1.Instance, string, error) {
+	region, err := common.GetRegionFromZones([]string{cloud.zone})
+	if err != nil {
+		return nil, "", fmt.Errorf("failed to get region from zones: %w", err)
+	}
+	zones, err := cloud.ListZones(ctx, region)
+	if err != nil {
+		return nil, "", err
+	}
+	items := []*computev1.Instance{}
+
+	for _, zone := range zones {
+		lCall := cloud.service.Instances.List(cloud.project, zone)
+		for _, filter := range cloud.listInstancesConfig.Filters {
+			lCall = lCall.Filter(filter)
+		}
+		lCall = lCall.Fields(fields...)
+		nextPageToken := "pageToken"
+		for nextPageToken != "" {
+			instancesList, err := lCall.Do()
+			if err != nil {
+				return nil, "", err
+			}
+			items = append(items, instancesList.Items...)
+			nextPageToken = instancesList.NextPageToken
+			lCall.PageToken(nextPageToken)
+		}
+	}
+
+	return items, "", nil
+}
+
 // RepairUnderspecifiedVolumeKey will query the cloud provider and check each zone for the disk specified
 // by the volume key and return a volume key with a correct zone
 func (cloud *CloudProvider) RepairUnderspecifiedVolumeKey(ctx context.Context, project string, volumeKey *meta.Key) (string, *meta.Key, error) {

pkg/gce-cloud-provider/compute/gce.go

@@ -102,6 +102,8 @@ type CloudProvider struct {
 	waitForAttachConfig WaitForAttachConfig
 
 	tagsRateLimiter *rate.Limiter
+
+	listInstancesConfig ListInstancesConfig
 }
 
 var _ GCECompute = &CloudProvider{}
@@ -110,6 +112,10 @@ type ConfigFile struct {
 	Global ConfigGlobal `gcfg:"global"`
 }
 
+type ListInstancesConfig struct {
+	Filters []string
+}
+
 type WaitForAttachConfig struct {
 	// A set of disk types that should use the compute instances.get API instead of the
 	// disks.get API. For certain disk types, using the instances.get API is preferred
@@ -128,7 +134,7 @@ type ConfigGlobal struct {
 	Zone      string `gcfg:"zone"`
 }
 
-func CreateCloudProvider(ctx context.Context, vendorVersion string, configPath string, computeEndpoint *url.URL, computeEnvironment Environment, waitForAttachConfig WaitForAttachConfig) (*CloudProvider, error) {
+func CreateCloudProvider(ctx context.Context, vendorVersion string, configPath string, computeEndpoint *url.URL, computeEnvironment Environment, waitForAttachConfig WaitForAttachConfig, listInstancesConfig ListInstancesConfig) (*CloudProvider, error) {
 	configFile, err := readConfig(configPath)
 	if err != nil {
 		return nil, err
@@ -168,6 +174,7 @@ func CreateCloudProvider(ctx context.Context, vendorVersion string, configPath s
 		zone:                zone,
 		zonesCache:          make(map[string]([]string)),
 		waitForAttachConfig: waitForAttachConfig,
+		listInstancesConfig: listInstancesConfig,
 		// GCP has a rate limit of 600 requests per minute, restricting
 		// here to 8 requests per second.
 		tagsRateLimiter: common.NewLimiter(gcpTagsRequestRateLimit, gcpTagsRequestTokenBucketSize, true),

pkg/gce-pd-csi-driver/controller.go

@@ -28,6 +28,7 @@ import (
 	"github.com/GoogleCloudPlatform/k8s-cloud-provider/pkg/cloud/meta"
 	csi "github.com/container-storage-interface/spec/lib/go/csi"
 	compute "google.golang.org/api/compute/v1"
+	"google.golang.org/api/googleapi"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"
 	"google.golang.org/protobuf/types/known/timestamppb"
@@ -105,6 +106,8 @@ type GCEControllerServer struct {
 	enableStoragePools bool
 
 	multiZoneVolumeHandleConfig MultiZoneVolumeHandleConfig
+
+	listVolumesConfig ListVolumesConfig
 }
 
 type MultiZoneVolumeHandleConfig struct {
@@ -124,6 +127,21 @@ type MultiZoneVolumeHandleConfig struct {
 	Enable bool
 }
 
+type ListVolumesConfig struct {
+	UseInstancesAPIForPublishedNodes bool
+}
+
+func (c ListVolumesConfig) listDisksFields() []googleapi.Field {
+	if c.UseInstancesAPIForPublishedNodes {
+		// If we are using the instances.list API in ListVolumes,
+		// don't include the users field in the response, as an optimization.
+		// We rely on instances.list items.disks for attachment pairings.
+		return listDisksFieldsWithoutUsers
+	}
+
+	return listDisksFieldsWithUsers
+}
+
 type csiErrorBackoffId string
 
 type csiErrorBackoff struct {
@@ -175,10 +193,28 @@ const (
 	resourceApiScheme  = "https"
 	resourceApiService = "compute"
 	resourceProject    = "projects"
+
+	listDisksUsersField = googleapi.Field("items/users")
 )
 
 var (
 	validResourceApiVersions = map[string]bool{"v1": true, "alpha": true, "beta": true, "staging_v1": true, "staging_beta": true, "staging_alpha": true}
+
+	// By default GCE returns a lot of data for each instance. Request only a subset of the fields.
+	listInstancesFields = []googleapi.Field{
+		"items/disks/deviceName",
+		"items/disks/source",
+		"items/selfLink",
+		"nextPageToken",
+	}
+
+	// By default GCE returns a lot of data for each disk. Request only a subset of the fields.
+	listDisksFieldsWithoutUsers = []googleapi.Field{
+		"items/labels",
+		"items/selfLink",
+		"nextPageToken",
+	}
+	listDisksFieldsWithUsers = append(listDisksFieldsWithoutUsers, "items/users")
 )
 
 func isDiskReady(disk *gce.CloudDisk) (bool, error) {
@@ -935,6 +971,22 @@ func generateFailedValidationMessage(format string, a ...interface{}) *csi.Valid
 	}
 }
 
+func (gceCS *GCEControllerServer) listVolumeEntries(ctx context.Context) ([]*csi.ListVolumesResponse_Entry, error) {
+	diskList, _, err := gceCS.CloudProvider.ListDisks(ctx, gceCS.listVolumesConfig.listDisksFields())
+	if err != nil {
+		return nil, err
+	}
+
+	var instanceList []*compute.Instance = nil
+	if gceCS.listVolumesConfig.UseInstancesAPIForPublishedNodes {
+		instanceList, _, err = gceCS.CloudProvider.ListInstances(ctx, listInstancesFields)
+		if err != nil {
+			return nil, err
+		}
+	}
+	return gceCS.disksAndInstancesToVolumeEntries(diskList, instanceList), nil
+}
+
 func (gceCS *GCEControllerServer) ListVolumes(ctx context.Context, req *csi.ListVolumesRequest) (*csi.ListVolumesResponse, error) {
 	// https://cloud.google.com/compute/docs/reference/beta/disks/list
 	if req.MaxEntries < 0 {
@@ -944,19 +996,15 @@ func (gceCS *GCEControllerServer) ListVolumes(ctx context.Context, req *csi.List
 
 	offsetLow := 0
 	var ok bool
-	var volumeEntries []*csi.ListVolumesResponse_Entry
 	if req.StartingToken == "" {
-		diskList, _, err := gceCS.CloudProvider.ListDisks(ctx)
+		volumeEntries, err := gceCS.listVolumeEntries(ctx)
 		if err != nil {
 			if gce.IsGCEInvalidError(err) {
 				return nil, status.Errorf(codes.Aborted, "ListVolumes error with invalid request: %v", err.Error())
 			}
-			return nil, common.LoggedError("Failed to list disk: ", err)
+			return nil, common.LoggedError("Failed to list volumes: ", err)
 		}
-		volumeEntries = gceCS.disksToVolumeEntries(diskList)
-	}
 
-	if req.StartingToken == "" {
 		gceCS.volumeEntries = volumeEntries
 		gceCS.volumeEntriesSeen = map[string]int{}
 	} else {
@@ -1008,47 +1056,62 @@ func isMultiZoneDisk(diskRsrc string, diskLabels map[string]string) (string, boo
 	return multiZoneVolumeId, true
 }
 
-// disksToVolumeEntries converts a list of disks to a list of CSI ListVolumeResponse entries
+// disksAndInstancesToVolumeEntries converts a list of disks and instances to a list
+// of CSI ListVolumeResponse entries.
 // It appends "multi-zone" volumeHandles at the end. These are volumeHandles which
 // map to multiple volumeHandles in different zones
-func (gceCS *GCEControllerServer) disksToVolumeEntries(disks []*compute.Disk) []*csi.ListVolumesResponse_Entry {
-	multiZoneNodesByVolumeId := map[string][]string{}
-	entries := []*csi.ListVolumesResponse_Entry{}
+func (gceCS *GCEControllerServer) disksAndInstancesToVolumeEntries(disks []*compute.Disk, instances []*compute.Instance) []*csi.ListVolumesResponse_Entry {
+	nodesByVolumeId := map[string][]string{}
+	multiZoneVolumeIdsByVolumeId := map[string]string{}
 	for _, d := range disks {
-		diskRsrc, err := getResourceId(d.SelfLink)
+		volumeId, err := getResourceId(d.SelfLink)
 		if err != nil {
 			klog.Warningf("Bad ListVolumes disk resource %s, skipped: %v (%+v)", d.SelfLink, err, d)
 			continue
 		}
-		users := []string{}
+
+		instanceIds := make([]string, len(d.Users))
 		for _, u := range d.Users {
-			rsrc, err := getResourceId(u)
+			instanceId, err := getResourceId(u)
 			if err != nil {
 				klog.Warningf("Bad ListVolumes user %s, skipped: %v", u, err)
 			} else {
-				users = append(users, rsrc)
+				instanceIds = append(instanceIds, instanceId)
 			}
 		}
 
+		nodesByVolumeId[volumeId] = instanceIds
+
 		if gceCS.multiZoneVolumeHandleConfig.Enable {
-			if multiZoneVolumeId, isMultiZone := isMultiZoneDisk(diskRsrc, d.Labels); isMultiZone {
-				_, ok := multiZoneNodesByVolumeId[multiZoneVolumeId]
-				if !ok {
-					multiZoneNodesByVolumeId[multiZoneVolumeId] = []string{}
-				}
-				multiZoneNodesByVolumeId[multiZoneVolumeId] = append(multiZoneNodesByVolumeId[multiZoneVolumeId], users...)
+			if multiZoneVolumeId, isMultiZone := isMultiZoneDisk(volumeId, d.Labels); isMultiZone {
+				multiZoneVolumeIdsByVolumeId[volumeId] = multiZoneVolumeId
+				nodesByVolumeId[multiZoneVolumeId] = append(nodesByVolumeId[multiZoneVolumeId], instanceIds...)
 			}
 		}
-		entries = append(entries, &csi.ListVolumesResponse_Entry{
-			Volume: &csi.Volume{
-				VolumeId: diskRsrc,
-			},
-			Status: &csi.ListVolumesResponse_VolumeStatus{
-				PublishedNodeIds: users,
-			},
-		})
 	}
-	for volumeId, nodeIds := range multiZoneNodesByVolumeId {
+
+	entries := []*csi.ListVolumesResponse_Entry{}
+	for _, instance := range instances {
+		instanceId, err := getResourceId(instance.SelfLink)
+		if err != nil {
+			klog.Warningf("Bad ListVolumes instance resource %s, skipped: %v (%+v)", instance.SelfLink, err, instance)
+			continue
+		}
+		for _, disk := range instance.Disks {
+			volumeId, err := getResourceId(disk.Source)
+			if err != nil {
+				klog.Warningf("Bad ListVolumes instance disk source %s, skipped: %v (%+v)", disk.Source, err, instance)
+				continue
+			}
+
+			nodesByVolumeId[volumeId] = append(nodesByVolumeId[volumeId], instanceId)
+			if multiZoneVolumeId, isMultiZone := multiZoneVolumeIdsByVolumeId[volumeId]; isMultiZone {
+				nodesByVolumeId[multiZoneVolumeId] = append(nodesByVolumeId[multiZoneVolumeId], instanceId)
+			}
+		}
+	}
+
+	for volumeId, nodeIds := range nodesByVolumeId {
 		entries = append(entries, &csi.ListVolumesResponse_Entry{
 			Volume: &csi.Volume{
 				VolumeId: volumeId,