feature/CSTACKEX-122: Per host Igroup changes (#37)

Co-authored-by: Srivastava, Piyush <Piyush.Srivastava@netapp.com>

Author: 2 people

engine/storage/volume/src/main/java/org/apache/cloudstack/storage/volume/VolumeServiceImpl.java

@@ -1340,6 +1340,15 @@ private void createManagedVolumeCopyTemplateAsync(VolumeInfo volumeInfo, Primary
             primaryDataStore.setDetails(details);
 
             grantAccess(volumeInfo, destHost, primaryDataStore);
+            volumeInfo = volFactory.getVolume(volumeInfo.getId(), primaryDataStore);
+            // For Netapp ONTAP iscsiName or Lun path  is available only after grantAccess
+            String managedStoreTarget = volumeInfo.get_iScsiName() != null ? volumeInfo.get_iScsiName() : volumeInfo.getUuid();
+            details.put(PrimaryDataStore.MANAGED_STORE_TARGET, managedStoreTarget);
+            primaryDataStore.setDetails(details);
+            // Update destTemplateInfo with the iSCSI path from volumeInfo
+            if (destTemplateInfo instanceof TemplateObject) {
+                ((TemplateObject)destTemplateInfo).setInstallPath(volumeInfo.getPath());
+            }
 
             try {
                 motionSrv.copyAsync(srcTemplateInfo, destTemplateInfo, destHost, caller);

plugins/storage/volume/ontap/src/main/java/org/apache/cloudstack/storage/driver/OntapPrimaryDatastoreDriver.java

@@ -25,6 +25,7 @@
 import com.cloud.agent.api.to.DataTO;
 import com.cloud.exception.InvalidParameterValueException;
 import com.cloud.host.Host;
+import com.cloud.host.HostVO;
 import com.cloud.storage.Storage;
 import com.cloud.storage.StoragePool;
 import com.cloud.storage.Volume;
@@ -36,8 +37,6 @@
 import com.cloud.storage.dao.VolumeDetailsDao;
 import com.cloud.utils.Pair;
 import com.cloud.utils.exception.CloudRuntimeException;
-import com.cloud.vm.VirtualMachine;
-import com.cloud.vm.dao.VMInstanceDao;
 import org.apache.cloudstack.engine.subsystem.api.storage.ChapInfo;
 import org.apache.cloudstack.engine.subsystem.api.storage.CopyCommandResult;
 import org.apache.cloudstack.engine.subsystem.api.storage.CreateCmdResult;
@@ -54,6 +53,7 @@
 import org.apache.cloudstack.storage.datastore.db.PrimaryDataStoreDao;
 import org.apache.cloudstack.storage.datastore.db.StoragePoolDetailsDao;
 import org.apache.cloudstack.storage.datastore.db.StoragePoolVO;
+import org.apache.cloudstack.storage.feign.model.Igroup;
 import org.apache.cloudstack.storage.feign.client.SnapshotFeignClient;
 import org.apache.cloudstack.storage.feign.model.FlexVolSnapshot;
 import org.apache.cloudstack.storage.feign.model.Lun;
@@ -73,8 +73,9 @@
 import org.apache.logging.log4j.Logger;
 
 import javax.inject.Inject;
-import java.util.Arrays;
+import java.util.ArrayList;
 import java.util.HashMap;
+import java.util.List;
 import java.util.Map;
 
 /**
@@ -87,7 +88,6 @@ public class OntapPrimaryDatastoreDriver implements PrimaryDataStoreDriver {
 
     @Inject private StoragePoolDetailsDao storagePoolDetailsDao;
     @Inject private PrimaryDataStoreDao storagePoolDao;
-    @Inject private VMInstanceDao vmDao;
     @Inject private VolumeDao volumeDao;
     @Inject private VolumeDetailsDao volumeDetailsDao;
     @Inject private SnapshotDetailsDao snapshotDetailsDao;
@@ -111,6 +111,12 @@ public DataStoreTO getStoreTO(DataStore store) {
         return null;
     }
 
+    @Override
+    public boolean volumesRequireGrantAccessWhenUsed(){
+        s_logger.info("OntapPrimaryDatastoreDriver: volumesRequireGrantAccessWhenUsed: Called");
+        return true;
+    }
+
     /**
      * Creates a volume on the ONTAP storage system.
      */
@@ -155,7 +161,6 @@ public void createAsync(DataStore dataStore, DataObject dataObject, AsyncComplet
                     volumeVO.setPoolId(storagePool.getId());
 
                     if (ProtocolType.ISCSI.name().equalsIgnoreCase(details.get(Constants.PROTOCOL))) {
-                        String svmName = details.get(Constants.SVM_NAME);
                         String lunName = created != null && created.getLun() != null ? created.getLun().getName() : null;
                         if (lunName == null) {
                             throw new CloudRuntimeException("Missing LUN name for volume " + volInfo.getId());
@@ -168,22 +173,13 @@ public void createAsync(DataStore dataStore, DataObject dataObject, AsyncComplet
                             volumeVO.setFolder(created.getLun().getUuid());
                         }
 
-                        // Create LUN-to-igroup mapping and retrieve the assigned LUN ID
-                        UnifiedSANStrategy sanStrategy = (UnifiedSANStrategy) Utility.getStrategyByStoragePoolDetails(details);
-                        String accessGroupName = Utility.getIgroupName(svmName, storagePoolUuid);
-                        String lunNumber = sanStrategy.ensureLunMapped(svmName, lunName, accessGroupName);
-
-                        // Construct iSCSI path: /<iqn>/<lun_id> format for KVM/libvirt attachment
-                        String iscsiPath = Constants.SLASH + storagePool.getPath() + Constants.SLASH + lunNumber;
-                        volumeVO.set_iScsiName(iscsiPath);
-                        volumeVO.setPath(iscsiPath);
-                        s_logger.info("createAsync: Volume [{}] iSCSI path set to {}", volumeVO.getId(), iscsiPath);
-                        createCmdResult = new CreateCmdResult(null, new Answer(null, true, null));
-
+                        s_logger.info("createAsync: Created LUN [{}] for volume [{}]. LUN mapping will occur during grantAccess() to per-host igroup.",
+                                lunName, volumeVO.getId());
+                        createCmdResult = new CreateCmdResult(lunName, new Answer(null, true, null));
                     } else if (ProtocolType.NFS3.name().equalsIgnoreCase(details.get(Constants.PROTOCOL))) {
                         createCmdResult = new CreateCmdResult(volInfo.getUuid(), new Answer(null, true, null));
-                        s_logger.info("createAsync: Managed NFS volume [{}] associated with pool {}",
-                                volumeVO.getId(), storagePool.getId());
+                        s_logger.info("createAsync: Managed NFS volume [{}] with path [{}] associated with pool {}",
+                                volumeVO.getId(), volInfo.getUuid(), storagePool.getId());
                     }
                     volumeDao.update(volumeVO.getId(), volumeVO);
                 }
@@ -413,14 +409,35 @@ public boolean grantAccess(DataObject dataObject, Host host, DataStore dataStore
                     // Only retrieve LUN name for iSCSI volumes
                     String cloudStackVolumeName = volumeDetailsDao.findDetail(volumeVO.getId(), Constants.LUN_DOT_NAME).getValue();
                     UnifiedSANStrategy sanStrategy = (UnifiedSANStrategy) Utility.getStrategyByStoragePoolDetails(details);
-                    String accessGroupName = Utility.getIgroupName(svmName, storagePoolUuid);
-
-                    // Verify host initiator is registered in the igroup before allowing access
-                    if (!sanStrategy.validateInitiatorInAccessGroup(host.getStorageUrl(), svmName, accessGroupName)) {
-                        throw new CloudRuntimeException("Host initiator [" + host.getStorageUrl() +
-                                "] is not present in iGroup [" + accessGroupName + "]");
+                    String accessGroupName = Utility.getIgroupName(svmName, host.getName());
+
+                    // Validate if Igroup exist ONTAP for this host as we may be using delete_on_unmap= true and igroup may be deleted by ONTAP automatically
+                    Map<String, String> getAccessGroupMap = Map.of(
+                            Constants.NAME, accessGroupName,
+                            Constants.SVM_DOT_NAME, svmName
+                    );
+                    Igroup igroup = new Igroup();
+                    AccessGroup accessGroup = sanStrategy.getAccessGroup(getAccessGroupMap);
+                    if(accessGroup == null || accessGroup.getIgroup() == null) {
+                        s_logger.info("grantAccess: Igroup {} does not exist for the host {} : Need to create Igroup for the host ", accessGroupName, host.getName());
+                        // create the igroup for the host and perform lun-mapping
+                        accessGroup = new AccessGroup();
+                        List<HostVO> hosts = new ArrayList<>();
+                        hosts.add((HostVO) host);
+                        accessGroup.setHostsToConnect(hosts);
+                        accessGroup.setStoragePoolId(storagePool.getId());
+                        accessGroup = sanStrategy.createAccessGroup(accessGroup);
+                    }else{
+                        s_logger.info("grantAccess: Igroup {} already exist for the host {}: ", accessGroup.getIgroup().getName() ,host.getName());
+                        igroup = accessGroup.getIgroup();
+                        /* TODO Below cases will be covered later, for now they will be a pre-requisite on customer side
+                          1. Igroup exist with the same name but host initiator has been rempved
+                          2.  Igroup exist with the same name but host initiator has been changed may be due to new NIC or new adapter
+                          In both cases we need to verify current host initiator is registered in the igroup before allowing access
+                          Incase it is not , add it and proceed for lun-mapping
+                         */
                     }
-
+                    s_logger.info("grantAccess: Igroup {}  is present now with initiators {} ", accessGroup.getIgroup().getName(), accessGroup.getIgroup().getInitiators());
                     // Create or retrieve existing LUN mapping
                     String lunNumber = sanStrategy.ensureLunMapped(svmName, cloudStackVolumeName, accessGroupName);
 
@@ -465,22 +482,6 @@ public void revokeAccess(DataObject dataObject, Host host, DataStore dataStore)
                 throw new InvalidParameterValueException("host should not be null");
             }
 
-            // Safety check: don't revoke access if volume is still attached to an active VM
-            if (dataObject.getType() == DataObjectType.VOLUME) {
-                Volume volume = volumeDao.findById(dataObject.getId());
-                if (volume.getInstanceId() != null) {
-                    VirtualMachine vm = vmDao.findById(volume.getInstanceId());
-                    if (vm != null && !Arrays.asList(
-                            VirtualMachine.State.Destroyed,
-                            VirtualMachine.State.Expunging,
-                            VirtualMachine.State.Error).contains(vm.getState())) {
-                        s_logger.warn("revokeAccess: Volume [{}] is still attached to VM [{}] in state [{}], skipping revokeAccess",
-                                dataObject.getId(), vm.getInstanceName(), vm.getState());
-                        return;
-                    }
-                }
-            }
-
             StoragePoolVO storagePool = storagePoolDao.findById(dataStore.getId());
             if (storagePool == null) {
                 s_logger.error("revokeAccess: Storage Pool not found for id: " + dataStore.getId());
@@ -518,10 +519,9 @@ private void revokeAccessForVolume(StoragePoolVO storagePool, VolumeVO volumeVO,
         Map<String, String> details = storagePoolDetailsDao.listDetailsKeyPairs(storagePool.getId());
         StorageStrategy storageStrategy = Utility.getStrategyByStoragePoolDetails(details);
         String svmName = details.get(Constants.SVM_NAME);
-        String storagePoolUuid = storagePool.getUuid();
 
         if (ProtocolType.ISCSI.name().equalsIgnoreCase(details.get(Constants.PROTOCOL))) {
-            String accessGroupName = Utility.getIgroupName(svmName, storagePoolUuid);
+            String accessGroupName = Utility.getIgroupName(svmName, host.getName());
 
             // Retrieve LUN name from volume details; if missing, volume may not have been fully created
             String lunName = volumeDetailsDao.findDetail(volumeVO.getId(), Constants.LUN_DOT_NAME) != null ?
@@ -547,7 +547,7 @@ private void revokeAccessForVolume(StoragePoolVO storagePool, VolumeVO volumeVO,
 
             // Verify host initiator is in the igroup before attempting to remove mapping
             SANStrategy sanStrategy = (UnifiedSANStrategy) storageStrategy;
-            if (!sanStrategy.validateInitiatorInAccessGroup(host.getStorageUrl(), svmName, accessGroup.getIgroup().getName())) {
+            if (!sanStrategy.validateInitiatorInAccessGroup(host.getStorageUrl(), svmName, accessGroup.getIgroup())) {
                 s_logger.warn("revokeAccessForVolume: Initiator [{}] is not in iGroup [{}], skipping revoke",
                         host.getStorageUrl(), accessGroupName);
                 return;
@@ -916,7 +916,6 @@ public boolean isVmInfoNeeded() {
 
     @Override
     public void provideVmInfo(long vmId, long volumeId) {
-
     }
 
     @Override

plugins/storage/volume/ontap/src/main/java/org/apache/cloudstack/storage/service/SANStrategy.java

@@ -19,9 +19,14 @@
 
 package org.apache.cloudstack.storage.service;
 
+import org.apache.cloudstack.storage.feign.model.Igroup;
+import org.apache.cloudstack.storage.feign.model.Initiator;
 import org.apache.cloudstack.storage.feign.model.OntapStorage;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 
 public abstract class SANStrategy extends StorageStrategy {
+    private static final Logger s_logger = LogManager.getLogger(SANStrategy.class);
     public SANStrategy(OntapStorage ontapStorage) {
         super(ontapStorage);
     }
@@ -43,8 +48,25 @@ public SANStrategy(OntapStorage ontapStorage) {
      *
      * @param hostInitiator the host initiator IQN
      * @param svmName the SVM name
-     * @param accessGroupName the igroup name
+     * @param igroup the igroup
      * @return true if the initiator is found in the igroup, false otherwise
      */
-    public abstract boolean validateInitiatorInAccessGroup(String hostInitiator, String svmName, String accessGroupName);
+    public boolean validateInitiatorInAccessGroup(String hostInitiator, String svmName, Igroup igroup) {
+        s_logger.info("validateInitiatorInAccessGroup: Validating initiator [{}] is in igroup [{}] on SVM [{}]", hostInitiator, igroup, svmName);
+
+        if (hostInitiator == null || hostInitiator.isEmpty()) {
+            s_logger.warn("validateInitiatorInAccessGroup: host initiator is null or empty");
+            return false;
+        }
+        if (igroup.getInitiators() != null) {
+            for (Initiator initiator : igroup.getInitiators()) {
+                if (initiator.getName().equalsIgnoreCase(hostInitiator)) {
+                    s_logger.info("validateInitiatorInAccessGroup: Initiator [{}] validated successfully in igroup [{}]", hostInitiator, igroup);
+                    return true;
+                }
+            }
+        }
+        s_logger.warn("validateInitiatorInAccessGroup: Initiator [{}] NOT found in igroup [{}]", hostInitiator, igroup);
+        return false;
+    }
 }

plugins/storage/volume/ontap/src/main/java/org/apache/cloudstack/storage/service/StorageStrategy.java

@@ -271,23 +271,10 @@ public Volume createStorageVolume(String volumeName, Long size) {
             OntapResponse<Volume> ontapVolume = volumeFeignClient.getVolume(authHeader, queryParams);
             s_logger.debug("Feign call completed. Processing response...");
 
-            if (ontapVolume == null) {
+            if (ontapVolume == null || ontapVolume.getRecords() == null || ontapVolume.getRecords().isEmpty()) {
                 s_logger.error("OntapResponse is null for volume: " + volumeName);
-                throw new CloudRuntimeException("Failed to fetch volume " + volumeName + ": Response is null");
+                throw new CloudRuntimeException("Failed to fetch volume " + volumeName + ": no records found");
             }
-            s_logger.debug("OntapResponse is not null. Checking records field...");
-
-            if (ontapVolume.getRecords() == null) {
-                s_logger.error("OntapResponse.records is null for volume: " + volumeName);
-                throw new CloudRuntimeException("Failed to fetch volume " + volumeName + ": Records list is null");
-            }
-            s_logger.debug("Records field is not null. Size: " + ontapVolume.getRecords().size());
-
-            if (ontapVolume.getRecords().isEmpty()) {
-                s_logger.error("OntapResponse.records is empty for volume: " + volumeName);
-                throw new CloudRuntimeException("Failed to fetch volume " + volumeName + ": No records found");
-            }
-
             Volume volume = ontapVolume.getRecords().get(0);
             s_logger.info("Volume retrieved successfully: " + volumeName + ", UUID: " + volume.getUuid());
             return volume;
@@ -297,7 +284,7 @@ public Volume createStorageVolume(String volumeName, Long size) {
         }
     }
 
-    /**
+     /**
      * Updates ONTAP Flex-Volume
      * Eligible only for Unified ONTAP storage
      * throw exception in case of disaggregated ONTAP storage
@@ -336,7 +323,6 @@ public void deleteStorageVolume(Volume volume) {
         }
         s_logger.info("ONTAP volume deletion process completed for volume: " + volume.getName());
     }
-
     /**
      * Gets ONTAP Flex-Volume
      * Eligible only for Unified ONTAP storage

plugins/storage/volume/ontap/src/main/java/org/apache/cloudstack/storage/service/model/AccessGroup.java

@@ -20,7 +20,6 @@
 package org.apache.cloudstack.storage.service.model;
 
 import com.cloud.host.HostVO;
-import org.apache.cloudstack.engine.subsystem.api.storage.PrimaryDataStoreInfo;
 import org.apache.cloudstack.engine.subsystem.api.storage.Scope;
 import org.apache.cloudstack.storage.feign.model.ExportPolicy;
 import org.apache.cloudstack.storage.feign.model.Igroup;
@@ -33,7 +32,7 @@ public class AccessGroup {
     private ExportPolicy exportPolicy;
 
     private List<HostVO> hostsToConnect;
-    private PrimaryDataStoreInfo primaryDataStoreInfo;
+    private Long storagePoolId;
     private Scope scope;
 
 
@@ -58,12 +57,15 @@ public List<HostVO> getHostsToConnect() {
     public void setHostsToConnect(List<HostVO> hostsToConnect) {
         this.hostsToConnect = hostsToConnect;
     }
-    public PrimaryDataStoreInfo getPrimaryDataStoreInfo() {
-        return primaryDataStoreInfo;
+
+    public Long getStoragePoolId() {
+        return storagePoolId;
     }
-    public void setPrimaryDataStoreInfo(PrimaryDataStoreInfo primaryDataStoreInfo) {
-        this.primaryDataStoreInfo = primaryDataStoreInfo;
+
+    public void setStoragePoolId(Long storagePoolId) {
+        this.storagePoolId = storagePoolId;
     }
+
     public Scope getScope() {
         return scope;
     }

plugins/storage/volume/ontap/src/main/java/org/apache/cloudstack/storage/utils/Constants.java

@@ -42,6 +42,8 @@ public class Constants {
     public static final String IS_DISAGGREGATED = "isDisaggregated";
     public static final String RUNNING = "running";
     public static final String EXPORT = "export";
+    public static final String NFS_MOUNT_OPTIONS = "nfsmountopts";
+    public static final String NFS3_MOUNT_OPTIONS_VER_3 = "vers=3";
 
     public static final int ONTAP_PORT = 443;
 

plugins/storage/volume/ontap/src/main/java/org/apache/cloudstack/storage/utils/Utility.java

@@ -139,13 +139,14 @@ public static StorageStrategy getStrategyByStoragePoolDetails(Map<String, String
         }
     }
 
-    public static String getIgroupName(String svmName, String poolUuid) {
-        //Igroup name format: cs_svmName_poolUuid
-        return Constants.CS + Constants.UNDERSCORE + svmName + Constants.UNDERSCORE + poolUuid;
+    public static String getIgroupName(String svmName, String hostName) {
+        //Igroup name format: cs_svmName_hostName
+        String sanitizedHostName = hostName.split("\\.")[0].replaceAll("[^a-zA-Z0-9_-]", "_");
+        return Constants.CS + Constants.UNDERSCORE + svmName + Constants.UNDERSCORE + sanitizedHostName;
     }
 
     public static String generateExportPolicyName(String svmName, String volumeName){
-        return Constants.EXPORT + Constants.HYPHEN + svmName + Constants.HYPHEN + volumeName;
+        return Constants.CS + Constants.HYPHEN + svmName + Constants.HYPHEN + volumeName;
     }
 
     public static String getLunName(String volName, String lunName) {