CSI Docs for K8s v1.10 #7698
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -70,7 +70,6 @@ Kubernetes supports several types of Volumes: | |
| * `azureFile` | ||
| * `cephfs` | ||
| * `configMap` | ||
| * `downwardAPI` | ||
| * `emptyDir` | ||
| * `fc` (fibre channel) | ||
|
|
@@ -972,50 +971,98 @@ specification, and to select the type of media to use, for clusters that have | |
| several media types. | ||
|
|
||
| ## Out-of-Tree Volume Plugins | ||
| The Out-of-tree volume plugins include the Container Storage Interface (`CSI`) | ||
| and `FlexVolume`. They enable storage vendors to create custom storage plugins | ||
| without adding them to the Kubernetes repository. | ||
|
|
||
| Before the introduction of `CSI` and `FlexVolume`, all volume plugins (like | ||
| volume types listed above) were "in-tree" meaning they were built, linked, | ||
| compiled, and shipped with the core Kubernetes binaries and extend the core | ||
| Kubernetes API. This meant that adding a new storage system to Kubernetes (a | ||
| volume plugin) required checking code into the core Kubernetes code repository. | ||
|
|
||
| Both `CSI` and `FlexVolume` allow volume plugins to be developed independent of | ||
| the Kubernetes code base, and deployed (installed) on Kubernetes clusters as | ||
| extensions. | ||
|
|
||
| For storage vendors looking to create an out-of-tree volume plugin, please refer | ||
| to [this FAQ](https://github.com/kubernetes/community/blob/master/sig-storage/volume-plugin-faq.md). | ||
|
|
||
| ### CSI | ||
|
|
||
| {% assign for_k8s_version="v1.10" %}{% include feature-state-beta.md %} | ||
|
|
||
| [Container Storage Interface](https://github.com/container-storage-interface/spec/blob/master/spec.md) (CSI) | ||
| defines a standard interface for container orchestration systems (like | ||
| Kubernetes) to expose arbitrary storage systems to their container workloads. | ||
|
|
||
| Please read the [CSI design proposal](https://github.com/kubernetes/community/blob/master/contributors/design-proposals/storage/container-storage-interface.md) for more information. | ||
|
|
||
| CSI support was introduced as alpha in Kubernetes v1.9 and moved to beta in | ||
| Kubernets v1.10. | ||
|
|
||
| Once a CSI compatible volume driver is deployed on a Kubernetes cluster, users | ||
| may use the `csi` volume type to attach, mount, etc. the volumes exposed by the | ||
|
There was a problem hiding this comment. This means users are still supposed to use |
||
| CSI driver. | ||
|
|
||
| The `csi` volume type does not support direct reference from pod and may only be | ||
| referenced in a pod via a `PersistentVolumeClaim` object. | ||
|
|
||
| The following fields are available to storage administrators to configure a CSI | ||
| persistent volume: | ||
|
|
||
| - `driver`: A string value that specifies the name of the volume driver to use. | ||
| This value must corespond to the value returned in the `GetPluginInfoResponse` | ||
| by the CSI driver as defined in the [CSI spec](https://github.com/container-storage-interface/spec/blob/master/spec.md#getplugininfo). | ||
| It is used by Kubernetes to identify which CSI driver to call out to, and by | ||
| CSI driver components to identify which PV objects belong to the CSI driver. | ||
| - `volumeHandle`: A string value that uniquely identifies the volume. This value | ||
| must correspond to the value returned in the `volume.id` field of the | ||
| `CreateVolumeResponse` by the CSI driver as defined in the [CSI spec](https://github.com/container-storage-interface/spec/blob/master/spec.md#createvolume). | ||
| The value is passed as `volume_id` on all calls to the CSI volume driver when | ||
| referencing the volume. | ||
| - `readOnly`: An optional boolean value indicating whether the volume is to be | ||
| "ControllerPublished" (attached) as read only. Default is false. This value is | ||
|
There was a problem hiding this comment.
There was a problem hiding this comment. No, the |
||
| passed to the CSI driver via the `readonly` field in the | ||
| `ControllerPublishVolumeRequest`. | ||
| - `fsType`: If the PV's `VolumeMode` is `Filesystem` then this field may be used | ||
| to specify the filesystem that should be used to mount the volume. If the | ||
| volume has not been formated and formating is supported, this value will be | ||
| used to format the volume. If a value is not specified, `ext4` is assumed. | ||
| This value is passed to the CSI driver via the `VolumeCapability` field of | ||
| `ControllerPublishVolumeRequest`, `NodeStageVolumeRequest`, and | ||
| `NodePublishVolumeRequest`. | ||
| - `volumeAttributes`: A map of string to string that specifies static properties | ||
|
There was a problem hiding this comment. The way I read is like There was a problem hiding this comment. They are set by external provisioner during volume creation, however if a volume is pre-provisioned and cluster admin manually creates PV objects, then the field will have to be set by cluster admin. |
||
| of a volume. This map must corespond to the map returned in the | ||
| `volume.attributes` field of the `CreateVolumeResponse` by the CSI driver as | ||
| defined in the [CSI spec](https://github.com/container-storage-interface/spec/blob/master/spec.md#createvolume). | ||
| The map is passed to the CSI driver via the `volume_attributes` field in the | ||
| `ControllerPublishVolumeRequest`, `NodeStageVolumeRequest`, and | ||
| `NodePublishVolumeRequest`. | ||
| - `controllerPublishSecretRef`: A reference to the secret object containing | ||
|
There was a problem hiding this comment. ControllerCreateVolume and ControllerDeleteVolume also use this secret. There was a problem hiding this comment. That's not possible since the PV object should not exist before provisioning. CreateVolume and DeleteVolume should be using the SecretRef from the StorageClass. There was a problem hiding this comment. Right, my mistake, got confused with secret in StorageClass. |
||
| sensitive information to pass to the CSI driver to complete the CSI | ||
| `ControllerPublishVolume` and `ControllerUnpublishVolume` calls. This field is | ||
| optional, and may be empty if no secret is required. If the secret object | ||
| contains more than one secret, all secrets are passed. | ||
| - `nodeStageSecretRef`: A reference to the secret object containing | ||
| sensitive information to pass to the CSI driver to complete the CSI | ||
| `NodeStageVolume` call. This field is optional, and may be empty if no secret | ||
| is required. If the secret object contains more than one secret, all secrets | ||
| are passed. | ||
| - `nodePublishSecretRef`: A reference to the secret object containing | ||
| sensitive information to pass to the CSI driver to complete the CSI | ||
| `NodePublishVolume` call. This field is optional, and may be empty if no | ||
| secret is required. If the secret object contains more than one secret, all | ||
| secrets are passed. | ||
|
|
||
| ### FlexVolume | ||
|
|
||
| `FlexVolume` is an out-of-tree plugin interface that has existed in Kubernetes | ||
| since version 1.2 (before CSI). It uses an exec-based model to interface with | ||
| drivers. FlexVolume driver binaries must be installed in a pre-defined volume | ||
| plugin path on each node (and in some cases master). | ||
|
|
||
| Pods interact with FlexVolume drivers through the `flexVolume` in-tree plugin. | ||
| More details can be found [here](https://github.com/kubernetes/community/blob/master/contributors/devel/flexvolume.md). | ||
|
|
||
| ## Mount propagation | ||
|
|
||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@saad-ali why are we removing this? I can understand the CSI plugin is out-of-tree, but from users' perspective, they are still called
csivolumes, right?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For consistency. FlexVolume is not listed here either. I'm not sure this list adds much value, considering the Table of Content above captures the list of volume types already and is easier to keep updated. Any objection to removing this list altogether? Might be a good idea to move "Out of Tree" volumes immediately after the list of in tree volumes?