func parsePVSecret(namespace, secretName string, kubeClient clientset.Interface) (string, error) {
secret, err := volutil.GetSecretForPV(namespace, secretName, rbdPluginName, kubeClient)
if err != nil {
glog.Errorf("failed to get secret from [%q/%q]", namespace, secretName)
return "", fmt.Errorf("failed to get secret from [%q/%q]", namespace, secretName)
}
return parseSecretMap(secret)
}
// Parse API configuration (url, username and password) out of class.Parameters.
func parseAPIConfig(plugin *quobytePlugin, params map[string]string) (*quobyteAPIConfig, error) {
var apiServer, secretName string
secretNamespace := "default"
deleteKeys := []string{}
for k, v := range params {
switch goStrings.ToLower(k) {
case "adminsecretname":
secretName = v
deleteKeys = append(deleteKeys, k)
case "adminsecretnamespace":
secretNamespace = v
deleteKeys = append(deleteKeys, k)
case "quobyteapiserver":
apiServer = v
deleteKeys = append(deleteKeys, k)
}
}
if len(apiServer) == 0 {
return nil, fmt.Errorf("Quoybte API server missing or malformed: must be a http(s)://host:port pair or multiple pairs separated by commas")
}
secretMap, err := util.GetSecretForPV(secretNamespace, secretName, quobytePluginName, plugin.host.GetKubeClient())
if err != nil {
return nil, err
}
cfg := &quobyteAPIConfig{
quobyteAPIServer: apiServer,
}
var ok bool
if cfg.quobyteUser, ok = secretMap["user"]; !ok {
return nil, fmt.Errorf("Missing \"user\" in secret %s/%s", secretNamespace, secretName)
}
if cfg.quobytePassword, ok = secretMap["password"]; !ok {
return nil, fmt.Errorf("Missing \"password\" in secret %s/%s", secretNamespace, secretName)
}
return cfg, nil
}
// parseSecret finds a given Secret instance and reads user password from it.
func parseSecret(namespace, secretName string, kubeClient clientset.Interface) (string, error) {
secretMap, err := volutil.GetSecretForPV(namespace, secretName, glusterfsPluginName, kubeClient)
if err != nil {
glog.Errorf("failed to get secret %s/%s: %v", namespace, secretName, err)
return "", fmt.Errorf("failed to get secret %s/%s: %v", namespace, secretName, err)
}
if len(secretMap) == 0 {
return "", fmt.Errorf("empty secret map")
}
secret := ""
for k, v := range secretMap {
if k == secretKeyName {
return v, nil
}
secret = v
}
// If not found, the last secret in the map wins as done before
return secret, nil
}
func (deleter *quobyteVolumeDeleter) Delete() error {
var quobyteUser, quobytePassword string
annotations, err := util.ParseVolumeAnnotations(deleter.pv, []string{
annotationQuobyteAPISecret,
annotationQuobyteAPISecretNamespace,
annotationQuobyteAPIServer})
if err != nil {
return err
}
secretMap, err := util.GetSecretForPV(
annotations[annotationQuobyteAPISecretNamespace],
annotations[annotationQuobyteAPISecret],
quobytePluginName,
deleter.plugin.host.GetKubeClient())
if err != nil {
return err
}
var ok bool
if quobyteUser, ok = secretMap["user"]; !ok {
return fmt.Errorf("Missing \"user\" in secret")
}
if quobytePassword, ok = secretMap["password"]; !ok {
return fmt.Errorf("Missing \"password\" in secret")
}
manager := &quobyteVolumeManager{
config: &quobyteAPIConfig{
quobyteUser: quobyteUser,
quobytePassword: quobytePassword,
quobyteAPIServer: annotations[annotationQuobyteAPIServer],
},
}
return manager.deleteVolume(deleter)
}
func (provisioner *quobyteVolumeProvisioner) Provision() (*api.PersistentVolume, error) {
if provisioner.options.PVC.Spec.Selector != nil {
return nil, fmt.Errorf("claim Selector is not supported")
}
var apiServer, adminSecretName, quobyteUser, quobytePassword string
adminSecretNamespace := "default"
provisioner.config = "BASE"
provisioner.tenant = "DEFAULT"
for k, v := range provisioner.options.Parameters {
switch goStrings.ToLower(k) {
case "registry":
provisioner.registry = v
case "adminsecretname":
adminSecretName = v
case "adminsecretnamespace":
adminSecretNamespace = v
case "quobyteapiserver":
apiServer = v
case "user":
provisioner.user = v
case "group":
provisioner.group = v
case "quobytetenant":
provisioner.tenant = v
case "quobyteconfig":
provisioner.config = v
default:
return nil, fmt.Errorf("invalid option %q for volume plugin %s", k, provisioner.plugin.GetPluginName())
}
}
secretMap, err := util.GetSecretForPV(adminSecretNamespace, adminSecretName, quobytePluginName, provisioner.plugin.host.GetKubeClient())
if err != nil {
return nil, err
}
var ok bool
if quobyteUser, ok = secretMap["user"]; !ok {
return nil, fmt.Errorf("Missing \"user\" in secret")
}
if quobytePassword, ok = secretMap["password"]; !ok {
return nil, fmt.Errorf("Missing \"password\" in secret")
}
if !validateRegistry(provisioner.registry) {
return nil, fmt.Errorf("Quoybte registry missing or malformed: must be a host:port pair or multiple pairs separated by commas")
}
if len(apiServer) == 0 {
return nil, fmt.Errorf("Quoybte API server missing or malformed: must be a http(s)://host:port pair or multiple pairs separated by commas")
}
// create random image name
provisioner.volume = fmt.Sprintf("kubernetes-dynamic-pvc-%s", uuid.NewUUID())
cfg := &quobyteAPIConfig{
quobyteAPIServer: apiServer,
quobyteUser: quobyteUser,
quobytePassword: quobytePassword,
}
manager := &quobyteVolumeManager{
config: cfg,
}
vol, sizeGB, err := manager.createVolume(provisioner)
if err != nil {
return nil, err
}
pv := new(api.PersistentVolume)
pv.Spec.PersistentVolumeSource.Quobyte = vol
pv.Spec.PersistentVolumeReclaimPolicy = provisioner.options.PersistentVolumeReclaimPolicy
pv.Spec.AccessModes = provisioner.options.PVC.Spec.AccessModes
if len(pv.Spec.AccessModes) == 0 {
pv.Spec.AccessModes = provisioner.plugin.GetAccessModes()
}
pv.Spec.Capacity = api.ResourceList{
api.ResourceName(api.ResourceStorage): resource.MustParse(fmt.Sprintf("%dGi", sizeGB)),
}
util.AddVolumeAnnotations(pv, map[string]string{
annotationQuobyteAPIServer: apiServer,
annotationQuobyteAPISecret: adminSecretName,
annotationQuobyteAPISecretNamespace: adminSecretNamespace,
})
return pv, nil
}
