From c2aa364cb9f726fbac8ecf1a591a8cf3af18f82d Mon Sep 17 00:00:00 2001 From: pospispa Date: Thu, 1 Mar 2018 12:28:05 +0100 Subject: [PATCH 1/2] Storage Protection was renamed to Storage Object in Use Protection The K8s PR: https://github.com/kubernetes/kubernetes/pull/59901 renamed Storage Protection to Storage Object in Use Protection. That's why the same is also renamed in the documentation. --- docs/admin/admission-controllers.md | 4 ++-- docs/concepts/storage/persistent-volumes.md | 6 +++--- docs/tasks/administer-cluster/pvc-protection.md | 6 +++--- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/docs/admin/admission-controllers.md b/docs/admin/admission-controllers.md index 7d61cf1015379..cf9e8dce713af 100644 --- a/docs/admin/admission-controllers.md +++ b/docs/admin/admission-controllers.md @@ -414,9 +414,9 @@ This admission controller also protects the access to `metadata.ownerReferences[ of an object, so that only users with "update" permission to the `finalizers` subresource of the referenced *owner* can change it. -### Storage Protection (beta) +### Storage Object in Use Protection (beta) {% assign for_k8s_version="v1.10" %}{% include feature-state-beta.md %} -The `StorageProtection` plugin adds the `kubernetes.io/pvc-protection` or `kubernetes.io/pv-protection` finalizers to newly created Persistent Volume Claims (PVCs) or Persistent Volumes (PV). In case a user deletes a PVC or PV the PVC or PV is not removed until the finalizer is removed from the PVC or PV by PVC or PV Protection Controller. Refer to the [PVC Protection](/docs/concepts/storage/persistent-volumes/#persistent-volume-claim-protection) for more detailed information. +The `StorageObjectInUseProtection` plugin adds the `kubernetes.io/pvc-protection` or `kubernetes.io/pv-protection` finalizers to newly created Persistent Volume Claims (PVCs) or Persistent Volumes (PV). In case a user deletes a PVC or PV the PVC or PV is not removed until the finalizer is removed from the PVC or PV by PVC or PV Protection Controller. Refer to the [Storage Object in Use Protection](/docs/concepts/storage/persistent-volumes/#storage-object-in-use-protection) for more detailed information. ### PersistentVolumeLabel (DEPRECATED) diff --git a/docs/concepts/storage/persistent-volumes.md b/docs/concepts/storage/persistent-volumes.md index de23d09a7b6a1..5bbb260da0f1a 100644 --- a/docs/concepts/storage/persistent-volumes.md +++ b/docs/concepts/storage/persistent-volumes.md @@ -70,14 +70,14 @@ Pods use claims as volumes. The cluster inspects the claim to find the bound vol Once a user has a claim and that claim is bound, the bound PV belongs to the user for as long as they need it. Users schedule Pods and access their claimed PVs by including a `persistentVolumeClaim` in their Pod's volumes block. [See below for syntax details](#claims-as-volumes). -### Storage Protection +### Storage Object in Use Protection {% assign for_k8s_version="v1.10" %}{% include feature-state-beta.md %} -The purpose of the Storage Protection feature is to ensure that Persistent Volume Claims (PVCs) in active use by a pod are not removed from the system as this may result in data loss. +The purpose of the Storage Object in Use Protection feature is to ensure that Persistent Volume Claims (PVCs) in active use by a pod are not removed from the system as this may result in data loss. **Note:** PVC is in active use by a pod when the pod status is `Pending` and the pod is assigned to a node or the pod status is `Running`. {: .note} -When the [Storage Protection beta feature](/docs/tasks/administer-cluster/pvc-protection/) is enabled, if a user deletes a PVC in active use by a pod, the PVC is not removed immediately. PVC removal is postponed until the PVC is no longer actively used by any pods. +When the [Storage Object in Use Protection beta feature](/docs/tasks/administer-cluster/pvc-protection/) is enabled, if a user deletes a PVC in active use by a pod, the PVC is not removed immediately. PVC removal is postponed until the PVC is no longer actively used by any pods. You can see that a PVC is protected when the PVC's status is `Terminating` and the `Finalizers` list includes `kubernetes.io/pvc-protection`: ```shell diff --git a/docs/tasks/administer-cluster/pvc-protection.md b/docs/tasks/administer-cluster/pvc-protection.md index ac9d952e2fcb3..d6ded3aafb8ed 100644 --- a/docs/tasks/administer-cluster/pvc-protection.md +++ b/docs/tasks/administer-cluster/pvc-protection.md @@ -2,7 +2,7 @@ approvers: - msau42 - jsafrane -title: Storage Protection +title: Storage Object in Use Protection --- {% capture overview %} @@ -14,13 +14,13 @@ Persistent volume claims (PVCs) that are in active use by a pod can be protected {% capture prerequisites %} -- The Storage Protection feature is enabled in a version of Kubernetes in which it is supported. +- The Storage Object in Use Protection feature is enabled in a version of Kubernetes in which it is supported. {% endcapture %} {% capture steps %} -## Storage Protection feature used for PVC Protection +## Storage Object in Use Protection feature used for PVC Protection The example below uses a GCE PD `StorageClass`, however, similar steps can be performed for any volume type. From 6684ab299a35a8a23306fe6015dde3dd0cc4726b Mon Sep 17 00:00:00 2001 From: pospispa Date: Fri, 2 Mar 2018 12:44:59 +0100 Subject: [PATCH 2/2] Moved Storage Object in Use Protection admission plugin description down according to alphabetic order. --- docs/admin/admission-controllers.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/admin/admission-controllers.md b/docs/admin/admission-controllers.md index cf9e8dce713af..2f5299301c5c8 100644 --- a/docs/admin/admission-controllers.md +++ b/docs/admin/admission-controllers.md @@ -414,10 +414,6 @@ This admission controller also protects the access to `metadata.ownerReferences[ of an object, so that only users with "update" permission to the `finalizers` subresource of the referenced *owner* can change it. -### Storage Object in Use Protection (beta) -{% assign for_k8s_version="v1.10" %}{% include feature-state-beta.md %} -The `StorageObjectInUseProtection` plugin adds the `kubernetes.io/pvc-protection` or `kubernetes.io/pv-protection` finalizers to newly created Persistent Volume Claims (PVCs) or Persistent Volumes (PV). In case a user deletes a PVC or PV the PVC or PV is not removed until the finalizer is removed from the PVC or PV by PVC or PV Protection Controller. Refer to the [Storage Object in Use Protection](/docs/concepts/storage/persistent-volumes/#storage-object-in-use-protection) for more detailed information. - ### PersistentVolumeLabel (DEPRECATED) This admission controller automatically attaches region or zone labels to PersistentVolumes @@ -570,6 +566,10 @@ This admission controller will deny any pod that attempts to set certain escalat This admission controller implements automation for [serviceAccounts](/docs/user-guide/service-accounts). We strongly recommend using this admission controller if you intend to make use of Kubernetes `ServiceAccount` objects. +### Storage Object in Use Protection (beta) +{% assign for_k8s_version="v1.10" %}{% include feature-state-beta.md %} +The `StorageObjectInUseProtection` plugin adds the `kubernetes.io/pvc-protection` or `kubernetes.io/pv-protection` finalizers to newly created Persistent Volume Claims (PVCs) or Persistent Volumes (PV). In case a user deletes a PVC or PV the PVC or PV is not removed until the finalizer is removed from the PVC or PV by PVC or PV Protection Controller. Refer to the [Storage Object in Use Protection](/docs/concepts/storage/persistent-volumes/#storage-object-in-use-protection) for more detailed information. + ### ValidatingAdmissionWebhook (alpha in 1.8; beta in 1.9) This admission controller calls any validating webhooks which match the request. Matching