Add ability to run the provisioner directly on the ZFS host.

The default is to run kubernetes-zfs-provisioner in a container and create datasets via SSH on a remote host. To do that, the docker image is created with the zfs and update-permissions stubs that will both call commands on the remote host using SSH. Allows running kubernetes-zfs-provisioner directly on the ZFS host by making the update-permissions script presence optional. The zfs stub is already optional because it merely replaces the command of the same name on the remote host. The provisionner now uses the command specified in the ZFS_UPDATE_PERMISSIONS environment variable, which is set to /usr/bin/update-permissions by default in the docker image, otherwise it falls back to chmod. Fixes #130.
ccremer · Aug 19, 2024 · 6b7b444 · 6b7b444
1 parent 5884d5b
commit 6b7b444
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 6 deletions.
diff --git a/docker/Dockerfile b/docker/Dockerfile
@@ -11,3 +11,4 @@ COPY docker/update-permissions.sh /usr/bin/update-permissions
 COPY kubernetes-zfs-provisioner /usr/bin/
 
 USER zfs:root
+ENV ZFS_UPDATE_PERMISSIONS=/usr/bin/update-permissions
diff --git a/docker/update-permissions.sh b/docker/update-permissions.sh
@@ -2,10 +2,9 @@
 
 set -eo pipefail
 
-zfs_mod="${ZFS_MOD:-g+w}"
-chmod_bin=${ZFS_CHOWN_BIN:-sudo -H chmod}
+chmod_bin=${ZFS_CHMOD_BIN:-sudo -H chmod}
 
-zfs_host="${1}"
-zfs_mountpoint="${2}"
+# Do not try to manually modify these Env vars, they will be updated by the provisioner just before invoking the script.
+zfs_host="${ZFS_HOST}"
 
-ssh "${zfs_host}" "${chmod_bin} ${zfs_mod} ${zfs_mountpoint}"
+ssh "${zfs_host}" "${chmod_bin} ${*}"
diff --git a/pkg/zfs/zfs.go b/pkg/zfs/zfs.go
@@ -114,7 +114,20 @@ func (z *zfsImpl) SetPermissions(dataset *Dataset) error {
 	if dataset.Mountpoint == "" {
 		return fmt.Errorf("undefined mountpoint for dataset: %s", dataset.Name)
 	}
-	cmd := exec.Command("update-permissions", dataset.Hostname, dataset.Mountpoint)
+	updatePermissions, found := os.LookupEnv("ZFS_UPDATE_PERMISSIONS")
+	if !found {
+		updatePermissions = "chmod"
+	}
+	mode, found := os.LookupEnv("ZFS_MOD")
+	if !found {
+		mode = "g+w"
+	}
+	globalLock.Lock()
+	defer globalLock.Unlock()
+	if err := setEnvironmentVars(dataset.Hostname); err != nil {
+		return nil, err
+	}
+	cmd := exec.Command(updatePermissions, mode, dataset.Mountpoint)
 	out, err := cmd.CombinedOutput()
 	if err != nil {
 		return fmt.Errorf("could not update permissions on '%s': %w: %s", dataset.Hostname, err, out)