add support for VolumeAttributeClasses

enabled by enabling ControllerModifyVolume functionality via new shoot annotation.
gardener · Dec 6, 2024 · a1ce1f1 · a1ce1f1
1 parent c4a3f4f
commit a1ce1f1
Show file tree

Hide file tree

Showing 5 changed files with 53 additions and 3 deletions.
diff --git a/...ernal/seed-controlplane/charts/csi-driver-controller/templates/csi-driver-controller.yaml b/...ernal/seed-controlplane/charts/csi-driver-controller/templates/csi-driver-controller.yaml
@@ -49,6 +49,12 @@ spec:
         - --logtostderr
         - --v=3
         - --enable-storage-pools
+        {{- if (((.Values.csiDriver).storage).supportsDynamicIopsProvisioning) }}
+        - --supports-dynamic-iops-provisioning={{ range $storageType := .Values.csiDriver.storage.supportsDynamicIopsProvisioning }}{{ $storageType }},{{ end }}
+        {{- end }}
+        {{- if (((.Values.csiDriver).storage).supportsDynamicThroughputProvisioning) }}
+        - --supports-dynamic-throughput-provisioning={{ range $storageType := .Values.csiDriver.storage.supportsDynamicThroughputProvisioning }}{{ $storageType }},{{ end }}
+        {{- end }}
         env:
         - name: CSI_ENDPOINT
           value: unix://{{ .Values.socketPath }}/csi.sock
@@ -84,7 +90,9 @@ spec:
         args:
         - --csi-address=$(ADDRESS)
         - --kubeconfig=/var/run/secrets/gardener.cloud/shoot/generic-kubeconfig/kubeconfig
-        - --feature-gates=Topology=true
+        {{- if ((.Values.csiProvisioner).featureGates) }}
+        - --feature-gates={{ range $feature, $enabled := .Values.csiProvisioner.featureGates }}{{ $feature }}={{ $enabled }},{{ end }}
+        {{- end }}
         - --volume-name-prefix=pv-
         - --default-fstype=ext4
         - --extra-create-metadata=true
@@ -160,6 +168,9 @@ spec:
         - --leader-election=true
         - --leader-election-namespace=kube-system
         - --handle-volume-inuse-error=false
+        {{- if ((.Values.csiResizer).featureGates) }}
+        - --feature-gates={{ range $feature, $enabled := .Values.csiResizer.featureGates }}{{ $feature }}={{ $enabled }},{{ end }}
+        {{- end }}
         - --v=5
         env:
         - name: ADDRESS

diff --git a/...nal/shoot-system-components/charts/csi-driver-node/templates/clusterrole-csi-resizer.yaml b/...nal/shoot-system-components/charts/csi-driver-node/templates/clusterrole-csi-resizer.yaml
@@ -13,6 +13,9 @@ rules:
 - apiGroups: [""]
   resources: ["persistentvolumeclaims/status"]
   verbs: ["update", "patch"]
+- apiGroups: ["storage.k8s.io"]
+  resources: ["volumeattributesclasses"]
+  verbs: ["get", "list", "watch"]
 - apiGroups: [""]
   resources: ["events"]
   verbs: ["list", "watch", "create", "update", "patch"]
diff --git a/docs/usage/usage.md b/docs/usage/usage.md
@@ -287,6 +287,10 @@ Every GCP shoot cluster will be deployed with the GCP PD CSI driver.
 It is compatible with the legacy in-tree volume provisioner that was deprecated by the Kubernetes community and will be removed in future versions of Kubernetes.
 End-users might want to update their custom `StorageClass`es to the new `pd.csi.storage.gke.io` provisioner.
 
+## Support for VolumeAttributesClasses (Beta in k8s 1.31)
+
+To have the CSI-driver configured to support the necessary features for [VolumeAttributesClasses](https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/) on GCP for shoots with a k8s-version greater than 1.31, use the `gcp.provider.extensions.gardener.cloud/enable-volume-attributes-class` annotation on the shoot. Keep in mind to also enable the required feature flags and runtime-config on the common kubernetes controllers (as outlined in the link above) in the shoot-spec.
+
 ## Kubernetes Versions per Worker Pool
 
 This extension supports `gardener/gardener`'s `WorkerPoolKubernetesVersion` feature gate, i.e., having [worker pools with overridden Kubernetes versions](https://github.com/gardener/gardener/blob/8a9c88866ec5fce59b5acf57d4227eeeb73669d7/example/90-shoot.yaml#L69-L70) since `gardener-extension-provider-gcp@v1.21`.

diff --git a/pkg/controller/controlplane/valuesprovider.go b/pkg/controller/controlplane/valuesprovider.go
@@ -11,6 +11,7 @@ import (
 	"path/filepath"
 	"strings"
 
+	"github.com/Masterminds/semver/v3"
 	extensionscontroller "github.com/gardener/gardener/extensions/pkg/controller"
 	"github.com/gardener/gardener/extensions/pkg/controller/controlplane/genericactuator"
 	extensionssecretsmanager "github.com/gardener/gardener/extensions/pkg/util/secret/manager"
@@ -23,6 +24,7 @@ import (
 	kutil "github.com/gardener/gardener/pkg/utils/kubernetes"
 	secretutils "github.com/gardener/gardener/pkg/utils/secrets"
 	secretsmanager "github.com/gardener/gardener/pkg/utils/secrets/manager"
+	versionutils "github.com/gardener/gardener/pkg/utils/version"
 	monitoringv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1"
 	admissionregistrationv1 "k8s.io/api/admissionregistration/v1"
 	appsv1 "k8s.io/api/apps/v1"
@@ -456,7 +458,7 @@ func getCSIControllerChartValues(
 		return nil, fmt.Errorf("secret %q not found", csiSnapshotValidationServerName)
 	}
 
-	return map[string]interface{}{
+	values := map[string]interface{}{
 		"enabled":   true,
 		"replicas":  extensionscontroller.GetControlPlaneReplicas(cluster, scaledDown, 1),
 		"projectID": serviceAccount.ProjectID,
@@ -474,7 +476,35 @@ func getCSIControllerChartValues(
 			},
 			"topologyAwareRoutingEnabled": gardencorev1beta1helper.IsTopologyAwareRoutingForShootControlPlaneEnabled(cluster.Seed, cluster.Shoot),
 		},
-	}, nil
+	}
+
+	k8sVersion, err := semver.NewVersion(cluster.Shoot.Spec.Kubernetes.Version)
+	if err != nil {
+		return nil, err
+	}
+	if versionutils.ConstraintK8sGreaterEqual131.Check(k8sVersion) {
+		if _, ok := cluster.Shoot.Annotations[gcp.AnnotationEnableVolumeAttributesClass]; ok {
+			values["csiDriver"] = map[string]interface{}{
+				"storage": map[string]interface{}{
+					"supportsDynamicIopsProvisioning":       []string{"hyperdisk-balanced", "hyperdisk-extreme"},
+					"supportsDynamicThroughputProvisioning": []string{"hyperdisk-balanced", "hyperdisk-throughput", "hyperdisk-ml"},
+				},
+			}
+			values["csiResizer"] = map[string]interface{}{
+				"featureGates": map[string]string{
+					"VolumeAttributesClass": "true",
+				},
+			}
+			values["csiProvisioner"] = map[string]interface{}{
+				"featureGates": map[string]string{
+					"VolumeAttributesClass": "true",
+				},
+			}
+		}
+
+	}
+
+	return values, nil
 }
 
 // getControlPlaneShootChartValues collects and returns the control plane shoot chart values.

diff --git a/pkg/gcp/types.go b/pkg/gcp/types.go
@@ -81,6 +81,8 @@ const (
 	SeedAnnotationKeyUseFlow = AnnotationKeyUseFlow
 	// SeedAnnotationUseFlowValueNew is the value to restrict flow reconciliation to new shoot clusters
 	SeedAnnotationUseFlowValueNew = "new"
+	// AnnotationEnableVolumeAttributesClass is the annotation to use on shoots to enable VolumeAttributesClasses
+	AnnotationEnableVolumeAttributesClass = "gcp.provider.extensions.gardener.cloud/enable-volume-attributes-class"
 )
 
 var (