Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add ec2:ModifyVolume action #434

Merged
merged 1 commit into from
Jan 1, 2020
Merged

Conversation

zodiac12k
Copy link
Contributor

Add ec2:ModifyVolume action to get authorization to resize volume.
I think it needs to be added to example permission policy json file

Is this a bug fix or adding new feature?
I think it is Improvement?

What is this PR about? / Why do we need it?
If it doesn't have this action in the permission policy, you should see the following error log when resizing volume.

I1230 05:25:14.083279       1 event.go:209] Event(v1.ObjectReference{Kind:"PersistentVolumeClaim", Namespace:"default", Name:"ebs-claim", UID:"6dc884e0-2ac4-11ea-95ac-025d239d2fe4", APIVersion:"v1", ResourceVersion:"547846", FieldPath:""}): type: 'Normal' reason: 'Resizing' External resizer is resizing volume pvc-***
I1230 05:25:14.083201       1 connection.go:181] GRPC request: {"capacity_range":{"required_bytes":5368709120},"volume_id":"vol-***"}
I1230 05:25:14.157532       1 connection.go:183] GRPC response: {}
I1230 05:25:14.157906       1 connection.go:184] GRPC error: rpc error: code = Internal desc = Could not resize volume "vol-***": could not modify AWS volume "vol-***": UnauthorizedOperation: You are not authorized to perform this operation.
	status code: 403, request id: e4cbf4d1-311f-48d8-b9a1-147f9cf90c0c
E1230 05:25:14.157919       1 controller.go:342] Resize volume "pvc-***" by resizer "ebs.csi.aws.com" failed: rpc error: code = Internal desc = Could not resize volume "vol-***": could not modify AWS volume "vol-***": UnauthorizedOperation: You are not authorized to perform this operation.
	status code: 403, request id: e4cbf4d1-311f-48d8-b9a1-147f9cf90c0c
I1230 05:25:14.157985       1 event.go:209] Event(v1.ObjectReference{Kind:"PersistentVolumeClaim", Namespace:"default", Name:"ebs-claim", UID:"6dc884e0-2ac4-11ea-95ac-025d239d2fe4", APIVersion:"v1", ResourceVersion:"547846", FieldPath:""}): type: 'Warning' reason: 'VolumeResizeFailed' resize volume pvc-*** failed: rpc error: code = Internal desc = Could not resize volume "vol-***": could not modify AWS volume "vol-***": UnauthorizedOperation: You are not authorized to perform this operation.
	status code: 403, request id: e4cbf4d1-311f-48d8-b9a1-147f9cf90c0c

What testing is done?
After I add this action in the permission policy, resizing volume succeeded!!

I1230 05:29:31.434951       1 controller.go:211] Started PVC processing "default/ebs-claim"
I1230 05:29:31.441255       1 connection.go:180] GRPC call: /csi.v1.Controller/ControllerExpandVolume
I1230 05:29:31.441386       1 event.go:209] Event(v1.ObjectReference{Kind:"PersistentVolumeClaim", Namespace:"default", Name:"ebs-claim", UID:"6dc884e0-2ac4-11ea-95ac-025d239d2fe4", APIVersion:"v1", ResourceVersion:"548274", FieldPath:""}): type: 'Normal' reason: 'Resizing' External resizer is resizing volume pvc-***
I1230 05:29:31.441267       1 connection.go:181] GRPC request: {"capacity_range":{"required_bytes":6442450944},"volume_id":"vol-***"}
I1230 05:29:43.771331       1 connection.go:183] GRPC response: {"capacity_bytes":6442450944,"node_expansion_required":true}
I1230 05:29:43.771715       1 connection.go:184] GRPC error: <nil>
I1230 05:29:43.771722       1 controller.go:345] Resize volume succeeded for volume "pvc-***", start to update PV's capacity
I1230 05:29:43.782629       1 controller.go:351] Update capacity of PV "pvc-***" to 6Gi succeeded
I1230 05:29:43.787106       1 controller.go:401] Mark PVC "default/ebs-claim" as file system resize required
I1230 05:29:43.787175       1 event.go:209] Event(v1.ObjectReference{Kind:"PersistentVolumeClaim", Namespace:"default", Name:"ebs-claim", UID:"6dc884e0-2ac4-11ea-95ac-025d239d2fe4", APIVersion:"v1", ResourceVersion:"548274", FieldPath:""}): type: 'Normal' reason: 'FileSystemResizeRequired' Require file system resize of volume on node
I1230 05:29:45.981975       1 reflector.go:370] k8s.io/client-go/informers/factory.go:133: Watch close - *v1.PersistentVolumeClaim total 20 items received

 Add ec2:ModifyVolume action to get authorization to resize volume
@k8s-ci-robot
Copy link
Contributor

Thanks for your pull request. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

📝 Please follow instructions at https://git.k8s.io/community/CLA.md#the-contributor-license-agreement to sign the CLA.

It may take a couple minutes for the CLA signature to be fully registered; after that, please reply here with a new comment and we'll verify. Thanks.


Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@k8s-ci-robot k8s-ci-robot added the cncf-cla: no Indicates the PR's author has not signed the CNCF CLA. label Dec 30, 2019
@k8s-ci-robot
Copy link
Contributor

Welcome @zodiac12k!

It looks like this is your first PR to kubernetes-sigs/aws-ebs-csi-driver 🎉. Please refer to our pull request process documentation to help your PR have a smooth ride to approval.

You will be prompted by a bot to use commands during the review process. Do not be afraid to follow the prompts! It is okay to experiment. Here is the bot commands documentation.

You can also check if kubernetes-sigs/aws-ebs-csi-driver has its own contribution guidelines.

You may want to refer to our testing guide if you run into trouble with your tests not passing.

If you are having difficulty getting your pull request seen, please follow the recommended escalation practices. Also, for tips and tricks in the contribution process you may want to read the Kubernetes contributor cheat sheet. We want to make sure your contribution gets all the attention it needs!

Thank you, and welcome to Kubernetes. 😃

@k8s-ci-robot
Copy link
Contributor

Hi @zodiac12k. Thanks for your PR.

I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@k8s-ci-robot k8s-ci-robot added the needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. label Dec 30, 2019
@k8s-ci-robot k8s-ci-robot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Dec 30, 2019
@coveralls
Copy link

Pull Request Test Coverage Report for Build 971

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 70.706%

Totals Coverage Status
Change from base Build 969: 0.0%
Covered Lines: 1231
Relevant Lines: 1741

💛 - Coveralls

@leakingtapan
Copy link
Contributor

/ok-to-test

@k8s-ci-robot k8s-ci-robot added ok-to-test Indicates a non-member PR verified by an org member that is safe to test. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. and removed needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. cncf-cla: no Indicates the PR's author has not signed the CNCF CLA. labels Dec 30, 2019
@leakingtapan
Copy link
Contributor

/lgtm
/approve

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Dec 30, 2019
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: leakingtapan, zodiac12k

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Dec 30, 2019
@leakingtapan
Copy link
Contributor

/retest

1 similar comment
@leakingtapan
Copy link
Contributor

/retest

@k8s-ci-robot k8s-ci-robot merged commit c1fdc87 into kubernetes-sigs:master Jan 1, 2020
joejulian added a commit to mesosphere/charts that referenced this pull request Mar 6, 2020
[Documentation](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/blob/v0.5.0/docs/README.md)

filename  | sha512 hash
--------- | ------------
[v0.5.0.zip](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/archive/v0.5.0.zip) | `c53327e090352a7f79ee642dbf8c211733f4a2cb78968ec688a1eade55151e65f1f97cd228d22168317439f1db9f3d2f07dcaa2873f44732ad23aaf632cbef3a`
[v0.5.0.tar.gz](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/archive/v0.5.0.tar.gz) | `ec4963d34c601cdf718838d90b8aa6f36b16c9ac127743e73fbe76118a606d41aced116aaaab73370c17bcc536945d5ccd735bc5a4a00f523025c8e41ddedcb8`

* Add a cmdline option to add extra volume tags ([#353](kubernetes-sigs/aws-ebs-csi-driver#353), [@jieyu](https://github.com/jieyu))
* Switch to use kustomize for manifest ([#360](kubernetes-sigs/aws-ebs-csi-driver#360), [@leakingtapan](https://github.com/leakingtapan))
* enable users to set ec2-endpoint for nonstandard regions ([#369](kubernetes-sigs/aws-ebs-csi-driver#369), [@amdonov](https://github.com/amdonov))
* Add standard volume type ([#379](kubernetes-sigs/aws-ebs-csi-driver#379), [@leakingtapan](https://github.com/leakingtapan))
* Update aws sdk version to enable EKS IAM for SA ([#386](kubernetes-sigs/aws-ebs-csi-driver#386), [@leakingtapan](https://github.com/leakingtapan))
* Implement different driver modes and AWS Region override for controller service ([#438](kubernetes-sigs/aws-ebs-csi-driver#438), [@rfranzke](https://github.com/rfranzke))
* Add manifest files for snapshotter 2.0 ([#452](kubernetes-sigs/aws-ebs-csi-driver#452), [@leakingtapan](https://github.com/leakingtapan))

* Return success if instance or volume are not found ([#375](kubernetes-sigs/aws-ebs-csi-driver#375), [@bertinatto](https://github.com/bertinatto))
* Patch k8scsi sidecars CVE-2019-11255 ([#413](kubernetes-sigs/aws-ebs-csi-driver#413), [@jnaulty](https://github.com/jnaulty))
* Handle mount flags in NodeStageVolume ([#430](kubernetes-sigs/aws-ebs-csi-driver#430), [@bertinatto](https://github.com/bertinatto))

* Run upstream e2e test suites with migration  ([#341](kubernetes-sigs/aws-ebs-csi-driver#341), [@wongma7](https://github.com/wongma7))
* Use new test framework for test orchestration ([#359](kubernetes-sigs/aws-ebs-csi-driver#359), [@leakingtapan](https://github.com/leakingtapan))
* Update to use 1.16 cluster with inline test enabled ([#362](kubernetes-sigs/aws-ebs-csi-driver#362), [@leakingtapan](https://github.com/leakingtapan))
* Enable leader election ([#380](kubernetes-sigs/aws-ebs-csi-driver#380), [@leakingtapan](https://github.com/leakingtapan))
* Update go mod and mount library ([#388](kubernetes-sigs/aws-ebs-csi-driver#388), [@leakingtapan](https://github.com/leakingtapan))
* Refactor NewCloud by pass in region ([#394](kubernetes-sigs/aws-ebs-csi-driver#394), [@leakingtapan](https://github.com/leakingtapan))
* helm: provide an option to set extra volume tags ([#396](kubernetes-sigs/aws-ebs-csi-driver#396), [@jieyu](https://github.com/jieyu))
* Allow override for csi-provisioner image ([#401](kubernetes-sigs/aws-ebs-csi-driver#401), [@gliptak](https://github.com/gliptak))
* Enable volume expansion e2e test for CSI migration ([#407](kubernetes-sigs/aws-ebs-csi-driver#407), [@leakingtapan](https://github.com/leakingtapan))
* Swith to use kops 1.16 ([#409](kubernetes-sigs/aws-ebs-csi-driver#409), [@leakingtapan](https://github.com/leakingtapan))
* Added tolerations for node support ([#420](kubernetes-sigs/aws-ebs-csi-driver#420), [@zerkms](https://github.com/zerkms))
* Update helm chart to better match available values and add the ability to add annotations ([#423](kubernetes-sigs/aws-ebs-csi-driver#423), [@krmichel](https://github.com/krmichel))
* [helm] Also add toleration support to controller ([#433](kubernetes-sigs/aws-ebs-csi-driver#433), [@jyaworski](https://github.com/jyaworski))
* Add ec2:ModifyVolume action ([#434](kubernetes-sigs/aws-ebs-csi-driver#434), [@zodiac12k](https://github.com/zodiac12k))
* Schedule the EBS CSI DaemonSet on all nodes by default ([#441](kubernetes-sigs/aws-ebs-csi-driver#441), [@pcfens](https://github.com/pcfens))
joejulian added a commit to mesosphere/charts that referenced this pull request Mar 9, 2020
[Documentation](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/blob/v0.5.0/docs/README.md)

filename  | sha512 hash
--------- | ------------
[v0.5.0.zip](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/archive/v0.5.0.zip) | `c53327e090352a7f79ee642dbf8c211733f4a2cb78968ec688a1eade55151e65f1f97cd228d22168317439f1db9f3d2f07dcaa2873f44732ad23aaf632cbef3a`
[v0.5.0.tar.gz](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/archive/v0.5.0.tar.gz) | `ec4963d34c601cdf718838d90b8aa6f36b16c9ac127743e73fbe76118a606d41aced116aaaab73370c17bcc536945d5ccd735bc5a4a00f523025c8e41ddedcb8`

* Add a cmdline option to add extra volume tags ([#353](kubernetes-sigs/aws-ebs-csi-driver#353), [@jieyu](https://github.com/jieyu))
* Switch to use kustomize for manifest ([#360](kubernetes-sigs/aws-ebs-csi-driver#360), [@leakingtapan](https://github.com/leakingtapan))
* enable users to set ec2-endpoint for nonstandard regions ([#369](kubernetes-sigs/aws-ebs-csi-driver#369), [@amdonov](https://github.com/amdonov))
* Add standard volume type ([#379](kubernetes-sigs/aws-ebs-csi-driver#379), [@leakingtapan](https://github.com/leakingtapan))
* Update aws sdk version to enable EKS IAM for SA ([#386](kubernetes-sigs/aws-ebs-csi-driver#386), [@leakingtapan](https://github.com/leakingtapan))
* Implement different driver modes and AWS Region override for controller service ([#438](kubernetes-sigs/aws-ebs-csi-driver#438), [@rfranzke](https://github.com/rfranzke))
* Add manifest files for snapshotter 2.0 ([#452](kubernetes-sigs/aws-ebs-csi-driver#452), [@leakingtapan](https://github.com/leakingtapan))

* Return success if instance or volume are not found ([#375](kubernetes-sigs/aws-ebs-csi-driver#375), [@bertinatto](https://github.com/bertinatto))
* Patch k8scsi sidecars CVE-2019-11255 ([#413](kubernetes-sigs/aws-ebs-csi-driver#413), [@jnaulty](https://github.com/jnaulty))
* Handle mount flags in NodeStageVolume ([#430](kubernetes-sigs/aws-ebs-csi-driver#430), [@bertinatto](https://github.com/bertinatto))

* Run upstream e2e test suites with migration  ([#341](kubernetes-sigs/aws-ebs-csi-driver#341), [@wongma7](https://github.com/wongma7))
* Use new test framework for test orchestration ([#359](kubernetes-sigs/aws-ebs-csi-driver#359), [@leakingtapan](https://github.com/leakingtapan))
* Update to use 1.16 cluster with inline test enabled ([#362](kubernetes-sigs/aws-ebs-csi-driver#362), [@leakingtapan](https://github.com/leakingtapan))
* Enable leader election ([#380](kubernetes-sigs/aws-ebs-csi-driver#380), [@leakingtapan](https://github.com/leakingtapan))
* Update go mod and mount library ([#388](kubernetes-sigs/aws-ebs-csi-driver#388), [@leakingtapan](https://github.com/leakingtapan))
* Refactor NewCloud by pass in region ([#394](kubernetes-sigs/aws-ebs-csi-driver#394), [@leakingtapan](https://github.com/leakingtapan))
* helm: provide an option to set extra volume tags ([#396](kubernetes-sigs/aws-ebs-csi-driver#396), [@jieyu](https://github.com/jieyu))
* Allow override for csi-provisioner image ([#401](kubernetes-sigs/aws-ebs-csi-driver#401), [@gliptak](https://github.com/gliptak))
* Enable volume expansion e2e test for CSI migration ([#407](kubernetes-sigs/aws-ebs-csi-driver#407), [@leakingtapan](https://github.com/leakingtapan))
* Swith to use kops 1.16 ([#409](kubernetes-sigs/aws-ebs-csi-driver#409), [@leakingtapan](https://github.com/leakingtapan))
* Added tolerations for node support ([#420](kubernetes-sigs/aws-ebs-csi-driver#420), [@zerkms](https://github.com/zerkms))
* Update helm chart to better match available values and add the ability to add annotations ([#423](kubernetes-sigs/aws-ebs-csi-driver#423), [@krmichel](https://github.com/krmichel))
* [helm] Also add toleration support to controller ([#433](kubernetes-sigs/aws-ebs-csi-driver#433), [@jyaworski](https://github.com/jyaworski))
* Add ec2:ModifyVolume action ([#434](kubernetes-sigs/aws-ebs-csi-driver#434), [@zodiac12k](https://github.com/zodiac12k))
* Schedule the EBS CSI DaemonSet on all nodes by default ([#441](kubernetes-sigs/aws-ebs-csi-driver#441), [@pcfens](https://github.com/pcfens))
sebbrandt87 pushed a commit to mesosphere/charts that referenced this pull request Mar 18, 2020
[Documentation](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/blob/v0.5.0/docs/README.md)

filename  | sha512 hash
--------- | ------------
[v0.5.0.zip](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/archive/v0.5.0.zip) | `c53327e090352a7f79ee642dbf8c211733f4a2cb78968ec688a1eade55151e65f1f97cd228d22168317439f1db9f3d2f07dcaa2873f44732ad23aaf632cbef3a`
[v0.5.0.tar.gz](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/archive/v0.5.0.tar.gz) | `ec4963d34c601cdf718838d90b8aa6f36b16c9ac127743e73fbe76118a606d41aced116aaaab73370c17bcc536945d5ccd735bc5a4a00f523025c8e41ddedcb8`

* Add a cmdline option to add extra volume tags ([#353](kubernetes-sigs/aws-ebs-csi-driver#353), [@jieyu](https://github.com/jieyu))
* Switch to use kustomize for manifest ([#360](kubernetes-sigs/aws-ebs-csi-driver#360), [@leakingtapan](https://github.com/leakingtapan))
* enable users to set ec2-endpoint for nonstandard regions ([#369](kubernetes-sigs/aws-ebs-csi-driver#369), [@amdonov](https://github.com/amdonov))
* Add standard volume type ([#379](kubernetes-sigs/aws-ebs-csi-driver#379), [@leakingtapan](https://github.com/leakingtapan))
* Update aws sdk version to enable EKS IAM for SA ([#386](kubernetes-sigs/aws-ebs-csi-driver#386), [@leakingtapan](https://github.com/leakingtapan))
* Implement different driver modes and AWS Region override for controller service ([#438](kubernetes-sigs/aws-ebs-csi-driver#438), [@rfranzke](https://github.com/rfranzke))
* Add manifest files for snapshotter 2.0 ([#452](kubernetes-sigs/aws-ebs-csi-driver#452), [@leakingtapan](https://github.com/leakingtapan))

* Return success if instance or volume are not found ([#375](kubernetes-sigs/aws-ebs-csi-driver#375), [@bertinatto](https://github.com/bertinatto))
* Patch k8scsi sidecars CVE-2019-11255 ([#413](kubernetes-sigs/aws-ebs-csi-driver#413), [@jnaulty](https://github.com/jnaulty))
* Handle mount flags in NodeStageVolume ([#430](kubernetes-sigs/aws-ebs-csi-driver#430), [@bertinatto](https://github.com/bertinatto))

* Run upstream e2e test suites with migration  ([#341](kubernetes-sigs/aws-ebs-csi-driver#341), [@wongma7](https://github.com/wongma7))
* Use new test framework for test orchestration ([#359](kubernetes-sigs/aws-ebs-csi-driver#359), [@leakingtapan](https://github.com/leakingtapan))
* Update to use 1.16 cluster with inline test enabled ([#362](kubernetes-sigs/aws-ebs-csi-driver#362), [@leakingtapan](https://github.com/leakingtapan))
* Enable leader election ([#380](kubernetes-sigs/aws-ebs-csi-driver#380), [@leakingtapan](https://github.com/leakingtapan))
* Update go mod and mount library ([#388](kubernetes-sigs/aws-ebs-csi-driver#388), [@leakingtapan](https://github.com/leakingtapan))
* Refactor NewCloud by pass in region ([#394](kubernetes-sigs/aws-ebs-csi-driver#394), [@leakingtapan](https://github.com/leakingtapan))
* helm: provide an option to set extra volume tags ([#396](kubernetes-sigs/aws-ebs-csi-driver#396), [@jieyu](https://github.com/jieyu))
* Allow override for csi-provisioner image ([#401](kubernetes-sigs/aws-ebs-csi-driver#401), [@gliptak](https://github.com/gliptak))
* Enable volume expansion e2e test for CSI migration ([#407](kubernetes-sigs/aws-ebs-csi-driver#407), [@leakingtapan](https://github.com/leakingtapan))
* Swith to use kops 1.16 ([#409](kubernetes-sigs/aws-ebs-csi-driver#409), [@leakingtapan](https://github.com/leakingtapan))
* Added tolerations for node support ([#420](kubernetes-sigs/aws-ebs-csi-driver#420), [@zerkms](https://github.com/zerkms))
* Update helm chart to better match available values and add the ability to add annotations ([#423](kubernetes-sigs/aws-ebs-csi-driver#423), [@krmichel](https://github.com/krmichel))
* [helm] Also add toleration support to controller ([#433](kubernetes-sigs/aws-ebs-csi-driver#433), [@jyaworski](https://github.com/jyaworski))
* Add ec2:ModifyVolume action ([#434](kubernetes-sigs/aws-ebs-csi-driver#434), [@zodiac12k](https://github.com/zodiac12k))
* Schedule the EBS CSI DaemonSet on all nodes by default ([#441](kubernetes-sigs/aws-ebs-csi-driver#441), [@pcfens](https://github.com/pcfens))
hectorj2f pushed a commit to mesosphere/charts that referenced this pull request Mar 19, 2020
* chore: update aws-ebs-csi-driver from 0.4.0 to 0.5.0

[Documentation](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/blob/v0.5.0/docs/README.md)

filename  | sha512 hash
--------- | ------------
[v0.5.0.zip](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/archive/v0.5.0.zip) | `c53327e090352a7f79ee642dbf8c211733f4a2cb78968ec688a1eade55151e65f1f97cd228d22168317439f1db9f3d2f07dcaa2873f44732ad23aaf632cbef3a`
[v0.5.0.tar.gz](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/archive/v0.5.0.tar.gz) | `ec4963d34c601cdf718838d90b8aa6f36b16c9ac127743e73fbe76118a606d41aced116aaaab73370c17bcc536945d5ccd735bc5a4a00f523025c8e41ddedcb8`

* Add a cmdline option to add extra volume tags ([#353](kubernetes-sigs/aws-ebs-csi-driver#353), [@jieyu](https://github.com/jieyu))
* Switch to use kustomize for manifest ([#360](kubernetes-sigs/aws-ebs-csi-driver#360), [@leakingtapan](https://github.com/leakingtapan))
* enable users to set ec2-endpoint for nonstandard regions ([#369](kubernetes-sigs/aws-ebs-csi-driver#369), [@amdonov](https://github.com/amdonov))
* Add standard volume type ([#379](kubernetes-sigs/aws-ebs-csi-driver#379), [@leakingtapan](https://github.com/leakingtapan))
* Update aws sdk version to enable EKS IAM for SA ([#386](kubernetes-sigs/aws-ebs-csi-driver#386), [@leakingtapan](https://github.com/leakingtapan))
* Implement different driver modes and AWS Region override for controller service ([#438](kubernetes-sigs/aws-ebs-csi-driver#438), [@rfranzke](https://github.com/rfranzke))
* Add manifest files for snapshotter 2.0 ([#452](kubernetes-sigs/aws-ebs-csi-driver#452), [@leakingtapan](https://github.com/leakingtapan))

* Return success if instance or volume are not found ([#375](kubernetes-sigs/aws-ebs-csi-driver#375), [@bertinatto](https://github.com/bertinatto))
* Patch k8scsi sidecars CVE-2019-11255 ([#413](kubernetes-sigs/aws-ebs-csi-driver#413), [@jnaulty](https://github.com/jnaulty))
* Handle mount flags in NodeStageVolume ([#430](kubernetes-sigs/aws-ebs-csi-driver#430), [@bertinatto](https://github.com/bertinatto))

* Run upstream e2e test suites with migration  ([#341](kubernetes-sigs/aws-ebs-csi-driver#341), [@wongma7](https://github.com/wongma7))
* Use new test framework for test orchestration ([#359](kubernetes-sigs/aws-ebs-csi-driver#359), [@leakingtapan](https://github.com/leakingtapan))
* Update to use 1.16 cluster with inline test enabled ([#362](kubernetes-sigs/aws-ebs-csi-driver#362), [@leakingtapan](https://github.com/leakingtapan))
* Enable leader election ([#380](kubernetes-sigs/aws-ebs-csi-driver#380), [@leakingtapan](https://github.com/leakingtapan))
* Update go mod and mount library ([#388](kubernetes-sigs/aws-ebs-csi-driver#388), [@leakingtapan](https://github.com/leakingtapan))
* Refactor NewCloud by pass in region ([#394](kubernetes-sigs/aws-ebs-csi-driver#394), [@leakingtapan](https://github.com/leakingtapan))
* helm: provide an option to set extra volume tags ([#396](kubernetes-sigs/aws-ebs-csi-driver#396), [@jieyu](https://github.com/jieyu))
* Allow override for csi-provisioner image ([#401](kubernetes-sigs/aws-ebs-csi-driver#401), [@gliptak](https://github.com/gliptak))
* Enable volume expansion e2e test for CSI migration ([#407](kubernetes-sigs/aws-ebs-csi-driver#407), [@leakingtapan](https://github.com/leakingtapan))
* Swith to use kops 1.16 ([#409](kubernetes-sigs/aws-ebs-csi-driver#409), [@leakingtapan](https://github.com/leakingtapan))
* Added tolerations for node support ([#420](kubernetes-sigs/aws-ebs-csi-driver#420), [@zerkms](https://github.com/zerkms))
* Update helm chart to better match available values and add the ability to add annotations ([#423](kubernetes-sigs/aws-ebs-csi-driver#423), [@krmichel](https://github.com/krmichel))
* [helm] Also add toleration support to controller ([#433](kubernetes-sigs/aws-ebs-csi-driver#433), [@jyaworski](https://github.com/jyaworski))
* Add ec2:ModifyVolume action ([#434](kubernetes-sigs/aws-ebs-csi-driver#434), [@zodiac12k](https://github.com/zodiac12k))
* Schedule the EBS CSI DaemonSet on all nodes by default ([#441](kubernetes-sigs/aws-ebs-csi-driver#441), [@pcfens](https://github.com/pcfens))

* bump chart version

* chore: bump liveness probe from 1.1.0 to 2.0.0

- Introduce V(5) on the health check begin/success log lines to allow filtering of these entries from logs. If you would like to retain these log entries the action required would be to set `-v==5` or higher for the livenessprobe container. ([#57](kubernetes-csi/livenessprobe#57), [@stefansedich](https://github.com/stefansedich))
- Deprecated "--connection-timeout" argument has been removed. ([#59](kubernetes-csi/livenessprobe#59), [@msau42](https://github.com/msau42))

- Fix nil pointer bug when driver responds with not ready ([#58](kubernetes-csi/livenessprobe#58), [@scuzhanglei](https://github.com/scuzhanglei))
- Migrated to Go modules, so the source builds also outside of GOPATH. ([#53](kubernetes-csi/livenessprobe#53), [@pohly](https://github.com/pohly))

* chore: bump csi external-provisioner from 1.3.0 to 1.4.0

All external-provisioner versions < 1.4.0 are deprecated and will stop
functioning in Kubernetes v1.20. See
[#323](kubernetes-csi/external-provisioner#323) and
[k/k#80978](kubernetes/kubernetes#80978) for more
details. Upgrade your external-provisioner to v1.4+ before Kubernetes v1.20.

None

- Fixes migration scenarios for Topology, fstype, and accessmodes for the kubernetes.io/gce-pd in-tree plugin ([#277](kubernetes-csi/external-provisioner#277), [@davidz627](https://github.com/davidz627))
- Checks if volume content source is populated if creating a volume from a snapshot source. ([#283](kubernetes-csi/external-provisioner#283), [@zhucan](https://github.com/zhucan))
- Fixes issue when SelfLink removal is turned on in Kubernetes. ([#323](kubernetes-csi/external-provisioner#323), [@msau42](https://github.com/msau42))
- CSI driver can return `CreateVolumeResponse` with size 0, which means unknown volume size.
In this case, Provisioner will use PVC requested size as PV size rather than 0 bytes ([#271](kubernetes-csi/external-provisioner#271), [@hoyho](https://github.com/hoyho))
- Fixed potential leak of volumes after CSI driver timeouts. ([#312](kubernetes-csi/external-provisioner#312), [@jsafrane](https://github.com/jsafrane))
- Fixes issue where provisioner provisions volumes for in-tree PVC's which have not been migrated ([#341](kubernetes-csi/external-provisioner#341), [@davidz627](https://github.com/davidz627))
- Send the CSI volume_id instead of  PVC Name to the csi-driver in volumeCreate when datasource  is PVC ([#310](kubernetes-csi/external-provisioner#310), [@Madhu-1](https://github.com/Madhu-1))
- Fixes nil pointer derefence in log when migration turned on ([#342](kubernetes-csi/external-provisioner#342), [@davidz627](https://github.com/davidz627))
- Handle deletion of CSI migrated volumes ([#273](kubernetes-csi/external-provisioner#273), [@ddebroy](https://github.com/ddebroy))
- Reduced logging noise of unrelated PVCs. Emit event on successful provisioning. ([#351](kubernetes-csi/external-provisioner#351), [@jsafrane](https://github.com/jsafrane))
- Added extra verification of source Snapshot and PersistentVolumeClaim before provisioning. ([#352](kubernetes-csi/external-provisioner#352), [@jsafrane](https://github.com/jsafrane))

* chore: bump attacher

* Fixed handling of ControllerUnpublish errors. The attacher will retry to ControllerUnpublish a volume after any error except for NotFound. (#168, @jsafrane)

* bump external-snapshotter from 1.1.0 to 1.2.2

Breaking Changes

* Changes the API group name for the fake VolumeSnapshot object to "snapshot.storage.k8s.io" to be in-sync with the group name of the real VolumeSnapshot object. As a result, the generated interfaces for clientset and informers of VolumeSnapshot are also changed from "VolumeSnapshot" to "Snapshot". (#123, @xing-yang)

New Features

* Adds Finalizer on the snapshot source PVC to prevent it from being deleted when a snapshot is being created from it. (#47, @xing-yang)

Other Notable Changes

* Add Status subresource for VolumeSnapshot. (#121, @zhucan)
* Cherry picks PR #138: Prebound snapshots will work correctly with CSI drivers that does not support ListSnasphots.(#156, @hakanmemisoglu)
* Cherry picks PR #172: Added extra verification of source PersistentVolumeClaim before creating snapshot.(#173, @xing-yang)

* bump external-resizer from 0.2.0 to 0.4.0

New Features

* Add prometheus metrics to CSI external-resizer under the /metrics endpoint. This can be enabled via the "--metrics-address" and "--metrics-path" options. (#67, @saad-ali)

Bug Fixes

* Avoid concurrent processing of same PVCs (#6, @mlmhl)
* Exit on CSI gRPC conn loss (#55, @ggriffiths)
* Verify claimref associated with PVs before resizing (#57, @gnufied)

Other Notable Changes

* Migrated to Go modules, so the source builds also outside of GOPATH. (#60, @pohly)

* feat(awsebscsiprovisioner): updated awsebscsiprovisioner flags

- updated args as mentioned in comments
- updated container versions as mentioned in the comments

D2IQ-64990 #comment updated awsebscsiprovisioner pod arg

* feat(awsebscsiprovisioner): added podAnnotations

- added statefulSet.podAnnotations feature
- added new roles and snapshotter-controller
- added more values to be setable

D2IQ-64992 #comment updated awsebscsiprovisioner to include statefulSet.podAnnotations

* fix: added replacing system-x-critial replacement

- this was added for being able to run the ct install / upgrade behaviour
so that we also can test with that priorityClassName set pods, that normally get a
system-node critial or system-cluster-critical priorityClassName set.
These only will be allowed to run in namespace kube-system and that for
we need to drop the priorityClassName here to null for our tests.
- separated lint and install, as otherwise lint would fail because of the sed changes
- exclude gcp-csi-driver [D2IQ-65765]

[D2IQ-65765]: https://jira.d2iq.com/browse/D2IQ-65765

Co-authored-by: Sebastian Brandt <793580+sebbrandt87@users.noreply.github.com>
mesosphere-teamcity pushed a commit to mesosphere/charts that referenced this pull request Mar 19, 2020
…bs-csi-driver from 0.4.0 to 0.5.0 [Documentation](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/blob/v0.5.0/docs/README.md)  filename  | sha512 hash --------- | ------------ [v0.5.0.zip](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/archive/v0.5.0.zip) |  [v0.5.0.tar.gz](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/archive/v0.5.0.tar.gz) |   * Add a cmdline option to add extra volume tags ([#353](kubernetes-sigs/aws-ebs-csi-driver#353), [@jieyu](https://github.com/jieyu)) * Switch to use kustomize for manifest ([#360](kubernetes-sigs/aws-ebs-csi-driver#360), [@leakingtapan](https://github.com/leakingtapan)) * enable users to set ec2-endpoint for nonstandard regions ([#369](kubernetes-sigs/aws-ebs-csi-driver#369), [@amdonov](https://github.com/amdonov)) * Add standard volume type ([#379](kubernetes-sigs/aws-ebs-csi-driver#379), [@leakingtapan](https://github.com/leakingtapan)) * Update aws sdk version to enable EKS IAM for SA ([#386](kubernetes-sigs/aws-ebs-csi-driver#386), [@leakingtapan](https://github.com/leakingtapan)) * Implement different driver modes and AWS Region override for controller service ([#438](kubernetes-sigs/aws-ebs-csi-driver#438), [@rfranzke](https://github.com/rfranzke)) * Add manifest files for snapshotter 2.0 ([#452](kubernetes-sigs/aws-ebs-csi-driver#452), [@leakingtapan](https://github.com/leakingtapan))  * Return success if instance or volume are not found ([#375](kubernetes-sigs/aws-ebs-csi-driver#375), [@bertinatto](https://github.com/bertinatto)) * Patch k8scsi sidecars CVE-2019-11255 ([#413](kubernetes-sigs/aws-ebs-csi-driver#413), [@jnaulty](https://github.com/jnaulty)) * Handle mount flags in NodeStageVolume ([#430](kubernetes-sigs/aws-ebs-csi-driver#430), [@bertinatto](https://github.com/bertinatto))  * Run upstream e2e test suites with migration  ([#341](kubernetes-sigs/aws-ebs-csi-driver#341), [@wongma7](https://github.com/wongma7)) * Use new test framework for test orchestration ([#359](kubernetes-sigs/aws-ebs-csi-driver#359), [@leakingtapan](https://github.com/leakingtapan)) * Update to use 1.16 cluster with inline test enabled ([#362](kubernetes-sigs/aws-ebs-csi-driver#362), [@leakingtapan](https://github.com/leakingtapan)) * Enable leader election ([#380](kubernetes-sigs/aws-ebs-csi-driver#380), [@leakingtapan](https://github.com/leakingtapan)) * Update go mod and mount library ([#388](kubernetes-sigs/aws-ebs-csi-driver#388), [@leakingtapan](https://github.com/leakingtapan)) * Refactor NewCloud by pass in region ([#394](kubernetes-sigs/aws-ebs-csi-driver#394), [@leakingtapan](https://github.com/leakingtapan)) * helm: provide an option to set extra volume tags ([#396](kubernetes-sigs/aws-ebs-csi-driver#396), [@jieyu](https://github.com/jieyu)) * Allow override for csi-provisioner image ([#401](kubernetes-sigs/aws-ebs-csi-driver#401), [@gliptak](https://github.com/gliptak)) * Enable volume expansion e2e test for CSI migration ([#407](kubernetes-sigs/aws-ebs-csi-driver#407), [@leakingtapan](https://github.com/leakingtapan)) * Swith to use kops 1.16 ([#409](kubernetes-sigs/aws-ebs-csi-driver#409), [@leakingtapan](https://github.com/leakingtapan)) * Added tolerations for node support ([#420](kubernetes-sigs/aws-ebs-csi-driver#420), [@zerkms](https://github.com/zerkms)) * Update helm chart to better match available values and add the ability to add annotations ([#423](kubernetes-sigs/aws-ebs-csi-driver#423), [@krmichel](https://github.com/krmichel)) * [helm] Also add toleration support to controller ([#433](kubernetes-sigs/aws-ebs-csi-driver#433), [@jyaworski](https://github.com/jyaworski)) * Add ec2:ModifyVolume action ([#434](kubernetes-sigs/aws-ebs-csi-driver#434), [@zodiac12k](https://github.com/zodiac12k)) * Schedule the EBS CSI DaemonSet on all nodes by default ([#441](kubernetes-sigs/aws-ebs-csi-driver#441), [@pcfens](https://github.com/pcfens))  * bump chart version  * chore: bump liveness probe from 1.1.0 to 2.0.0  - Introduce V(5) on the health check begin/success log lines to allow filtering of these entries from logs. If you would like to retain these log entries the action required would be to set  or higher for the livenessprobe container. ([#57](kubernetes-csi/livenessprobe#57), [@stefansedich](https://github.com/stefansedich)) - Deprecated --connection-timeout argument has been removed. ([#59](kubernetes-csi/livenessprobe#59), [@msau42](https://github.com/msau42))  - Fix nil pointer bug when driver responds with not ready ([#58](kubernetes-csi/livenessprobe#58), [@scuzhanglei](https://github.com/scuzhanglei)) - Migrated to Go modules, so the source builds also outside of GOPATH. ([#53](kubernetes-csi/livenessprobe#53), [@pohly](https://github.com/pohly))  * chore: bump csi external-provisioner from 1.3.0 to 1.4.0  All external-provisioner versions < 1.4.0 are deprecated and will stop functioning in Kubernetes v1.20. See [#323](kubernetes-csi/external-provisioner#323) and [k/k#80978](kubernetes/kubernetes#80978) for more details. Upgrade your external-provisioner to v1.4+ before Kubernetes v1.20.  None  - Fixes migration scenarios for Topology, fstype, and accessmodes for the kubernetes.io/gce-pd in-tree plugin ([#277](kubernetes-csi/external-provisioner#277), [@davidz627](https://github.com/davidz627)) - Checks if volume content source is populated if creating a volume from a snapshot source. ([#283](kubernetes-csi/external-provisioner#283), [@zhucan](https://github.com/zhucan)) - Fixes issue when SelfLink removal is turned on in Kubernetes. ([#323](kubernetes-csi/external-provisioner#323), [@msau42](https://github.com/msau42)) - CSI driver can return  with size 0, which means unknown volume size. In this case, Provisioner will use PVC requested size as PV size rather than 0 bytes ([#271](kubernetes-csi/external-provisioner#271), [@hoyho](https://github.com/hoyho)) - Fixed potential leak of volumes after CSI driver timeouts. ([#312](kubernetes-csi/external-provisioner#312), [@jsafrane](https://github.com/jsafrane)) - Fixes issue where provisioner provisions volumes for in-tree PVC's which have not been migrated ([#341](kubernetes-csi/external-provisioner#341), [@davidz627](https://github.com/davidz627)) - Send the CSI volume_id instead of  PVC Name to the csi-driver in volumeCreate when datasource  is PVC ([#310](kubernetes-csi/external-provisioner#310), [@Madhu-1](https://github.com/Madhu-1)) - Fixes nil pointer derefence in log when migration turned on ([#342](kubernetes-csi/external-provisioner#342), [@davidz627](https://github.com/davidz627)) - Handle deletion of CSI migrated volumes ([#273](kubernetes-csi/external-provisioner#273), [@ddebroy](https://github.com/ddebroy)) - Reduced logging noise of unrelated PVCs. Emit event on successful provisioning. ([#351](kubernetes-csi/external-provisioner#351), [@jsafrane](https://github.com/jsafrane)) - Added extra verification of source Snapshot and PersistentVolumeClaim before provisioning. ([#352](kubernetes-csi/external-provisioner#352), [@jsafrane](https://github.com/jsafrane))  * chore: bump attacher  * Fixed handling of ControllerUnpublish errors. The attacher will retry to ControllerUnpublish a volume after any error except for NotFound. (#168, @jsafrane)  * bump external-snapshotter from 1.1.0 to 1.2.2  Breaking Changes  * Changes the API group name for the fake VolumeSnapshot object to snapshot.storage.k8s.io to be in-sync with the group name of the real VolumeSnapshot object. As a result, the generated interfaces for clientset and informers of VolumeSnapshot are also changed from VolumeSnapshot to Snapshot. (#123, @xing-yang)  New Features  * Adds Finalizer on the snapshot source PVC to prevent it from being deleted when a snapshot is being created from it. (#47, @xing-yang)  Other Notable Changes  * Add Status subresource for VolumeSnapshot. (#121, @zhucan) * Cherry picks PR #138: Prebound snapshots will work correctly with CSI drivers that does not support ListSnasphots.(#156, @hakanmemisoglu) * Cherry picks PR #172: Added extra verification of source PersistentVolumeClaim before creating snapshot.(#173, @xing-yang)  * bump external-resizer from 0.2.0 to 0.4.0  New Features  * Add prometheus metrics to CSI external-resizer under the /metrics endpoint. This can be enabled via the --metrics-address and --metrics-path options. (#67, @saad-ali)  Bug Fixes  * Avoid concurrent processing of same PVCs (#6, @mlmhl) * Exit on CSI gRPC conn loss (#55, @ggriffiths) * Verify claimref associated with PVs before resizing (#57, @gnufied)  Other Notable Changes  * Migrated to Go modules, so the source builds also outside of GOPATH. (#60, @pohly)  * feat(awsebscsiprovisioner): updated awsebscsiprovisioner flags  - updated args as mentioned in comments - updated container versions as mentioned in the comments  D2IQ-64990 #comment updated awsebscsiprovisioner pod arg  * feat(awsebscsiprovisioner): added podAnnotations  - added statefulSet.podAnnotations feature - added new roles and snapshotter-controller - added more values to be setable  D2IQ-64992 #comment updated awsebscsiprovisioner to include statefulSet.podAnnotations  * fix: added replacing system-x-critial replacement  - this was added for being able to run the ct install / upgrade behaviour so that we also can test with that priorityClassName set pods, that normally get a system-node critial or system-cluster-critical priorityClassName set. These only will be allowed to run in namespace kube-system and that for we need to drop the priorityClassName here to null for our tests. - separated lint and install, as otherwise lint would fail because of the sed changes - exclude gcp-csi-driver [D2IQ-65765]  [D2IQ-65765]: https://jira.d2iq.com/browse/D2IQ-65765  Co-authored-by: Sebastian Brandt <793580+sebbrandt87@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants