Changing StorageClass Mount Options

Question

Changing StorageClass Mount Options

jameshearttech opened this issue 9 months ago · comments

What happened:
We upgraded Windows HA Cluster nodes from 2012 R2 to 2016. We observed mounts failing in K8s. Testing locally in Linux we determined we need to specify vers=2.0 (i.e., SMB 2.0). We updated the StorageClass mountOptions to include vers=2.0, but the old mountOptions are still being passed.

What you expected to happen:
We expected the new mountOptions to be passed including vers=2.0.

Environment:

$ kubectl get node -o wide
NAME          STATUS   ROLES           AGE    VERSION   INTERNAL-IP   EXTERNAL-IP   OS-IMAGE             KERNEL-VERSION      CONTAINER-RUNTIME
dev-master0   Ready    control-plane   261d   v1.27.4   10.69.2.30    <none>        Ubuntu 22.04.3 LTS   5.15.0-79-generic   containerd://1.6.22
dev-master1   Ready    control-plane   261d   v1.27.4   10.69.2.31    <none>        Ubuntu 22.04.3 LTS   5.15.0-79-generic   containerd://1.6.22
dev-master2   Ready    control-plane   261d   v1.27.4   10.69.2.32    <none>        Ubuntu 22.04.3 LTS   5.15.0-79-generic   containerd://1.6.22
dev-worker0   Ready    <none>          261d   v1.27.4   10.69.2.33    <none>        Ubuntu 22.04.3 LTS   5.15.0-83-generic   containerd://1.6.22
dev-worker1   Ready    <none>          261d   v1.27.4   10.69.2.34    <none>        Ubuntu 22.04.3 LTS   5.15.0-83-generic   containerd://1.6.22
dev-worker2   Ready    <none>          261d   v1.27.4   10.69.2.35    <none>        Ubuntu 22.04.3 LTS   5.15.0-83-generic   containerd://1.6.22
dev-worker3   Ready    <none>          261d   v1.27.4   10.69.2.36    <none>        Ubuntu 22.04.3 LTS   5.15.0-83-generic   containerd://1.6.22

CSI Driver version: v1.12.0
Install tools: Argo CD applies manifests using Kustomize. We generate the manifests using helm template then overlay ExternalSecrets and the StorageClass I mentioned earlier.

James Ringer · Answer 1 · Thu Oct 05 2023 05:15:25 GMT+0800 (China Standard Time)

For each Deployment connecting to the share we deleted the PersistentVolumeClaim, which Argo CD recreated, then the Deployment, which Argo CD recreated, and the Deployment is now connected to the share using the new mountOptions.

Ideally, we would not have to use a break glass account to manually make changes to the cluster to make this sort of change (i.e., updating the mountOptions in the StorageClass), but at least we found a solution. I'll leave this open until someone else takes a look, but feel free to close it if there is no way to improve this behavior.

Andy Zhang · Answer 2 · Thu Oct 05 2023 11:01:21 GMT+0800 (China Standard Time)

the latest SMB version is 3.1.1, vers=2.0 is an old SMB version, I don't think we need to set vers=2.0 as default.

James Ringer · Answer 3 · Thu Oct 05 2023 11:41:45 GMT+0800 (China Standard Time)

@andyzhangx what versions of SMB does csi-driver-smb support?

Andy Zhang · Answer 4 · Thu Oct 05 2023 11:46:37 GMT+0800 (China Standard Time)

@jameshearttech that does not depend on smb csi driver, it depends on the k8s agent node you are using, the default cifs mount is vers=3.0 now, since you are using an older smb version, you need to specify that explicitly. change the default mount options as vers=2.0 would break other users.

James Ringer · Answer 5 · Thu Oct 05 2023 13:06:07 GMT+0800 (China Standard Time)

@andyzhangx that makes sense. I'll check which version(s) of SMB are supported on the K8s nodes. Iirc the package is cifs-utils. Likewise I'll check what versions of SMB is supported by the Windows HA Cluster file server.