apiVersion: storage.k8s.io/v1
import "k8s.io/api/storage/v1"
CSIDriver captures information about a Container Storage Interface (CSI) volume driver deployed on the cluster. Kubernetes attach detach controller uses this object to determine whether attach is required. Kubelet uses this object to determine whether pod information needs to be passed on mount. CSIDriver objects are non-namespaced.
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata (ObjectMeta)
Standard object metadata. metadata.Name indicates the name of the CSI driver that this object refers to; it MUST be the same name returned by the CSI GetPluginName() call for that driver. The driver name must be 63 characters or less, beginning and ending with an alphanumeric character ([a-z0-9A-Z]) with dashes (-), dots (.), and alphanumerics between. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
spec (CSIDriverSpec), required
Specification of the CSI Driver.
CSIDriverSpec is the specification of a CSIDriver.
attachRequired (boolean)
attachRequired indicates this CSI volume driver requires an attach operation (because it implements the CSI ControllerPublishVolume() method), and that the Kubernetes attach detach controller should call the attach volume interface which checks the volumeattachment status and waits until the volume is attached before proceeding to mounting. The CSI external-attacher coordinates with CSI volume driver and updates the volumeattachment status when the attach operation is complete. If the CSIDriverRegistry feature gate is enabled and the value is specified to false, the attach operation will be skipped. Otherwise the attach operation will be called.
This field is immutable.
fsGroupPolicy (string)
Defines if the underlying volume supports changing ownership and permission of the volume before being mounted. Refer to the specific FSGroupPolicy values for additional details.
This field is immutable.
Defaults to ReadWriteOnceWithFSType, which will examine each volume to determine if Kubernetes should modify ownership and permissions of the volume. With the default policy the defined fsGroup will only be applied if a fstype is defined and the volume's access mode contains ReadWriteOnce.
podInfoOnMount (boolean)
If set to true, podInfoOnMount indicates this CSI volume driver requires additional pod information (like podName, podUID, etc.) during mount operations. If set to false, pod information will not be passed on mount. Default is false. The CSI driver specifies podInfoOnMount as part of driver deployment. If true, Kubelet will pass pod information as VolumeContext in the CSI NodePublishVolume() calls. The CSI driver is responsible for parsing and validating the information passed in as VolumeContext. The following VolumeConext will be passed if podInfoOnMount is set to true. This list might grow, but the prefix will be used. "csi.storage.k8s.io/pod.name": pod.Name "csi.storage.k8s.io/pod.namespace": pod.Namespace "csi.storage.k8s.io/pod.uid": string(pod.UID) "csi.storage.k8s.io/ephemeral": "true" if the volume is an ephemeral inline volume defined by a CSIVolumeSource, otherwise "false"
"csi.storage.k8s.io/ephemeral" is a new feature in Kubernetes 1.16. It is only required for drivers which support both the "Persistent" and "Ephemeral" VolumeLifecycleMode. Other drivers can leave pod info disabled and/or ignore this field. As Kubernetes 1.15 doesn't support this field, drivers can only support one mode when deployed on such a cluster and the deployment determines which mode that is, for example via a command line parameter of the driver.
This field is immutable.
requiresRepublish (boolean)
RequiresRepublish indicates the CSI driver wants NodePublishVolume being periodically called to reflect any possible change in the mounted volume. This field defaults to false.
Note: After a successful initial NodePublishVolume call, subsequent calls to NodePublishVolume should only update the contents of the volume. New mount points will not be seen by a running container.
storageCapacity (boolean)
If set to true, storageCapacity indicates that the CSI volume driver wants pod scheduling to consider the storage capacity that the driver deployment will report by creating CSIStorageCapacity objects with capacity information.
The check can be enabled immediately when deploying a driver. In that case, provisioning new volumes with late binding will pause until the driver deployment has published some suitable CSIStorageCapacity object.
Alternatively, the driver can be deployed with the field unset or false and it can be flipped later when storage capacity information has been published.
This field was immutable in Kubernetes <= 1.22 and now is mutable.
This is a beta field and only available when the CSIStorageCapacity feature is enabled. The default is false.
tokenRequests ([]TokenRequest)
Atomic: will be replaced during a merge
TokenRequests indicates the CSI driver needs pods' service account tokens it is mounting volume for to do necessary authentication. Kubelet will pass the tokens in VolumeContext in the CSI NodePublishVolume calls. The CSI driver should parse and validate the following VolumeContext: "csi.storage.k8s.io/serviceAccount.tokens": { "<audience>": { "token": <token>, "expirationTimestamp": <expiration timestamp in RFC3339>, }, ... }
Note: Audience in each TokenRequest should be different and at most one token is empty string. To receive a new token after expiry, RequiresRepublish can be used to trigger NodePublishVolume periodically.
TokenRequest contains parameters of a service account token.
tokenRequests.audience (string), required
Audience is the intended audience of the token in "TokenRequestSpec". It will default to the audiences of kube apiserver.
tokenRequests.expirationSeconds (int64)
ExpirationSeconds is the duration of validity of the token in "TokenRequestSpec". It has the same default value of "ExpirationSeconds" in "TokenRequestSpec".
volumeLifecycleModes ([]string)
Set: unique values will be kept during a merge
volumeLifecycleModes defines what kind of volumes this CSI volume driver supports. The default if the list is empty is "Persistent", which is the usage defined by the CSI specification and implemented in Kubernetes via the usual PV/PVC mechanism. The other mode is "Ephemeral". In this mode, volumes are defined inline inside the pod spec with CSIVolumeSource and their lifecycle is tied to the lifecycle of that pod. A driver has to be aware of this because it is only going to get a NodePublishVolume call for such a volume. For more information about implementing this mode, see https://kubernetes-csi.github.io/docs/ephemeral-local-volumes.html A driver can support one or more of these modes and more modes may be added in the future. This field is beta.
This field is immutable.
CSIDriverList is a collection of CSIDriver objects.
apiVersion: storage.k8s.io/v1
kind: CSIDriverList
metadata (ListMeta)
Standard list metadata More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
items ([]CSIDriver), required
items is the list of CSIDriver
get read the specified CSIDriverGET /apis/storage.k8s.io/v1/csidrivers/{name}
name (in path): string, required
name of the CSIDriver
pretty (in query): string
200 (CSIDriver): OK
401: Unauthorized
list list or watch objects of kind CSIDriverGET /apis/storage.k8s.io/v1/csidrivers
allowWatchBookmarks (in query): boolean
continue (in query): string
fieldSelector (in query): string
labelSelector (in query): string
limit (in query): integer
pretty (in query): string
resourceVersion (in query): string
resourceVersionMatch (in query): string
timeoutSeconds (in query): integer
watch (in query): boolean
200 (CSIDriverList): OK
401: Unauthorized
create create a CSIDriverPOST /apis/storage.k8s.io/v1/csidrivers
body: CSIDriver, required
dryRun (in query): string
fieldManager (in query): string
fieldValidation (in query): string
pretty (in query): string
200 (CSIDriver): OK
201 (CSIDriver): Created
202 (CSIDriver): Accepted
401: Unauthorized
update replace the specified CSIDriverPUT /apis/storage.k8s.io/v1/csidrivers/{name}
name (in path): string, required
name of the CSIDriver
body: CSIDriver, required
dryRun (in query): string
fieldManager (in query): string
fieldValidation (in query): string
pretty (in query): string
200 (CSIDriver): OK
201 (CSIDriver): Created
401: Unauthorized
patch partially update the specified CSIDriverPATCH /apis/storage.k8s.io/v1/csidrivers/{name}
name (in path): string, required
name of the CSIDriver
body: Patch, required
dryRun (in query): string
fieldManager (in query): string
fieldValidation (in query): string
force (in query): boolean
pretty (in query): string
200 (CSIDriver): OK
201 (CSIDriver): Created
401: Unauthorized
delete delete a CSIDriverDELETE /apis/storage.k8s.io/v1/csidrivers/{name}
name (in path): string, required
name of the CSIDriver
body: DeleteOptions
dryRun (in query): string
gracePeriodSeconds (in query): integer
pretty (in query): string
propagationPolicy (in query): string
200 (CSIDriver): OK
202 (CSIDriver): Accepted
401: Unauthorized
deletecollection delete collection of CSIDriverDELETE /apis/storage.k8s.io/v1/csidrivers
body: DeleteOptions
continue (in query): string
dryRun (in query): string
fieldSelector (in query): string
gracePeriodSeconds (in query): integer
labelSelector (in query): string
limit (in query): integer
pretty (in query): string
propagationPolicy (in query): string
resourceVersion (in query): string
resourceVersionMatch (in query): string
timeoutSeconds (in query): integer
200 (Status): OK
401: Unauthorized
© 2022 The Kubernetes Authors
Documentation Distributed under CC BY 4.0.
https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/csi-driver-v1/