From b0b1724622df0d6881f2b8110e51b9413c789da2 Mon Sep 17 00:00:00 2001 From: "Dustin C. Hatch" Date: Sat, 6 Sep 2025 23:43:25 -0500 Subject: [PATCH] democratic-csi: Enable volume snapshot support The _democratic-csi_ controller can create Synology LUN snapshots based on VolumeSnapshot resources. This feature can be used to e.g. create data snapshots before upgrades, etc. --- democratic-csi/democratic-csi.yaml | 32 ++++++++++++++++++++++++++ democratic-csi/secrets.yaml | 4 ++++ democratic-csi/storageclass.yaml | 8 +++++++ snapshot-controller/kustomization.yaml | 8 +++++++ 4 files changed, 52 insertions(+) create mode 100644 snapshot-controller/kustomization.yaml diff --git a/democratic-csi/democratic-csi.yaml b/democratic-csi/democratic-csi.yaml index 3287974..360b539 100644 --- a/democratic-csi/democratic-csi.yaml +++ b/democratic-csi/democratic-csi.yaml @@ -270,6 +270,38 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.name + # https://github.com/kubernetes-csi/external-snapshotter + # beware upgrading version: + # - https://github.com/rook/rook/issues/4178 + # - https://github.com/kubernetes-csi/external-snapshotter/issues/147#issuecomment-513664310 + - name: external-snapshotter + image: "registry.k8s.io/sig-storage/csi-snapshotter:v8.2.1" + args: + - --v=5 + - --leader-election + - --leader-election-namespace=democratic-csi + - --timeout=90s + - --worker-threads=10 + - --csi-address=/csi-data/csi.sock + volumeMounts: + - mountPath: /csi-data + name: socket-dir + env: + - name: NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name - name: csi-driver image: docker.io/democraticcsi/democratic-csi:latest args: diff --git a/democratic-csi/secrets.yaml b/democratic-csi/secrets.yaml index 1754b73..62fbf8f 100644 --- a/democratic-csi/secrets.yaml +++ b/democratic-csi/secrets.yaml @@ -37,6 +37,10 @@ spec: max_sessions: 0 # 0: Unlimited chap: true mutual_chap: true + lunSnapshotTemplate: + is_app_consistent: true + is_locked: true + --- apiVersion: bitnami.com/v1alpha1 kind: SealedSecret diff --git a/democratic-csi/storageclass.yaml b/democratic-csi/storageclass.yaml index 309bdd1..1bf9318 100644 --- a/democratic-csi/storageclass.yaml +++ b/democratic-csi/storageclass.yaml @@ -9,3 +9,11 @@ parameters: csi.storage.k8s.io/provisioner-secret-namespace: democratic-csi csi.storage.k8s.io/node-stage-secret-name: synology-iscsi-chap csi.storage.k8s.io/node-stage-secret-namespace: democratic-csi + +--- +apiVersion: snapshot.storage.k8s.io/v1 +kind: VolumeSnapshotClass +metadata: + name: synology-iscsi +driver: org.democratic-csi.iscsi-synology +deletionPolicy: Delete diff --git a/snapshot-controller/kustomization.yaml b/snapshot-controller/kustomization.yaml new file mode 100644 index 0000000..32bb120 --- /dev/null +++ b/snapshot-controller/kustomization.yaml @@ -0,0 +1,8 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: kube-system + +resources: +- https://github.com/kubernetes-csi/external-snapshotter//client/config/crd?ref=v8.3.0 +- https://github.com/kubernetes-csi/external-snapshotter//deploy/kubernetes/snapshot-controller?ref=v8.3.0