Details
-
Bug
-
Resolution: Won't Do
-
Undefined
-
None
-
4.11
-
Important
-
Rejected
-
All
-
If docs needed, set a value
Description
Description of problem:
[Alibaba CSI] volume with parameter readonly:true inside storageclass.yaml, allowing to write inside volume and in describe volume getting displayed 2 times where the values are not same
Version-Release number of selected component (if applicable):
oc get clusterversion
NAME VERSION AVAILABLE PROGRESSING SINCE STATUS
version 4.11.0-0.nightly-2022-04-12-000004 True False 7h36m Cluster version is 4.11.0-0.nightly-2022-04-12-000004
How reproducible:
Always
Steps to Reproduce:
1) Install Alibaba cluster
2) Create storageclass with readonly parameter: true
https://github.com/kubernetes-sigs/alibaba-cloud-csi-driver/blob/master/examples/disk/shared-disk/storageclass.yaml#L11
sc_pvc_dep.yaml
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: csi-disk
provisioner: diskplugin.csi.alibabacloud.com
parameters:
type: cloud_essd
readOnly: "true"
reclaimPolicy: Delete
volumeBindingMode: WaitForFirstConsumer
allowVolumeExpansion: true
—
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: block-pvc
namespace: testdisk
spec:
accessModes:
- ReadWriteOnce
volumeMode: Block
storageClassName: csi-disk
resources:
requests:
storage: 20Gi
—
apiVersion: apps/v1
kind: Deployment
metadata:
name: mydep-csi
namespace: testdisk
spec:
replicas: 1
selector:
matchLabels:
app: hello
template:
metadata:
labels:
app: hello
spec:
containers: - name: hello-storage
image: quay.io/openshifttest/storage@sha256:a05b96d373be86f46e76817487027a7f5b8b5f87c0ac18a246b018df11529b40
ports: - containerPort: 80
volumeDevices: - name: local
devicePath: /dev/dblock
volumes: - name: local
persistentVolumeClaim:
claimName: block-pvc
3) Check the pod,pvc status
4) Describe the pv and check the output, which is displaying as
pv.Readonly: false,
pv.VolumeAttributes.readOnly: true
oc describe pv
Source:
Type: CSI (a Container Storage Interface (CSI) volume source)
Driver: diskplugin.csi.alibabacloud.com
FSType:
VolumeHandle: d-0xih57sbz0ht38636k6t
ReadOnly: false
VolumeAttributes: readOnly=true storage.kubernetes.io/csiProvisionerIdentity=1649737828224-8081-diskplugin.csi.alibabacloud.com
type=cloud_essd
Events: <none>
5) Write down inside volume and able to write data successfully.
vi writebl.sh
depname="mydep-csi-659ff8cf7c-gms6f"
namespace="testdisk"
oc exec $depname -n $namespace -i – sh -c "bin/dd if=/dev/null of=/dev/dblock bs=512 count=1"
oc exec $depname -n $namespace -i – sh -c "echo 'testdata' > /dev/dblock"
oc exec $depname -n $namespace -i – sh -c "/bin/dd if=/dev/dblock of=/tmp/testfile bs=512 count=1"
oc exec $depname -n $namespace -i – sh -c "cat /tmp/testfile"
Execution:
./writebl.sh
0+0 records in
0+0 records out
0 bytes copied, 3.5926e-05 s, 0.0 kB/s
1+0 records in
1+0 records out
512 bytes copied, 4.8309e-05 s, 10.6 MB/s
testdata
Actual results:
Able to write inside volume successfully and describe pv showing 2 readonly values
pv.Readonly: false,
pv.VolumeAttributes.readOnly: true
Expected results:
It should not allow to write data inside volume.
Master Log:
Node Log (of failed PODs):
PV Dump:
PVC Dump:
StorageClass Dump (if StorageClass used by PV/PVC):
Additional info:
