-
Notifications
You must be signed in to change notification settings - Fork 40.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix the create azure file pvc failure if there is no storage account in current resource group #56557
fix the create azure file pvc failure if there is no storage account in current resource group #56557
Conversation
/test pull-kubernetes-unit |
// find a storage account that matches storageType | ||
accounts, err = az.getStorageAccounts(storageType) | ||
if err != nil || len(accounts) == 0 { | ||
storageAccount = getAccountNameForNum(az.getNextAccountNum()) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
where is getNextAccountNum()
defined? The only getNextAccountNum
function I can find is defined for blob controller and it is quite buggy...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@rootfs yes, it's buggy, I used another way to generate random storage account name for file share, the generated account name could be like pvcfile4100861029
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I will fix this buggy func getNextAccountNum()
in another PR, will change the account name generation method, use new one getStorageAccountName
by uuid in this PR
b494f06
to
fdd53c5
Compare
/retest |
|
c7bce8a
to
0a02b26
Compare
// find a storage account that matches storageType | ||
accounts, err = az.getStorageAccounts(storageType) | ||
if err != nil || len(accounts) == 0 { | ||
uniqueID := az.controllerCommon.resourceGroup + az.controllerCommon.location + az.controllerCommon.subscriptionID |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this reveals too much (perhaps sensitive) information
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@rootfs there is hash like function MakeCRC32
which would transform uniqueID
to a hash string, e,g. if uniqueID
is resourcegroupwestuscc1624c7-3f1d-4ed3-a855-668a86e96ad8
, it will convert to 2380111856
, you could see no one could parse string 2380111856
to get info like resourcegroup, subscriptionID.
The reason I use both uniqueID
and UUID is that it's unique for every subscriptionID, resourcegroup, thus the account name conflict possibility be near zero as 1/10 000 000 000 in one resourcegroup. If that possibility happens, user could delete the PVC and recreate PVC again.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
where is that unique string transformed into a CRC string?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Suppose using uuid is enough, though we need substr to fit for the limit constraint.
Ref:
https://github.com/Azure/azure-quickstart-templates/blob/master/101-storage-account-create/azuredeploy.json#L20
https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-template-functions-string#uniquestring
@rootfs if |
ping @rootfs |
0a02b26
to
307b49a
Compare
@rootfs PTAL? Thanks!! |
@rootfs I have answered your question in the PR, could you take a look? Thanks. |
@rootfs there is hash like function |
@karataliu @feiskyer PTAL, thx. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
@@ -51,6 +51,9 @@ func (az *Cloud) getStorageAccounts() ([]accountWithLocation, error) { | |||
storageType := "" | |||
if acct.Sku != nil { | |||
storageType = string((*acct.Sku).Name) | |||
if matchingAccountType != "" && strings.ToLower(matchingAccountType) != strings.ToLower(storageType) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
!strings.EqualFold
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Removed approved label.
@andyzhangx Could you fix this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
fixed
accountType = defaultStorageAccountType | ||
} | ||
|
||
glog.V(2).Infof("azureFile - no storage account found, begin to create a new storage account %s in resource group %s, location: %s, accountType: %s", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Better be 'no matching storage account found'
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
fixed
errResult = fmt.Errorf("failed to find a matching storage account") | ||
// find the access key with this account | ||
accountKey, err := az.getStorageAccesskey(accountName) | ||
if err != nil { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Combine err check in same line
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if I code like following, it looks ugly, since accountKey will be used in the next statement.
if accountKey, err := az.getStorageAccesskey(accountName); err != nil {
...
} else {
if err := az.createFileShare(accountName, accountKey, shareName, requestGiB); err != nil {
}
@@ -46,6 +46,9 @@ func (az *Cloud) getStorageAccounts() ([]accountWithLocation, error) { | |||
storageType := "" | |||
if acct.Sku != nil { | |||
storageType = string((*acct.Sku).Name) | |||
if matchingAccountType != "" && !strings.EqualFold(matchingAccountType, storageType) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- if acct.Sku is really nil we'd better also skip it.
Consider just making Line40 to verify 'acct.Name != nil && acct.Location !=nil && acct.Sku != nil' , then remaining part could be simplified.
- matchingAccountType check could come first to avoid unnecessary 'name & loc' assignment check
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
good point, fixed
Some comments on naming/misc, others look good. |
b17df2c
to
fd08023
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some small comments. Could you please take a look and do a commit squash
@@ -25,29 +25,29 @@ type accountWithLocation struct { | |||
Name, StorageType, Location string | |||
} | |||
|
|||
// getStorageAccounts gets the storage accounts' name, type, location in a resource group | |||
func (az *Cloud) getStorageAccounts() ([]accountWithLocation, error) { | |||
// getStorageAccounts gets name, type, location of all storage accounts in a resource group which matches matchingAccountType |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
and matchingLocation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
fixed.
storageType = string((*acct.Sku).Name) | ||
|
||
location := *acct.Location | ||
if location != "" && !strings.EqualFold(matchingLocation, location) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
matchingLocation != "" ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
fixed.
} | ||
accounts = append(accounts, accountWithLocation{Name: name, StorageType: storageType, Location: loc}) | ||
accounts = append(accounts, accountWithLocation{Name: *acct.Name, StorageType: storageType, Location: location}) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We'd better use the actual type & location from acct object here, since storageType and location could be empty
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
storageType
, Location
is from acc object.
storageType := string((*acct.Sku).Name)
if matchingAccountType != "" && !strings.EqualFold(matchingAccountType, storageType) {
continue
}
location := *acct.Location
if matchingLocation != "" && !strings.EqualFold(matchingLocation, location) {
continue
}
@@ -91,7 +91,7 @@ func (c *BlobDiskController) CreateVolume(name, storageAccount, storageAccountTy | |||
accounts = append(accounts, accountWithLocation{Name: storageAccount}) | |||
} else { | |||
// find a storage account | |||
accounts, err = c.common.cloud.getStorageAccounts(storageAccountType) | |||
accounts, err = c.common.cloud.getStorageAccounts(storageAccountType, location) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Note: We can also update upcoming account matching logic when fixing: '// TODO: create a storage account and container'
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yes, I am going to fix it in next PR, it's in my plan.
use new storage account name generation method use uuid to generate account name change azure file account prefix use uniqueID to generate a storage account name fix comments fix comments fix comments fix a storage account matching bug only use UUID in getStorageAccountName func use shorter storage account prefix for azure file fix comments fix comments fix comments fix rebase build error rewrite CreateFileShare code logic fix gofmt issue fix test error fix comments fix a location matching bug
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@karataliu PTAL
663a218
to
aa21bef
Compare
And I have also done a few manual tests on Azure env, it works well. |
/test pull-kubernetes-e2e-kops-aws |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
note: update func comments for getStorageAccounts
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: andyzhangx, feiskyer, karataliu The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these OWNERS Files:
Approvers can indicate their approval by writing |
/test all [submit-queue is verifying that this PR is safe to merge] |
/retest Review the full test history for this PR. Silence the bot with an |
/test all [submit-queue is verifying that this PR is safe to merge] |
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions here. |
…6557-upstream-release-1.8 Automated cherry pick of #56557
What this PR does / why we need it:
When create an azure file PVC, there will be error if there is no storage account in current resource group.
With this PR, a storage account will be created if there is no storage account in current resource group.
Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)
format, will close the issue(s) when PR gets merged):Fixes #56556
Special notes for your reviewer:
CreateFileShare
func.getStorageAccountName
to get a unique storage account name by UUID, a storage account for azure file would be likef0b2b0bd40c010112e897fa
. And in next PR, I will use this function to create storage account for azure disk, the storage account for azure disk would be liked8f3ad8ad92000f1e1e88bd
.Release note:
/sig azure
/assign @rootfs