Add Cinder to PersistentVolumeLabel Admission Controller

[andrewsykim]

What type of PR is this?
/kind feature

What this PR does / why we need it:
Despite the fact that the PersistentVolumeLabel admission controller is deprecated, we need to add support for the Cinder volume plugin here given the out-of-tree equivalent relies on Initializers that are being removed (see #72972). We're going to need a longer-term solution for this that is out-of-tree and does not depend on Initializers but until then, labeling PVs for Cinder will have to be done via the admission controller. Note that there is a good chance that users are not even using this feature because it would have required them to enable the alpha Initializers feature. If users have been using this feature, they will have to use the PersistentVolumeLabel admission controller instead, the tradeoff is that we'll be able to remove usages of Initializers.

Also refactors the admission controller to:

• call cloudprovider.PVLabeler for consistency. Right now we have the labeling logic split in two places (the admission controller and the cloud providers).
• use test tables for unit tests (also includes tests for other providers)

Which issue(s) this PR fixes:

Special notes for your reviewer:

Does this PR introduce a user-facing change?:

If you are running the cloud-controller-manager and you have the `pvlabel.kubernetes.io` alpha Initializer enabled, you must now enable PersistentVolume labeling using the `PersistentVolumeLabel` admission controller instead. You can do this by adding `PersistentVolumeLabel` in the `--enable-admission-plugins` kube-apiserver flag. 

/sig openstack
/sig cloud-provider

[andrewsykim]

/assign @liggitt @dims

[dims]

I like this trade-off @andrewsykim will look deeper when i get a chance. thanks!

[dims]

@andrewsykim

• Let us please split this into 2 commits, one that switches the impl to PVLabeler and another that adds the cinder support. That will help evaluate the PVLabeler changes independent of the cinder thing
• Can we please add the cinder stuff to the test case as well.

thanks!

[andrewsykim]

@dims comments addressed, PTAL! I ended up refactoring the unit tests a bit to account for other cloud providers.

[andrewsykim]

might want to review this file in split mode

[dims]

@andrewsykim getAzurePVLabeler / getGCEPVLabeler / getAWSPVLabeler / getOpenStackPVLabeler are all exactly the same except for the cloud type parameter. no?

[andrewsykim]

It also caches the pvlabeler (by assigning it to a field).

[andrewsykim]

I think it would be cleaner to have 1 field (pvlabler) as opposed to one per cloud provider but that assumes that the admission controller only admits PVs from 1 provider. I think in most clusters this is true but it seems there is an assumption before this patch that the apiserver can admit PVs from any provider.

[liggitt]

this will panic if the interface is not implemented. seems like we want an error, as before

[liggitt]

do a conditional interface assertion so we can return an error instead of panicking?

[andrewsykim]

@dims can I get another review please?

[dims]

/lgtm

i am ok to leave the multiple pvlabler fields for now. thanks!

[liggitt]

you can leave me off of this owners file, and there should probably be a storage reviewer, right?

[andrewsykim]

Makes sense! @msau42 @saad-ali can I add one of you here? (Or recommend someone who can) :)

[andrewsykim]

Fixed! @msau42 agreed to be in the OWNERS file :)

[liggitt]

/retest
/approve

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: andrewsykim, liggitt

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• plugin/pkg/admission/OWNERS [liggitt]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[dims]

/lgtm

(re-applying)