chore: publish sources to opensource

Author: Jorres

Dockerfile

@@ -0,0 +1,14 @@
+FROM golang:1.18 as build
+
+WORKDIR /go/app
+COPY . /go/app
+
+RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o ydb-disk-manager cmd/ydb-disk-manager/main.go
+
+FROM ubuntu:20.04
+
+WORKDIR /root
+
+COPY --from=build /go/app/ydb-disk-manager /usr/bin/ydb-disk-manager
+
+ENTRYPOINT ["/usr/bin/ydb-disk-manager"]

Makefile

@@ -0,0 +1,46 @@
+image_name = cr.yandex/crpl7ipeu79oseqhcgn2/ydb-disk-manager
+image_version = $(shell grep appVersion helm/ydb-disk-manager/Chart.yaml | cut -d ' ' -f 2)
+charts_registry = cr.yandex/crpl7ipeu79oseqhcgn2/charts
+helm_version = $(shell grep version helm/ydb-disk-manager/Chart.yaml | cut -d ' ' -f 2)
+image = $(image_name):$(image_version)
+
+SHELL = /usr/bin/env bash -o pipefail
+.SHELLFLAGS = -ec
+
+.PHONY: all
+all: build push clean
+
+##@ General
+
+.PHONY: help
+help:
+	@awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n  make \033[36m<target>\033[0m\n"} /^[a-zA-Z_0-9-]+:.*?##/ { printf "  \033[36m%-15s\033[0m %s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST)
+
+##@ Development
+
+.PHONY: fmt
+fmt:
+	go fmt ./...
+
+.PHONY: vet
+vet:
+	go vet ./...
+
+##@ Build
+
+.PHONY: build
+build: fmt vet
+	docker build -t $(image) -f Dockerfile .
+	helm package helm/ydb-disk-manager
+
+##@ Deployment
+
+.PHONY: push
+push:
+	docker push $(image)
+	helm push ydb-disk-manager-$(helm_version).tgz oci://$(charts_registry)/
+
+.PHONY: clean
+clean:
+	rm ydb-disk-manager-$(helm_version).tgz
+	docker rmi $(image)

README.md

@@ -0,0 +1,17 @@
+## ydb-disk-manager 
+
+This is the helper process that solves a Kubernetes-specific problem. 
+It is intended to be used as a DaemonSet in Kubernetes installations of YDB to make sure YDB has access to disks instead of EPERM.
+
+The codebase is based upon `smarter-device-manager` with vital modifications.
+
+#### ListAndWatch:
+
+The only device advertised to kubelet is `ydb-disk-manager/hostdev`, which is a metadevice that is considered to be always present
+on every node (since `/dev` path is always present on every node)
+
+#### Allocate:
+
+`Allocate` response returns a series of disks instead the metadevice `ydb-disk-manager/hostdev` that was allocated. Here, we abuse kubelet
+behaviour - kubelet will silently swallow every device provided, will not check if it is the same device that it requested, and will propagate it
+down to the container runtime.

cmd/ydb-disk-manager/main.go

@@ -0,0 +1,193 @@
+package main
+
+import (
+	"flag"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"os"
+	"os/signal"
+	"syscall"
+	"time"
+
+	"github.com/fsnotify/fsnotify"
+	"github.com/ydb-platform/ydb-disk-manager/internal/hostdev"
+	"github.com/ydb-platform/ydb-disk-manager/pkg/api"
+	"gopkg.in/yaml.v2"
+	"k8s.io/klog/v2"
+	pluginapi "k8s.io/kubelet/pkg/apis/deviceplugin/v1beta1"
+)
+
+type Config struct {
+	DiskMatch      string        `yaml:"diskMatch"`
+	HostProcPath   string        `yaml:"hostProcPath"`
+	UpdateInterval time.Duration `yaml:"updateInterval"`
+}
+
+var cfg Config
+var confFileName string
+
+func usage() {
+	fmt.Fprintf(os.Stderr, "usage: ydb-disk-manager\n")
+	flag.PrintDefaults()
+	os.Exit(2)
+}
+
+func main() {
+	klog.InitFlags(nil)
+	flag.StringVar(&confFileName, "config", "config/conf.yaml", "set the configuration file to use")
+	flag.Usage = usage
+	flag.Parse()
+
+	defer klog.Flush()
+	klog.V(0).Info("Loading ydb-disk-manager")
+
+	// Setting up the disks to check
+	klog.V(0).Infof("Reading configuration file %s", confFileName)
+	yamlFile, err := ioutil.ReadFile(confFileName)
+	if err != nil {
+		klog.Fatal("Reading configuration file failed with: %v", err)
+	}
+	err = yaml.Unmarshal(yamlFile, &cfg)
+	if err != nil {
+		klog.Fatal("Unmarshal: %v", err)
+		os.Exit(-1)
+	}
+	klog.V(0).Infof("Applied configuration: %v", cfg)
+
+	klog.V(0).Info("Starting FS watcher.")
+	watcher, err := newFSWatcher(pluginapi.DevicePluginPath)
+	if err != nil {
+		klog.Error("Failed to create FS watcher.")
+		os.Exit(1)
+	}
+	defer watcher.Close()
+
+	klog.V(0).Info("Starting OS watcher.")
+	sigs := newOSWatcher(syscall.SIGHUP, syscall.SIGINT, syscall.SIGTERM, syscall.SIGQUIT)
+
+	klog.V(0).Info("Starting /healthz HTTP handler on port :8080")
+	http.HandleFunc("/healthz", healthHandler)
+	go func() {
+		if err = http.ListenAndServe(":8080", nil); err != nil {
+			klog.Error("Failed to create HTTP health server")
+			os.Exit(1)
+		}
+	}()
+
+	runWatcherLoop(watcher, sigs)
+}
+
+func runWatcherLoop(watcher *fsnotify.Watcher, sigs chan os.Signal) {
+	var diskManager *hostdev.DiskManager
+	var devicePluginInstance *api.DevicePlugin
+	ticker := time.NewTicker(cfg.UpdateInterval)
+	tickerCh := make(chan bool)
+	defer close(tickerCh)
+	restart := true
+	defer ticker.Stop()
+	for {
+		if restart {
+			if devicePluginInstance != nil {
+				devicePluginInstance.Stop()
+			}
+
+			diskManager = hostdev.NewDiskmanager(tickerCh)
+			devicePluginInstance = api.NewDevicePlugin(diskManager)
+
+			if err := diskManager.UpdateDisks(cfg.DiskMatch, "/dev"); err != nil {
+				klog.V(0).Infof("Failed to update disks: %v", err)
+				time.Sleep(cfg.UpdateInterval)
+				continue
+			}
+
+			if err := devicePluginInstance.Serve(); err != nil {
+				klog.V(0).Info("Could not contact Kubelet, retrying. Did you enable the device plugin feature gate?")
+				time.Sleep(cfg.UpdateInterval)
+				continue
+			}
+
+			if err := diskManager.UpdateLocks(cfg.HostProcPath); err != nil {
+				klog.V(0).Infof("Failed to update locks: %v", err)
+				time.Sleep(cfg.UpdateInterval)
+				continue
+			}
+
+			restart = false
+		}
+
+		select {
+		case <-tickerCh:
+			klog.V(2).Infof("Resetting ticker to updateInterval: %s", cfg.UpdateInterval)
+			ticker.Reset(cfg.UpdateInterval)
+
+		case event := <-watcher.Events:
+			if event.Name == pluginapi.KubeletSocket && event.Op&fsnotify.Create == fsnotify.Create {
+				klog.V(0).Infof("inotify: %s created, restarting.", pluginapi.KubeletSocket)
+				restart = true
+			}
+
+		case <-ticker.C:
+			if err := diskManager.UpdateDisks(cfg.DiskMatch, "/dev"); err != nil {
+				klog.V(0).Infof("Failed to update disks: %v", err)
+				restart = true
+				break
+			}
+			if err := diskManager.UpdateLocks(cfg.HostProcPath); err != nil {
+				klog.V(0).Infof("Failed to update locks: %v", err)
+				restart = true
+				break
+			}
+
+		case err := <-watcher.Errors:
+			klog.V(0).Infof("inotify: %s", err)
+
+		case s := <-sigs:
+			switch s {
+			case syscall.SIGHUP:
+				klog.V(0).Info("Received SIGHUP, restarting.")
+				restart = true
+			default:
+				klog.V(0).Infof("Received signal \"%v\", shutting down.", s)
+				if devicePluginInstance != nil {
+					devicePluginInstance.Stop()
+				}
+				return
+			}
+		}
+	}
+}
+
+func newFSWatcher(files ...string) (*fsnotify.Watcher, error) {
+	watcher, err := fsnotify.NewWatcher()
+	if err != nil {
+		return nil, err
+	}
+
+	for _, f := range files {
+		err = watcher.Add(f)
+		if err != nil {
+			watcher.Close()
+			return nil, err
+		}
+	}
+
+	return watcher, nil
+}
+
+func newOSWatcher(sigs ...os.Signal) chan os.Signal {
+	sigChan := make(chan os.Signal, 1)
+	signal.Notify(sigChan, sigs...)
+
+	return sigChan
+}
+
+func healthHandler(w http.ResponseWriter, r *http.Request) {
+	if err := api.LivenessProbe(api.SocketPath); err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		fmt.Fprint(w, err)
+		return
+	}
+	w.WriteHeader(http.StatusOK)
+	fmt.Fprint(w, "Server is healthy")
+}

example.yaml

@@ -0,0 +1,83 @@
+---
+# Source: ydb-disk-manager/templates/configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: ydb-disk-manager-config
+data:
+  conf.yaml: |
+    diskMatch: "^sd[a-z][0-9]*$"
+    hostProcPath: "/host/proc"
+    updateInterval: "30s"
+---
+# Source: ydb-disk-manager/templates/daemonset.yaml
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: ydb-disk-manager
+  labels:
+    helm.sh/chart: ydb-disk-manager-0.2.5
+    app.kubernetes.io/name: ydb-disk-manager
+    app.kubernetes.io/instance: ydb-disk-manager
+    app.kubernetes.io/version: "0.2.5"
+    app.kubernetes.io/managed-by: Helm
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: ydb-disk-manager
+      app.kubernetes.io/instance: ydb-disk-manager
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: ydb-disk-manager
+        app.kubernetes.io/instance: ydb-disk-manager
+    spec:
+      priorityClassName: system-node-critical
+      containers:
+      - name: ydb-disk-manager
+        securityContext:
+          privileged: true
+        image: "cr.yandex/crpl7ipeu79oseqhcgn2/ydb-disk-manager:0.2.5"
+        imagePullPolicy: IfNotPresent
+        resources:
+          limits:
+            memory: 50Mi
+          requests:
+            cpu: 50m
+            memory: 10Mi
+        env:
+          - name: DP_DISABLE_PRE_START_CONTAINER
+            value: "true"
+        volumeMounts:
+          - name: device-plugin
+            mountPath: /var/lib/kubelet/device-plugins
+          - name: proc-dir
+            mountPath: /host/proc
+            readOnly: true
+          - name: dev-dir
+            mountPath: /dev
+          - name: sys-dir
+            mountPath: /sys
+          - name: config
+            mountPath: /root/config
+        livenessProbe:
+          httpGet:
+            path: /healthz
+            port: 8080
+          initialDelaySeconds: 15
+      volumes:
+        - name: device-plugin
+          hostPath:
+            path: /var/lib/kubelet/device-plugins
+        - name: proc-dir
+          hostPath:
+            path: /proc
+        - name: dev-dir
+          hostPath:
+            path: /dev
+        - name: sys-dir
+          hostPath:
+            path: /sys
+        - name: config
+          configMap:
+             name: ydb-disk-manager-config

go.mod

@@ -0,0 +1,25 @@
+module github.com/ydb-platform/ydb-disk-manager
+
+go 1.18
+
+require (
+	github.com/fsnotify/fsnotify v1.6.0
+	golang.org/x/net v0.12.0
+	google.golang.org/grpc v1.56.2
+	google.golang.org/protobuf v1.31.0
+	gopkg.in/yaml.v2 v2.4.0
+	k8s.io/klog/v2 v2.70.1
+	k8s.io/kubelet v0.25.3
+)
+
+require (
+	github.com/go-logr/logr v1.2.3 // indirect
+	github.com/gogo/protobuf v1.3.2 // indirect
+	github.com/golang/protobuf v1.5.3 // indirect
+	github.com/kr/pretty v0.3.1 // indirect
+	github.com/rogpeppe/go-internal v1.11.0 // indirect
+	golang.org/x/sys v0.10.0 // indirect
+	golang.org/x/text v0.11.0 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20230724170836-66ad5b6ff146 // indirect
+	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
+)