diff --git a/manifests/guestcluster/1.32/pvcsi.yaml b/manifests/guestcluster/1.32/pvcsi.yaml index 3dd00ec3c8..852c0458b5 100644 --- a/manifests/guestcluster/1.32/pvcsi.yaml +++ b/manifests/guestcluster/1.32/pvcsi.yaml @@ -683,7 +683,6 @@ data: "online-volume-extend": "true" "file-volume": "true" "csi-sv-feature-states-replication": "false" # Do not enable for guest cluster, Refer PR#2386 for details - "block-volume-snapshot": "true" "tkgs-ha": "true" "cnsmgr-suspend-create-volume": "true" "csi-windows-support": "true" diff --git a/manifests/guestcluster/1.33/pvcsi.yaml b/manifests/guestcluster/1.33/pvcsi.yaml index 79060adf97..dd211406cf 100644 --- a/manifests/guestcluster/1.33/pvcsi.yaml +++ b/manifests/guestcluster/1.33/pvcsi.yaml @@ -663,7 +663,6 @@ data: "online-volume-extend": "true" "file-volume": "true" "csi-sv-feature-states-replication": "false" # Do not enable for guest cluster, Refer PR#2386 for details - "block-volume-snapshot": "true" "tkgs-ha": "true" "cnsmgr-suspend-create-volume": "true" "csi-windows-support": "true" diff --git a/manifests/guestcluster/1.34/pvcsi.yaml b/manifests/guestcluster/1.34/pvcsi.yaml index 644d1b6d92..b70d231003 100644 --- a/manifests/guestcluster/1.34/pvcsi.yaml +++ b/manifests/guestcluster/1.34/pvcsi.yaml @@ -728,7 +728,6 @@ data: "online-volume-extend": "true" "file-volume": "true" "csi-sv-feature-states-replication": "false" # Do not enable for guest cluster, Refer PR#2386 for details - "block-volume-snapshot": "true" "tkgs-ha": "true" "cnsmgr-suspend-create-volume": "true" "csi-windows-support": "true" diff --git a/manifests/supervisorcluster/1.30/cns-csi.yaml b/manifests/supervisorcluster/1.30/cns-csi.yaml index 262ed6d41b..c75d961f01 100644 --- a/manifests/supervisorcluster/1.30/cns-csi.yaml +++ b/manifests/supervisorcluster/1.30/cns-csi.yaml @@ -556,7 +556,6 @@ data: "csi-sv-feature-states-replication": "true" "fake-attach": "true" "improved-csi-idempotency": "true" - "block-volume-snapshot": "true" "tkgs-ha": "true" "list-volumes": "true" "cnsmgr-suspend-create-volume": "true" diff --git a/manifests/supervisorcluster/1.32/cns-csi.yaml b/manifests/supervisorcluster/1.32/cns-csi.yaml index c06babb04d..ae6b1ce05e 100644 --- a/manifests/supervisorcluster/1.32/cns-csi.yaml +++ b/manifests/supervisorcluster/1.32/cns-csi.yaml @@ -555,7 +555,6 @@ data: "csi-sv-feature-states-replication": "true" "fake-attach": "true" "improved-csi-idempotency": "true" - "block-volume-snapshot": "true" "tkgs-ha": "true" "list-volumes": "true" "cnsmgr-suspend-create-volume": "true" diff --git a/pkg/common/unittestcommon/utils.go b/pkg/common/unittestcommon/utils.go index 9b496c0dc9..472c8667f0 100644 --- a/pkg/common/unittestcommon/utils.go +++ b/pkg/common/unittestcommon/utils.go @@ -63,7 +63,6 @@ func GetFakeContainerOrchestratorInterface(orchestratorType int) (commonco.COCom featureStates: map[string]string{ "csi-migration": "true", "file-volume": "true", - "block-volume-snapshot": "true", "tkgs-ha": "true", "list-volumes": "true", "csi-internal-generated-cluster-id": "true", diff --git a/pkg/csi/service/common/commonco/k8sorchestrator/k8sorchestrator.go b/pkg/csi/service/common/commonco/k8sorchestrator/k8sorchestrator.go index 734e7d1e7b..43f7503440 100644 --- a/pkg/csi/service/common/commonco/k8sorchestrator/k8sorchestrator.go +++ b/pkg/csi/service/common/commonco/k8sorchestrator/k8sorchestrator.go @@ -391,7 +391,6 @@ func getReleasedVanillaFSS() map[string]struct{} { return map[string]struct{}{ common.CSIMigration: {}, common.OnlineVolumeExtend: {}, - common.BlockVolumeSnapshot: {}, common.CSIWindowsSupport: {}, common.ListVolumes: {}, common.CnsMgrSuspendCreateVolume: {}, diff --git a/pkg/csi/service/common/constants.go b/pkg/csi/service/common/constants.go index cf4c266b85..eeaf15db71 100644 --- a/pkg/csi/service/common/constants.go +++ b/pkg/csi/service/common/constants.go @@ -393,9 +393,6 @@ const ( // CSIVolumeManagerIdempotency is the feature flag for idempotency handling // in CSI volume manager. CSIVolumeManagerIdempotency = "improved-csi-idempotency" - // BlockVolumeSnapshot is the feature to support CSI Snapshots for block - // volume on vSphere CSI driver. - BlockVolumeSnapshot = "block-volume-snapshot" // CSIWindowsSupport is the feature to support csi block volumes for windows // node. CSIWindowsSupport = "csi-windows-support" diff --git a/pkg/csi/service/vanilla/controller.go b/pkg/csi/service/vanilla/controller.go index 191fae303b..ff6d525496 100644 --- a/pkg/csi/service/vanilla/controller.go +++ b/pkg/csi/service/vanilla/controller.go @@ -120,10 +120,7 @@ func (c *controller) Init(config *cnsconfig.Config, version string) error { var err error var operationStore cnsvolumeoperationrequest.VolumeOperationRequest operationStore, err = cnsvolumeoperationrequest.InitVolumeOperationRequestInterface(ctx, - config.Global.CnsVolumeOperationRequestCleanupIntervalInMin, - func() bool { - return commonco.ContainerOrchestratorUtility.IsFSSEnabled(ctx, common.BlockVolumeSnapshot) - }, false) + config.Global.CnsVolumeOperationRequestCleanupIntervalInMin, false) if err != nil { log.Errorf("failed to initialize VolumeOperationRequestInterface with error: %v", err) return err @@ -523,13 +520,12 @@ func (c *controller) createBlockVolume(ctx context.Context, req *csi.CreateVolum volSizeMB := int64(common.RoundUpSize(volSizeBytes, common.MbInBytes)) // Check if the feature states are enabled. - isBlockVolumeSnapshotEnabled := commonco.ContainerOrchestratorUtility.IsFSSEnabled(ctx, common.BlockVolumeSnapshot) csiMigrationFeatureState := commonco.ContainerOrchestratorUtility.IsFSSEnabled(ctx, common.CSIMigration) // Check if requested volume size and source snapshot size matches volumeSource := req.GetVolumeContentSource() var contentSourceSnapshotID string - if isBlockVolumeSnapshotEnabled && volumeSource != nil { + if volumeSource != nil { isCnsSnapshotSupported, err := c.manager.VcenterManager.IsCnsSnapshotSupported(ctx, c.manager.VcenterConfig.Host) if err != nil { @@ -2173,8 +2169,7 @@ func (c *controller) DeleteVolume(ctx context.Context, req *csi.DeleteVolumeRequ volumeType = convertCnsVolumeType(ctx, cnsVolumeType) } // Check if the volume contains CNS snapshots only for block volumes. - if cnsVolumeType == common.BlockVolumeType && - commonco.ContainerOrchestratorUtility.IsFSSEnabled(ctx, common.BlockVolumeSnapshot) { + if cnsVolumeType == common.BlockVolumeType { isCnsSnapshotSupported, err := vCenterManager.IsCnsSnapshotSupported(ctx, vCenterHost) if err != nil { return nil, csifault.CSIInternalFault, logger.LogNewErrorCodef(log, codes.Internal, @@ -2588,28 +2583,27 @@ func (c *controller) ControllerExpandVolume(ctx context.Context, req *csi.Contro volumeID := req.GetVolumeId() volSizeBytes := int64(req.GetCapacityRange().GetRequiredBytes()) volSizeMB := int64(common.RoundUpSize(volSizeBytes, common.MbInBytes)) + // Check if the volume contains CNS snapshots. - if commonco.ContainerOrchestratorUtility.IsFSSEnabled(ctx, common.BlockVolumeSnapshot) { - isCnsSnapshotSupported, err := vCenterManager.IsCnsSnapshotSupported(ctx, vCenterHost) + isCnsSnapshotSupported, err := vCenterManager.IsCnsSnapshotSupported(ctx, vCenterHost) + if err != nil { + return nil, csifault.CSIInternalFault, logger.LogNewErrorCodef(log, codes.Internal, + "failed to check if cns snapshot is supported on VC due to error: %v", err) + } + if isCnsSnapshotSupported { + snapshots, _, err := common.QueryVolumeSnapshotsByVolumeID(ctx, volumeManager, volumeID, + common.QuerySnapshotLimit) if err != nil { return nil, csifault.CSIInternalFault, logger.LogNewErrorCodef(log, codes.Internal, - "failed to check if cns snapshot is supported on VC due to error: %v", err) + "failed to retrieve snapshots for volume: %s. Error: %+v", volumeID, err) } - if isCnsSnapshotSupported { - snapshots, _, err := common.QueryVolumeSnapshotsByVolumeID(ctx, volumeManager, volumeID, - common.QuerySnapshotLimit) - if err != nil { - return nil, csifault.CSIInternalFault, logger.LogNewErrorCodef(log, codes.Internal, - "failed to retrieve snapshots for volume: %s. Error: %+v", volumeID, err) - } - if len(snapshots) == 0 { - log.Infof("The volume %s can be safely expanded as no CNS snapshots were found.", - req.VolumeId) - } else { - return nil, csifault.CSIInvalidArgumentFault, logger.LogNewErrorCodef(log, codes.FailedPrecondition, - "volume: %s with existing snapshots %v cannot be expanded. "+ - "Please delete snapshots before expanding the volume", req.VolumeId, snapshots) - } + if len(snapshots) == 0 { + log.Infof("The volume %s can be safely expanded as no CNS snapshots were found.", + req.VolumeId) + } else { + return nil, csifault.CSIInvalidArgumentFault, logger.LogNewErrorCodef(log, codes.FailedPrecondition, + "volume: %s with existing snapshots %v cannot be expanded. "+ + "Please delete snapshots before expanding the volume", req.VolumeId, snapshots) } } @@ -3015,11 +3009,6 @@ func (c *controller) CreateSnapshot(ctx context.Context, req *csi.CreateSnapshot ) log.Infof("CreateSnapshot: called with args %+v", *req) - isBlockVolumeSnapshotEnabled := commonco.ContainerOrchestratorUtility.IsFSSEnabled(ctx, common.BlockVolumeSnapshot) - if !isBlockVolumeSnapshotEnabled { - return nil, logger.LogNewErrorCode(log, codes.Unimplemented, "createSnapshot") - } - volumeID := req.GetSourceVolumeId() // Fetch vCenterHost, vCenterManager & volumeManager for given snapshot, based on VC configuration vCenterManager = getVCenterManagerForVCenter(ctx, c) @@ -3186,12 +3175,6 @@ func (c *controller) DeleteSnapshot(ctx context.Context, req *csi.DeleteSnapshot ) log.Infof("DeleteSnapshot: called with args %+v", *req) - isBlockVolumeSnapshotEnabled := - commonco.ContainerOrchestratorUtility.IsFSSEnabled(ctx, common.BlockVolumeSnapshot) - if !isBlockVolumeSnapshotEnabled { - return nil, logger.LogNewErrorCode(log, codes.Unimplemented, "deleteSnapshot") - } - volumeID, _, err := common.ParseCSISnapshotID(req.SnapshotId) if err != nil { return nil, logger.LogNewErrorCode(log, codes.InvalidArgument, err.Error()) diff --git a/pkg/csi/service/wcp/controller.go b/pkg/csi/service/wcp/controller.go index 9a81194981..b98af68198 100644 --- a/pkg/csi/service/wcp/controller.go +++ b/pkg/csi/service/wcp/controller.go @@ -163,9 +163,7 @@ func (c *controller) Init(config *cnsconfig.Config, version string) error { log.Info("CSI Volume manager idempotency handling feature flag is enabled.") operationStore, err = cnsvolumeoperationrequest.InitVolumeOperationRequestInterface(ctx, config.Global.CnsVolumeOperationRequestCleanupIntervalInMin, - func() bool { - return commonco.ContainerOrchestratorUtility.IsFSSEnabled(ctx, common.BlockVolumeSnapshot) - }, isPodVMOnStretchSupervisorFSSEnabled) + isPodVMOnStretchSupervisorFSSEnabled) if err != nil { log.Errorf("failed to initialize VolumeOperationRequestInterface with error: %v", err) return err @@ -395,9 +393,7 @@ func (c *controller) ReloadConfiguration(reconnectToVCFromNewConfig bool) error log.Info("CSI Volume manager idempotency handling feature flag is enabled.") operationStore, err = cnsvolumeoperationrequest.InitVolumeOperationRequestInterface(ctx, c.manager.CnsConfig.Global.CnsVolumeOperationRequestCleanupIntervalInMin, - func() bool { - return commonco.ContainerOrchestratorUtility.IsFSSEnabled(ctx, common.BlockVolumeSnapshot) - }, isPodVMOnStretchSupervisorFSSEnabled) + isPodVMOnStretchSupervisorFSSEnabled) if err != nil { log.Errorf("failed to initialize VolumeOperationRequestInterface with error: %v", err) return err @@ -728,11 +724,10 @@ func (c *controller) createBlockVolume(ctx context.Context, req *csi.CreateVolum volSizeBytes = int64(req.GetCapacityRange().GetRequiredBytes()) } volSizeMB := int64(common.RoundUpSize(volSizeBytes, common.MbInBytes)) - isBlockVolumeSnapshotEnabled := commonco.ContainerOrchestratorUtility.IsFSSEnabled(ctx, common.BlockVolumeSnapshot) // Check if requested volume size and source snapshot size matches volumeSource := req.GetVolumeContentSource() var contentSourceSnapshotID string - if isBlockVolumeSnapshotEnabled && volumeSource != nil { + if volumeSource != nil { sourceSnapshot := volumeSource.GetSnapshot() if sourceSnapshot == nil { return nil, csifault.CSIInvalidArgumentFault, @@ -1695,8 +1690,7 @@ func (c *controller) DeleteVolume(ctx context.Context, req *csi.DeleteVolumeRequ volumeType = convertCnsVolumeType(ctx, cnsVolumeType) } // Check if the volume contains CNS snapshots only for block volumes. - if cnsVolumeType == common.BlockVolumeType && - commonco.ContainerOrchestratorUtility.IsFSSEnabled(ctx, common.BlockVolumeSnapshot) { + if cnsVolumeType == common.BlockVolumeType { snapshots, _, err := common.QueryVolumeSnapshotsByVolumeID(ctx, c.manager.VolumeManager, req.VolumeId, common.QuerySnapshotLimit) if err != nil { @@ -2380,10 +2374,6 @@ func (c *controller) CreateSnapshot(ctx context.Context, req *csi.CreateSnapshot ctx = logger.NewContextWithLogger(ctx) log := logger.GetLogger(ctx) log.Infof("WCP CreateSnapshot: called with args %+v", *req) - isBlockVolumeSnapshotWCPEnabled := commonco.ContainerOrchestratorUtility.IsFSSEnabled(ctx, common.BlockVolumeSnapshot) - if !isBlockVolumeSnapshotWCPEnabled { - return nil, logger.LogNewErrorCode(log, codes.Unimplemented, "createSnapshot") - } volumeType := prometheus.PrometheusUnknownVolumeType createSnapshotInternal := func() (*csi.CreateSnapshotResponse, error) { // Validate CreateSnapshotRequest @@ -2524,10 +2514,6 @@ func (c *controller) DeleteSnapshot(ctx context.Context, req *csi.DeleteSnapshot log.Infof("DeleteSnapshot: called with args %+v", *req) volumeType := prometheus.PrometheusBlockVolumeType start := time.Now() - isBlockVolumeSnapshotWCPEnabled := commonco.ContainerOrchestratorUtility.IsFSSEnabled(ctx, common.BlockVolumeSnapshot) - if !isBlockVolumeSnapshotWCPEnabled { - return nil, logger.LogNewErrorCode(log, codes.Unimplemented, "deleteSnapshot") - } deleteSnapshotInternal := func() (*csi.DeleteSnapshotResponse, error) { csiSnapshotID := req.GetSnapshotId() isStorageQuotaM2FSSEnabled := commonco.ContainerOrchestratorUtility.IsFSSEnabled(ctx, @@ -2600,10 +2586,6 @@ func (c *controller) ListSnapshots(ctx context.Context, req *csi.ListSnapshotsRe log := logger.GetLogger(ctx) volumeType := prometheus.PrometheusBlockVolumeType log.Infof("ListSnapshots: called with args %+v", *req) - isBlockVolumeSnapshotWCPEnabled := commonco.ContainerOrchestratorUtility.IsFSSEnabled(ctx, common.BlockVolumeSnapshot) - if !isBlockVolumeSnapshotWCPEnabled { - return nil, logger.LogNewErrorCode(log, codes.Unimplemented, "listSnapshot") - } listSnapshotsInternal := func() (*csi.ListSnapshotsResponse, error) { err := validateWCPListSnapshotRequest(ctx, req) if err != nil { @@ -2671,8 +2653,7 @@ func (c *controller) ControllerExpandVolume(ctx context.Context, req *csi.Contro } volumeType = convertCnsVolumeType(ctx, cnsVolumeType) } - if cnsVolumeType == common.BlockVolumeType && - commonco.ContainerOrchestratorUtility.IsFSSEnabled(ctx, common.BlockVolumeSnapshot) { + if cnsVolumeType == common.BlockVolumeType { snapshots, _, err := common.QueryVolumeSnapshotsByVolumeID(ctx, c.manager.VolumeManager, req.VolumeId, common.QuerySnapshotLimit) if err != nil { diff --git a/pkg/csi/service/wcpguest/controller.go b/pkg/csi/service/wcpguest/controller.go index b0b8b39b69..99c5dcc46a 100644 --- a/pkg/csi/service/wcpguest/controller.go +++ b/pkg/csi/service/wcpguest/controller.go @@ -327,8 +327,7 @@ func (c *controller) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequ } volSizeMB := int64(common.RoundUpSize(volSizeBytes, common.MbInBytes)) volumeSource := req.GetVolumeContentSource() - if commonco.ContainerOrchestratorUtility.IsFSSEnabled(ctx, common.BlockVolumeSnapshot) && - volumeSource != nil { + if volumeSource != nil { sourceSnapshot := volumeSource.GetSnapshot() if sourceSnapshot == nil { return nil, csifault.CSIInvalidArgumentFault, @@ -493,8 +492,7 @@ func (c *controller) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequ } // Set the Snapshot VolumeContentSource in the CreateVolumeResponse - if commonco.ContainerOrchestratorUtility.IsFSSEnabled(ctx, common.BlockVolumeSnapshot) && - volumeSnapshotName != "" { + if volumeSnapshotName != "" { resp.Volume.ContentSource = &csi.VolumeContentSource{ Type: &csi.VolumeContentSource_Snapshot{ Snapshot: &csi.VolumeContentSource_SnapshotSource{ @@ -1603,11 +1601,6 @@ func (c *controller) CreateSnapshot(ctx context.Context, req *csi.CreateSnapshot start := time.Now() volumeType := prometheus.PrometheusBlockVolumeType log.Infof("CreateSnapshot: called with args %+v", *req) - isBlockVolumeSnapshotWCPEnabled := commonco.ContainerOrchestratorUtility.IsFSSEnabled(ctx, - common.BlockVolumeSnapshot) - if !isBlockVolumeSnapshotWCPEnabled { - return nil, logger.LogNewErrorCode(log, codes.Unimplemented, "createSnapshot") - } createSnapshotInternal := func() (*csi.CreateSnapshotResponse, error) { // Search for supervisor PVC and ensure it exists supervisorPVCName := req.SourceVolumeId @@ -1735,10 +1728,6 @@ func (c *controller) DeleteSnapshot(ctx context.Context, req *csi.DeleteSnapshot start := time.Now() volumeType := prometheus.PrometheusBlockVolumeType log.Infof("DeleteSnapshot: called with args %+v", *req) - isBlockVolumeSnapshotWCPEnabled := commonco.ContainerOrchestratorUtility.IsFSSEnabled(ctx, common.BlockVolumeSnapshot) - if !isBlockVolumeSnapshotWCPEnabled { - return nil, logger.LogNewErrorCode(log, codes.Unimplemented, "deleteSnapshot") - } deleteSnapshotInternal := func() (*csi.DeleteSnapshotResponse, error) { csiSnapshotID := req.GetSnapshotId() // Retrieve the supervisor volumesnapshot @@ -1828,10 +1817,6 @@ func (c *controller) ListSnapshots(ctx context.Context, req *csi.ListSnapshotsRe start := time.Now() volumeType := prometheus.PrometheusBlockVolumeType log.Infof("ListSnapshots: called with args %+v", *req) - isBlockVolumeSnapshotEnabled := commonco.ContainerOrchestratorUtility.IsFSSEnabled(ctx, common.BlockVolumeSnapshot) - if !isBlockVolumeSnapshotEnabled { - return nil, logger.LogNewErrorCode(log, codes.Unimplemented, "listSnapshot") - } listSnapshotsInternal := func() (*csi.ListSnapshotsResponse, error) { log.Infof("ListSnapshots: called with args %+v", *req) maxEntries := common.QuerySnapshotLimit diff --git a/pkg/internalapis/cnsvolumeoperationrequest/cnsvolumeoperationrequest.go b/pkg/internalapis/cnsvolumeoperationrequest/cnsvolumeoperationrequest.go index 6f69fa2eaf..f9379a3e44 100644 --- a/pkg/internalapis/cnsvolumeoperationrequest/cnsvolumeoperationrequest.go +++ b/pkg/internalapis/cnsvolumeoperationrequest/cnsvolumeoperationrequest.go @@ -85,7 +85,7 @@ var ( // VolumeOperationRequest interface. Clients are unaware of the implementation // details to read and persist volume operation details. func InitVolumeOperationRequestInterface(ctx context.Context, cleanupInterval int, - isBlockVolumeSnapshotEnabled func() bool, isPodVMOnStretchSupervisorEnabled bool) ( + isPodVMOnStretchSupervisorEnabled bool) ( VolumeOperationRequest, error) { log := logger.GetLogger(ctx) csiNamespace = getCSINamespace() diff --git a/pkg/syncer/admissionhandler/admissionhandler.go b/pkg/syncer/admissionhandler/admissionhandler.go index f885955a89..10115d1e6e 100644 --- a/pkg/syncer/admissionhandler/admissionhandler.go +++ b/pkg/syncer/admissionhandler/admissionhandler.go @@ -56,7 +56,6 @@ var ( // CO agnostic orchestrator in the admission handler package. COInitParams *interface{} featureGateCsiMigrationEnabled bool - featureGateBlockVolumeSnapshotEnabled bool featureGateTKGSHaEnabled bool featureGateTopologyAwareFileVolumeEnabled bool featureGateByokEnabled bool @@ -145,7 +144,6 @@ func StartWebhookServer(ctx context.Context, enableWebhookClientCertVerification if clusterFlavor == cnstypes.CnsClusterFlavorWorkload { featureGateTKGSHaEnabled = containerOrchestratorUtility.IsFSSEnabled(ctx, common.TKGsHA) - featureGateBlockVolumeSnapshotEnabled = containerOrchestratorUtility.IsFSSEnabled(ctx, common.BlockVolumeSnapshot) featureGateByokEnabled = containerOrchestratorUtility.IsFSSEnabled(ctx, common.WCP_VMService_BYOK) featureIsSharedDiskEnabled = containerOrchestratorUtility.IsFSSEnabled(ctx, common.SharedDiskFss) featureFileVolumesWithVmServiceEnabled = containerOrchestratorUtility.IsFSSEnabled(ctx, @@ -158,7 +156,6 @@ func StartWebhookServer(ctx context.Context, enableWebhookClientCertVerification } } else if clusterFlavor == cnstypes.CnsClusterFlavorGuest { featureIsLinkedCloneSupportEnabled = containerOrchestratorUtility.IsFSSEnabled(ctx, common.LinkedCloneSupport) - featureGateBlockVolumeSnapshotEnabled = containerOrchestratorUtility.IsFSSEnabled(ctx, common.BlockVolumeSnapshot) startPVCSIWebhookManager(ctx) } else if clusterFlavor == cnstypes.CnsClusterFlavorVanilla { if cfg == nil { @@ -170,13 +167,12 @@ func StartWebhookServer(ctx context.Context, enableWebhookClientCertVerification log.Debugf("webhook config: %v", cfg) } featureGateCsiMigrationEnabled = containerOrchestratorUtility.IsFSSEnabled(ctx, common.CSIMigration) - featureGateBlockVolumeSnapshotEnabled = containerOrchestratorUtility.IsFSSEnabled(ctx, common.BlockVolumeSnapshot) featureGateTopologyAwareFileVolumeEnabled = containerOrchestratorUtility.IsFSSEnabled(ctx, common.TopologyAwareFileVolume) featureFileVolumesWithVmServiceEnabled = containerOrchestratorUtility.IsFSSEnabled(ctx, common.FileVolumesWithVmService) - if featureGateCsiMigrationEnabled || featureGateBlockVolumeSnapshotEnabled { + if featureGateCsiMigrationEnabled { certs, err := tls.LoadX509KeyPair(cfg.WebHookConfig.CertFile, cfg.WebHookConfig.KeyFile) if err != nil { log.Errorf("failed to load key pair. certFile: %q, keyFile: %q err: %v", diff --git a/pkg/syncer/admissionhandler/cnscsi_admissionhandler.go b/pkg/syncer/admissionhandler/cnscsi_admissionhandler.go index 12fcd686a2..6c6538e1eb 100644 --- a/pkg/syncer/admissionhandler/cnscsi_admissionhandler.go +++ b/pkg/syncer/admissionhandler/cnscsi_admissionhandler.go @@ -188,10 +188,8 @@ func (h *CSISupervisorWebhook) Handle(ctx context.Context, req admission.Request if !resp.Allowed { return } - if featureGateBlockVolumeSnapshotEnabled { - admissionResp := validatePVC(ctx, &req.AdmissionRequest) - resp.AdmissionResponse = *admissionResp.DeepCopy() - } + admissionResp := validatePVC(ctx, &req.AdmissionRequest) + resp.AdmissionResponse = *admissionResp.DeepCopy() } else if req.Kind.Kind == "CnsFileAccessConfig" { if featureFileVolumesWithVmServiceEnabled { switch req.Operation { diff --git a/pkg/syncer/admissionhandler/pvcsi_admissionhandler.go b/pkg/syncer/admissionhandler/pvcsi_admissionhandler.go index e76622b902..b867cedaf7 100644 --- a/pkg/syncer/admissionhandler/pvcsi_admissionhandler.go +++ b/pkg/syncer/admissionhandler/pvcsi_admissionhandler.go @@ -126,10 +126,6 @@ func (h *CSIGuestWebhook) Handle(ctx context.Context, req admission.Request) (re resp = admission.Allowed("") if req.Kind.Kind == "PersistentVolumeClaim" { - if featureGateBlockVolumeSnapshotEnabled { - admissionResp := validatePVC(ctx, &req.AdmissionRequest) - resp.AdmissionResponse = *admissionResp.DeepCopy() - } // Do additional checks only if the previous checks were successful if resp.Allowed && featureIsLinkedCloneSupportEnabled { admissionResp := validateGuestPVCOperation(ctx, &req.AdmissionRequest) @@ -152,9 +148,7 @@ func (g *CSIGuestMutationWebhook) Handle(ctx context.Context, req admission.Requ if req.Kind.Kind == "PersistentVolumeClaim" { switch req.Operation { case admissionv1.Create: - if featureGateBlockVolumeSnapshotEnabled { - return g.mutateNewPVC(ctx, req) - } + return g.mutateNewPVC(ctx, req) } } return diff --git a/pkg/syncer/admissionhandler/validatepvc.go b/pkg/syncer/admissionhandler/validatepvc.go index 03312c7c1d..420ee83328 100644 --- a/pkg/syncer/admissionhandler/validatepvc.go +++ b/pkg/syncer/admissionhandler/validatepvc.go @@ -30,14 +30,6 @@ const ( // validatePVC helps validate AdmissionReview requests for PersistentVolumeClaim. func validatePVC(ctx context.Context, req *admissionv1.AdmissionRequest) *admissionv1.AdmissionResponse { - if !featureGateBlockVolumeSnapshotEnabled { - // If CSI block volume snapshot is disabled and webhook is running, - // skip validation for PersistentVolumeClaim. - return &admissionv1.AdmissionResponse{ - Allowed: true, - } - } - if req.Operation != admissionv1.Update && req.Operation != admissionv1.Delete { // If AdmissionReview request operation is out of expectation, // skip validation for PersistentVolumeClaim. diff --git a/pkg/syncer/admissionhandler/validatepvc_test.go b/pkg/syncer/admissionhandler/validatepvc_test.go index 0f043f2f3f..69998daf59 100644 --- a/pkg/syncer/admissionhandler/validatepvc_test.go +++ b/pkg/syncer/admissionhandler/validatepvc_test.go @@ -107,7 +107,6 @@ func getPVCAdmissionTest(t *testing.T) *pvcAdmissionTest { func TestValidatePVC(t *testing.T) { testInstance := getPVCAdmissionTest(t) - featureGateBlockVolumeSnapshotEnabled = true tests := []struct { name string kubeObjs []runtime.Object diff --git a/pkg/syncer/admissionhandler/validatesnapshotoperation.go b/pkg/syncer/admissionhandler/validatesnapshotoperation.go index c3b73f6787..625571a2b5 100644 --- a/pkg/syncer/admissionhandler/validatesnapshotoperation.go +++ b/pkg/syncer/admissionhandler/validatesnapshotoperation.go @@ -39,10 +39,6 @@ func validateSnapshotOperationGuestRequest(ctx context.Context, req *admissionv1 return admission.Denied(reason) } log.Debugf("Validating VolumeSnapshotClass: %q", vsclass.Name) - if vsclass.Driver == "csi.vsphere.vmware.com" && !featureGateBlockVolumeSnapshotEnabled { - // Disallow any operation on VolumeSnapshotClass object if block-volume-snapshot feature is not enabled - return admission.Denied(SnapshotFeatureNotEnabled) - } } else if req.Kind.Kind == "VolumeSnapshotContent" { vsc := snap.VolumeSnapshotContent{} log.Debugf("JSON req.Object.Raw: %v", string(req.Object.Raw)) @@ -52,10 +48,6 @@ func validateSnapshotOperationGuestRequest(ctx context.Context, req *admissionv1 return admission.Denied(reason) } log.Debugf("Validating VolumeSnapshotContent: %q", vsc.Name) - if vsc.Spec.Driver == "csi.vsphere.vmware.com" && !featureGateBlockVolumeSnapshotEnabled { - // Disallow any operation on VolumeSnapshotContent object if block-volume-snapshot feature is not enabled - return admission.Denied(SnapshotFeatureNotEnabled) - } } else if req.Kind.Kind == "VolumeSnapshot" { vs := snap.VolumeSnapshot{} // Handle VolumeSnapshot deletion with Linked Clone support. @@ -78,7 +70,6 @@ func validateSnapshotOperationGuestRequest(ctx context.Context, req *admissionv1 return admission.Denied(reason) } log.Debugf("Validating VolumeSnapshot: %q", vs.Name) - // Disallow any operation on VolumeSnapshot object if block-volume-snapshot feature is not enable // If no volume snapshot class mentioned i.e. default volume snapshot class to be used, then // following checks are skipped. Currently vSphere driver snapshot class is not marked default. if *vs.Spec.VolumeSnapshotClassName != "" { @@ -89,7 +80,7 @@ func validateSnapshotOperationGuestRequest(ctx context.Context, req *admissionv1 log.Warn(reason) return admission.Denied(reason) } - vsclass, err := snapshotterClient.SnapshotV1().VolumeSnapshotClasses().Get(ctx, + _, err = snapshotterClient.SnapshotV1().VolumeSnapshotClasses().Get(ctx, *vs.Spec.VolumeSnapshotClassName, metav1.GetOptions{}) if err != nil { reason := fmt.Sprintf("failed to Get VolumeSnapshotclass %s with error: %v.", @@ -97,9 +88,6 @@ func validateSnapshotOperationGuestRequest(ctx context.Context, req *admissionv1 log.Warn(reason) return admission.Denied(reason) } - if vsclass.Driver == "csi.vsphere.vmware.com" && !featureGateBlockVolumeSnapshotEnabled { - return admission.Denied(SnapshotFeatureNotEnabled) - } } } log.Debugf("validateSnapshotOperationGuestRequest completed for the request %v", req) diff --git a/pkg/syncer/admissionhandler/validatesnapshotoperation_test.go b/pkg/syncer/admissionhandler/validatesnapshotoperation_test.go deleted file mode 100644 index 7b196a2945..0000000000 --- a/pkg/syncer/admissionhandler/validatesnapshotoperation_test.go +++ /dev/null @@ -1,204 +0,0 @@ -/* -Copyright 2023 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package admissionhandler - -import ( - "context" - "testing" - - "github.com/agiledragon/gomonkey/v2" - snap "github.com/kubernetes-csi/external-snapshotter/client/v8/apis/volumesnapshot/v1" - snapshotterClientSet "github.com/kubernetes-csi/external-snapshotter/client/v8/clientset/versioned" - snapshotclientfake "github.com/kubernetes-csi/external-snapshotter/client/v8/clientset/versioned/fake" - v1 "k8s.io/api/admission/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - k8s "sigs.k8s.io/vsphere-csi-driver/v3/pkg/kubernetes" -) - -var admissionReview_snapshotclass = v1.AdmissionReview{ - Request: &v1.AdmissionRequest{ - Kind: metav1.GroupVersionKind{ - Kind: "VolumeSnapshotClass", - }, - }, -} - -var admissionReview_snapshot = v1.AdmissionReview{ - Request: &v1.AdmissionRequest{ - Kind: metav1.GroupVersionKind{ - Kind: "VolumeSnapshot", - }, - }, -} - -var admissionReview_snapshotcontent = v1.AdmissionReview{ - Request: &v1.AdmissionRequest{ - Kind: metav1.GroupVersionKind{ - Kind: "VolumeSnapshotContent", - }, - }, -} - -// TestValidateVolumeSnapshotClassInGuestWithFSSDisabled is the unit test for -// validating admissionReview request containing VolumeSnapshotClass with -// CSI snapshot FSS set to false. -func TestValidateVolumeSnapshotClassInGuestWithFSSDisabled(t *testing.T) { - ctx, cancel := context.WithCancel(context.Background()) - defer cancel() - featureGateBlockVolumeSnapshotEnabled = false - - // Validate vSphere VolumeSnapshotClass creation with CSI snapshot FSS disabled - admissionReview_snapshotclass.Request.Object = runtime.RawExtension{ - Raw: []byte("{\n \"kind\": \"VolumeSnapshotClass\",\n \"apiVersion\": \"snapshot.storage.k8s.io/v1\",\n" + - "\"metadata\": {\n \"name\": \"test-vsclass\",\n \"creationTimestamp\": \"2023-08-29T20:19:00Z\"\n }" + - ",\n \"driver\": \"csi.vsphere.vmware.com\",\n \"deletionPolicy\": \"Delete\"\n}"), - } - admissionResponse := validateSnapshotOperationGuestRequest(ctx, admissionReview_snapshotclass.Request) - if admissionResponse.Allowed { - t.Fatalf("TestValidateVolumeSnapshotClassInGuestWithFSSDisabled failed for vSphere VolumeSnapshotClass. "+ - "admissionReview_snapshot.Request: %v, admissionResponse: %v", admissionReview_snapshotclass.Request, - admissionResponse) - } - - // Validate non-vSphere VolumeSnapshotClass creation with CSI snapshot FSS disabled - admissionReview_snapshotclass.Request.Object = runtime.RawExtension{ - Raw: []byte("{\n \"kind\": \"VolumeSnapshotClass\",\n \"apiVersion\": \"snapshot.storage.k8s.io/v1\",\n" + - "\"metadata\": {\n \"name\": \"test-hostpath-snapclass\",\n " + - "\"creationTimestamp\": \"2023-08-29T20:19:00Z\"\n },\n " + - "\"driver\": \"hostpath.csi.k8s.io\",\n \"deletionPolicy\": \"Delete\"\n}"), - } - admissionResponse = validateSnapshotOperationGuestRequest(ctx, admissionReview_snapshotclass.Request) - if !admissionResponse.Allowed { - t.Fatalf("TestValidateVolumeSnapshotClassInGuestWithFSSDisabled failed for non-vSphere VolumeSnapshotClass. "+ - "admissionReview_snapshot.Request: %v, admissionResponse: %v", admissionReview_snapshotclass.Request, - admissionResponse) - } -} - -// TestValidateVolumeSnapshotInGuestWithFSSDisabled is the unit test for -// validating admissionReview request containing VolumeSnapshot with -// CSI snapshot FSS set to false. -func TestValidateVolumeSnapshotInGuestWithFSSDisabled(t *testing.T) { - ctx, cancel := context.WithCancel(context.Background()) - defer cancel() - featureGateBlockVolumeSnapshotEnabled = false - - // Create test vSphere snapclass for verification - snapshotClassObj := []runtime.Object{ - &snap.VolumeSnapshotClass{ - ObjectMeta: metav1.ObjectMeta{ - Name: "test-vsclass", - }, - Driver: "csi.vsphere.vmware.com", - DeletionPolicy: "Delete", - }, - } - snapshotClient := snapshotclientfake.NewSimpleClientset(snapshotClassObj...) - patches := gomonkey.ApplyFunc( - k8s.NewSnapshotterClient, func(ctx context.Context) (snapshotterClientSet.Interface, error) { - return snapshotClient, nil - }) - defer patches.Reset() - - // Validate vSphere VolumeSnapshot creation with CSI snapshot FSS disabled - admissionReview_snapshot.Request.Object = runtime.RawExtension{ - Raw: []byte("{\n \"kind\": \"VolumeSnapshot\",\n \"apiVersion\": \"snapshot.storage.k8s.io/v1\",\n " + - "\"metadata\": {\n \"name\": \"test-vs\",\n \"creationTimestamp\": \"2023-08-29T20:20:00Z\"\n },\n " + - "\"spec\": {\n \"volumeSnapshotClassName\": \"test-vsclass\",\n " + - "\"source\": {\n \"persistentVolumeClaimName\": \"test-pvc\"\n } \n} \n}"), - } - - admissionResponse := validateSnapshotOperationGuestRequest(ctx, admissionReview_snapshot.Request) - if admissionResponse.Allowed { - t.Fatalf("TestValidateVolumeSnapshotClassInGuestWithFSSDisabled failed for vSphere VolumeSnapshot. "+ - "admissionReview_snapshot.Request: %v, admissionResponse: %v", admissionReview_snapshot.Request, - admissionResponse) - } - - // Create test non-vSphere snapclass for verification - snapshotClassObj = []runtime.Object{ - &snap.VolumeSnapshotClass{ - ObjectMeta: metav1.ObjectMeta{ - Name: "test-hostpath-vsclass", - }, - Driver: "hostpath.csi.k8s.io", - DeletionPolicy: "Delete", - }, - } - snapshotClient = snapshotclientfake.NewSimpleClientset(snapshotClassObj...) - patches_nonvSphere := gomonkey.ApplyFunc( - k8s.NewSnapshotterClient, func(ctx context.Context) (snapshotterClientSet.Interface, error) { - return snapshotClient, nil - }) - defer patches_nonvSphere.Reset() - - // Validate non-vSphere VolumeSnapshot creation with CSI snapshot FSS disabled - admissionReview_snapshot.Request.Object = runtime.RawExtension{ - Raw: []byte("{\n \"kind\": \"VolumeSnapshot\",\n \"apiVersion\": \"snapshot.storage.k8s.io/v1\",\n " + - "\"metadata\": {\n \"name\": \"test-hostpath-vs\",\n \"creationTimestamp\": \"2023-08-29T20:20:00Z\"\n" + - "},\n \"spec\": {\n \"volumeSnapshotClassName\": \"test-hostpath-vsclass\",\n " + - "\"source\": {\n \"persistentVolumeClaimName\": \"test-pvc\"\n } \n} \n}"), - } - - admissionResponse = validateSnapshotOperationGuestRequest(ctx, admissionReview_snapshot.Request) - if !admissionResponse.Allowed { - t.Fatalf("TestValidateVolumeSnapshotClassInGuestWithFSSDisabled failed for non-vSphere VolumeSnapshot. "+ - "admissionReview_snapshot.Request: %v, admissionResponse: %v", admissionReview_snapshot.Request, - admissionResponse) - } -} - -// TestValidateVolumeSnapshotContentInGuestWithFSSDisabled is the unit test for -// validating admissionReview request containing VolumeSnapshotContent with -// CSI snapshot FSS set to false. (Static provisioning case) -func TestValidateVolumeSnapshotContentInGuestWithFSSDisabled(t *testing.T) { - ctx, cancel := context.WithCancel(context.Background()) - defer cancel() - featureGateBlockVolumeSnapshotEnabled = false - - // Validate vSphere VolumeSnapshot creation with CSI snapshot FSS disabled - admissionReview_snapshotcontent.Request.Object = runtime.RawExtension{ - Raw: []byte("{\n \"kind\": \"VolumeSnapshotContent\",\n \"apiVersion\": \"snapshot.storage.k8s.io/v1\",\n " + - "\"metadata\": {\n \"name\": \"test-static-vsc\",\n \"creationTimestamp\": \"2023-08-29T20:30:00Z\"\n" + - "},\n \"spec\": {\n \"driver\": \"csi.vsphere.vmware.com\",\n \"deletionPolicy\": \"Delete\",\n " + - "\"source\": {\n \"snapshotHandle\": " + - "\"4ef058e4-d941-447d-a427-438440b7d306+766f7158-b394-4cc1-891b-4667df0822fa\"\n }\n }\n }"), - } - admissionResponse := validateSnapshotOperationGuestRequest(ctx, admissionReview_snapshotcontent.Request) - if admissionResponse.Allowed { - t.Fatalf("TestValidateVolumeSnapshotObjectsInGuestWithFSSDisabled failed for vSphere VolumeSnapshotContent. "+ - "admissionReview_snapshot.Request: %v, admissionResponse: %v", admissionReview_snapshotcontent.Request, - admissionResponse) - } - - // Validate non-vSphere VolumeSnapshot creation with CSI snapshot FSS disabled - admissionReview_snapshotcontent.Request.Object = runtime.RawExtension{ - Raw: []byte("{\n \"kind\": \"VolumeSnapshotContent\",\n \"apiVersion\": \"snapshot.storage.k8s.io/v1\",\n " + - "\"metadata\": {\n \"name\": \"test-static-hostpath-vsc\",\n " + - "\"creationTimestamp\": \"2023-08-29T20:30:00Z\"\n },\n " + - "\"spec\": {\n \"driver\": \"hostpath.csi.k8s.io\",\n \"deletionPolicy\": \"Delete\",\n " + - "\"source\": {\n \"snapshotHandle\": " + - "\"567fg93h-d941-447d-a427-438440b7d306+766f7158-b394-4cc1-891b-4667df0822fa\"\n }\n }\n }"), - } - admissionResponse = validateSnapshotOperationGuestRequest(ctx, admissionReview_snapshotcontent.Request) - if !admissionResponse.Allowed { - t.Fatalf("TestValidateVolumeSnapshotObjectsInGuestWithFSSDisabled failed for non-vSphere VolumeSnapshotContent. "+ - "admissionReview_snapshot.Request: %v, admissionResponse: %v", admissionReview_snapshotcontent.Request, - admissionResponse) - } -}