chore(deps): update helm release ceph-csi-rbd to v3.11.0 - autoclosed

This MR contains the following updates:

Package	Update	Change
ceph-csi-rbd (source)	minor	3.5.1 -> 3.11.0

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

ceph/ceph-csi (ceph-csi-rbd)

v3.11.0

Compare Source

3.11.0 release notes

We are excited to announce another release of Ceph CSI, v3.11.0. This is another significant step towards using enhanced Container Storage Interface (CSI) features with Ceph Cluster in the backend. With this release, we are introducing many brand-new features and enhancements to the Ceph CSI driver. Here are the changelog/release highlights.

Changelog and Highlights:

Features

RBD

• kms: added Azure Key Vault as a supported KMS by @​iPraveenParihar in https://github.com/ceph/ceph-csi/pull/4455

CephFS

• cephfs: add support for encryption in ceph-csi-cephfs chart by @​NymanRobin in https://github.com/ceph/ceph-csi/pull/4504
• kms: added Azure Key Vault as a supported KMS by @​iPraveenParihar in https://github.com/ceph/ceph-csi/pull/4455

Enhancements

• rebase: all the dependencies have been updated to latest available release.
• rbd: log sitestatuses and description by @​yati1998 in https://github.com/ceph/ceph-csi/pull/4431
• rbd: make pool optional in rbd sc if topologyconstraints are present by @​parth-gr in https://github.com/ceph/ceph-csi/pull/4459
• rbd: free snapshot resources after allocation by @​nixpanic in https://github.com/ceph/ceph-csi/pull/4514
• added permission to get nodes for rbd by @​nemcikjan in https://github.com/ceph/ceph-csi/pull/4302
• cleanup: simplify rbdGetDeviceList() by @​nixpanic in https://github.com/ceph/ceph-csi/pull/4364
• cephfs: make fsName as optional for static PVC by @​Madhu-1 in https://github.com/ceph/ceph-csi/pull/4372
• cephfs: do not run modprobe if support is compiled into the kernel by @​nixpanic in https://github.com/ceph/ceph-csi/pull/4378
• kms: refactor functions to accept a context parameter by @​iPraveenParihar in https://github.com/ceph/ceph-csi/pull/4477
• util: Add helper functions for GroupController by @​Madhu-1 in https://github.com/ceph/ceph-csi/pull/4417
• util: log repication RequestID by @​Madhu-1 in https://github.com/ceph/ceph-csi/pull/4429
• deploy: use release repository for csi-resizer by @​sebhoss in https://github.com/ceph/ceph-csi/pull/4319
• deploy: added json field tags for csi config map by @​iPraveenParihar in https://github.com/ceph/ceph-csi/pull/4329
• helm: align seLinuxMount option w/ deploy folder by @​sebhoss in https://github.com/ceph/ceph-csi/pull/4346
• deploy: update csi sidecars to latest versions by @​riya-singhal31 in https://github.com/ceph/ceph-csi/pull/4352
• deploy: update CSI sidecars to latest versions available by @​iPraveenParihar in https://github.com/ceph/ceph-csi/pull/4420
• deploy: make the csi-*plugin containers the default for kubectl commands by @​nixpanic in https://github.com/ceph/ceph-csi/pull/4434
• cleanup: simplify rbdGetDeviceList() by @​nixpanic in https://github.com/ceph/ceph-csi/pull/4364
• cleanup: use real version for k8s.io/pod-security-admission instead of v0.0.0 by @​nixpanic in https://github.com/ceph/ceph-csi/pull/4483
• cleanup: don't return an internal type from VolumeGroupJournal.Connect() by @​nixpanic in https://github.com/ceph/ceph-csi/pull/4491
• cleanup: correct typo in NewCSIVolumeroupJournal() function by @​nixpanic in https://github.com/ceph/ceph-csi/pull/4495
• cleanup: do not pass EncodingVersion to GenerateVolID() by @​nixpanic in https://github.com/ceph/ceph-csi/pull/4498
• cleanup: use standard Golang "slices" instead of k8s package by @​nixpanic in https://github.com/ceph/ceph-csi/pull/4521
• api: add CSIProvisionerRBAC functions for the NFS-provisioner by @​nixpanic in https://github.com/ceph/ceph-csi/pull/4395
• build: use Go 1.21.5 by @​nixpanic in https://github.com/ceph/ceph-csi/pull/4332

Bug Fixes

• deploy: use release repository for csi-resizer by @​sebhoss in https://github.com/ceph/ceph-csi/pull/4319

E2E

• e2e: address regression in NFS deployment by @​nixpanic in https://github.com/ceph/ceph-csi/pull/4500

CI

• ci: update pr-commentor and mergify rules for v3.10 by @​Rakshith-R in https://github.com/ceph/ceph-csi/pull/4293
• ci: allow Mergify to merge MRs that modify the mergify configuration by @​nixpanic in https://github.com/ceph/ceph-csi/pull/4294
• ci: the release-v3.10 branch needs Kubernetes 1.28 jobs by @​nixpanic in https://github.com/ceph/ceph-csi/pull/4295
• ci: Change upgrade version by @​karthik-us in https://github.com/ceph/ceph-csi/pull/4301
• ci: update Mergify config for automatic merging of backports to 3.10 by @​nixpanic in https://github.com/ceph/ceph-csi/pull/4308
• ci: Update the upgrade_version by @​karthik-us in https://github.com/ceph/ceph-csi/pull/4338
• ci: update github actions for k8s-1.29 by @​riya-singhal31 in https://github.com/ceph/ceph-csi/pull/4354
• ci: update the upgrade_version by @​karthik-us in https://github.com/ceph/ceph-csi/pull/4424
• ci: update mergify rules for kubernetes 1.29 by @​riya-singhal31 in https://github.com/ceph/ceph-csi/pull/4355
• ci: update install-snapshot script to deploy newer version of snapshotter by @​Madhu-1 in https://github.com/ceph/ceph-csi/pull/4438
• ci: update the mergify rule to exclude k8s 1.25 by @​yati1998 in https://github.com/ceph/ceph-csi/pull/4452

Documentation

• doc: add Go API documentation index files for storage backends by @​nixpanic in https://github.com/ceph/ceph-csi/pull/4377
• doc: Update README.md with slack invite and channel links by @​switchboardOp in https://github.com/ceph/ceph-csi/pull/4405
• doc: Update capabilities readme to solve to open permissions in it by @​dragoangel in https://github.com/ceph/ceph-csi/pull/4469
• doc: csi driver object options by @​iPraveenParihar in https://github.com/ceph/ceph-csi/pull/4527
• doc : modify README and upgrade docs for v3.11.0 by @​Rakshith-R in https://github.com/ceph/ceph-csi/pull/4528

New Contributors

• @​nemcikjan made their first contribution in https://github.com/ceph/ceph-csi/pull/4302
• @​sebhoss made their first contribution in https://github.com/ceph/ceph-csi/pull/4319
• @​maximus13th made their first contribution in https://github.com/ceph/ceph-csi/pull/4363
• @​switchboardOp made their first contribution in https://github.com/ceph/ceph-csi/pull/4405
• @​mgfritch made their first contribution in https://github.com/ceph/ceph-csi/pull/4464
• @​dragoangel made their first contribution in https://github.com/ceph/ceph-csi/pull/4475
• @​muxuelanKK made their first contribution in https://github.com/ceph/ceph-csi/pull/4291
• @​NymanRobin made their first contribution in https://github.com/ceph/ceph-csi/pull/4504
• @​parth-gr made their first contribution in https://github.com/ceph/ceph-csi/pull/4459

Full Changelog: https://github.com/ceph/ceph-csi/compare/v3.10.2...v3.11.0

Thanks to the fantastic Ceph CSI community for this great release

v3.10.2: Ceph-CSI v3.10.2 Release

Compare Source

What's Changed

• helm: align seLinuxMount option w/ deploy folder (backport #​4346) by @​mergify in https://github.com/ceph/ceph-csi/pull/4358
• cephfs: do not run modprobe if support is compiled into the kernel (backport #​4378) by @​mergify in https://github.com/ceph/ceph-csi/pull/4381
• cephfs: make fsName as optional for static PVC (backport #​4372) by @​mergify in https://github.com/ceph/ceph-csi/pull/4409

Full Changelog: https://github.com/ceph/ceph-csi/compare/v3.10.1...v3.10.2

v3.10.1: Ceph-CSI v3.10.1 Release

Compare Source

What's Changed

• revert: revert to 3.10-canary by @​Rakshith-R in https://github.com/ceph/ceph-csi/pull/4296
• helm: add default false value for --enable-read-affinity (backport #​4298) by @​mergify in https://github.com/ceph/ceph-csi/pull/4307
• added permission to get nodes for rbd (backport #​4302) by @​mergify in https://github.com/ceph/ceph-csi/pull/4310
• cephfs: fix network fencing admin id (backport #​4316) by @​mergify in https://github.com/ceph/ceph-csi/pull/4318
• deploy: use release repository for csi-resizer (backport #​4319) by @​mergify in https://github.com/ceph/ceph-csi/pull/4320
• build: create /etc/selinux/config in case it is missing by @​nixpanic in https://github.com/ceph/ceph-csi/pull/4335
• cephFS: fix fetchIP to support more formats (backport #​4321) by @​mergify in https://github.com/ceph/ceph-csi/pull/4333
• deploy: update templates to v3.10.1 by @​riya-singhal31 in https://github.com/ceph/ceph-csi/pull/4336

Full Changelog: https://github.com/ceph/ceph-csi/compare/v3.10.0...v3.10.1

v3.10.0: Ceph-CSI v3.10.0 Release

Compare Source

3.10.0 release notes

We are excited to announce another feature-packed release of Ceph CSI, v3.10.0. This is another significant step towards using enhanced Container Storage Interface (CSI) features with Ceph Cluster in the backend. With this release, we are introducing many brand-new features and enhancements to the Ceph CSI driver. Here are the changelog/release highlights.

Changelog and Highlights:

Features

RBD

• deploy: support for read affinity options per cluster by @​iPraveenParihar in #​4165

CephFS

• cephfs: Add support to create RWX PVC from ROX PVC by @​Madhu-1 in #​4094
• cephfs: enable read affinity by @​iPraveenParihar in #​4153
• deploy: support for read affinity options per cluster by @​iPraveenParihar in #​4165
• cephfs: kernel and fuse mount options per cluster by @​iPraveenParihar in #​4245

NFS

• nfs: add support for clients in the StorageClass by @​spuiuk in #​3895

Breaking Changes

• Removed the deprecated grpc metrics flag's in #​4225
• Support for pre-creation of cephFS subvolumegroup before creating subvolume is removed in #​4195. Users will need to create the specified(or default csi) subvolumegroup before provisioning CephFS PVC on a new ceph. Refer to deploy-cephfs.md for more details.

Note:

• Support is limited to only the active Ceph releases. Support for EOLed Ceph releases are removed in #​4262

Enhancements

• rbd: do not execute rbd sparsify when volume is in use by @​Rakshith-R in #​3985
• rbd: Don't depend on image state to issue resync by @​Madhu-1 in #​4076
• rebase: all the dependencies have been updated to latest available release.
• cephfs: handle cephfs clone limit error by @​karthik-us in #​4276
• cephfs: remove snapshot protect/unprotect by @​iPraveenParihar in #​4202
• cephfs: Update fetchIP() to add support for IPv6 address by @​riya-singhal31 in #​4230
• helm: add option to enable read affinity for rbd by @​iPraveenParihar in #​4111
• helm: Allow templating of RBD striping parameters by @​KingJ in #​4229
• helm: add annotations for ceph-csi-rbd secret by @​mustdiechik in #​4248
• util: Remove deprecated grpc metrics code by @​Madhu-1 in #​4225
• util: include request-IDs in all gRPC calls for the Controller by @​nixpanic in #​4263
• deploy: allow mkfsOptions by @​Sea-you in #​4233
• deploy: update CSI sidecars to latest versions available by @​iPraveenParihar in #​4132
• deploy: enable featuregate for volume expansion recovery by @​iPraveenParihar in #​4279
• deploy: API for CSI Config Struct by @​iPraveenParihar in #​4278

Bug Fixes

• cephfs: Fix cephfs PVC sizing by @​karthik-us in #​4180
• cephfs: prevent hanging NodeGetVmolumeStats on stat() syscall when an MDS is slow by @​nixpanic in #​4200
• cephfs: remove subvolume during clone by @​Madhu-1 in #​4223
• cephfs: set Pool parameter to empty for Snapshot-backed volumes by @​Rakshith-R in #​4047
• cephfs: safeguard localClusterState struct from race conditions by @​Rakshith-R in #​4163
• rbd: do not try to run resizefs on an encrypted BlockMode volume by @​nixpanic in #​3958
• rbd: discard not found error from GetMetadata by @​Madhu-1 in #​4097
• rbd: update snap RbdImageName by @​iPraveenParihar in #​4152
• rbd: update snap RbdImageName in createSnapshot by @​iPraveenParihar in #​4156

E2E

• e2e: add test for validation of fuseMountOptions and kernelMountOptions by @​riya-singhal31 in #​3970
• e2e: Fixing the TODO in createCephfsStorageClass by @​karthik-us in #​3995
• e2e: add timeout for pvc deletion in ephemeral e2e by @​riya-singhal31 in #​4058
• e2e: add option to enable read affinity for rbd by @​iPraveenParihar in #​4111
• e2e: add multiple labels to node by @​Madhu-1 in #​4224

CI

• ci: run tickgit after merging a MR in the devel branch by @​nixpanic in #​4241
• ci: skip ./api/vendor in codespell runs by @​nixpanic in #​4201
• ci: group golang.org/x/ under golang dependencies by @​nixpanic in #​4178
• ci: disable addons after cluster creation by @​Madhu-1 in #​4170
• ci: add CSI_UPGRADE_VERSION var to build.env by @​Rakshith-R in #​4008
• ci: use podman for simple GitHub workflows by @​nixpanic in #​4035
• mergify: add support for 3.9 backports by @​Rakshith-R in #​3936
• ci: run versioned k8s jobs only on selected branches by @​nixpanic in #​4061
• ci: exclude branches from the testing matrix for ok-to-test comments by @​nixpanic in #​4068
• ci: only add /test .. comment if the branch for the MR matches by @​nixpanic in #​4070
• ci: enable debug logs in kubelet by @​Madhu-1 in #​4074
• ci: use dependabot group feature by @​Madhu-1 in #​4087
• ci: add snyk for security scanning by @​Madhu-1 in #​4259
• ci: add snyk for container image by @​Madhu-1 in #​4261
• ci: add ci bot for auto assigning issue by @​riya-singhal31 in #​4275
• ci: update minikube to v1.32.0 by @​nixpanic in #​4284
• build: disable ceph-iscsi repository by @​nixpanic in #​3959
• build: disable ceph-iscsi repository for test-container builds too by @​nixpanic in #​3965
• build: make sure nfs-utils is installed by @​nixpanic in #​4243

Documentation

• doc: remove /retest all command for Jenkins jobs by @​nixpanic in #​3957
• doc: update documentation for v3.8.1 release by @​Rakshith-R in #​4006
• doc: adding empty storageClassName in static pvc by @​subhamkrai in #​4010
• doc: fix helm doc of ceph-csi deployment by @​astraw99 in #​4036
• doc: Update cephcsi.go by @​runzhliu in #​4096
• doc: adding empty storageClassName in static pvc by @​Rakshith-R in #​4110
• doc: add design doc for RBD QoS by @​Madhu-1 in #​4089
• doc: Remove unwanted steps/details from upgrade doc by @​Madhu-1 in #​4123
• doc: remove storageclass details for shallow volume by @​Madhu-1 in #​4124
• doc:add reference to CSI snapshot deployment guide by @​iPraveenParihar in #​4119
• doc: remove unwanted steps from upgrade by @​Madhu-1 in #​4133
• doc: Clarify default values for mountOptions and mkfsOptions in storageclass example by @​MaGaroo in #​4197
• doc: add pending release notes by @​Madhu-1 in #​4222
• doc: remove use of XXX in example descriptions by @​nixpanic in #​4228
• doc: update release notes for grpc metrics by @​Madhu-1 in #​4237
• doc: modify README and upgrade docs for release v3.10.0 by @​Rakshith-R in #​4286

New Contributors ( Thanks !! )

• @​spuiuk made their first contribution in #​3895
• @​subhamkrai made their first contribution in #​4010
• @​astraw99 made their first contribution in #​4036
• @​runzhliu made their first contribution in #​4096
• @​crazytaxii made their first contribution in #​4099
• @​MaGaroo made their first contribution in #​4197
• @​mustdiechik made their first contribution in #​4248

Full Changelog: https://github.com/ceph/ceph-csi/compare/v3.9.0...v3.10.0

Thanks to the fantastic Ceph CSI community for this great release

v3.9.0: Ceph-CSI v3.9.0 Release

Compare Source

We are excited to announce another feature-packed release of Ceph CSI, v3.9.0. This is another significant step towards using enhanced Container Storage Interface (CSI) features with Ceph Cluster in the backend. With this release, we are introducing many brand-new features and enhancements to the Ceph CSI driver. Here are the changelog/release highlights.

Changelog and Highlights:

Features

RBD

• Add mkfsOptions to the StorageClass and pass them to mkfs by @​nixpanic in #​3692
• Get lastsyncbytes and lastsycduration for volume replication by @​yati1998 in #​3894
• Complete removal and migration of replication server into csiaddons by @​riya-singhal31 in #​3924 #​3884 #​3608
• Add support for efficient selinux relabelling support by @​Rakshith-R in #​3902

CephFS

• Honor MountOptions during NodeStageVolume request and add support for efficient selinux relabelling support by @​Rakshith-R in #​3902
• Add cephFS/CSIDriver and cephFS/csi-config-map to API by @​riya-singhal31 in #​3837

NFS

• Add support for secTypes parameters in StorageClass by @​nixpanic in #​3434
• Add support for efficient selinux relabelling support by @​Rakshith-R in #​3902

Breaking Changes

• #​3902 introduced a breaking change in CephFS driver. Please follow the steps mentioned in the upgrade guide to ensure a smooth upgrade.
• Volumereplication service running on the controller server is now completely removed and replaced by CSI-Addons. See #​3314 for more details

Enhancements

• Exit early if image-meta.json does not exist by @​microyahoo in #​3788
• Update golang to 1.20 #​3879
• Rebase: bump k8s.io/kubernetes from 1.26.2 to 1.27.2 by @​dependabot in #​3848
• Update various dependencies #​3896 #​3850 #​3917
• Add support & e2e for mountOptions & efficient selinux relabelling support by @​Rakshith-R in #​3902
• Helm: add imagePullSecrets for helm charts by @​fungaren in #​3906
• Deploy: update CSI sidecars to the latest versions available by @​iPraveenParihar in #​3871
• Cleanup: Move common files to the deploy folder by @​karthik-us in #​3860

Bug Fixes

• Helm chart rendered duplicate affinities in rbd and cephFS by @​dashjay in #​3751
• Invalid "invalid encryption KMS configuration" error by @​riya-singhal31 in #​3854
• Configuring cephFS snapshots and clones by @​riya-singhal31 in #​3742
• Limit cryptsetup PBKDF memory usage by @​BenoitKnecht in #​3781
• Set pid limit only for nodeserver by @​Madhu-1 in #​3776

E2E

• Remove extra check for snapshot count by @​riya-singhal31 in #​3735
• Fix codespell and shell check failures by @​riya-singhal31 in #​3762
• Add test cases for pv.Spec.MountOptions by @​rakshith in #​3902

CI

• Install Helm with a script located on GitHub by @​nixpanic in #​3843
• Many Mergify enhancements for better CI resource utilization #​3672 #​3797
• Added gha-mergify-merge-queue-labels-copier action to better handle merge queue prs #​3809
• Use the "ceph-csi-bot" account for commenting on MRs by @​nixpanic in #​3877
• Prevent Retest Workflow from running on forked repos by @​nixpanic in #​3883
• Do not add ok-to-test if CentOS jobs were successful by @​nixpanic in #​3688
• Run ci tests on latest k8s versions v1.25, v1.26 and v1.27

New Contributors ( Thanks !! )

• @​karthik-us made their first contribution in #​3761
• @​microyahoo made their first contribution in #​3788
• @​dashjay made their first contribution in #​3751
• @​iPraveenParihar made their first contribution in #​3871
• @​fungaren made their first contribution in #​3906

Full Changelog: https://github.com/ceph/ceph-csi/compare/v3.8.0...v3.9.0

Thanks to the fantastic Ceph CSI community for this great release

v3.8.1: Ceph-CSI v3.8.1 Release

Compare Source

Changelog and Highlights:

Bug Fixes

• Do not execute rbd sparsify when volume is in use #​3985
• Fix invalid "invalid encryption kms configuration" error #​3854
• Limit cryptsetup PBKDF memory usage #​3781

CI

• Install Helm with script located on GitHub #​3843
• Disable ceph-iscsi repository #​3959
• Disable ceph-iscsi repository for test-container builds too #​3965
• Fix codespell and shell check failures #​3762
• Update github actions for k8s 1.27 #​3745

Vendor Updates

• Update golang to 1.19.8 #​3768
• Update minikube to 1.30 #​3734
• Bump github.com/hashicorp/vault from 1.4.2 to 1.9.9 #​3712

Documentation

• Use the Ceph Slack instance and not our silo'ed own one #​3782

Full Changelog: https://github.com/ceph/ceph-csi/compare/v3.8.0...v3.8.1

v3.8.0: Ceph-CSI v3.8.0 Release

Compare Source

We are excited to announce another feature-packed release of Ceph CSI, v3.8.0. This is another significant step towards using enhanced Container Storage Interface ( CSI) features with Ceph Cluster in the backend. With this release, we are introducing many brand-new features and enhancements to the Ceph CSI driver. Also, this release enabled smooth integration into various projects. Here are the changelog/release highlights.

Changelog and Highlights:

Features

RBD

• fscrypt support #​3310
  • Add fscrypt integration with the Ceph CSI KMS. Supports ext4 on RBD. Snapshots are supported as well.
  • Brief docs for fscrypt support #​3571
• Provide new command line configuration to enable read affinity #​3639

CephFS

• Shallow volumes for the ROX accessModes by default #​3651
  • Shallow volumes as default for cephfs ROX clones/restore for better performance.
• Add fscrypt support for volumes, snapshots, and clones #​3460
  • There are dependencies with kernel and ceph

Enhancements

• Update kubernetes dependencies to 1.26.1 #​3638
• Update go-ceph to 0.20.0 #​3678
• Update packages in release image #​3635
• Add basic upgrade documentation for Helm Charts #​3655
• Update rook installation to default latest version #​3610
• Add extraArgs for sidecars #​3560
• csidriver added to helper scripts #​3573
• Lift the minimum supported version of ceph to v15.0.0 #​3513
• Update csi spec to v1.7.0 #​3503
• Add commonLabels value to helm charts #​3438

Bug Fixes

• Make inode metrics optional in FilesystemNodeGetVolumeStats for CephFS #​3407
• Discover if StagingTargetPath in NodeExpandVolume exists #​3624
• Set disableInUseChecks on rbd volume #​3605
• Skip expanding for BackingSnapshot volume #​3586
• Fix CVEs in image #​3526
• Ignore stderr for ceph osd blocklist when there is no error #​3524
• Check volume details from original volumeID #​2931
• Setup encryption if rbdVol exits during CreateVol #​3422
• Return error if last sync time is not present #​3489
• Return abnormal if the mount is corrupted #​3462
• Fix namespace name update in metadata and rados object #​3477
• Remove dummy image workaround #​3413
• Get description from remote status #​3392
• Fix mdl configuration #​3447
• ParseAcceptLanguage takes a long time to parse complex tags #​3439

E2E

• Run E2E tests with kubernetes v1.26 release
• Many tests are added to make sure we stay with backward compatibility for existing features of v3.7
• New tests are added for features introduced in this release
• Lots of cleanup and deprecated API removals were done on the test framework

CI

• Update golang to 1.19.5 #​3640
• Many Mergify enhancements for better CI resource utilization #​3672 #​3671 #​3684 #​3681
• Add GitHub action to trigger E2E #​3468

Breaking Changes

• Removal of option to run cephcsi as both controller and node server.

New Contributors ( Thanks !! )

• @​saiprashanth173 made their first contribution in https://github.com/ceph/ceph-csi/pull/3377
• @​bastienbosser made their first contribution in https://github.com/ceph/ceph-csi/pull/3438
• @​riya-singhal31 made their first contribution in https://github.com/ceph/ceph-csi/pull/3510
• @​Sea-you made their first contribution in https://github.com/ceph/ceph-csi/pull/3560
• @​lentzi90 made their first contribution in https://github.com/ceph/ceph-csi/pull/3595
• @​mohag made their first contribution in https://github.com/ceph/ceph-csi/pull/3635
• @​Syphdias made their first contribution in https://github.com/ceph/ceph-csi/pull/3655

Full Changelog: https://github.com/ceph/ceph-csi/compare/v3.7.2...v3.8.0

Thanks to the awesome Ceph CSI community for this great release

v3.7.2: Ceph-CSI v3.7.2 Release

Compare Source

Changelog or Highlights:

Bug Fixes:

CephFS

• Delete subvolume if SetAllMetadata fails #​3435
• Allow subvolume creation if ceph cluster doesnt support metadata API #​3423

RBD

• Fix volume leak if metadata operation fails #​3436

Vendor Update

• Rebase: golang.org/x/text/language to v0.3.8 to fix a vulnerability #​3439

CI improvements

• Create kubernetes cluster with podman driver #​3420

Breaking Changes

None.

v3.7.1: Ceph-CSI v3.7.1 Release

Compare Source

Bug Fixes:

• rbd: fix bug in kmip kms Decrypt function & improve error msg https://github.com/ceph/ceph-csi/pull/3341
• rbd: modify stripSecret mechanism in logGRPC() https://github.com/ceph/ceph-csi/pull/3350
• cephfs: return success if metadata operation not supported https://github.com/ceph/ceph-csi/pull/3352
• rbd: change default FsGroupPolicy to "File" for RBD CSI driver https://github.com/ceph/ceph-csi/pull/3364
• rbd: map only primary image https://github.com/ceph/ceph-csi/pull/3373
• ci: use resync to sync helm charts https://github.com/ceph/ceph-csi/pull/3374
• cephfs: Fix subvolumegroup creation https://github.com/ceph/ceph-csi/pull/3376
• rbd: create token and use it for vault SA everytime possible https://github.com/ceph/ceph-csi/pull/3378
• rbd: use blocklist range cmd, fallback if it fails https://github.com/ceph/ceph-csi/pull/3386

NOTE

Helm upgrade may fail with message:

UPGRADE FAILED: cannot patch "rbd.csi.ceph.com" with kind CSIDriver: CSIDriver.storage.k8s.io "rbd.csi.ceph.com" is invalid: spec.fsGroupPolicy: Invalid value: "File": field is immutable"
 FAILED! => {"changed": false, "command": "/usr/sbin/helm --version=v3.7.1 upgrade -i --reset-values --create-namespace -f=/tmp/tmp2sr2me9a.yml ceph-csi ceph-csi/ceph-csi-rbd", "msg": "Failure when executing Helm command. Exited 1.\nstdout: \nstderr: Error: UPGRADE FAILED: cannot patch \"rbd.csi.ceph.com\" with kind CSIDriver: CSIDriver.storage.k8s.io \"rbd.csi.ceph.com\" is invalid: spec.fsGroupPolicy: Invalid value: \"File\": field is immutable\n", "stderr": "Error: UPGRADE FAILED: cannot patch \"rbd.csi.ceph.com\" with kind CSIDriver: CSIDriver.storage.k8s.io \"rbd.csi.ceph.com\" is invalid: spec.fsGroupPolicy: Invalid value: \"File\": field is immutable\n", "stderr_lines": ["Error: UPGRADE FAILED: cannot patch \"rbd.csi.ceph.com\" with kind CSIDriver: CSIDriver.storage.k8s.io \"rbd.csi.ceph.com\" is invalid: spec.fsGroupPolicy: Invalid value: \"File\": field is immutable"], "stdout": "", "stdout_lines": []}

If so, delete the csidriver object

kubectl delete csidriver rbd.csi.ceph.com

Then do helm upgrade

v3.7.0: Ceph-CSI v3.7.0 Release

Compare Source

We are excited to announce another feature packed release of Ceph CSI , v3.7.0. This is another great step towards making it possible to use enhanced features of Container Storage Interface ( CSI) with Ceph Cluster in the backend. With this release, we are introducing many brand new features and enhancements to Ceph CSI driver. Also this release enabled a smooth integration to various projects. Here are the changelog / release highlights..

Changelog and Highlights:

Features

• KMIP integration for RBD PVC encryption
  • The Key Management Interoperability Protocol (KMIP) is an extensible communication protocol that defines message formats for the manipulation of cryptographic keys on a key management server. Ceph-CSI can now be configured to connect to various KMS using KMIP for encrypting RBD volumes.
• NFS
  • Added support for volume expansion, snapshot, restore and clone.
  • Added NFS nodeserver within CephCSI with support for pod networking with nsenter.
• Support enabling PV and snapshot metadata on the RBD images and CephFS subvolumes
  • For persistent volumes, clones and volume restores we support adding PVName/PVCName/PVCNamespace and ClusterName details
  • For snapshot volumes we support adding snapshot-name/snapshot-namespace/snapshotcontent-name and ClusterName details
• Shallow Read Only support for Ceph CSI driver:
  • cephfs-csi expose CephFS snapshots as shallow, read-only volumes, without needing to clone the underlying snapshot data (https://github.com/ceph/ceph-csi/blob/devel/docs/design/proposals/cephfs-snapshot-shallow-ro-vol.md ) which enables users to Restore snapshots selectively - users may want to traverse snapshots, restoring data to a writable volume more selectively instead of restoring the whole snapshot and this feature also help to perform more efficient Volume backup.

Enhancements

• All kubernetes sidecars ( external provisioner,snapshotter, resizer..etc) are rebased to latest available versions. Along with other dependency module updates this release consume go-ceph v0.17.0 and kubernetes 1.24.4 version.
• snapshot API support has been lifted to GA version in this release.
• From this release onwards, the CSI driver make use of File fsgroup policy for its fsgroup based operations.
• New feature gates are enabled ( HonorPVReclaimPolicy..etc) in the sidecar deployments.

Bug Fixes

• While mounting the volume, CSI drivers no longer open world wide permission on mount path ( See ).
• Support linux kernels <=4.11.0, /sys/bus/rbd/supported_features is part of Linux kernel v4.11.0, prepare the supported feature attributes and use them in case if supported_features file is missing (See #​2678)
• Fix volume healer for StagingTargetPath issue for Kubernetes 1.24 (See #​3176)
• RBACs are restricted to a great extend in this release version compared to previous. The CSI driver operate on least required RBAC in a cluster from now on.

E2E

• many tests are added for making sure we stay with backward compatibility for existing features of v3.6.
• new tests are added for features introduced in this release
• lots of cleanup and deprecated API removals done on the test framework
• Dropped support for kubernetes v<=1.22 tests in the framework

Deprecation

• Volumereplication service running on controller server is deprecated and replaced by CSI-Addons, see https://github.com/ceph/ceph-csi/issues/3314 for more details
• cephfs provisioner will not make use of attacher sidecar from this release onwards. See https://github.com/ceph/ceph-csi/pull/3149 for more details

Breaking Changes

• NFS daemonset is renamed from csi-nfs-node to csi-nfsplugin, refer to upgrade steps for more details.

NOTE

Helm upgrade may fail with message:

UPGRADE FAILED: cannot patch "rbd.csi.ceph.com" with kind CSIDriver: CSIDriver.storage.k8s.io "rbd.csi.ceph.com" is invalid: spec.fsGroupPolicy: Invalid value: "File": field is immutable"
 FAILED! => {"changed": false, "command": "/usr/sbin/helm --version=v3.7.0 upgrade -i --reset-values --create-namespace -f=/tmp/tmp2sr2me9a.yml ceph-csi ceph-csi/ceph-csi-rbd", "msg": "Failure when executing Helm command. Exited 1.\nstdout: \nstderr: Error: UPGRADE FAILED: cannot patch \"rbd.csi.ceph.com\" with kind CSIDriver: CSIDriver.storage.k8s.io \"rbd.csi.ceph.com\" is invalid: spec.fsGroupPolicy: Invalid value: \"File\": field is immutable\n", "stderr": "Error: UPGRADE FAILED: cannot patch \"rbd.csi.ceph.com\" with kind CSIDriver: CSIDriver.storage.k8s.io \"rbd.csi.ceph.com\" is invalid: spec.fsGroupPolicy: Invalid value: \"File\": field is immutable\n", "stderr_lines": ["Error: UPGRADE FAILED: cannot patch \"rbd.csi.ceph.com\" with kind CSIDriver: CSIDriver.storage.k8s.io \"rbd.csi.ceph.com\" is invalid: spec.fsGroupPolicy: Invalid value: \"File\": field is immutable"], "stdout": "", "stdout_lines": []}

If so, delete the csidriver object

kubectl delete csidriver rbd.csi.ceph.com

Then do helm upgrade

Release Image : docker pull quay.io/cephcsi/cephcsi:v3.7.0

New Contributors ( Thanks !! )

• @​losil made their first contribution in https://github.com/ceph/ceph-csi/pull/2993
• @​Cytrian made their first contribution in https://github.com/ceph/ceph-csi/pull/3091
• @​naveensrinivasan made their first contribution in https://github.com/ceph/ceph-csi/pull/3127
• @​irq0 made their first contribution in https://github.com/ceph/ceph-csi/pull/2912
• @​iceman91176 made their first contribution in https://github.com/ceph/ceph-csi/pull/3177
• @​BenoitKnecht made their first contribution in https://github.com/ceph/ceph-csi/pull/3232
• @​takmatsu made their first contribution in https://github.com/ceph/ceph-csi/pull/3233
• @​anthonyeleven made their first contribution in https://github.com/ceph/ceph-csi/pull/3274
• @​palvarez89 made their first contribution in https://github.com/ceph/ceph-csi/pull/3273

Full Changelog: https://github.com/ceph/ceph-csi/compare/v3.6.2...v3.7.0

Thanks to awesome Ceph CSI community for this great release

v3.6.2: Ceph-CSI v3.6.2 Release

Compare Source

Changelog or Highlights:

Bug Fixes:

• Add allowPrivilegeEscalation: true to containerSecurityContext to nodeplugin daemonset

NFS

• Delete the CephFS volume when the export is already removed

RBD

• Use vaultAuthPath variable name in error msg
• Support pvc-pvc clone with different sc & encryption
• Consider rbd as default mounter if not set
• Fix bug with missing supported_features

CephFS

• Skip NetNamespaceFilePath if the volume is pre-provisioned

CI improvements

• Improve logging for kubectl_retry helper
• Fix commitlint problem
• Prevent ERR trap inheritance for kubectl_retry

Breaking Changes

None.

v3.6.1: Ceph-CSI v3.6.1 Release

Compare Source

Changelog or Highlights:

Feature:

• Add network namespace to support pod networking for CephFS and RBD plugins.

Bug Fixes/Enhancements:

NFS

• Add NFS provisioner & plugin sa to scc.yaml
• Use go-ceph API for creating/deleting exports
• Return gRPC status from CephFS CreateVolume failure

RBD

• Fix logging in ExecuteCommandWithNSEnter
• Check nbd tool features only for RBD driver
• Use leases for leader election in RBD omap controller
• Consider remote image health state for PromoteVolume

Breaking Changes

None.

v3.6.0: Ceph-CSI v3.6.0 Release

Compare Source

We are excited to announce another feature packed release of Ceph CSI , v3.6.0. This is another great step towards making it possible to use enhanced features of Container Storage Interface ( CSI) with Ceph Cluster in the backend. With this release, we are introducing many brand new features and enhancements to Ceph CSI driver. Also this release enabled a smooth integration to various projects. Here are the changelog / release highlights..

Changelog and Highlights:

New Features

NFS based dynamic provisioner:

Ceph-CSI already creates CephFS volumes, that can be mounted over the native CephFS protocol. A new provisioner in Ceph-CSI can create CephFS volumes, and include the required NFS CSI parameters so that the NFS CSI driver can mount the CephFS volume over NFS. The CephFS volumes would be internally managed by the NFS provisioner, and only be exposed as NFS CSI volumes towards the consumers.

Fuse Mount recovery

Mounts managed by ceph-fuse may get corrupted by e.g. the ceph-fuse process exiting abruptly, or its parent container being terminated, taking down its child processes with it. This was an issue for FUSE based CephFS mounts performed by the Ceph CSI driver, however from this release onwards CSI driver is capable of detecting the corrupted ceph fuse mounts and it will try to remount automatically.

AWS KMS Encryption

Ceph-CSI can be configured to use Amazon STS, when kubernetes cluster is configured with OIDC identity provider to fetch credentials to access Amazon KMS. With Amazon STS and kubernetes cluster is configured with OIDC identity provider, credentials to access Amazon KMS can be fetched using oidc-token(serviceaccount token).

Quincy Support

Ceph CSI driver has been built on top of Quincy release of Ceph.

Enhancements

• Improved RBD image flattening support: from this release onwards, only temporary intermediate clones and snapshot will be flattened. See #​2190 for more details.

• Topology aware provisioning has been revisited with this release and enhancements have been made to make it more production ready.

• image features as optional parameter in Storage Class make the rbd images features in the storageclass parameter list as optional so that default image features of librbd can be used.

• Added support for deep-flatten image feature: as deep-flatten is long supported in ceph and its enabled by default in the librbd, via this enhancement we are providing an option to enable it in cephcsi for the rbd images we are creating.

• Added selinuxMount flag to enable/disable /etc/selinux host mount: selinuxMount flag has been added to enable/disable /etc/selinux host mount inside pods to support selinux-enabled filesystems

• A new reference tracker has been introduced with this release which is a key-based implementation of a reference counter. This allows accounting in situations where idempotency must be preserved.

Bug Fixes:

• BlockMode recalimspace request has been adjusted to avoid data loss on the reclaim space operation

• RBD and CephFS driver has fixed an issue at node mount operation, to take care explicit permission set done by the CSI driver previous to this release which was causing unwanted pod delay.

• RBD force promote timeout has been increased to 2 minutes to give enough time for rollback to complete.

• Storage class map options has been corrected to ensure it works in various combinations of the input setting from the storage class and also made it flexible to work with different mounters like kernel,nbd..etc.

• Previously, restoring a snapshot with a new PVC results with a wrong dataPoolName in case of initial volume linked to a storageClass with topology constraints and erasure coding. This has been fixed in this release.

• omap deletion in DeleteSnapshot operation has been fixed with this release which helps to cleanup the omap properly once the subvolume snapshot is deleted.

Rebase

The dependencies of Ceph CSI driver are updated to latest version to consume various fixes and enhancements in the same.

E2E

Documentation

Breaking Changes

• RBD Thick provisioning support is removed see #​2795 for more details.

Release Image : docker pull quay.io/cephcsi/cephcsi:v3.6.0

Thanks to awesome Ceph CSI community for this great release

---

Configuration

Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever MR is behind base branch, or you tick the rebase/retry checkbox.

Ignore: Close this MR and you won't be reminded about this update again.

---

• If you want to rebase/retry this MR, check this box

---

This MR has been generated by Renovate Bot.