README
¶
CSI-Addons for Kubernetes
This repository contains the implementation for the CSI-Addons specification that can be used with Kubernetes. As such, this project is part of the Container Storage Interface Addons community.
The CSI API is tightly integrated with Kubernetes. In order to extend the interface, a new CSI-Addons Controller is needed. The CSI-Addons Controller will watch for Kubernetes events (CRs) and relay operation initiated by the user to the CSI-driver.
.------. CR .------------.
| User |-------| CSI-Addons |
'------' | Controller |
'------------'
|
| gRPC
|
.---------+------------------------------.
| | |
| .------------. .------------. |
| | CSI-Addons | gRPC | CSI | |
| | side-car |--------| Controller | |
| '------------' | NodePlugin | |
| '------------' |
| CSI-driver Pod |
'----------------------------------------'
A CSI-Addons side-car will be running in the CSI-driver (provisioner and node-plugin) Pods. The side-car calls gRPC procedures for CSI-Addons operations.
CSI-driver side-car
The CSI-driver side-car is located with the CSI-Controller (provisioner) and
the CSI-nodeplugin containers. The side-car registers itself by creating a
CSIAddonsNode CR that the CSI-Addons Controller can use to connect to the
side-car and execute operations.
Enabling authentication for side-car
When deploying the side-car set enable-auth flag to true.
Self signed certificates are generated by the sidecar.
Checks for valid Bearer token on request headers and performs token review.
Sidecar must be deployed with TokenReview create and get access for the associated ServiceAccount.
Reporting Volume Conditions
The CSI-driver side-car supports fetching the volume condition from the
CSI-driver by calling the NodeGetVolumeStats CSI procedure. See the Volume
Condition Reporter Documentation for more details.
csi-addons executable
The csi-addons executable can be used to call CSI-Addons operations against a
CSI-driver. It is included in the side-car container image, so that manual
execution by admins and (automated) testing can easily be done.
See the csi-addons tool documentation for more
details.
Controller
The CSI-Addons Controller handles the requests from users to initiate an operation. Users create a CR that the controller inspects, and forwards a request to one or more CSI-Addons side-cars for execution.
By listing the CSIAddonsNode CRs, the CSI-Addons Controller knows how to
connect to the side-cars. By checking the supported capabilities of the
side-cars, it can decide where to execute operations that the user requested.
Enabling authentication for manager
When deploying the manager set enable-auth flag to true.
This will use TLS for transport layer and adds Bearer token to request headers.
Installation
Refer to the installation guide for more details.
Contributing
The Contribution Guidelines contain details on the process to contribute to this project. For feature enhancements, or questions about particular features or design choices, there is a mailinglist. All regular contributors are encouraged to subscribe to the list, and participate in the discussions.
Subscribing can be done through the mailman web interface or by
sending an email to csi-addons-request@redhat.com with subject
subscribe.
Directories
¶
| Path | Synopsis |
|---|---|
|
api
|
|
|
csiaddons/v1alpha1
Package v1alpha1 contains API Schema definitions for the csiaddons v1alpha1 API group +kubebuilder:object:generate=true +groupName=csiaddons.openshift.io
|
Package v1alpha1 contains API Schema definitions for the csiaddons v1alpha1 API group +kubebuilder:object:generate=true +groupName=csiaddons.openshift.io |
|
replication.storage/v1alpha1
Package v1alpha1 contains API Schema definitions for the replication.storage v1alpha1 API group +kubebuilder:object:generate=true +groupName=replication.storage.openshift.io
|
Package v1alpha1 contains API Schema definitions for the replication.storage v1alpha1 API group +kubebuilder:object:generate=true +groupName=replication.storage.openshift.io |
|
cmd
|
|
|
csi-addons
command
|
|
|
manager
command
|
|
|
internal
|
|