Initial hack (#1)

* Initial hack

Signed-off-by: datamattsson <[email protected]>

CODEOWNERS

@@ -0,0 +1 @@
+* @datamattsson

CONTRIBUTING.md

@@ -0,0 +1,74 @@
+# Contribution Guide
+
+We welcome and encourage community contributions to TrueNAS Core CSP.
+
+## Contributing
+
+The best way to directly collaborate with the project contributors is through GitHub: <https://github.com/hpe-storage/truenas-csp>
+
+* If you want to contribute to our code by either fixing a problem or creating a new feature, please open a GitHub pull request.
+* If you want to raise an issue such as a defect, an enhancement request or a general issue, please open a GitHub issue.
+
+Before you start to code, we recommend discussing your plans through a GitHub issue, especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing.
+
+Note that all patches from all contributors get reviewed.
+After a pull request is made, other contributors will offer feedback. If the patch passes review, a maintainer will accept it with a comment.
+When a pull request fails review, the author is expected to update the pull request to address the issue until it passes review and the pull request merges successfully.
+
+At least one review from a maintainer is required for all patches.
+
+### Developer's Certificate of Origin
+
+All contributions must include acceptance of the DCO:
+
+> Developer Certificate of Origin Version 1.1
+>
+> Copyright (C) 2004, 2006 The Linux Foundation and its contributors. 660
+> York Street, Suite 102, San Francisco, CA 94110 USA
+>
+> Everyone is permitted to copy and distribute verbatim copies of this
+> license document, but changing it is not allowed.
+>
+> Developer's Certificate of Origin 1.1
+>
+> By making a contribution to this project, I certify that:
+>
+> \(a) The contribution was created in whole or in part by me and I have
+> the right to submit it under the open source license indicated in the
+> file; or
+>
+> \(b) The contribution is based upon previous work that, to the best of my
+> knowledge, is covered under an appropriate open source license and I
+> have the right under that license to submit that work with
+> modifications, whether created in whole or in part by me, under the same
+> open source license (unless I am permitted to submit under a different
+> license), as indicated in the file; or
+>
+> \(c) The contribution was provided directly to me by some other person
+> who certified (a), (b) or (c) and I have not modified it.
+>
+> \(d) I understand and agree that this project and the contribution are
+> public and that a record of the contribution (including all personal
+> information I submit with it, including my sign-off) is maintained
+> indefinitely and may be redistributed consistent with this project or
+> the open source license(s) involved.
+
+### Sign your work
+
+To accept the DCO, simply add this line to each commit message with your
+name and email address (git commit -s will do this for you):
+
+    Signed-off-by: Jane Example <[email protected]>
+
+For legal reasons, no anonymous or pseudonymous contributions are
+accepted.
+
+## Submitting Code Pull Requests
+
+We encourage and support contributions from the community. No fix is too
+small. We strive to process all pull requests as soon as possible and
+with constructive feedback. If your pull request is not accepted at
+first, please try again after addressing the feedback you received.
+
+To make a pull request you will need a GitHub account. For help, see
+GitHub's documentation on forking and pull requests.

Dockerfile

@@ -0,0 +1,9 @@
+FROM alpine:3.7
+RUN apk add --no-cache python3 py3-pip && \
+    pip3 install --upgrade pip && \
+    mkdir /app
+ADD requirements.txt /
+RUN pip3 install -r requirements.txt
+ADD truenascsp/*.py /app/
+WORKDIR /app
+ENTRYPOINT [ "gunicorn", "-b", "0.0.0.0:8080", "csp:SERVE" ]

INSTALL.md

@@ -0,0 +1,113 @@
+# Install TrueNAS CORE Container Storage Provider
+
+These procedures assumes a running Kubernetes cluster [supported by the HPE CSI Driver](https://scod.hpedev.io/csi_driver/index.html#compatibility_and_support) where the worker nodes have connectivity to a TrueNAS CORE storage appliance API and networks used for iSCSI traffic. Worker nodes also need their package managers fully functional and connected to their official repos unless iSCSI and multipathing packages have been pre-installed. 
+
+## Prerquisites
+
+- HPE CSI Driver for Kubernetes version 1.3.0 or later (currently referencing edge below)
+- TrueNAS CORE 12 BETA or later
+
+### HPE CSI Driver for Kubernetes
+
+The HPE CSI Driver may be installed using either a Helm Chart, Operator or directly with manifests. It doesn't matter which procedure you follow but we'll be using the "[Advanced install](https://scod.hpedev.io/csi_driver/deployment.html#advanced_install) method as you won't end up with software running on the cluster you don't need.
+
+Install the TrueNAS CSP:
+
+```
+kubectl create -f https://raw.githubusercontent.com/hpe-storage/truenas-csp/master/K8s/truenas-csp.yaml
+```
+
+Install HPE CSI Driver (currently edge):
+```
+kubectl create -f https://raw.githubusercontent.com/hpe-storage/co-deployments/master/yaml/csi-driver/edge/hpe-linux-config.yaml
+kubectl create -f https://raw.githubusercontent.com/hpe-storage/co-deployments/master/yaml/csi-driver/edge/hpe-csi-k8s-1.18.yaml
+```
+
+**Note:** Replace hpe-csi-k8s-<version> with your version.
+
+Create a `Secret` that references your TrueNAS CORE appliance:
+
+```
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: truenas-secret
+  namespace: kube-system 
+stringData:
+  serviceName: truenas-csp-svc
+  servicePort: "8080"
+  username: hpe-csi
+  password: TrueNAS CORE API key
+  backend: TrueNAS CORE management IP address
+```
+
+**Hint:** Generate an API key by clicking the cog in the upper right corner of the UI. What you name the key or the `Secret` `{.stringData.username}` does not matter as it's not being used or referenced during runtime. For tracking purposes it might be a good idea to name the key the same as the username put into the `Secret`.
+
+### TrueNAS CORE
+
+The TrueNAS appliance require an iSCSI portal to be configured manually with the following characteristics:
+
+- Description: `hpe-csi`
+- IP Address: List of IPs used for iSCSI (do NOT use 0.0.0.0)
+
+The Target Global Configration needs to be updated with this Base Name:
+
+- Base Name: `iqn.2011-08.org.truenas.ctl`
+
+**Hint:** If TrueNAS is not giving you the option to select nothing but 0.0.0.0 in the portal configuration is because you're using DHCP. Only statically assigned addresses can be used in the picker.
+
+Also make sure the iSCSI service is started and enabled at boot on TrueNAS.
+
+The default location for CSI volumes will be in the root of a pool named `tank`. That is most likely not desirable, instead, create a dataset in any of your pools and make note of that, i.e `zwimming/csi-volumes` and configure `root` in the `StorageClass`.
+
+## Example StorageClass
+
+All the ZVols created on TrueNAS will by default be created with these parameters:
+
+- volblocksize: 8K
+- deduplication: OFF
+- compression: LZ4
+- sparse: "true"
+- sync: STANDARD
+- description: "Dataset created by HPE CSI Driver for Kubernetes"
+- root: tank
+
+These parameters may be overriden in the `StorageClass` or have the defaults altered by passing enviornment variables to the CSP runtime with the convention of `DEFAULT_COMPRESSION=OFF`. 
+
+Refer to the TrueNAS documentation what these dataset parameters do.
+
+**Note:** Since the iSCSI volumes are backed by ZVols, `volblocksize` will be immutable.
+
+```
+---
+apiVersion: storage.k8s.io/v1
+kind: StorageClass
+metadata:
+  annotations:
+    storageclass.kubernetes.io/is-default-class: "true"
+  name: hpe-storageclass
+provisioner: csi.hpe.com
+parameters:
+  csi.storage.k8s.io/controller-expand-secret-name: truenas-secret
+  csi.storage.k8s.io/controller-expand-secret-namespace: kube-system
+  csi.storage.k8s.io/controller-publish-secret-name: truenas-secret
+  csi.storage.k8s.io/controller-publish-secret-namespace: kube-system
+  csi.storage.k8s.io/node-publish-secret-name: truenas-secret
+  csi.storage.k8s.io/node-publish-secret-namespace: kube-system
+  csi.storage.k8s.io/node-stage-secret-name: truenas-secret
+  csi.storage.k8s.io/node-stage-secret-namespace: kube-system
+  csi.storage.k8s.io/provisioner-secret-name: truenas-secret
+  csi.storage.k8s.io/provisioner-secret-namespace: kube-system
+  csi.storage.k8s.io/fstype: xfs
+  allowOverrides: sparse,compression,deduplication,volblocksize,sync,description
+  root: zwimming/csi-volumes
+reclaimPolicy: Delete
+allowVolumeExpansion: true
+```
+
+Set `root` to a dataset that will serve as the base dataset where the ZVols will be created. The `allowOverrides` parameter will allow users to annotate their PVCs with the values that makes sense for their workload. [Learn more here](https://scod.hpedev.io/csi_driver/using.html#using_pvc_overrides)
+
+**Important:** Do NOT use underscore "`_`" in your root dataset for now, it will most likely break.
+
+Once the `Secret` and `StorageClass` have been created, all functionality is provided by the HPE CSI Driver and is [documented here](https://scod.hpedev.io/csi_driver/using.html).

K8s/hpe-storageclass.yaml

@@ -0,0 +1,24 @@
+---
+apiVersion: storage.k8s.io/v1
+kind: StorageClass
+metadata:
+  annotations:
+    storageclass.kubernetes.io/is-default-class: "true"
+  name: hpe-standard
+provisioner: csi.hpe.com
+parameters:
+  csi.storage.k8s.io/controller-expand-secret-name: truenas-secret
+  csi.storage.k8s.io/controller-expand-secret-namespace: kube-system
+  csi.storage.k8s.io/controller-publish-secret-name: truenas-secret
+  csi.storage.k8s.io/controller-publish-secret-namespace: kube-system
+  csi.storage.k8s.io/node-publish-secret-name: truenas-secret
+  csi.storage.k8s.io/node-publish-secret-namespace: kube-system
+  csi.storage.k8s.io/node-stage-secret-name: truenas-secret
+  csi.storage.k8s.io/node-stage-secret-namespace: kube-system
+  csi.storage.k8s.io/provisioner-secret-name: truenas-secret
+  csi.storage.k8s.io/provisioner-secret-namespace: kube-system
+  csi.storage.k8s.io/fstype: xfs
+  allowOverrides: sparse,compression,deduplication,volblocksize,sync,description  
+  root: zwimming/csi-volumes
+reclaimPolicy: Delete
+allowVolumeExpansion: true

K8s/truenas-csp.yaml

@@ -0,0 +1,38 @@
+---
+kind: Service
+apiVersion: v1
+metadata:
+  name: truenas-csp-svc
+  namespace: kube-system
+  labels:
+    app: truenas-csp-svc
+spec:
+  ports:
+  - port: 8080
+    protocol: TCP
+  selector:
+    app: truenas-csp
+
+---
+kind: Deployment
+apiVersion: apps/v1
+metadata:
+  name: truenas-csp
+  namespace: kube-system
+spec:
+  selector:
+    matchLabels:
+      app: truenas-csp
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: truenas-csp
+    spec:
+      priorityClassName: system-cluster-critical
+      containers:
+        - name: truenas-csp
+          image: hpestorage/truenas-csp:edge
+          imagePullPolicy: IfNotPresent
+          ports:
+          - containerPort: 8080

K8s/truenas-secret.yaml

@@ -0,0 +1,12 @@
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: truenas-secret
+  namespace: kube-system 
+stringData:
+  serviceName: truenas-csp-svc
+  servicePort: "8080"
+  username: hpe-csi
+  password: TrueNAS CORE API key
+  backend: TrueNAS CORE management IP address