test: Adding NetworkFence capability to test tool

Adding the missing NetworkFence capability to the cmd/csi-addons admin/test tool. Fixes: #204 Signed-off-by: karthik-us <ksubrahm@redhat.com>
csi-addons · Jul 24, 2023 · 8f6091c · 8f6091c
1 parent 0e2f548
commit 8f6091c
Show file tree

Hide file tree

Showing 3 changed files with 148 additions and 6 deletions.
diff --git a/cmd/csi-addons/README.md b/cmd/csi-addons/README.md
@@ -9,24 +9,34 @@ similar to:
 
 ```console
 $ kubectl exec -c csi-addons csi-backend-nodeplugin -- csi-addons -h
+  -cidrs string
+      comma seperated list of cidrs to fence/unfence
   -drivername string
-    	name of the CSI driver
+      name of the CSI driver
   -endpoint string
-    	CSI-Addons endpoint (default "unix:///tmp/csi-addons.sock")
+      CSI-Addons endpoint (default "unix:///tmp/csi-addons.sock")
   -legacy
-    	use legacy format for old Kubernetes versions
+      use legacy format for old Kubernetes versions
   -operation string
-    	csi-addons operation
+      csi-addons operation
   -persistentvolume string
-    	name of the PersistentVolume
+      name of the PersistentVolume
+  -secretname string
+      name of the kubernetes secret
+  -secretnamespace string
+      namespace of the kubernetes secret
   -stagingpath string
-    	staging path (default "/var/lib/kubelet/plugins/kubernetes.io/csi/")
+      staging path (default "/var/lib/kubelet/plugins/kubernetes.io/csi/")
+  -version
+      print Version details
 
 The following operations are supported:
  - NodeReclaimSpace
  - GetIdentity
  - GetCapabilities
  - Probe
+ - NetworkFence
+ - NetworkUnFence
  - ControllerReclaimSpace
 ```
 

diff --git a/cmd/csi-addons/main.go b/cmd/csi-addons/main.go
@@ -42,6 +42,9 @@ type command struct {
 	operation        string
 	persistentVolume string
 	drivername       string
+	secretName       string
+	secretNamespace  string
+	cidrs            string
 	legacy           bool
 }
 
@@ -56,6 +59,9 @@ func init() {
 	flag.StringVar(&cmd.operation, "operation", "", "csi-addons operation")
 	flag.StringVar(&cmd.persistentVolume, "persistentvolume", "", "name of the PersistentVolume")
 	flag.StringVar(&cmd.drivername, "drivername", "", "name of the CSI driver")
+	flag.StringVar(&cmd.secretName, "secretname", "", "name of the kubernetes secret")
+	flag.StringVar(&cmd.secretNamespace, "secretnamespace", "", "namespace of the kubernetes secret")
+	flag.StringVar(&cmd.cidrs, "cidrs", "", "comma seperated list of cidrs to fence/unfence")
 	flag.BoolVar(&cmd.legacy, "legacy", false, "use legacy format for old Kubernetes versions")
 	flag.BoolVar(&showVersion, "version", false, "print Version details")
 

diff --git a/cmd/csi-addons/networkfence.go b/cmd/csi-addons/networkfence.go
@@ -0,0 +1,126 @@
+/*
+Copyright 2023 The Ceph-CSI Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package main
+
+import (
+	"context"
+	"fmt"
+	"strings"
+
+	"github.com/csi-addons/kubernetes-csi-addons/internal/proto"
+	"github.com/csi-addons/kubernetes-csi-addons/internal/sidecar/service"
+)
+
+// NetworkFenceServer executes the NetworkFenceServer operation.
+type NetworkFenceServer struct {
+	// inherit Connect() and Close() from type grpcClient
+	grpcClient
+
+	secretName      string
+	secretNamespace string
+	cidrs           []string
+}
+
+var _ = registerOperation("NetworkFence", &NetworkFenceServer{})
+
+func (ns *NetworkFenceServer) Init(c *command) error {
+	ns.secretName = c.secretName
+	if ns.secretName == "" {
+		return fmt.Errorf("secret name is not set")
+	}
+
+	ns.secretNamespace = c.secretNamespace
+	if ns.secretNamespace == "" {
+		return fmt.Errorf("secret namespace is not set")
+	}
+
+	ns.cidrs = (strings.Split(c.cidrs, ","))
+	if len(ns.cidrs) == 0 || (len(ns.cidrs) == 1 && ns.cidrs[0] == "") {
+		return fmt.Errorf("cidrs not set")
+	}
+	return nil
+}
+
+func (ns *NetworkFenceServer) Execute() error {
+	k := getKubernetesClient()
+
+	nfs := service.NewNetworkFenceServer(ns.Client, k)
+
+	req := &proto.NetworkFenceRequest{
+		SecretName:      ns.secretName,
+		SecretNamespace: ns.secretNamespace,
+		Cidrs:           ns.cidrs,
+	}
+
+	_, err := nfs.FenceClusterNetwork(context.TODO(), req)
+	if err != nil {
+		return err
+	}
+
+	fmt.Printf("Network fence successful")
+	return nil
+}
+
+// NetworkUnFenceServer executes the NetworkUnFenceServer operation.
+type NetworkUnFenceServer struct {
+	// inherit Connect() and Close() from type grpcClient
+	grpcClient
+
+	secretName      string
+	secretNamespace string
+	cidrs           []string
+}
+
+var _ = registerOperation("NetworkUnFence", &NetworkUnFenceServer{})
+
+func (ns *NetworkUnFenceServer) Init(c *command) error {
+	ns.secretName = c.secretName
+	if ns.secretName == "" {
+		return fmt.Errorf("secret name is not set")
+	}
+
+	ns.secretNamespace = c.secretNamespace
+	if ns.secretNamespace == "" {
+		return fmt.Errorf("secret namespace is not set")
+	}
+
+	ns.cidrs = strings.Split(c.cidrs, ",")
+	if len(ns.cidrs) == 0 || (len(ns.cidrs) == 1 && ns.cidrs[0] == "") {
+		return fmt.Errorf("cidrs not set")
+	}
+	return nil
+}
+
+func (ns *NetworkUnFenceServer) Execute() error {
+	k := getKubernetesClient()
+
+	nfs := service.NewNetworkFenceServer(ns.Client, k)
+
+	req := &proto.NetworkFenceRequest{
+		SecretName:      ns.secretName,
+		SecretNamespace: ns.secretNamespace,
+		Cidrs:           ns.cidrs,
+	}
+
+	_, err := nfs.UnFenceClusterNetwork(context.TODO(), req)
+	if err != nil {
+		return err
+	}
+
+	fmt.Printf("Network unfence successful")
+	return nil
+}