- Add NSFS OBC docs

- Always default to NSFS-only account creation when creating NSFS OBCs - Recapitalize `nsfsAccountConfig` to adhere to style Signed-off-by: Ben <[email protected]>
noobaa · Apr 17, 2024 · a07f82f · a07f82f
1 parent 3df76b4
commit a07f82f
Show file tree

Hide file tree

Showing 5 changed files with 40 additions and 8 deletions.
diff --git a/doc/obc-provisioner.md b/doc/obc-provisioner.md
@@ -101,7 +101,39 @@ spec:
   generateBucketName: my-bucket
   storageClassName: noobaa.noobaa.io
   additionalConfig:
-    replication-policy: [{ "rule_id": "rule-2", "destination_bucket": "first.bucket", "filter": {"prefix": "bc"}}]
+    replicationPolicy: [{ "rule_id": "rule-2", "destination_bucket": "first.bucket", "filter": {"prefix": "bc"}}]
+```
+
+# OBC with an NSFS account config
+
+It is possible to create an OBC on top of NSFS. In order to do this, the user has to provide relevant data in `nsfsAccountConfig` under the `spec.additionalConfig` key.
+
+The config needs to contain the following fields so that NooBaa can access the filesystem:
+gid - the group ID of the account that should be mimicked within the filesystem
+uid - the user ID of the account that should be mimicked within the filesystem
+OR
+distinguished_name - the distinguished name of the account that should be mimicked within the filesystem
+
+These optional parameters can be provided by the user to further configure the NSFS account:
+new_buckets_path - the filesystem path that should be 'mounted' as the bucket's root (`path` parameter in the CLI)
+
+Examples:
+
+```bash
+noobaa obc create my-bucket-claim -n my-app --app-namespace my-app --uid 42 --gid 505 --path '/mnt/nsfs'
+```
+
+```yaml
+apiVersion: objectbucket.io/v1alpha1
+kind: ObjectBucketClaim
+metadata:
+  name: my-bucket-claim
+  namespace: my-app
+spec:
+  generateBucketName: my-bucket
+  storageClassName: noobaa.noobaa.io
+  additionalConfig:
+    nsfsAccountConfig: { "distinguished_name": "current_user", "new_buckets_path": "/mnt/nsfs" }
 ```
 
 # Using the OBC

diff --git a/pkg/noobaaaccount/reconciler.go b/pkg/noobaaaccount/reconciler.go
@@ -401,7 +401,7 @@ func (r *Reconciler) UpdateNooBaaAccount() error {
 				UID:            r.NooBaaAccount.Spec.NsfsAccountConfig.UID,
 				GID:            r.NooBaaAccount.Spec.NsfsAccountConfig.GID,
 				NewBucketsPath: r.NooBaaAccount.Spec.NsfsAccountConfig.NewBucketsPath,
-				NsfsOnly:       r.NooBaaAccount.Spec.NsfsAccountConfig.NsfsOnly,
+				NsfsOnly:       true,
 			}
 		}
 

diff --git a/pkg/obc/obc.go b/pkg/obc/obc.go
@@ -209,7 +209,7 @@ func RunCreate(cmd *cobra.Command, args []string) {
 		nsfsAccountConfig.NewBucketsPath = path
 		nsfsAccountConfig.NsfsOnly = true
 		marshalledCfg, _ := json.Marshal(nsfsAccountConfig)
-		obc.Spec.AdditionalConfig["NSFSAccountConfig"] = string(marshalledCfg)
+		obc.Spec.AdditionalConfig["nsfsAccountConfig"] = string(marshalledCfg)
 	}
 
 	if distinguishedName != "" {
@@ -218,7 +218,7 @@ func RunCreate(cmd *cobra.Command, args []string) {
 		nsfsAccountConfig.NewBucketsPath = path
 		nsfsAccountConfig.NsfsOnly = true
 		marshalledCfg, _ := json.Marshal(nsfsAccountConfig)
-		obc.Spec.AdditionalConfig["NSFSAccountConfig"] = string(marshalledCfg)
+		obc.Spec.AdditionalConfig["nsfsAccountConfig"] = string(marshalledCfg)
 	}
 
 	if maxSize != "" {

diff --git a/pkg/obc/provisioner.go b/pkg/obc/provisioner.go
@@ -569,10 +569,10 @@ func (r *BucketRequest) CreateAccount() error {
 	var nsfsAccountConfig nbv1.AccountNsfsConfig
 	// Validation is already performed as part of ValidateOBC before CreateAccount is ever called
 	// ...but we revalidate to satisfy the linter.
-	if r.OBC.Spec.AdditionalConfig["NSFSAccountConfig"] != "" {
-		err := json.Unmarshal([]byte(r.OBC.Spec.AdditionalConfig["NSFSAccountConfig"]), &nsfsAccountConfig)
+	if r.OBC.Spec.AdditionalConfig["nsfsAccountConfig"] != "" {
+		err := json.Unmarshal([]byte(r.OBC.Spec.AdditionalConfig["nsfsAccountConfig"]), &nsfsAccountConfig)
 		if err != nil {
-			return fmt.Errorf("failed to parse NSFS config %q: %v", r.OBC.Spec.AdditionalConfig["NSFSAccountConfig"], err)
+			return fmt.Errorf("failed to parse NSFS config %q: %v", r.OBC.Spec.AdditionalConfig["nsfsAccountConfig"], err)
 		}
 	}
 

diff --git a/pkg/obc/validation.go b/pkg/obc/validation.go
@@ -31,7 +31,7 @@ func validateAdditionalConfig(objectName string, additionalConfig map[string]str
 	obcMaxSize := additionalConfig["maxSize"]
 	obcMaxObjects := additionalConfig["maxObjects"]
 	replicationPolicy := additionalConfig["replicationPolicy"]
-	NSFSAccountConfig := additionalConfig["NSFSAccountConfig"]
+	NSFSAccountConfig := additionalConfig["nsfsAccountConfig"]
 
 	if err := util.ValidateQuotaConfig(objectName, obcMaxSize, obcMaxObjects); err != nil {
 		return err