|
1 | 1 | [](https://travis-ci.org/kubernetes-csi/external-provisioner) |
2 | 2 |
|
3 | | -# Kubernetes external provisioner that works with CSI volumes |
| 3 | +# CSI provisioner |
4 | 4 |
|
5 | | -This is an example external provisioner for Kubernetes which provisions using CSI Volume drivers.. It's under heavy development, so at this time README.md is notes for the developers coding. Once complete this will change to something user friendly. |
| 5 | +The external-provisioner is a sidecar container that dynamically provisions volumes by calling `ControllerCreateVolume` and `ControllerDeleteVolume` functions of CSI drivers. It is necessary because internal persistent volume controller running in Kubernetes controller-manager does not have any direct interfaces to CSI drivers. |
6 | 6 |
|
7 | | -# Build |
| 7 | +## Overview |
| 8 | +The external-provisioner is an external controller that monitors `PersistentVolumeClaim` objects created by user and creates/deletes volumes for them. Full design can be found at Kubernetes proposal at [container-storage-interface.md](https://github.com/kubernetes/community/blob/master/contributors/design-proposals/storage/container-storage-interface.md) |
8 | 9 |
|
9 | | -```bash |
10 | | -make csi-provisioner |
11 | | -``` |
| 10 | +## Compatibility |
12 | 11 |
|
13 | | -# Test |
| 12 | +This information reflects the head of this branch. |
14 | 13 |
|
15 | | -## Start Kubernetes |
| 14 | +| Compatible with CSI Version | Container Image | Min K8s Version | |
| 15 | +| ------------------------------------------------------------------------------------------ | -------------------------------| --------------- | |
| 16 | +| [CSI Spec v1.0.0](https://github.com/container-storage-interface/spec/releases/tag/v1.0.0) | quay.io/k8scsi/csi-provisioner | 1.14 | |
16 | 17 |
|
17 | | -Run a local kubernetes cluster built from latest master code |
| 18 | +## Feature status |
18 | 19 |
|
19 | | -## Run Storage Provider |
| 20 | +Various external-provisioner releases come with different alpha / beta features. Check `--help` output for alpha/beta features in each release. |
20 | 21 |
|
21 | | -### Use HostPath drivers |
| 22 | +Following table reflects the head of this branch. |
22 | 23 |
|
23 | | -Go to drivers and run: |
| 24 | +| Feature | Status | Default | Description | |
| 25 | +| ---------- | ------- | ------- | --------------------------------------------------------------------------------------------- | |
| 26 | +| Topology | Beta | Off | [Topology aware dynamic provisioning](https://kubernetes-csi.github.io/docs/topology.html) (requires kubelet 1.14 on nodes). | |
| 27 | +| Snapshots* | Alpha | On | [Snapshots and Restore](https://kubernetes-csi.github.io/docs/snapshot-restore-feature.html). | |
24 | 28 |
|
25 | | -```bash |
26 | | -bin/hostpathplugin --drivername mydriver --endpoint unix://tmp/csi.sock --nodeid foobar -v=5 |
27 | | -``` |
| 29 | +*) There is no special feature gate for snapshots, it is enabled by running [external-snapshotter](https://github.com/kubernetes-csi/external-snapshotter/) and creating its CRDs. |
28 | 30 |
|
29 | | -### Start external provisioner |
| 31 | +All other external-provisioner features and the external-provisioner itself is considered GA and fully supported. |
30 | 32 |
|
31 | | -```bash |
32 | | -bin/csi-provisioner --kubeconfig /var/run/kubernetes/admin.kubeconfig --alsologtostderr |
33 | | -``` |
| 33 | +## Usage |
34 | 34 |
|
35 | | -### Create Storage class, PVC, and Pod |
| 35 | +It is necessary to create a new service account and give it enough privileges to run the external-provisioner, see `deploy/kubernetes/rbac.yaml`. The provisioner is then deployed as single Deployment as illustrated below: |
36 | 36 |
|
37 | | -```bash |
38 | | -kubectl create -f examples/sc.yaml |
39 | | -kubectl create -f example/pvc.yaml |
40 | | -kubectl create -f example/pod.yaml |
| 37 | +```sh |
| 38 | +kubectl create deploy/kubernetes/deployment.yaml |
41 | 39 | ``` |
42 | 40 |
|
43 | | -### Delete PVC |
| 41 | +The external-provisioner may run in the same pod with other external CSI controllers such as the external-attacher, external-snapshotter and/or external-resizer. |
44 | 42 |
|
45 | | -```bash |
46 | | -kubectl delete pvc example-pvc |
47 | | -``` |
| 43 | +Note that the external-provisioner does not scale with more replicas. Only one external-provisioner is elected as leader and running. The others are waiting for the leader to die. They re-elect a new active leader in ~15 seconds after death of the old leader. |
| 44 | + |
| 45 | +### Command line options |
| 46 | + |
| 47 | +#### Recommended optional arguments" |
| 48 | +* `--csi-address <path to CSI socket>`: This is the path to the CSI driver socket inside the pod that the external-provisioner container will use to issue CSI operations (`/run/csi/socket` is used by default). |
| 49 | + |
| 50 | +* `--enable-leader-election`: Enables leader election. This is mandatory when there are multiple replicas of the same external-provisioner running for one CSI driver. Only one of them may be active (=leader). A new leader will be re-elected when current leader dies or becomes unresponsive for ~15 seconds. |
| 51 | + |
| 52 | +* `--timeout <duration>`: Timeout of all calls to CSI driver. It should be set to value that accommodates majority of `ControllerCreateVolume` and `ControllerDeleteVolume` calls. See [CSI error and timeout handling](#csi-error-and-timeout-handling) for details. 15 seconds is used by default. |
| 53 | + |
| 54 | +* `--retry-interval-start <duration>` - Initial retry interval of failed provisioning or deletion. It doubles with each failure, up to `--retry-interval-max` and then it stops increasing. Default value is 1 second. See [CSI error and timeout handling](#csi-error-and-timeout-handling) for details. |
| 55 | + |
| 56 | +* `--retry-interval-max <duration>` - Maximum retry interval of failed provisioning or deletion. Default value is 5 minutes. See [CSI error and timeout handling](#csi-error-and-timeout-handling) for details. |
| 57 | + |
| 58 | +* `--worker-threads <num>`: Number of simultaneously running `ControllerCreateVolume` and `ControllerDeleteVolume` operations. Default value is `100`. |
| 59 | + |
| 60 | +#### Other recognized arguments |
| 61 | +* `--feature-gates <gates>`: A set of comma separated `<feature-name>=<true|false>` pairs that describe feature gates for alpha/experimental features. See [list of features](#feature-status) or `--help` output for list of recognized features. Example: `--feature-gates Topology=true` to enable Topology feature that's disabled by default. |
| 62 | + |
| 63 | +* `--kubeconfig <path>`: Path to Kubernetes client configuration that the external-provisioner uses to connect to Kubernetes API server. When omitted, default token provided by Kubernetes will be used. This option is useful only when the external-provisioner does not run as a Kubernetes pod, e.g. for debugging. Either this or `--master` needs to be set if the external-provisioner is being run out of cluster. |
| 64 | + |
| 65 | +* `--master <url>`: Master URL to build a client config from. When omitted, default token provided by Kubernetes will be used. This option is useful only when the external-provisioner does not run as a Kubernetes pod, e.g. for debugging. Either this or `--kubeconfig` needs to be set if the external-provisioner is being run out of cluster. |
| 66 | + |
| 67 | +* `--volume-name-prefix <prefix>`: Prefix of PersistentVolume names created by the external-provisioner. Default value is "pvc", i.e. created PersistentVolume objects will have name `pvc-<uuid>`. |
| 68 | + |
| 69 | +* `--volume-name-uuid-length`: Length of UUID to be added to `--volume-name-prefix`. Default behavior is to NOT truncate the UUID. |
| 70 | + |
| 71 | +* `--version`: Prints current external-provisioner version and quits. |
| 72 | + |
| 73 | +* All glog / klog arguments are supported, such as `-v <log level>` or `-alsologtostderr`. |
| 74 | + |
| 75 | +#### Deprecated arguments |
| 76 | +* `--connection-timeout <duration>`: This option was used to limit establishing connection to CSI driver. Currently, the option does not have any effect and the external-provisioner tries to connect to CSI driver socket indefinitely. It is recommended to run ReadinessProbe on the driver to ensure that the driver comes up in reasonable time. |
| 77 | + |
| 78 | + |
| 79 | +### CSI error and timeout handling |
| 80 | +The external-provisioner invokes all gRPC calls to CSI driver with timeout provided by `--timeout` command line argument (15 seconds by default). |
| 81 | + |
| 82 | +Correct timeout value and number of worker threads depends on the storage backend and how quickly it is able to processes `ControllerCreateVolume` and `ControllerDeleteVolume` calls. The value should be set to accommodate majority of them. It is fine if some calls time out - such calls will be retried after exponential backoff (starting with 1s by default), however, this backoff will introduce delay when the call times out several times for a single volume. |
| 83 | + |
| 84 | +Frequency of `ControllerCreateVolume` and `ControllerDeleteVolume` retries can be configured by `--retry-interval-start` and `--retry-interval-max` parameters. The external-provisioner starts retries with `retry-interval-start` interval (1s by default) and doubles it with each failure until it reaches `retry-interval-max` (5 minutes by default). The external provisioner stops increasing the retry interval when it reaches `retry-interval-max`, however, it still retries provisioning/deletion of a volume until it's provisioned. The external-provisioner keeps its own number of provisioning/deletion failures for each volume. |
| 85 | + |
| 86 | +The external-provisioner can invoke up to `--worker-threads` (100 by default) `ControllerCreateVolume` **and** up to `--worker-threads` `ControllerDeleteVolume` calls in parallel, i.e. these two calls are counted separately. The external-provisioner assumes that the storage backend can cope with such high number of parallel requests and that the requests are handled in relatively short time (ideally sub-second). Lower value should be used for storage backends that expect slower processing related to newly created / deleted volumes or can handle lower amount of parallel calls. |
| 87 | + |
| 88 | +Details of error handling of individual CSI calls: |
| 89 | +* `ControllerCreateVolume`: The call might have timed out just before the driver provisioned a volume and was sending a response. From that reason, timeouts from `ControllerCreateVolume` is considered as "*volume may be provisioned*" or "*volume is being provisioned in the background*." The external-provisioner will retry calling `ControllerCreateVolume` after exponential backoff until it gets either successful response or final (non-timeout) error that the volume cannot be created. |
| 90 | +* `ControllerDeleteVolume`: This is similar to `ControllerCreateVolume`, The external-provisioner will retry calling `ControllerDeleteVolume` with exponential backoff after timeout until it gets either successful response or a final error that the volume cannot be deleted. |
| 91 | +* `Probe`: The external-provisioner retries calling Probe until the driver reports it's ready. It retries also when it receives timeout from `Probe` call. The external-provisioner has no limit of retries. It is expected that ReadinessProbe on the driver container will catch case when the driver takes too long time to get ready. |
| 92 | +* `GetPluginInfo`, `GetPluginCapabilitiesRequest`, `ControllerGetCapabilities`: The external-provisioner expects that these calls are quick and does not retry them on any error, including timeout. Instead, it assumes that the driver is faulty and exits. Note that Kubernetes will likely start a new provisioner container and it will start with `Probe` call. |
48 | 93 |
|
49 | 94 | ## Community, discussion, contribution, and support |
50 | 95 |
|
|
0 commit comments