MountVolume.SetUp Failure with Huawei CSI Driver for OBS on Kubernetes

[Wolfslicht]

Description

We are encountering an issue with the Huawei CSI Driver for OBS when trying to mount a Persistent Volume Claim (PVC) in our Kubernetes cluster. The mounting process fails for the pod, citing a missing libcrypto.so.1.0.0 library, which is required by obsfs. Our nodes are running on Ubuntu 22.04 LTS, which, unlike Ubuntu 20.04 LTS, uses OpenSSL 1.1.1 instead of libcrypto.so.1.0.0.

Error Message

Warning FailedMount 8s kubelet MountVolume.SetUp failed for volume "pvc-5a856ad5-9d0c-4ee6-8828-1914d38ca784" : rpc error: code = Internal desc = Failed to mount pvc-5a856ad5-9d0c-4ee6-8828-1914d38ca784 at /var/lib/kubelet/pods/7a78a96f-9918-428b-943e-37e669fe6a9c/volumes/kubernetes.io~csi/pvc-5a856ad5-9d0c-4ee6-8828-1914d38ca784/mount: rpc error: code = Internal desc = Failed to execute the command, body: {"Data":"failed to mount CMD: obsfs obsfs pvc-5a856ad5-9d0c-4ee6-8828-1914d38ca784 /var/lib/kubelet/pods/7a78a96f-9918-428b-943e-37e669fe6a9c/volumes/kubernetes.io~csi/pvc-5a856ad5-9d0c-4ee6-8828-1914d38ca784/mount -o url=obs.eu-ch2.sc.otc.t-systems.com -o passwd_file=/var/lib/csi/2553a567-5b13-4bad-bf16-650dc3bd744c -o big_writes -o max_write=131072 -o use_ino -o allow_other, output: obsfs: error while loading shared libraries: libcrypto.so.1.0.0: cannot open shared object file: No such file or directory\n, error: exit status 127"}

Kubernetes Version:

v1.27.10 +rke2r1

Node OS:

Ubuntu 22.04 LTS.
Notably, Ubuntu versions newer than 20.04 LTS use OpenSSL 1.1.1, which does not provide libcrypto.so.1.0.0.

Expected Behavior:

Upon creating a PVC and attaching it to a Pod, the Pod should be able to create the necessary directory structure and write files without encountering mount failures.

Steps to Reproduce:

Deploy a PVC using the Huawei CSI Driver for OBS.
Attempt to mount the PVC to a Pod.
Observe the failure in the Pod's events.

Attempted Resolutions:

Confirmed OpenSSL libraries are present on the node; however, Ubuntu 22.04 LTS uses OpenSSL 1.1.1, not providing libcrypto.so.1.0.0.
Verified that the Huawei CSI driver for OBS is correctly installed and configured.
Request:
We seek guidance or a resolution for the issue to ensure successful mounting of OBS buckets as volumes within our Kubernetes environment, considering the OpenSSL version discrepancy on Ubuntu 22.04 LTS.

[Zippo-Wang]

Hello, Mr Wolfgang, regarding this error, our CSI plugin currently only supports version Ubuntu 20.04. It is expected to support a higher version in September.

If you are in a hurry to use, you can use this project for source code compilation.

[Wolfslicht]

Hey there,

we figured out, that this also is need for the EVS encryption as well.
Current State:
Huawei CSI Driver uses OpenSSL 1.0.0 which is deprecated and not in any repo anymore.

Expectation:
Driver needs an update ->So that the Driver is using the up-to-date version and packages of apt for Ubuntu 20+, CentOS, etc.

Reason:
For everything related to encryption openssl is triggered and used and failed to to missing package of Openssl 1.0.0 which aren't available anymore due to security risks