This repository contains the source code and build methods to build a Kubernetes CSI driver that helps provision VMware Cloud Director Named Independent Disks as a storage solution for Kubernetes Applications. This uses VMware Cloud Director API for functionality and hence needs an appropriate VMware Cloud Director Installation. This CSI driver will help enable common scenarios with persistent volumes and stateful-sets using VMware Cloud Director Shareable Named Disks.
The version of the VMware Cloud Director API and Installation that are compatible for a given CSI container image are provided in the following compatibility matrix:
| CSI Version | VMware Cloud Director API | VMware Cloud Director Installation | Notes | Kubernetes Versions |
|---|---|---|---|---|
| 1.0.0 | 36.0+ | 10.3.1+ (10.3.1 needs hot-patch to prevent VCD cell crashes in multi-cell environments) |
First cut with support for Named Independent Disks |
|
| 1.1.0 | 36.0+ | 10.3.1+ (10.3.1 needs hot-patch to prevent VCD cell crashes in multi-cell environments) |
|
|
| 1.1.1 | 36.0+ | 10.3.1+ (10.3.1 needs hot-patch to prevent VCD cell crashes in multi-cell environments) |
|
|
| 1.2.0 | 36.0+ | 10.3.1+ (10.3.1 needs hot-patch to prevent VCD cell crashes in multi-cell environments) |
|
|
This extension is intended to be installed into a Kubernetes cluster installed with VMware Cloud Director as a Cloud Provider, by a user that has the rights as described in the sections below.
cloud-director-named-disk-csi-driver is distributed as a container image hosted at Distribution Harbor as projects.registry.vmware.com/vmware-cloud-director/cloud-director-named-disk-csi-driver:<CSI version>.latest.
This driver is in a GA state and will be supported in production.
Note: This driver is not impacted by the Apache Log4j open source component vulnerability.
- VCD: VMware Cloud Director
- ClusterAdminRole: This is the role that has enough rights to create and administer a Kubernetes Cluster in VCD. This role can be created by cloning the vApp Author Role and then adding the following rights (details on adding the rights below can be found in the CSE docs):
- Full Control: CSE:NATIVECLUSTER
- Edit: CSE:NATIVECLUSTER
- View: CSE:NATIVECLUSTER
- ClusterAdminUser: For CSI functionality, there needs to be a set of additional rights added to the
ClusterAdminRoleas described in the "Additional Rights for CSI" section below. The Kubernetes Cluster needs to be created by a user belonging to this enhancedClusterAdminRole. For convenience, let us term this user as theClusterAdminUser.
In this section, we assume that the Kubernetes cluster is created using the Container Service Extension. However that is not a mandatory requirement.
The ClusterAdminUser should have view access to the vApp containing the Kubernetes cluster. Since the ClusterAdminUser itself creates the cluster, it will have this access by default.
This ClusterAdminUser needs to be created from a ClusterAdminRole with the following additional rights:
- Access Control =>
- User => Manage user's own API TOKEN
- Organization VDC => Create a Shared Disk
To upgrade CSI to the latest version (v1.2.0), please execute the following command
kubectl patch StatefulSet -n kube-system csi-vcd-controllerplugin -p '{"spec": {"template": {"spec": {"containers": [{"name": "vcd-csi-plugin", "image": "projects.registry.vmware.com/vmware-cloud-director/cloud-director-named-disk-csi-driver:1.2.0.latest"}]}}}}'
kubectl patch DaemonSet -n kube-system csi-vcd-nodeplugin -p '{"spec": {"template": {"spec": {"containers": [{"name": "vcd-csi-plugin", "image": "projects.registry.vmware.com/vmware-cloud-director/cloud-director-named-disk-csi-driver:1.2.0.latest"}]}}}}'| Feature | Support Scope |
|---|---|
| Storage Type | Independent Shareable Named Disks of VCD |
| Provisioning |
|
| Access Modes |
|
| Volume | Block |
| VolumeMode |
|
| Topology |
|
Please see CONTRIBUTING.md for instructions on how to contribute.