Update Helm release ceph-csi-cephfs to v3.7.2
This MR contains the following updates:
| Package | Update | Change |
|---|---|---|
| ceph-csi-cephfs | minor |
3.6.2 -> 3.7.2
|
Release Notes
ceph/ceph-csi
v3.7.2: Ceph-CSI v3.7.2 Release
Changelog or Highlights:
Bug Fixes:
CephFS
- Delete subvolume if SetAllMetadata fails #3435
- Allow subvolume creation if ceph cluster doesnt support metadata API #3423
RBD
- Fix volume leak if metadata operation fails #3436
Vendor Update
- Rebase: golang.org/x/text/language to v0.3.8 to fix a vulnerability #3439
CI improvements
- Create kubernetes cluster with podman driver #3420
Breaking Changes
None.
v3.7.1: Ceph-CSI v3.7.1 Release
Bug Fixes:
- rbd: fix bug in kmip kms Decrypt function & improve error msg https://github.com/ceph/ceph-csi/pull/3341
- rbd: modify stripSecret mechanism in logGRPC() https://github.com/ceph/ceph-csi/pull/3350
- cephfs: return success if metadata operation not supported https://github.com/ceph/ceph-csi/pull/3352
- rbd: change default FsGroupPolicy to "File" for RBD CSI driver https://github.com/ceph/ceph-csi/pull/3364
- rbd: map only primary image https://github.com/ceph/ceph-csi/pull/3373
- ci: use resync to sync helm charts https://github.com/ceph/ceph-csi/pull/3374
- cephfs: Fix subvolumegroup creation https://github.com/ceph/ceph-csi/pull/3376
- rbd: create token and use it for vault SA everytime possible https://github.com/ceph/ceph-csi/pull/3378
- rbd: use blocklist range cmd, fallback if it fails https://github.com/ceph/ceph-csi/pull/3386
NOTE
Helm upgrade may fail with message:
UPGRADE FAILED: cannot patch "rbd.csi.ceph.com" with kind CSIDriver: CSIDriver.storage.k8s.io "rbd.csi.ceph.com" is invalid: spec.fsGroupPolicy: Invalid value: "File": field is immutable"
FAILED! => {"changed": false, "command": "/usr/sbin/helm --version=v3.7.1 upgrade -i --reset-values --create-namespace -f=/tmp/tmp2sr2me9a.yml ceph-csi ceph-csi/ceph-csi-rbd", "msg": "Failure when executing Helm command. Exited 1.\nstdout: \nstderr: Error: UPGRADE FAILED: cannot patch \"rbd.csi.ceph.com\" with kind CSIDriver: CSIDriver.storage.k8s.io \"rbd.csi.ceph.com\" is invalid: spec.fsGroupPolicy: Invalid value: \"File\": field is immutable\n", "stderr": "Error: UPGRADE FAILED: cannot patch \"rbd.csi.ceph.com\" with kind CSIDriver: CSIDriver.storage.k8s.io \"rbd.csi.ceph.com\" is invalid: spec.fsGroupPolicy: Invalid value: \"File\": field is immutable\n", "stderr_lines": ["Error: UPGRADE FAILED: cannot patch \"rbd.csi.ceph.com\" with kind CSIDriver: CSIDriver.storage.k8s.io \"rbd.csi.ceph.com\" is invalid: spec.fsGroupPolicy: Invalid value: \"File\": field is immutable"], "stdout": "", "stdout_lines": []}If so, delete the csidriver object
kubectl delete csidriver rbd.csi.ceph.comThen do helm upgrade
v3.7.0: Ceph-CSI v3.7.0 Release
We are excited to announce another feature packed release of Ceph CSI , v3.7.0. This is another great step towards making it possible to use enhanced features of Container Storage Interface ( CSI) with Ceph Cluster in the backend. With this release, we are introducing many brand new features and enhancements to Ceph CSI driver. Also this release enabled a smooth integration to various projects. Here are the changelog / release highlights..
Changelog and Highlights:
Features
- KMIP integration for RBD PVC encryption
- The Key Management Interoperability Protocol (KMIP) is an extensible communication protocol that defines message formats for the manipulation of cryptographic keys on a key management server. Ceph-CSI can now be configured to connect to various KMS using KMIP for encrypting RBD volumes.
- NFS
- Added support for volume expansion, snapshot, restore and clone.
- Added NFS nodeserver within CephCSI with support for pod networking with nsenter.
- Support enabling PV and snapshot metadata on the RBD images and CephFS subvolumes
- For persistent volumes, clones and volume restores we support adding PVName/PVCName/PVCNamespace and ClusterName details
- For snapshot volumes we support adding snapshot-name/snapshot-namespace/snapshotcontent-name and ClusterName details
- Shallow Read Only support for Ceph CSI driver:
- cephfs-csi expose CephFS snapshots as shallow, read-only volumes, without needing to clone the underlying snapshot data (https://github.com/ceph/ceph-csi/blob/devel/docs/design/proposals/cephfs-snapshot-shallow-ro-vol.md ) which enables users to Restore snapshots selectively - users may want to traverse snapshots, restoring data to a writable volume more selectively instead of restoring the whole snapshot and this feature also help to perform more efficient Volume backup.
Enhancements
- All kubernetes sidecars ( external provisioner,snapshotter, resizer..etc) are rebased to latest available versions. Along with other dependency module updates this release consume go-ceph v0.17.0 and kubernetes 1.24.4 version.
- snapshot API support has been lifted to GA version in this release.
- From this release onwards, the CSI driver make use of
Filefsgroup policy for its fsgroup based operations. - New feature gates are enabled ( HonorPVReclaimPolicy..etc) in the sidecar deployments.
Bug Fixes
- While mounting the volume, CSI drivers no longer open world wide permission on mount path ( See ).
- Support linux kernels <=4.11.0, /sys/bus/rbd/supported_features is part of Linux kernel v4.11.0, prepare the supported feature attributes and use them in case if supported_features file is missing (See #2678)
- Fix volume healer for StagingTargetPath issue for Kubernetes 1.24 (See #3176)
- RBACs are restricted to a great extend in this release version compared to previous. The CSI driver operate on least required RBAC in a cluster from now on.
E2E
- many tests are added for making sure we stay with backward compatibility for existing features of v3.6.
- new tests are added for features introduced in this release
- lots of cleanup and deprecated API removals done on the test framework
- Dropped support for kubernetes v<=1.22 tests in the framework
Deprecation
- Volumereplication service running on controller server is deprecated and replaced by CSI-Addons, see https://github.com/ceph/ceph-csi/issues/3314 for more details
- cephfs provisioner will not make use of attacher sidecar from this release onwards. See https://github.com/ceph/ceph-csi/pull/3149 for more details
Breaking Changes
- NFS daemonset is renamed from
csi-nfs-nodetocsi-nfsplugin, refer to upgrade steps for more details.
NOTE
Helm upgrade may fail with message:
UPGRADE FAILED: cannot patch "rbd.csi.ceph.com" with kind CSIDriver: CSIDriver.storage.k8s.io "rbd.csi.ceph.com" is invalid: spec.fsGroupPolicy: Invalid value: "File": field is immutable"
FAILED! => {"changed": false, "command": "/usr/sbin/helm --version=v3.7.0 upgrade -i --reset-values --create-namespace -f=/tmp/tmp2sr2me9a.yml ceph-csi ceph-csi/ceph-csi-rbd", "msg": "Failure when executing Helm command. Exited 1.\nstdout: \nstderr: Error: UPGRADE FAILED: cannot patch \"rbd.csi.ceph.com\" with kind CSIDriver: CSIDriver.storage.k8s.io \"rbd.csi.ceph.com\" is invalid: spec.fsGroupPolicy: Invalid value: \"File\": field is immutable\n", "stderr": "Error: UPGRADE FAILED: cannot patch \"rbd.csi.ceph.com\" with kind CSIDriver: CSIDriver.storage.k8s.io \"rbd.csi.ceph.com\" is invalid: spec.fsGroupPolicy: Invalid value: \"File\": field is immutable\n", "stderr_lines": ["Error: UPGRADE FAILED: cannot patch \"rbd.csi.ceph.com\" with kind CSIDriver: CSIDriver.storage.k8s.io \"rbd.csi.ceph.com\" is invalid: spec.fsGroupPolicy: Invalid value: \"File\": field is immutable"], "stdout": "", "stdout_lines": []}If so, delete the csidriver object
kubectl delete csidriver rbd.csi.ceph.comThen do helm upgrade
Release Image : docker pull quay.io/cephcsi/cephcsi:v3.7.0
New Contributors ( Thanks !! 👍 )
- @losil made their first contribution in https://github.com/ceph/ceph-csi/pull/2993
- @Cytrian made their first contribution in https://github.com/ceph/ceph-csi/pull/3091
- @naveensrinivasan made their first contribution in https://github.com/ceph/ceph-csi/pull/3127
- @irq0 made their first contribution in https://github.com/ceph/ceph-csi/pull/2912
- @iceman91176 made their first contribution in https://github.com/ceph/ceph-csi/pull/3177
- @BenoitKnecht made their first contribution in https://github.com/ceph/ceph-csi/pull/3232
- @takmatsu made their first contribution in https://github.com/ceph/ceph-csi/pull/3233
- @anthonyeleven made their first contribution in https://github.com/ceph/ceph-csi/pull/3274
- @palvarez89 made their first contribution in https://github.com/ceph/ceph-csi/pull/3273
Full Changelog: https://github.com/ceph/ceph-csi/compare/v3.6.2...v3.7.0
Thanks to awesome Ceph CSI community for this great release
Configuration
-
If you want to rebase/retry this MR, check this box
This MR has been generated by Renovate Bot.
Edited by Renovate [bot]
