Merge pull request #562 from andyzhangx/allowEmptyCloudConfig

feat: add allowEmptyCloudConfig config in chart
kubernetes-sigs · Nov 16, 2021 · 1c04b45 · 1c04b45
2 parents a894a60 + 427d361
commit 1c04b45
Show file tree

Hide file tree

Showing 9 changed files with 68 additions and 37 deletions.
diff --git a/charts/README.md b/charts/README.md
@@ -90,6 +90,7 @@ The following table lists the configurable parameters of the latest Azure Blob S
 | `controller.name`                                     | name of driver deployment                  | `csi-blob-controller`
 | `controller.cloudConfigSecretName`                    | cloud config secret name of controller driver               | `azure-cloud-provider`
 | `controller.cloudConfigSecretNamespace`               | cloud config secret namespace of controller driver          | `kube-system`
+| `controller.allowEmptyCloudConfig`                    | Whether allow running controller driver without cloud config          | `true`
 | `controller.replicas`                                 | the replicas of csi-blob-controller                   | `2`                                                              |
 | `controller.hostNetwork`                              | `hostNetwork` setting on controller driver(could be disabled if controller does not depend on MSI setting)                            | `true`                                                            | `true`, `false`
 | `controller.metricsPort`                              | metrics port of csi-blob-controller                   | `29634`                                                          |
@@ -118,6 +119,7 @@ The following table lists the configurable parameters of the latest Azure Blob S
 | `node.name`                                           | name of driver daemonset                              | `csi-blob-node`
 | `node.cloudConfigSecretName`                          | cloud config secret name of node driver               | `azure-cloud-provider`
 | `node.cloudConfigSecretNamespace`                     | cloud config secret namespace of node driver          | `kube-system`
+| `node.allowEmptyCloudConfig`                          | Whether allow running node driver without cloud config          | `true`
 | `node.maxUnavailable`                                 | `maxUnavailable` value of driver node daemonset       | `1`
 | `node.metricsPort`                                    | metrics port of csi-blob-node                         | `29635`                                                          |
 | `node.livenessProbe.healthPort `                      | health check port for liveness probe                  | `29633` |

diff --git a/charts/latest/blob-csi-driver-v1.6.0.tgz b/charts/latest/blob-csi-driver-v1.6.0.tgz
diff --git a/charts/latest/blob-csi-driver/templates/csi-blob-controller.yaml b/charts/latest/blob-csi-driver/templates/csi-blob-controller.yaml
@@ -99,6 +99,7 @@ spec:
             - "--user-agent-suffix={{ .Values.driver.userAgentSuffix }}"
             - "--cloud-config-secret-name={{ .Values.controller.cloudConfigSecretName }}"
             - "--cloud-config-secret-namespace={{ .Values.controller.cloudConfigSecretNamespace }}"
+            - "--allow-empty-cloud-config={{ .Values.controller.allowEmptyCloudConfig }}"
           ports:
             - containerPort: {{ .Values.controller.livenessProbe.healthPort }}
               name: healthz

diff --git a/charts/latest/blob-csi-driver/templates/csi-blob-node.yaml b/charts/latest/blob-csi-driver/templates/csi-blob-node.yaml
@@ -121,6 +121,7 @@ spec:
             - "--cloud-config-secret-namespace={{ .Values.node.cloudConfigSecretNamespace }}"
             - "--custom-user-agent={{ .Values.driver.customUserAgent }}"
             - "--user-agent-suffix={{ .Values.driver.userAgentSuffix }}"
+            - "--allow-empty-cloud-config={{ .Values.node.allowEmptyCloudConfig }}"
           ports:
             - containerPort: {{ .Values.node.livenessProbe.healthPort }}
               name: healthz

diff --git a/charts/latest/blob-csi-driver/values.yaml b/charts/latest/blob-csi-driver/values.yaml
@@ -43,6 +43,7 @@ controller:
   name: csi-blob-controller
   cloudConfigSecretName: azure-cloud-provider
   cloudConfigSecretNamespace: kube-system
+  allowEmptyCloudConfig: true
   hostNetwork: true # this setting could be disabled if controller does not depend on MSI setting
   metricsPort: 29634
   livenessProbe:
@@ -93,6 +94,7 @@ node:
   name: csi-blob-node
   cloudConfigSecretName: azure-cloud-provider
   cloudConfigSecretNamespace: kube-system
+  allowEmptyCloudConfig: true
   maxUnavailable: 1
   metricsPort: 29635
   livenessProbe:

diff --git a/pkg/blob/azure.go b/pkg/blob/azure.go
@@ -50,7 +50,7 @@ func IsAzureStackCloud(cloud *azure.Cloud) bool {
 }
 
 // getCloudProvider get Azure Cloud Provider
-func getCloudProvider(kubeconfig, nodeID, secretName, secretNamespace, userAgent string) (*azure.Cloud, error) {
+func getCloudProvider(kubeconfig, nodeID, secretName, secretNamespace, userAgent string, allowEmptyCloudConfig bool) (*azure.Cloud, error) {
 	az := &azure.Cloud{
 		InitSecretConfig: azure.InitSecretConfig{
 			SecretName:      secretName,
@@ -108,7 +108,11 @@ func getCloudProvider(kubeconfig, nodeID, secretName, secretNamespace, userAgent
 	}
 
 	if config == nil {
-		klog.V(2).Infof("no cloud config provided, error: %v, driver will run without cloud config", err)
+		if allowEmptyCloudConfig {
+			klog.V(2).Infof("no cloud config provided, error: %v, driver will run without cloud config", err)
+		} else {
+			return az, fmt.Errorf("no cloud config provided, error: %v", err)
+		}
 	} else {
 		config.UserAgent = userAgent
 		if err = az.InitializeCloudFromConfig(config, fromSecret, false); err != nil {

diff --git a/pkg/blob/azure_test.go b/pkg/blob/azure_test.go
@@ -22,6 +22,7 @@ import (
 	"io/ioutil"
 	"os"
 	"reflect"
+	"strings"
 	"testing"
 
 	"github.com/Azure/azure-sdk-for-go/services/network/mgmt/2021-02-01/network"
@@ -79,49 +80,65 @@ users:
 	}()
 
 	tests := []struct {
-		desc        string
-		kubeconfig  string
-		nodeID      string
-		userAgent   string
-		expectedErr error
+		desc                  string
+		createFakeCredFile    bool
+		createFakeKubeConfig  bool
+		kubeconfig            string
+		nodeID                string
+		userAgent             string
+		allowEmptyCloudConfig bool
+		expectedErr           error
 	}{
 		{
-			desc:        "[failure] out of cluster, no kubeconfig, no credential file",
-			kubeconfig:  "",
-			nodeID:      "",
-			expectedErr: nil,
+			desc:                  "out of cluster, no kubeconfig, no credential file",
+			kubeconfig:            "",
+			nodeID:                "",
+			allowEmptyCloudConfig: true,
+			expectedErr:           nil,
 		},
 		{
-			desc:        "[failure] out of cluster & in cluster, specify a non-exist kubeconfig, no credential file",
-			kubeconfig:  "/tmp/non-exist.json",
-			nodeID:      "",
-			expectedErr: nil,
+			desc:                  "[failure][disallowEmptyCloudConfig]  out of cluster, no kubeconfig, no credential file",
+			kubeconfig:            "",
+			nodeID:                "",
+			allowEmptyCloudConfig: false,
+			expectedErr:           nil,
 		},
 		{
-			desc:        "[failure] out of cluster & in cluster, specify a empty kubeconfig, no credential file",
-			kubeconfig:  emptyKubeConfig,
-			nodeID:      "",
-			expectedErr: fmt.Errorf("failed to get KubeClient: invalid configuration: no configuration has been provided, try setting KUBERNETES_MASTER environment variable"),
+			desc:                  "[failure] out of cluster & in cluster, specify a non-exist kubeconfig, no credential file",
+			kubeconfig:            "/tmp/non-exist.json",
+			nodeID:                "",
+			allowEmptyCloudConfig: true,
+			expectedErr:           nil,
 		},
 		{
-			desc:        "[failure] out of cluster & in cluster, specify a fake kubeconfig, no credential file",
-			kubeconfig:  fakeKubeConfig,
-			nodeID:      "",
-			expectedErr: nil,
+			desc:                  "[failure] out of cluster & in cluster, specify a empty kubeconfig, no credential file",
+			kubeconfig:            emptyKubeConfig,
+			nodeID:                "",
+			allowEmptyCloudConfig: true,
+			expectedErr:           fmt.Errorf("failed to get KubeClient: invalid configuration: no configuration has been provided, try setting KUBERNETES_MASTER environment variable"),
 		},
 		{
-			desc:        "[success] out of cluster & in cluster, no kubeconfig, a fake credential file",
-			kubeconfig:  "",
-			nodeID:      "",
-			userAgent:   "useragent",
-			expectedErr: nil,
+			desc:                  "[failure] out of cluster & in cluster, specify a fake kubeconfig, no credential file",
+			createFakeKubeConfig:  true,
+			kubeconfig:            fakeKubeConfig,
+			nodeID:                "",
+			allowEmptyCloudConfig: true,
+			expectedErr:           nil,
+		},
+		{
+			desc:                  "[success] out of cluster & in cluster, no kubeconfig, a fake credential file",
+			createFakeCredFile:    true,
+			kubeconfig:            "",
+			nodeID:                "",
+			userAgent:             "useragent",
+			allowEmptyCloudConfig: true,
+			expectedErr:           nil,
 		},
 	}
 
 	for _, test := range tests {
-		if test.desc == "[failure] out of cluster & in cluster, specify a fake kubeconfig, no credential file" {
-			err := createTestFile(fakeKubeConfig)
-			if err != nil {
+		if test.createFakeKubeConfig {
+			if err := createTestFile(fakeKubeConfig); err != nil {
 				t.Error(err)
 			}
 			defer func() {
@@ -134,9 +151,8 @@ users:
 				t.Error(err)
 			}
 		}
-		if test.desc == "[success] out of cluster & in cluster, no kubeconfig, a fake credential file" {
-			err := createTestFile(fakeCredFile)
-			if err != nil {
+		if test.createFakeCredFile {
+			if err := createTestFile(fakeCredFile); err != nil {
 				t.Error(err)
 			}
 			defer func() {
@@ -153,8 +169,8 @@ users:
 			}
 			os.Setenv(DefaultAzureCredentialFileEnv, fakeCredFile)
 		}
-		cloud, err := getCloudProvider(test.kubeconfig, test.nodeID, "", "", test.userAgent)
-		if !reflect.DeepEqual(err, test.expectedErr) {
+		cloud, err := getCloudProvider(test.kubeconfig, test.nodeID, "", "", test.userAgent, test.allowEmptyCloudConfig)
+		if !reflect.DeepEqual(err, test.expectedErr) && test.expectedErr != nil && !strings.Contains(err.Error(), test.expectedErr.Error()) {
 			t.Errorf("desc: %s,\n input: %q, GetCloudProvider err: %v, expectedErr: %v", test.desc, test.kubeconfig, err, test.expectedErr)
 		}
 		if cloud == nil {

diff --git a/pkg/blob/blob.go b/pkg/blob/blob.go
@@ -118,6 +118,7 @@ type DriverOptions struct {
 	EnableBlobfuseProxy        bool
 	BlobfuseProxyConnTimout    int
 	EnableBlobMockMount        bool
+	AllowEmptyCloudConfig      bool
 }
 
 // Driver implements all interfaces of CSI drivers
@@ -132,6 +133,7 @@ type Driver struct {
 	// enableBlobMockMount is only for testing, DO NOT set as true in non-testing scenario
 	enableBlobMockMount     bool
 	enableBlobfuseProxy     bool
+	allowEmptyCloudConfig   bool
 	blobfuseProxyConnTimout int
 	mounter                 *mount.SafeFormatAndMount
 	volLockMap              *util.LockMap
@@ -161,6 +163,7 @@ func NewDriver(options *DriverOptions) *Driver {
 		enableBlobfuseProxy:        options.EnableBlobfuseProxy,
 		blobfuseProxyConnTimout:    options.BlobfuseProxyConnTimout,
 		enableBlobMockMount:        options.EnableBlobMockMount,
+		allowEmptyCloudConfig:      options.AllowEmptyCloudConfig,
 	}
 	d.Name = options.DriverName
 	d.Version = driverVersion
@@ -184,7 +187,7 @@ func (d *Driver) Run(endpoint, kubeconfig string, testBool bool) {
 
 	userAgent := GetUserAgent(d.Name, d.customUserAgent, d.userAgentSuffix)
 	klog.V(2).Infof("driver userAgent: %s", userAgent)
-	d.cloud, err = getCloudProvider(kubeconfig, d.NodeID, d.cloudConfigSecretName, d.cloudConfigSecretNamespace, userAgent)
+	d.cloud, err = getCloudProvider(kubeconfig, d.NodeID, d.cloudConfigSecretName, d.cloudConfigSecretNamespace, userAgent, d.allowEmptyCloudConfig)
 	if err != nil {
 		klog.Fatalf("failed to get Azure Cloud Provider, error: %v", err)
 	}

diff --git a/pkg/blobplugin/main.go b/pkg/blobplugin/main.go
@@ -50,6 +50,7 @@ var (
 	cloudConfigSecretNamespace = flag.String("cloud-config-secret-namespace", "kube-system", "secret namespace of cloud config")
 	customUserAgent            = flag.String("custom-user-agent", "", "custom userAgent")
 	userAgentSuffix            = flag.String("user-agent-suffix", "", "userAgent suffix")
+	allowEmptyCloudConfig      = flag.Bool("allow-empty-cloud-config", true, "Whether allow running driver without cloud config")
 )
 
 func main() {
@@ -81,6 +82,7 @@ func handle() {
 		EnableBlobMockMount:        *enableBlobMockMount,
 		CustomUserAgent:            *customUserAgent,
 		UserAgentSuffix:            *userAgentSuffix,
+		AllowEmptyCloudConfig:      *allowEmptyCloudConfig,
 	}
 	driver := blob.NewDriver(&driverOptions)
 	if driver == nil {