Introduce Controller with Create and Delete Volume capability

.travis.yml

@@ -13,7 +13,5 @@ before_install:
 
 script:
   - make
-  - go test -covermode=count -coverprofile=profile.cov $(go list ./pkg/... | grep -v /driver)
-    # TODO stop skipping controller tests when controller is implemented
-  - go test -covermode=count -coverprofile=profile.cov ./pkg/driver/... -ginkgo.skip='\[Controller.Server\]'
+  - go test -covermode=count -coverprofile=profile.cov ./pkg/...
   - $GOPATH/bin/goveralls -coverprofile=profile.cov -service=travis-ci

Makefile

@@ -49,9 +49,7 @@ verify:
 
 .PHONY: test
 test:
-	go test -v -race $$(go list ./pkg/... | grep -v /driver)
-	# TODO stop skipping controller tests when controller is implemented
-	go test -v -race ./pkg/driver/... -ginkgo.skip='\[Controller.Server\]'
+	go test -v -race ./pkg/...
 
 .PHONY: test-e2e
 test-e2e:

cmd/main.go

@@ -28,13 +28,15 @@ import (
 
 func main() {
 	var (
-		endpoint                = flag.String("endpoint", "unix://tmp/csi.sock", "CSI Endpoint")
-		version                 = flag.Bool("version", false, "Print the version and exit")
-		efsUtilsCfgDirPath      = flag.String("efs-utils-config-dir-path", "/etc/amazon/efs/", "The path to efs-utils config directory")
-		efsUtilsStaticFilesPath = flag.String("efs-utils-static-files-path", "/etc/amazon/efs-static-files/", "The path to efs-utils static files directory")
-		volMetricsOptIn         = flag.Bool("vol-metrics-opt-in", false, "Opt in to emit volume metrics")
-		volMetricsRefreshPeriod = flag.Float64("vol-metrics-refresh-period", 240, "Refresh period for volume metrics in minutes")
-		volMetricsFsRateLimit   = flag.Int("vol-metrics-fs-rate-limit", 5, "Volume metrics routines rate limiter per file system")
+		endpoint                 = flag.String("endpoint", "unix://tmp/csi.sock", "CSI Endpoint")
+		version                  = flag.Bool("version", false, "Print the version and exit")
+		efsUtilsCfgDirPath       = flag.String("efs-utils-config-dir-path", "/etc/amazon/efs/", "The path to efs-utils config directory")
+		efsUtilsStaticFilesPath  = flag.String("efs-utils-static-files-path", "/etc/amazon/efs-static-files/", "The path to efs-utils static files directory")
+		volMetricsOptIn          = flag.Bool("vol-metrics-opt-in", false, "Opt in to emit volume metrics")
+		volMetricsRefreshPeriod  = flag.Float64("vol-metrics-refresh-period", 240, "Refresh period for volume metrics in minutes")
+		volMetricsFsRateLimit    = flag.Int("vol-metrics-fs-rate-limit", 5, "Volume metrics routines rate limiter per file system")
+		deleteAccessPointRootDir = flag.Bool("delete-access-point-root-dir", false,
+			"Opt in to delete access point root directory by DeleteVolume. By default, DeleteVolume will delete the access point behind Persistent Volume and deleting access point will not delete the access point root directory or its contents.")
 	)
 	klog.InitFlags(nil)
 	flag.Parse()
@@ -48,7 +50,7 @@ func main() {
 		os.Exit(0)
 	}
 
-	drv := driver.NewDriver(*endpoint, *efsUtilsCfgDirPath, *efsUtilsStaticFilesPath, *volMetricsOptIn, *volMetricsRefreshPeriod, *volMetricsFsRateLimit)
+	drv := driver.NewDriver(*endpoint, *efsUtilsCfgDirPath, *efsUtilsStaticFilesPath, *volMetricsOptIn, *volMetricsRefreshPeriod, *volMetricsFsRateLimit, *deleteAccessPointRootDir)
 	if err := drv.Run(); err != nil {
 		klog.Fatalln(err)
 	}

deploy/kubernetes/base/clusterrole-provisioner.yaml

@@ -0,0 +1,35 @@
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: efs-external-provisioner-role
+  labels:
+    app.kubernetes.io/name: aws-efs-csi-driver
+rules:
+  - apiGroups: [""]
+    resources: ["persistentvolumes"]
+    verbs: ["get", "list", "watch", "create", "delete"]
+  - apiGroups: [""]
+    resources: ["persistentvolumeclaims"]
+    verbs: ["get", "list", "watch", "update"]
+  - apiGroups: ["storage.k8s.io"]
+    resources: ["storageclasses"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: [""]
+    resources: ["events"]
+    verbs: ["list", "watch", "create", "update", "patch"]
+  - apiGroups: ["snapshot.storage.k8s.io"]
+    resources: ["volumesnapshots"]
+    verbs: ["get", "list"]
+  - apiGroups: ["snapshot.storage.k8s.io"]
+    resources: ["volumesnapshotcontents"]
+    verbs: ["get", "list"]
+  - apiGroups: ["storage.k8s.io"]
+    resources: ["csinodes"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: [""]
+    resources: ["nodes"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["coordination.k8s.io"]
+    resources: ["leases"]
+    verbs: ["get", "watch", "list", "delete", "update", "create"

deploy/kubernetes/base/clusterrolebinding-provisioner.yaml

@@ -0,0 +1,15 @@
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: efs-csi-provisioner-binding
+  labels:
+    app.kubernetes.io/name: aws-efs-csi-driver
+subjects:
+  - kind: ServiceAccount
+    name: efs-csi-controller-sa
+    namespace: kube-system
+roleRef:
+  kind: ClusterRole
+  name: efs-external-provisioner-role
+  apiGroup: rbac.authorization.k8s.io

deploy/kubernetes/base/controller.yaml

@@ -0,0 +1,80 @@
+---
+# Controller Service
+kind: Deployment
+apiVersion: apps/v1
+metadata:
+  name: efs-csi-controller
+  namespace: kube-system
+  labels:
+    app.kubernetes.io/name: aws-efs-csi-driver
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: efs-csi-controller
+      app.kubernetes.io/name: aws-efs-csi-driver
+  template:
+    metadata:
+      labels:
+        app: efs-csi-controller
+        app.kubernetes.io/name: aws-efs-csi-driver
+    spec:
+      nodeSelector:
+        kubernetes.io/os: linux
+      serviceAccountName: efs-csi-controller-sa
+      priorityClassName: system-cluster-critical
+      tolerations:
+        - operator: Exists
+      containers:
+        - name: efs-plugin
+          securityContext:
+            privileged: true
+          image: amazon/aws-efs-csi-driver:latest
+          imagePullPolicy: IfNotPresent
+          args:
+            - --endpoint=$(CSI_ENDPOINT)
+            - --logtostderr
+            - --v=5
+            # Uncomment below line to allow access point root directory to be deleted by controller.
+            #- --delete-access-point-root-dir
+          env:
+            - name: CSI_ENDPOINT
+              value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock
+          volumeMounts:
+            - name: socket-dir
+              mountPath: /var/lib/csi/sockets/pluginproxy/
+          ports:
+            - name: healthz
+              containerPort: 9808
+              protocol: TCP
+          livenessProbe:
+            httpGet:
+              path: /healthz
+              port: healthz
+            initialDelaySeconds: 10
+            timeoutSeconds: 3
+            periodSeconds: 10
+            failureThreshold: 5
+        - name: csi-provisioner
+          image: k8s.gcr.io/sig-storage/csi-provisioner:v2.0.2
+          args:
+            - --csi-address=$(ADDRESS)
+            - --v=5
+            - --feature-gates=Topology=true
+            - --leader-election
+          env:
+            - name: ADDRESS
+              value: /var/lib/csi/sockets/pluginproxy/csi.sock
+          volumeMounts:
+            - name: socket-dir
+              mountPath: /var/lib/csi/sockets/pluginproxy/
+        - name: liveness-probe
+          image: quay.io/k8scsi/livenessprobe:v1.1.0
+          args:
+            - --csi-address=/csi/csi.sock
+          volumeMounts:
+            - name: socket-dir
+              mountPath: /csi
+      volumes:
+        - name: socket-dir
+          emptyDir: {}

deploy/kubernetes/base/kustomization.yaml

@@ -2,5 +2,9 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: kube-system
 resources:
+- clusterrole-provisioner.yaml
+- clusterrolebinding-provisioner.yaml
 - node.yaml
 - csidriver.yaml
+- controller.yaml
+- serviceaccount-csi-controller.yaml

deploy/kubernetes/base/node.yaml

@@ -5,14 +5,18 @@ apiVersion: apps/v1
 metadata:
   name: efs-csi-node
   namespace: kube-system
+  labels:
+    app.kubernetes.io/name: aws-efs-csi-driver
 spec:
   selector:
     matchLabels:
       app: efs-csi-node
+      app.kubernetes.io/name: aws-efs-csi-driver
   template:
     metadata:
       labels:
         app: efs-csi-node
+        app.kubernetes.io/name: aws-efs-csi-driver
     spec:
       nodeSelector:
         kubernetes.io/os: linux

deploy/kubernetes/base/serviceaccount-csi-controller.yaml

@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: efs-csi-controller-sa
+  namespace: kube-system
+  labels:
+    app.kubernetes.io/name: aws-efs-csi-driver
+  #Enable if EKS IAM for SA is used
+  #annotations:
+  #  eks.amazonaws.com/role-arn: arn:aws:iam::111122223333:role/efs-csi-role

deploy/kubernetes/overlays/dev/master_image.yaml

@@ -3,10 +3,27 @@ apiVersion: apps/v1
 metadata:
   name: efs-csi-node
   namespace: kube-system
+  labels:
+    app.kubernetes.io/name: aws-efs-csi-driver
 spec:
   template:
     spec:
       containers:
         - name: efs-plugin
-          image: amazon/aws-efs-csi-driver:master
+          image: amazon/aws-efs-csi-driver:latest
+          imagePullPolicy: Always
+---
+kind: Deployment
+apiVersion: apps/v1
+metadata:
+  name: efs-csi-controller
+  namespace: kube-system
+  labels:
+    app.kubernetes.io/name: aws-efs-csi-driver
+spec:
+  template:
+    spec:
+      containers:
+        - name: efs-plugin
+          image: amazon/aws-efs-csi-driver:latest
           imagePullPolicy: Always

go.mod

@@ -3,8 +3,10 @@ module github.com/kubernetes-sigs/aws-efs-csi-driver
 require (
 	github.com/aws/aws-sdk-go v1.31.2
 	github.com/container-storage-interface/spec v1.2.0
-	github.com/golang/mock v1.4.3
-	github.com/kubernetes-csi/csi-test v2.2.0+incompatible
+	github.com/golang/mock v1.4.4
+	github.com/google/uuid v1.1.1
+	github.com/kubernetes-csi/csi-test v1.1.1
+	github.com/kubernetes-csi/csi-test/v3 v3.1.1 // indirect
 	github.com/onsi/ginkgo v1.12.2
 	github.com/onsi/gomega v1.10.1
 	google.golang.org/grpc v1.26.0