Add upstream patch to kubevirt to force hp-volume- pod to respect blockdevices (IcM 467224770) (#7781)

sharath-srikanth-chellappa · Sharath Srikanth Chellappa · web-flow · commit 1add496ffa11 · 2024-02-09T14:25:19.000-08:00
Co-authored-by: Sharath Srikanth Chellappa &lt;sharathsr@microsoft.com&gt;
diff --git a/SPECS/kubevirt/Hp-volume-pod-should-respect-blockdevices.patch b/SPECS/kubevirt/Hp-volume-pod-should-respect-blockdevices.patch
@@ -0,0 +1,91 @@
+From af25759a3205ac3cdf42254923e3e20cf336a4a0 Mon Sep 17 00:00:00 2001
+From: Vicente Cheng <vicente.cheng@suse.com>
+Date: Fri, 17 Feb 2023 17:23:06 +0800
+Subject: [PATCH] virt-controller: render hp-volume- pod should respect
+ blockdevices
+
+    We found that the VolumeDevices does not generate as the first
+    time we render on hp-volume- pod. That would cause the global path
+    not to be generated by kubelet again when the hp-volume- is
+    dead, then render again.
+
+    We should respect the VolumeDevics on the Spec. That would make
+    kubelet behavior is the same as the first time when the hp-volume-
+    pod is killed.
+
+Signed-off-by: Vicente Cheng <vicente.cheng@suse.com>
+---
+ pkg/virt-controller/services/template.go | 41 +++++++++++-------------
+ 1 file changed, 19 insertions(+), 22 deletions(-)
+
+diff --git a/pkg/virt-controller/services/template.go b/pkg/virt-controller/services/template.go
+index 4fe5fdcd0374..d4f1fbae7840 100644
+--- a/pkg/virt-controller/services/template.go
++++ b/pkg/virt-controller/services/template.go
+@@ -25,19 +25,14 @@ import (
+ 	"strconv"
+ 	"strings"
+ 
+-	"kubevirt.io/kubevirt/pkg/virt-controller/watch/topology"
+-
+-	"k8s.io/kubectl/pkg/cmd/util/podcmd"
+-	"k8s.io/utils/pointer"
+-
++	networkv1 "github.com/k8snetworkplumbingwg/network-attachment-definition-client/pkg/apis/k8s.cni.cncf.io/v1"
+ 	k8sv1 "k8s.io/api/core/v1"
+ 	"k8s.io/apimachinery/pkg/api/resource"
+ 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ 	"k8s.io/apimachinery/pkg/runtime/schema"
+ 	"k8s.io/client-go/tools/cache"
+-
+-	networkv1 "github.com/k8snetworkplumbingwg/network-attachment-definition-client/pkg/apis/k8s.cni.cncf.io/v1"
+-
++	"k8s.io/kubectl/pkg/cmd/util/podcmd"
++	"k8s.io/utils/pointer"
+ 	v1 "kubevirt.io/api/core/v1"
+ 	exportv1 "kubevirt.io/api/export/v1alpha1"
+ 	"kubevirt.io/client-go/kubecli"
+@@ -52,6 +47,7 @@ import (
+ 	"kubevirt.io/kubevirt/pkg/util"
+ 	"kubevirt.io/kubevirt/pkg/util/net/dns"
+ 	virtconfig "kubevirt.io/kubevirt/pkg/virt-config"
++	"kubevirt.io/kubevirt/pkg/virt-controller/watch/topology"
+ 	"kubevirt.io/kubevirt/pkg/virt-launcher/virtwrap/api"
+ )
+ 
+@@ -845,20 +841,21 @@ func (t *templateService) RenderHotplugAttachmentPodTemplate(volumes []*v1.Volum
+ 				},
+ 			},
+ 		})
+-		if !skipMount {
+-			pvc := claimMap[volume.Name]
+-			if pvc != nil {
+-				if types.IsPVCBlock(pvc.Spec.VolumeMode) {
+-					pod.Spec.Containers[0].VolumeDevices = append(pod.Spec.Containers[0].VolumeDevices, k8sv1.VolumeDevice{
+-						Name:       volume.Name,
+-						DevicePath: fmt.Sprintf("/path/%s/%s", volume.Name, pvc.GetUID()),
+-					})
+-				} else {
+-					pod.Spec.Containers[0].VolumeMounts = append(pod.Spec.Containers[0].VolumeMounts, k8sv1.VolumeMount{
+-						Name:      volume.Name,
+-						MountPath: fmt.Sprintf("/%s", volume.Name),
+-					})
+-				}
++		pvc := claimMap[volume.Name]
++		if pvc == nil {
++			continue
++		}
++		if types.IsPVCBlock(pvc.Spec.VolumeMode) {
++			pod.Spec.Containers[0].VolumeDevices = append(pod.Spec.Containers[0].VolumeDevices, k8sv1.VolumeDevice{
++				Name:       volume.Name,
++				DevicePath: fmt.Sprintf("/path/%s/%s", volume.Name, pvc.GetUID()),
++			})
++		} else {
++			if !skipMount {
++				pod.Spec.Containers[0].VolumeMounts = append(pod.Spec.Containers[0].VolumeMounts, k8sv1.VolumeMount{
++					Name:      volume.Name,
++					MountPath: fmt.Sprintf("/%s", volume.Name),
++				})
+ 			}
+ 		}
+ 	}
diff --git a/SPECS/kubevirt/kubevirt.spec b/SPECS/kubevirt/kubevirt.spec
@@ -33,6 +33,7 @@ Patch0:         Cleanup-housekeeping-cgroup-on-vm-del.patch
 Patch1:         Allocate-2-cpu-for-the-emulator-thread.patch
 Patch2:         Hotplug_detach_grace_period.patch
 Patch3:         CVE-2023-44487.patch
+Patch4:         Hp-volume-pod-should-respect-blockdevices.patch
 %global debug_package %{nil}
 BuildRequires:  glibc-devel
 BuildRequires:  glibc-static >= 2.35-6%{?dist}
@@ -212,6 +213,9 @@ install -p -m 0644 cmd/virt-handler/nsswitch.conf %{buildroot}%{_datadir}/kube-v
 %{_bindir}/virt-tests
 
 %changelog
+* Thu Feb 8 2024 Sharath Srikanth Chellappa <sharathsr@microsoft.com> - 0.59.0-12
+- Add patch for render hp-volume- pod to respect blockdevices (IcM 467224770)
+
 * Thu Feb 01 2024 Daniel McIlvaney <damcilva@microsoft.com> - 0.59.0-12
 - Address CVE-2023-44487 by patching vendored golang.org/x/net
 
