Currently, cephcsi allows the rbd image creation with layering,fast-diff,obj-map, and exclusive-lock image features. As in downstream deep-flatten is long supported rbd image features. we need cephcsi support to create the rbd images with a deep-flatten image feature. Validation:- create rbd storageclass with layering,exclusive-lock,object-map,fast-diff,deep-flatten imageFeatures and create and mount the PVC to application pod.
This is a small change in ceph-csi to enable the deep flatten feature, it will not impact downstream till we enable it by default via ocs-operator. Plan is to take this in 4.10 so that QE can run the tests with this enabled. If the test results come fine, we will make the ocs-operator/UI change to enable it in 4.10 or 4.10.z Discussed with Karthick from QE.
Verification comments: Build - Server Version: 4.10.0-0.nightly-2022-03-23-025121 SC [kmanohar@kmanohar ~]$ oc get sc/sc-test-1 -o yaml allowVolumeExpansion: true apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: annotations: description: Provides RWO Filesystem volumes, and RWO and RWX Block volumes creationTimestamp: "2022-03-23T14:46:25Z" name: sc-test-1 resourceVersion: "149322" uid: bf3f1626-cb7b-4f24-aa8b-06f343f39fe5 parameters: clusterID: openshift-storage csi.storage.k8s.io/controller-expand-secret-name: rook-csi-rbd-provisioner csi.storage.k8s.io/controller-expand-secret-namespace: openshift-storage csi.storage.k8s.io/fstype: ext4 csi.storage.k8s.io/node-stage-secret-name: rook-csi-rbd-node csi.storage.k8s.io/node-stage-secret-namespace: openshift-storage csi.storage.k8s.io/provisioner-secret-name: rook-csi-rbd-provisioner csi.storage.k8s.io/provisioner-secret-namespace: openshift-storage imageFeatures: layering,exclusive-lock,object-map,fast-diff,deep-flatten imageFormat: "2" pool: ocs-storagecluster-cephblockpool provisioner: openshift-storage.rbd.csi.ceph.com reclaimPolicy: Delete volumeBindingMode: Immediate [kmanohar@kmanohar ~]$ _______________________________________________________________ PVC [kmanohar@kmanohar ~]$ oc get pvc/test-pvc -o yaml apiVersion: v1 kind: PersistentVolumeClaim metadata: annotations: pv.kubernetes.io/bind-completed: "yes" pv.kubernetes.io/bound-by-controller: "yes" volume.beta.kubernetes.io/storage-provisioner: openshift-storage.rbd.csi.ceph.com volume.kubernetes.io/storage-provisioner: openshift-storage.rbd.csi.ceph.com creationTimestamp: "2022-03-23T14:47:07Z" finalizers: - kubernetes.io/pvc-protection name: test-pvc namespace: image-feature resourceVersion: "149819" uid: cbc5dc76-4abf-4d2d-abba-bf139ace59a5 spec: accessModes: - ReadWriteOnce resources: requests: storage: 3Gi storageClassName: sc-test-1 volumeMode: Filesystem volumeName: pvc-cbc5dc76-4abf-4d2d-abba-bf139ace59a5 status: accessModes: - ReadWriteOnce capacity: storage: 3Gi phase: Bound ____________________________________________________________________________________________ POD [kmanohar@kmanohar ~]$ oc get pod/test-pod -o yaml apiVersion: v1 kind: Pod metadata: annotations: k8s.v1.cni.cncf.io/network-status: |- [{ "name": "openshift-sdn", "interface": "eth0", "ips": [ "10.129.2.76" ], "default": true, "dns": {} }] k8s.v1.cni.cncf.io/networks-status: |- [{ "name": "openshift-sdn", "interface": "eth0", "ips": [ "10.129.2.76" ], "default": true, "dns": {} }] openshift.io/scc: anyuid creationTimestamp: "2022-03-23T14:48:14Z" name: test-pod namespace: image-feature resourceVersion: "150843" uid: b6763e67-9702-4c5c-8f98-2a676d391772 spec: containers: - image: quay.io/ocsci/nginx:latest imagePullPolicy: Always name: web-server resources: {} securityContext: capabilities: drop: - MKNOD terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /var/lib/www/html name: mypvc - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: kube-api-access-f67js readOnly: true dnsPolicy: ClusterFirst enableServiceLinks: true imagePullSecrets: - name: default-dockercfg-5s7vf nodeName: compute-0 preemptionPolicy: PreemptLowerPriority priority: 0 restartPolicy: Always schedulerName: default-scheduler securityContext: seLinuxOptions: level: s0:c27,c24 serviceAccount: default serviceAccountName: default terminationGracePeriodSeconds: 30 tolerations: - effect: NoExecute key: node.kubernetes.io/not-ready operator: Exists tolerationSeconds: 300 - effect: NoExecute key: node.kubernetes.io/unreachable operator: Exists tolerationSeconds: 300 volumes: - name: mypvc persistentVolumeClaim: claimName: test-pvc - name: kube-api-access-f67js projected: defaultMode: 420 sources: - serviceAccountToken: expirationSeconds: 3607 path: token - configMap: items: - key: ca.crt path: ca.crt name: kube-root-ca.crt - downwardAPI: items: - fieldRef: apiVersion: v1 fieldPath: metadata.namespace path: namespace - configMap: items: - key: service-ca.crt path: service-ca.crt name: openshift-service-ca.crt status: conditions: - lastProbeTime: null lastTransitionTime: "2022-03-23T14:48:14Z" status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: "2022-03-23T14:48:25Z" status: "True" type: Ready - lastProbeTime: null lastTransitionTime: "2022-03-23T14:48:25Z" status: "True" type: ContainersReady - lastProbeTime: null lastTransitionTime: "2022-03-23T14:48:14Z" status: "True" type: PodScheduled containerStatuses: - containerID: cri-o://3253519edf843efa70cccaee28398115a5f38e31591e3e95ad1efba512dfec7e image: quay.io/ocsci/nginx:latest imageID: quay.io/ocsci/nginx@sha256:34f3f875e745861ff8a37552ed7eb4b673544d2c56c7cc58f9a9bec5b4b3530e lastState: {} name: web-server ready: true restartCount: 0 started: true state: running: startedAt: "2022-03-23T14:48:25Z" hostIP: 10.1.161.67 phase: Running podIP: 10.129.2.76 podIPs: - ip: 10.129.2.76 qosClass: BestEffort startTime: "2022-03-23T14:48:14Z" [kmanohar@kmanohar ~]$ ___________________________________________________________________________________________