replace.sh Use the below script to replace a drive. See replacing a drive for more information on how to use this script. #!/usr/bin/env bash # # This file is part of AIStor Volume Manager # Copyright (c) 2023 AIStor, Inc. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU Affero General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU Affero General Public License for more details. # # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. # # This script replaces source drive to destination drive in the specified node # set -e # usage: get_drive_id <node> <drive-name> function get_drive_id() { kubectl get directpvdrives \ --selector="directpv.min.io/node==${1},directpv.min.io/drive-name==${2}" \ -o go-template='{{range .items}}{{.metadata.name}}{{end}}' } # usage: get_volumes <drive-id> function get_volumes() { kubectl get directpvvolumes \ --selector="directpv.min.io/drive=${1}" \ -o go-template='{{range .items}}{{.metadata.name}}{{ " " | print }}{{end}}' } # usage: get_pod_name <volume> function get_pod_name() { # shellcheck disable=SC2016 kubectl get directpvvolumes "${1}" \ -o go-template='{{range $k,$v := .metadata.labels}}{{if eq $k "directpv.min.io/pod.name"}}{{$v}}{{end}}{{end}}' } # usage: get_pod_namespace <volume> function get_pod_namespace() { # shellcheck disable=SC2016 kubectl get directpvvolumes "${1}" \ -o go-template='{{range $k,$v := .metadata.labels}}{{if eq $k "directpv.min.io/pod.namespace"}}{{$v}}{{end}}{{end}}' } function init() { if [[ $# -eq 4 ]]; then echo "usage: replace.sh <NODE> <SRC-DRIVE> <DEST-DRIVE>" echo echo "This script replaces source drive to destination drive in the specified node" exit 255 fi if ! which kubectl >/dev/null 2>&1; then echo "kubectl not found; please install" exit 255 fi if ! kubectl directpv --version >/dev/null 2>&1; then echo "kubectl directpv not found; please install" exit 255 fi } function main() { node="$1" src_drive="${2#/dev/}" dest_drive="${3#/dev/}" # Get source drive ID src_drive_id=$(get_drive_id "${node}" "${src_drive}") if [ -z "${src_drive_id}" ]; then echo "source drive ${src_drive} on node ${node} not found" exit 1 fi # Get destination drive ID dest_drive_id=$(get_drive_id "${node}" "${dest_drive}") if [ -z "${dest_drive_id}" ]; then echo "destination drive ${dest_drive} on node ${node} not found" exit 1 fi # Cordon source and destination drives if ! kubectl directpv cordon "${src_drive_id}" "${dest_drive_id}"; then echo "unable to cordon drives" exit 1 fi # Cordon kubernetes node if ! kubectl cordon "${node}"; then echo "unable to cordon node ${node}" exit 1 fi mapfile -t volumes < <(get_volumes "${src_drive_id}") IFS=' ' read -r -a volumes_arr <<< "${volumes[@]}" for volume in "${volumes_arr[@]}"; do pod_name=$(get_pod_name "${volume}") pod_namespace=$(get_pod_namespace "${volume}") if ! kubectl delete pod "${pod_name}" --namespace "${pod_namespace}"; then echo "unable to delete pod ${pod_name} using volume ${volume}" exit 1 fi done if [ "${#volumes_arr[@]}" -gt 0 ]; then # Wait for associated Volume Manager volumes to be unbound while kubectl directpv list volumes --no-headers "${volumes_arr[@]}" | grep -q Bounded; do echo "...waiting for volumes to be unbound" sleep 10 done else echo "no volumes found in source drive ${src_drive} on node ${node}" fi # Run move command kubectl directpv move "${src_drive_id}" "${dest_drive_id}" # Uncordon destination drive kubectl directpv uncordon "${dest_drive_id}" # Uncordon kubernetes node kubectl uncordon "${node}" } init "$@" main "$@" push-images.sh Use this script to push all required images to a private registry.

Volume Manager Concepts Architecture Metrics Driver Specification

Prerequisites The Volume Manager commands rely on the Kubernetes command line tool, kubectl. To install kubectl on your system, see the Kubernetes documentation. Install Volume Manager plugin Volume Manager provides a kubectl plugin for managing Volume Manager drives and volumes. Use this plugin at the command line to complete all of the functions required for adding, managing, scheduling, and removing Volume Manager drives and volumes in a Kubernetes cluster.

Description Cleans up volumes in either released or deleted status. Syntax kubectl directpv clean [VOLUME ...] [flags] Parameters kubectl directpv clean requires either a volume ID or a flag to define the volume(s) or drive(s) to clean. The command does not require any specific parameter. All parameters are optional, as long as you include a way to select one or more volumes in the command.

Description List the drives initialized and managed by Volume Manager. Syntax directpv list drives [DRIVE ...] [flags] Aliases You can use the following commands to perform the same functions as kubectl directpv list drives

Description Initializing the drives formats the selected drive(s) with XFS filesystem mounts the drive(s) to /var/lib/directpv/mnt/<UUID>. Volume Manager uses initialized drives to provision Persistent Volumes in response to Persistent Volume Claims with the directpv-min-io storage class. Irrevocable Data Loss This command completely and irreversibly erases any data that may exist on the selected drive(s). Syntax kubectl directpv init drives.yaml [flags] Parameters Flags Flag Description --dangerous Perform initialization of drives which permanently erases existing data --timeout <duration> Timeout for the initialization process (default 2m0s) Global Flags You can use the following global Volume Manager flags with kubectl directpv init:

Volume Manager is implemented according to the CSI specification. It comes with the below components run as Pods in Kubernetes: Controller Node server When Volume Manager contains legacy volumes from DirectCSI, the following additional components also run as Pods: Legacy controller Legacy node server Controller

This section of documentation provides a high level overview of the Key Manager binary minkms and its associated commands, parameters, and syntaxes. You can use the minkms help to view in-shell help information for any given command. The following tables list the available minkms commands. For usage, run minkms help <command> Utility Commands Command Description minkms server Entry point for starting key manager server. minkms env Prints the environment data for the key manager server. minkms identity Generate or re-compute an identity for use with authentication to the key manager. minkms pprof Profile KMS server performance. minkms logs Print KMS server logs. minkms help Print help information. minkms edit Edit the cluster configuration. minkms backup Backup the cluster state. minkms restore Restore the cluster state from a backup. Node Management Command Description minkms add Add a node to a cluster. minkms rm Remove a node from a cluster. minkms ls List cluster nodes. minkms stat Print cluster status information. Key Management Command Description minkms keygen Generate a new data key. minkms decrypt Decrypt an encrypted message. minkms add-key Create a new key or key version. minkms ls-key List keys or key versions. minkms stat-key Print key status information. minkms rm-key Remove a key or key version. HSM Management Command Description minkms add-hsm Create a new HSM. minkms rm-hsm Remove an HSM. minkms ls-hsm List HSMs. Enclave Management Command Description minkms add-enclave Create a new enclave. minkms rm-enclave Remove a enclave. minkms ls-enclave List enclaves. Identity Management Command Description minkms add-identity Create a new identity. minkms get-identity Print an identity. minkms rm-identity Remove an identity. minkms ls-identity List identities. Policy Management Command Description minkms add-policy Create or overwrite a policy. minkms rm-policy Remove a policy. minkms ls-policy List policies. minkms stat-policy Print policy status information. minkms get-policy Print a policy. minkms set-policy Assign a policy to an identity.

Overview Create a new policy to use with KES identities. Adds a new temporary policy to the KES server. Policies support KES access control. The created policy has no associated identities. Use kes policy assign to assign identities to the policy. All changes made by :mc:kes policy are lost when the KES server restarts. To create permanent policies, modify the policy section of the KES configuration document to include the new policy.

These sections contain reference material for the Key Manager operator.