Commit f80104f2 authored by Cyrill Troxler's avatar Cyrill Troxler
Browse files

Remove s3ql 

s3ql does not work very well in a dynamic environment like k8s.
Also as it needs a ton of dependencies just to get it built makes
it hard to maintain.
parent 76fc704c

Makefile

+5 −2
Original line number Diff line number Diff line
@@ -16,8 +16,9 @@ 
PROJECT_DIR=/app

REGISTRY_NAME=ctrox

IMAGE_NAME=csi-s3

IMAGE_VERSION=1.0.1-alpha

IMAGE_TAG=$(REGISTRY_NAME)/$(IMAGE_NAME):$(IMAGE_VERSION)

VERSION ?= dev

IMAGE_TAG=$(REGISTRY_NAME)/$(IMAGE_NAME):$(VERSION)

FULL_IMAGE_TAG=$(IMAGE_TAG)-full

TEST_IMAGE_TAG=$(REGISTRY_NAME)/$(IMAGE_NAME):test



build:
@@ -27,8 +28,10 @@ test: 
	docker run --rm --privileged -v $(PWD):$(PROJECT_DIR) --device /dev/fuse $(TEST_IMAGE_TAG)

container: build

	docker build -t $(IMAGE_TAG) -f cmd/s3driver/Dockerfile .

	docker build -t $(FULL_IMAGE_TAG) --build-arg VERSION=$(VERSION) -f cmd/s3driver/Dockerfile.full .

push: container

	docker push $(IMAGE_TAG)

	docker push $(FULL_IMAGE_TAG)

clean:

	go clean -r -x

	-rm -rf _output

README.md

+7 −19
Original line number Diff line number Diff line
@@ -10,14 +10,12 @@ This is still very experimental and should not be used in any production environ 


### Requirements



* Kubernetes 1.13+

* Kubernetes 1.13+ (CSI v1.0.0 compatibility)

* Kubernetes has to allow privileged containers

* Docker daemon must allow shared mounts (systemd flag `MountFlags=shared`)



### 1. Create a secret with your S3 credentials



The endpoint is optional if you are using something else than AWS S3. Also the region can be empty if you are using some other S3 compatible storage.



```yaml

apiVersion: v1

kind: Secret
@@ -30,11 +28,10 @@ stringData: 
  endpoint: <S3_ENDPOINT_URL>

  # If not on S3, set it to ""

  region: <S3_REGION>

  # Currently only for s3ql

  # If not using s3ql, set it to ""

  encryptionKey: <FS_ENCRYPTION_KEY>

```



The region can be empty if you are using some other S3 compatible storage.



### 2. Deploy the driver



```bash
@@ -63,7 +60,7 @@ kubectl create -f pvc.yaml 
```bash

$ kubectl get pvc csi-s3-pvc

NAME         STATUS    VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS   AGE

csi-s3-pvc   Bound     pvc-c5d4634f-8507-11e8-9f33-0e243832354b   5Gi        RWX            csi-s3         9s

csi-s3-pvc   Bound     pvc-c5d4634f-8507-11e8-9f33-0e243832354b   5Gi        RWO            csi-s3         9s

```



* Create a test pod which mounts your volume:
@@ -96,7 +93,6 @@ The driver can be configured to use one of these mounters to mount buckets: 
* [rclone](https://rclone.org/commands/rclone_mount)

* [s3fs](https://github.com/s3fs-fuse/s3fs-fuse)

* [goofys](https://github.com/kahing/goofys)

* [s3ql](https://github.com/s3ql/s3ql)

* [s3backer](https://github.com/archiecobbs/s3backer)



The mounter can be set as a parameter in the storage class. You can also create multiple storage classes for each mounter if you like.
@@ -121,16 +117,7 @@ All mounters have different strengths and weaknesses depending on your use case. 
* Files can be viewed normally with any S3 client

* Does not support appends or random writes



#### s3ql (not recommended*)



* (Almost) full POSIX compatibility

* Uses its own object format

* Files are not readable with other S3 clients

* Support appends

* Supports compression before upload

* Supports encryption before upload



#### s3backer (not recommended*)

#### s3backer (experimental*)



* Represents a block device stored on S3

* Allows to use a real filesystem
@@ -139,7 +126,8 @@ All mounters have different strengths and weaknesses depending on your use case. 
* Supports compression before upload (Not yet implemented in this driver)

* Supports encryption before upload (Not yet implemented in this driver)



*s3ql and s3backer are not recommended at this point because volume corruption can occur pretty quickly in case of an unexpected shutdown of a Kubernetes node or CSI pod.

*s3backer is experimental at this point because volume corruption can occur pretty quickly in case of an unexpected shutdown of a Kubernetes node or CSI pod.

The s3backer binary is not bundled with the normal docker image to keep that as small as possible. Use the `<version>-full` image tag for testing s3backer.



Fore more detailed limitations consult the documentation of the different projects.

cmd/s3driver/Dockerfile

+4 −3
Original line number Diff line number Diff line
@@ -2,15 +2,16 @@ FROM debian:stretch 
LABEL maintainers="Cyrill Troxler <cyrilltroxler@gmail.com>"

LABEL description="csi-s3 slim image"



# s3fs and some other dependencies

RUN apt-get update && \

  apt-get install -y \

  s3fs wget unzip && \

  s3fs curl unzip && \

  rm -rf /var/lib/apt/lists/*



# install rclone

ARG RCLONE_VERSION=v1.46

ARG RCLONE_VERSION=v1.47.0

RUN cd /tmp \

  && wget -q https://downloads.rclone.org/${RCLONE_VERSION}/rclone-${RCLONE_VERSION}-linux-amd64.zip \

  && curl -O https://downloads.rclone.org/${RCLONE_VERSION}/rclone-${RCLONE_VERSION}-linux-amd64.zip \

  && unzip /tmp/rclone-${RCLONE_VERSION}-linux-amd64.zip \

  && mv /tmp/rclone-*-linux-amd64/rclone /usr/bin \

  && rm -r /tmp/rclone*

cmd/s3driver/Dockerfile.full

+16 −36
Original line number Diff line number Diff line 
FROM python:3.6 as s3ql-deps

LABEL maintainers="Cyrill Troxler <cyrilltroxler@gmail.com>"

LABEL description="s3ql dependencies"



RUN apt-get update && \

    apt-get install -y \

       python3 python3-setuptools \

      python3-dev python3-pip pkg-config cython \

      libfuse-dev libattr1-dev && \

    rm -rf /var/lib/apt/lists/*



RUN pip3 install llfuse apsw defusedxml dugong requests pycrypto



FROM debian:stretch as s3backer

ARG S3BACKER_VERSION=1.5.0
@@ -37,29 +24,22 @@ RUN ./autogen.sh && \ 
  make && \

  make install



FROM python:3.6-slim

FROM debian:stretch

LABEL maintainers="Cyrill Troxler <cyrilltroxler@gmail.com>"

LABEL description="csi-s3 full image"

LABEL description="csi-s3 image"

COPY --from=s3backer /usr/bin/s3backer /usr/bin/s3backer



# s3fs and some other dependencies

RUN apt-get update && \

  apt-get install -y \

  libfuse2 gcc sqlite3 libsqlite3-dev \

      s3fs psmisc procps libcurl3 xfsprogs wget unzip && \

  s3fs psmisc procps libcurl3 xfsprogs curl unzip && \

  rm -rf /var/lib/apt/lists/*



ARG S3QL_VERSION=2.29

ENV S3QL_URL=https://github.com/s3ql/s3ql/releases/download/release-${S3QL_VERSION}/s3ql-${S3QL_VERSION}.tar.bz2



COPY --from=s3ql-deps /root/.cache /root/.cache

COPY --from=s3ql-deps /usr/local/lib/python3.6/site-packages /usr/local/lib/python3.6/site-packages

RUN pip install ${S3QL_URL} && rm -rf /root/.cache



COPY --from=s3backer /usr/bin/s3backer /usr/bin/s3backer



# install rclone

ARG RCLONE_VERSION=v1.46

ARG RCLONE_VERSION=v1.47.0

RUN cd /tmp \

    && wget -q https://downloads.rclone.org/${RCLONE_VERSION}/rclone-${RCLONE_VERSION}-linux-amd64.zip \

  && curl -O https://downloads.rclone.org/${RCLONE_VERSION}/rclone-${RCLONE_VERSION}-linux-amd64.zip \

  && unzip /tmp/rclone-${RCLONE_VERSION}-linux-amd64.zip \

  && mv /tmp/rclone-*-linux-amd64/rclone /usr/bin \

  && rm -r /tmp/rclone*

deploy/kubernetes/secret.yaml

+0 −3
Original line number Diff line number Diff line
@@ -9,6 +9,3 @@ stringData: 
  endpoint: https://s3.eu-central-1.amazonaws.com

  # If not on S3, set it to ""

  region: <S3_REGION>
 
  # Currently only for s3ql

  # If not using s3ql, set it to ""

  encryptionKey: ""