diff --git a/contributors/design-proposals/storage/container-storage-interface.md b/contributors/design-proposals/storage/container-storage-interface.md index 7c459badc20..44cbf032bec 100644 --- a/contributors/design-proposals/storage/container-storage-interface.md +++ b/contributors/design-proposals/storage/container-storage-interface.md @@ -83,7 +83,13 @@ This document recommends a standard mechanism for deploying an arbitrary contain #### Kubelet to CSI Driver Communication -Kubelet (responsible for mount and unmount) will communicate with an external “CSI volume driver” running on the same host machine (whether containerized or not) via a Unix Domain Socket. The Unix Domain Socket will be registered with kubelet using the [Device Plugin Unix Domain Socket Registration](https://github.com/kubernetes/community/blob/master/contributors/design-proposals/resource-management/device-plugin.md#unix-socket) mechanism. This mechanism will need to be extended to support registration of CSI volume drivers. +Kubelet (responsible for mount and unmount) will communicate with an external “CSI volume driver” running on the same host machine (whether containerized or not) via a Unix Domain Socket. + +The Unix Domain Socket will be registered with kubelet using the [Device Plugin Unix Domain Socket Registration](https://github.com/kubernetes/community/blob/master/contributors/design-proposals/resource-management/device-plugin.md#unix-socket) mechanism. This mechanism will need to be extended to support registration of CSI volume drivers. + +Upon initialization of the external “CSI volume driver”, some external component should call `GetNodeId` to get the mapping from Kubernetes NodeId to CSI driver NodeId. It should then add the CSI driver NodeId as a label to the Kubernetes Node API object. The key of the label should be `csi.volume.kubernetes.io//nodeID`. This will enable the component that will issue `ControllerPublishVolume` calls to use the label as a mapping from cluster node ID to storage node ID. + +The Kubernetes team will provide a helper container that can manage the UDS registration and NodeId initialization (see “Recommended Mechanism for Deployment” below for details). #### Master to CSI Driver Communication @@ -111,13 +117,12 @@ Attach/detach operations must also be handled by an external component (an “at More specifically, an external “attacher” must watch the Kubernetes API on behalf of the external CSI volume driver to handle attach/detach requests. -Upon initialization the `external-attacher` should call `GetNodeId` for each node in the cluster and create a mapping from cluster node ID to storage node ID. When issuing `ControllerPublishVolume` calls it should use the mapping. - Once the following conditions are true, the external-attacher should call `ControllerPublishVolume` against the CSI volume driver to attach the volume to the specified node: 1. A new `VolumeAttachment` Kubernetes API objects is created by Kubernetes. 2. The `VolumeAttachment.Spec.Attacher` value in that object corresponds to the name of the external attacher. 3. The `VolumeAttachment.Status.IsAttached` value is not yet set to true. +4. A Kubernetes Node API object exists with the name matching `VolumeAttachment.Spec.NodeName` and that object contains a `csi.volume.kubernetes.io//nodeID` label corresponding to the CSI volume driver so that the CSI Driver’s NodeId mapping can be retrieved and used in the `ControllerPublishVolume` calls. If the operation completes successfully, the external-attacher will: @@ -335,7 +340,7 @@ To deploy a containerized third-party CSI volume driver, it is recommended that * A DaemonSet will ensure that 1 instance of the pod is deployed on every node (to facilitate communication from every instance of kubelet). * Contain the following containers * The “CSI volume driver” container created by the storage vendor. - * The “Kubernetes CSI Helper” container provided by the Kubernetes team responsible for registering the unix domain socket with kubelet. + * The “Kubernetes CSI Helper” container provided by the Kubernetes team responsible for registering the unix domain socket with kubelet and NodeId initialization. * Have the following volumes: * `hostpath` volume * Expose `/var/lib/kubelet/device-plugins/kubelet.sock` from the host.