From 2d2bd7f6deec6b04af80d7558e8573bf4e4aa807 Mon Sep 17 00:00:00 2001 From: Masaki Kimura Date: Tue, 5 Apr 2022 23:49:15 +0000 Subject: [PATCH] KEP-3294: Add proposal for provisioning volumes from cross-namespace snapshots --- keps/prod-readiness/sig-storage/3294.yaml | 6 + .../README.md | 1024 +++++++++++++++++ .../kep.yaml | 56 + 3 files changed, 1086 insertions(+) create mode 100644 keps/prod-readiness/sig-storage/3294.yaml create mode 100644 keps/sig-storage/3294-provision-volumes-from-cross-namespace-snapshots/README.md create mode 100644 keps/sig-storage/3294-provision-volumes-from-cross-namespace-snapshots/kep.yaml diff --git a/keps/prod-readiness/sig-storage/3294.yaml b/keps/prod-readiness/sig-storage/3294.yaml new file mode 100644 index 000000000000..14c671e9baf1 --- /dev/null +++ b/keps/prod-readiness/sig-storage/3294.yaml @@ -0,0 +1,6 @@ +# The KEP must have an approver from the +# "prod-readiness-approvers" group +# of http://git.k8s.io/enhancements/OWNERS_ALIASES +kep-number: 3294 +alpha: + approver: @wojtek-t diff --git a/keps/sig-storage/3294-provision-volumes-from-cross-namespace-snapshots/README.md b/keps/sig-storage/3294-provision-volumes-from-cross-namespace-snapshots/README.md new file mode 100644 index 000000000000..1d1edb09bf0d --- /dev/null +++ b/keps/sig-storage/3294-provision-volumes-from-cross-namespace-snapshots/README.md @@ -0,0 +1,1024 @@ + +# KEP-3294: Provision volumes from cross-namespace snapshots + + + + + + +- [Release Signoff Checklist](#release-signoff-checklist) +- [Summary](#summary) +- [Motivation](#motivation) + - [Goals](#goals) + - [Non-Goals](#non-goals) +- [Proposal](#proposal) + - [User Stories (Optional)](#user-stories-optional) + - [Story 1](#story-1) + - [Story 2](#story-2) + - [Notes/Constraints/Caveats (Optional)](#notesconstraintscaveats-optional) + - [Provisioning PVs from cross-namespace PVs](#provisioning-pvs-from-cross-namespace-pvs) + - [Risks and Mitigations](#risks-and-mitigations) + - [Secret Handling](#secret-handling) + - [Security](#security) +- [Design Details](#design-details) + - [Example flow of how this proposal works](#example-flow-of-how-this-proposal-works) + - [API](#api) + - [Populator implementation](#populator-implementation) + - [(a) inside the existing CSI external-provisioner](#a-inside-the-existing-csi-external-provisioner) + - [(b) as a separate populator](#b-as-a-separate-populator) + - [(1) Populate data from snapshot to provisioned PV](#1-populate-data-from-snapshot-to-provisioned-pv) + - [(2) Provision PV with data via CSI call](#2-provision-pv-with-data-via-csi-call) + - [Test Plan](#test-plan) + - [Graduation Criteria](#graduation-criteria) + - [Alpha](#alpha) + - [Beta](#beta) + - [GA](#ga) + - [Upgrade / Downgrade Strategy](#upgrade--downgrade-strategy) + - [Version Skew Strategy](#version-skew-strategy) +- [Production Readiness Review Questionnaire](#production-readiness-review-questionnaire) + - [Feature Enablement and Rollback](#feature-enablement-and-rollback) + - [Rollout, Upgrade and Rollback Planning](#rollout-upgrade-and-rollback-planning) + - [Monitoring Requirements](#monitoring-requirements) + - [Dependencies](#dependencies) + - [Scalability](#scalability) + - [Troubleshooting](#troubleshooting) +- [Implementation History](#implementation-history) +- [Drawbacks](#drawbacks) +- [Alternatives](#alternatives) +- [Infrastructure Needed (Optional)](#infrastructure-needed-optional) + + +## Release Signoff Checklist + + + +Items marked with (R) are required *prior to targeting to a milestone / release*. + +- [ ] (R) Enhancement issue in release milestone, which links to KEP dir in [kubernetes/enhancements] (not the initial KEP PR) +- [ ] (R) KEP approvers have approved the KEP status as `implementable` +- [ ] (R) Design details are appropriately documented +- [ ] (R) Test plan is in place, giving consideration to SIG Architecture and SIG Testing input (including test refactors) + - [ ] e2e Tests for all Beta API Operations (endpoints) + - [ ] (R) Ensure GA e2e tests for meet requirements for [Conformance Tests](https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/conformance-tests.md) + - [ ] (R) Minimum Two Week Window for GA e2e tests to prove flake free +- [ ] (R) Graduation criteria is in place + - [ ] (R) [all GA Endpoints](https://github.com/kubernetes/community/pull/1806) must be hit by [Conformance Tests](https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/conformance-tests.md) +- [ ] (R) Production readiness review completed +- [ ] (R) Production readiness review approved +- [ ] "Implementation History" section is up-to-date for milestone +- [ ] User-facing documentation has been created in [kubernetes/website], for publication to [kubernetes.io] +- [ ] Supporting documentation—e.g., additional design documents, links to mailing list discussions/SIG meetings, relevant PRs/issues, release notes + + + +[kubernetes.io]: https://kubernetes.io/ +[kubernetes/enhancements]: https://git.k8s.io/enhancements +[kubernetes/kubernetes]: https://git.k8s.io/kubernetes +[kubernetes/website]: https://git.k8s.io/website + +## Summary + + + +This KEP proposes a method for provisioning volumes from cross-namespace snapshots. + +## Motivation + + + +By using [volume snapshots feature](https://kubernetes.io/docs/concepts/storage/volume-snapshots/), users can provision volumes from snapshots. +However, it only works for the `VolumeSnapshot` in the same namespace, +therefore users can't provision a volume in one namespace from a `VolumeSnapshot` in the other namespace. +On the other hand, as discussed in other KEP PRs (https://github.com/kubernetes/enhancements/pull/643, +https://github.com/kubernetes/enhancements/pull/1112, and https://github.com/kubernetes/enhancements/pull/2849), there are use cases that require to share the `VolumeSnapshot` across namespaces. +For such use cases, this KEP proposes a method for provisioning volumes from cross-namespace snapshots. + +### Goals + + +- Provision of PVs from `VolumeSnapshot`s in other namespaces + +### Non-Goals + + +- Provision of PVs from PVCs in other namespaces (Please also see [Provisioning PVs from cross-namespace PVs](#provisioning-pvs-from-cross-namespace-pvs)) +- Copy or move of `VolumeSnapshot`s to other namespaces (Please also see [Alternatives](#alternatives)) +- Clone of `VolumeSnapshotContent`s + +## Proposal + + + +Define an API to specify a cross-namespace `VolumeSnapshot` as a `DataSourceRef` of a PVC and implement a generic populator for the API. + +- To specify a non-standard API as a `DataSourceRef` of a PVC, [AnyVolumeDataSource feature](https://kubernetes.io/blog/2021/08/30/volume-populators-redesigned/) is used, +- To specify a cross-namespace `VolumeSnapshot`, a new `VolumeSnapshotLink` CRD is introduced (Please also see [API](#api)), +- To restrict only allowed `VolumeSnapshot` to be consumed from other namespaces, [`ReferencePolicy` CRD](https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1alpha2.ReferencePolicy) is used, +- To actually populate a PV from a `VolumeSnapshot` referenced from `VolumeSnapshotLink` CRD, a populator for each CSI driver is used, +- As a reference populator implementation, [CSI external provisioner](https://github.com/kubernetes-csi/external-provisioner) is extended to handle the `VolumeSnapshotLink` CRD (Please also see [Populator implementation](#populator-implementation)). + +An initial discussion of this idea can be found [here](https://github.com/kubernetes/enhancements/pull/2849#issuecomment-949929595) and PoC implementation can be found [here](https://github.com/kubernetes/enhancements/pull/2849#issuecomment-958208039). + +### User Stories (Optional) + + + +#### Story 1 + +`VolumeSnapshot`s for PVCs in prod namespace are taken on a regular basis, PVCs are created from the `VolumeSnapshot`s in other test namespaces for testing. + +#### Story 2 + +The same `VolumeSnapshot`s are expected to be consumed as golden images from multiple namespaces. Using PVs as [VM images for KubeVirt](https://kubevirt.io/2020/KubeVirt-VM-Image-Usage-Patterns.html) is one of the examples of this use case. + +### Notes/Constraints/Caveats (Optional) + + + +#### Provisioning PVs from cross-namespace PVs + +The conclusion of the original discussion ([here](https://docs.google.com/document/d/17H1k4lqdtJwZSjNRaQue-FhMhyk14JA_MoURpoxha5Q/edit#bookmark=id.nj4e1ocn8b23) and [here](https://docs.google.com/document/d/17H1k4lqdtJwZSjNRaQue-FhMhyk14JA_MoURpoxha5Q/edit#bookmark=id.h1eqongxseo)) on transfer feature was that we should avoid implementing transfer of PVCs, because there will be more race conditions for PVs than snapshots. +However, we might have a room to reconsider if this cross-namespace-provision approach can solve the issue of race for PVCs, although transfer approach can't seems to resolve the issue easily. + +### Risks and Mitigations + + + +#### Secret Handling + +TBD: Unlike transfer feature, this idea doesn't require transfer of secert, but it may need to be discussed +(We would need to go back to discussion around https://github.com/kubernetes/enhancements/pull/2849#issuecomment-962168202). + +#### Security + +TBD: Use of `ReferencePolicy` should remove the risk, but it may need to be discussed +(We would need to check again for [the original use case of Gateway APIs](https://github.com/kubernetes/enhancements/pull/2849#issuecomment-919107307), and review if there are any security risks). + +## Design Details + + + +### Example flow of how this proposal works + +Let's use [Story 1](#story-1) as an example and let's assume: +- There are two namespaces, prod and test, +- Alice manages the prod namesapce and Bob manages the test namespace, +- Alice would like to allow `VolumeSnapshot` foo-backup in the prod namespace to be consumed in the test namespace for testing, +- Bob would like to create a PV for PVC foo-testing in the test namespace from the `VolumeSnapshot` foo-backup in the prod namespace. + +Once this proposal is implemented, it can be achieved by doing the following steps: + +1. In the prod namespace, Alice creates a `ReferencePolicy` bar that allows referencing to the `VolumeSnapshot` foo-backup in the prod namespace from any `VolumeSnapshotLinks` in the test namespace, + ```yaml + apiVersion: gateway.networking.k8s.io/v1alpha2 + kind: ReferencePolicy + metadata: + name: bar + namespace: prod + spec: + from: + - group: snapshot.storage.k8s.io/v1alpha1 + kind: VolumeSnapshotLink + namespace: test + to: + - group: snapshot.storage.k8s.io/v1 + kind: VolumeSnapshot + name: foo-backup + ``` +2. In the test namespace, Bob creates a `VolumeSnapshotLink` foo-link that references the `VolumeSnapshot` foo-backup in the prod namespace as a source, + ```yaml + apiVersion: snapshot.storage.k8s.io/v1alpha1 + kind: VolumeSnapshotLink + metadata: + name: foo-link + namespace: test + spec: + source: + name: foo-backup + namespace: prod + ``` +3. In the test namespace, Bob creates a `PersistentVolumeClaim` foo-testing that references the `VolumeSnapshotLink` foo-link as a data source, + ```yaml + apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + name: foo-testing + namespace: test + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Mi + dataSourceRef: + apiGroup: snapshot.storage.k8s.io/v1alpha1 + kind: VolumeSnapshotLink + name: foo-link + volumeMode: Filesystem + ``` +4. Once the populator finds a `VolumeSnapshotLink` is specified as `dataSourceRef`, it checks all `ReferencePolicys` in `VolumeSnapshotLink.spec.source.namespace` to see if populating the `VolumeSnapshotLink.spec.source` is allowed. If it is allowed, the populator populates the volume. + +### API + +A new `VolumeSnapshotLink` CRD is introduced in `snapshot.storage.k8s.io` API group: + +```golang +type VolumeSnapshotLink struct { + metav1.TypeMeta `json:",inline"` + // +optional + metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` + + Spec VolumeSnapshotLinkSpec `json:"spec" protobuf:"bytes,2,opt,name=spec"` +} + +type VolumeSnapshotLinkList struct { + metav1.TypeMeta `json:",inline"` + // +optional + metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` + + Items []VolumeSnapshotLink `json:"items" protobuf:"bytes,2,rep,name=items"` +} + +// VolumeSnapshotLinkSpec describes attributes of a volume snapshot link. +type VolumeSnapshotLinkSpec struct { + // This field is immutable after creation. + Source VolumeSnapshotLinkSource `json:"source" protobuf:"bytes,1,opt,name=source"` +} + +// VolumeSnapshotLinkSource specifies a reference to VolumeSnapshot. +type VolumeSnapshotLinkSource struct { + Name string `json:"name" protobuf:"bytes,1,opt,name=name"` + Namespace string `json:"namespace" protobuf:"bytes,2,opt,name=namespace"` +} +``` + +### Populator implementation + +The populator logic can be implemented either [(a) inside the existing CSI external-provisioner](#a-inside-the-existing-csi-external-provisioner) or [(b) as a separate populator](#b-as-a-separate-populator). +Cluster admins can choose which implementation to be used per CSI driver basis. +As a reference implementation, only (a) will be implemented in the community. + +Regardless of the implementation, +- `VolumeSnapshotLink` CRD and `ReferencePolicy` CRD must exist in the cluster before the populator is deployed. +- `VolumePopulator` CRD to allow popluating from `VolumeSnapshotLink` CRD needs to be created to enable this feature, as AnyVolumeDataSource feature defines. The `VolumePopulator` CRD needed for this feature will be as follows: +```yaml +kind: VolumePopulator +apiVersion: populator.storage.k8s.io/v1beta1 +metadata: + name: volumesnapshotlink +sourceKind: + group: snapshot.storage.k8s.io + kind: VolumeSnapshotLink +``` + +#### (a) inside the existing CSI external-provisioner + +Once populator is implemented inside the existing CSI external-provisioner, the CSI external provisioner: +- Handles `VolumeSnapshotLink` CRD and `ReferencePolicy` CRD, +- Checks if `VolumeSnapshotLink` is specified as `DataSourceRef`: + - If specified, check if the access to the `VolumeSnapshot` referenced by the `VolumeSnapshotLink` is allowed by any `ReferencePolicy`s: + - If allowed, use the `VolumeSnapshot` as a SnapshotSource to pass to the CSI driver for provision. + +To enable this feature in CSI external provisioner, `--cross-namespace-snapshot=true` +command line flag needs to be passed to the provisioner for each CSI plugin. + +#### (b) as a separate populator + +There will be two approaches to implement as a separate populator: +- [(1) Populate data from snapshot to provisioned PV](#1-populate-data-from-snapshot-to-provisioned-pv) +- [(2) Provision PV with data via CSI call](#2-provision-pv-with-data-via-csi-call) + +##### (1) Populate data from snapshot to provisioned PV + +This is a straightforward implementation that AnyVolumeDataSource feature defines. +Developers will be able to utilize lib-volume-populator to implement this way. +One of the challenges to achieve it will be how to actually copy the data from a snapshot in one namespace to an already provisioned PV that will need to be bound to a PVC in the other namespace. + +A naive implementation will be: +1. Create another PV from the snapshot in the snapshot's namespace, +2. Copy the data from the PV to somewhere accessible from any namespaces, +3. Copy the data in step 2 to the originally intended PV, +4. Delete the temporary data in step 1 and step 2. + +If the naive implementation is used, unintended transient states, for example a temporary PVC in the snapshot namespace, may be visible to users. +Also, there may be performance issues depending on where and how data is copied. + +On the other hand, althoguh it completely depends on the implementation, this approach can have advantages, like the ability to populate volumes from snapshot across different CSI drivers or the ability to efficiently copy data by using CSI driver specific way. + +There will be no generic way to implement by using this approach, because the implementations rely too much on backup tools or CSI drivers. +Therefore no community implementation of this approach will be provided. + +##### (2) Provision PV with data via CSI call + +Current CSI external provisioners provision volume regardless of the data source, therefore populators need to populate data to already provisioned PVs. +However, this behavior may be changed and provisioners may offload provisioning to populators for PV with `VolumeSnapshotLink` CRD data source. + +The implementation of provisioner and populator of this approach will be as follows: + +- Provisioner: + - Handles `VolumeSnapshotLink` CRD, + - Checks if `VolumeSnapshotLink` is specified as `DataSourceRef`: + - If specified, skip provisioning the volume + +- Populator: + - Handles `VolumeSnapshotLink` CRD and `ReferencePolicy` CRD, + - Checks if `VolumeSnapshotLink` is specified as `DataSourceRef`: + - If specified, check if the access to the `VolumeSnapshot` referenced by the `VolumeSnapshotLink` is allowed by any `ReferencePolicy`s: + - If allowed, use the `VolumeSnapshot` as a SnapshotSource to pass to the CSI driver for provision. + +The above implementation is just separating the logics in approach (a) to two components, and it won't help improve efficiency nor simplify implementations. +Therefore, the description in this section is just for discussion purpose and won't be implemented. + +### Test Plan + + + +- For Alpha, unit tests and e2e tests for provisioning PV from `VolumeSnapshotLink` are added. + - unit tests: + - feature enabeld case: + - Verify that PV is provisioned from VS in other namsepace if allowed by ReferencePolicy + - Verify that PV isn't provisioned from VS in other namsepace if not allowed by ReferencePolicy + - feature disabled case: + - Verify that provisioning from VolumeSnapshotLink returns error if the feature is disabled + - e2e tests: + - Verify that PV is provisioned from VS in other namsepace if allowed by ReferencePolicy + - Verify that PV isn't provisioned from VS in other namsepace if not allowed by ReferencePolicy +- For Beta, scalability tests are added to exercise this feature. +- For GA, the introduced e2e tests will be promoted to conformance. + +### Graduation Criteria + + + +#### Alpha + +- Feature implemented behind a non-default command line flag of CSI external-provisioner +- Initial e2e tests completed and enabled + +#### Beta + +- Gather feedback from developers and surveys +- Additional tests are in Testgrid and linked in KEP + +#### GA + +- Allowing time for feedback + +**Note:** Generally we also wait at least two releases between beta and +GA/stable, because there's no opportunity for user feedback, or even bug reports, +in back-to-back releases. + +**For non-optional features moving to GA, the graduation criteria must include +[conformance tests].** + +[conformance tests]: https://git.k8s.io/community/contributors/devel/sig-architecture/conformance-tests.md + +### Upgrade / Downgrade Strategy + + + +- Upgrade: + - Method: Do both of the below operations: + - Specify `--cross-namespace-snapshot=true` command line flag of CSI external-provisioner + - Create `VolumePopulator` CRD to allow popluating from `VolumeSnapshotLink` CRD + - Behavior: + - Provisioning volumes from snapshots in other namespaces is enabled. +- Downgrade: + - Method: Do both of the below operations: + - Specify `--cross-namespace-snapshot=false` command line flag of CSI external-provisioner + - Delete `VolumePopulator` CRD to deny popluating from `VolumeSnapshotLink` CRD + - Behavior: + - Provisioning volumes from snapshots in other namespaces is disabled. + +### Version Skew Strategy + + + +## Production Readiness Review Questionnaire + + + +### Feature Enablement and Rollback + + + +###### How can this feature be enabled / disabled in a live cluster? + + + +- [x] Other + - Describe the mechanism: + - Will enabling / disabling the feature require downtime of the control + plane? No. + - Will enabling / disabling the feature require downtime or reprovisioning + of a node? (Do not assume `Dynamic Kubelet Config` feature is enabled). No. + +###### Does enabling the feature change any default behavior? + + + +Yes, `VolumeSnapshotLink` CRD can be used as a `DataSourceRef` for provisioning PV. + +###### Can the feature be disabled once it has been enabled (i.e. can we roll back the enablement)? + + + +Yes, by specifying `--cross-namespace-snapshot=false` command line flag of CSI external-provisioner, and deleting `VolumePopulator` CRD to deny popluating from `VolumeSnapshotLink` CRD. + +###### What happens if we reenable the feature if it was previously rolled back? + +`VolumeSnapshotLink` CRD can be used as a `DataSourceRef` for provisioning PV, again. + +###### Are there any tests for feature enablement/disablement? + + + +Yes, unit tests cover scenarios where the feature is disabled or enabled. + +### Rollout, Upgrade and Rollback Planning + + + +###### How can a rollout or rollback fail? Can it impact already running workloads? + + + +###### What specific metrics should inform a rollback? + + + +###### Were upgrade and rollback tested? Was the upgrade->downgrade->upgrade path tested? + + + +###### Is the rollout accompanied by any deprecations and/or removals of features, APIs, fields of API types, flags, etc.? + + + +### Monitoring Requirements + + + +###### How can an operator determine if the feature is in use by workloads? + + + +###### How can someone using this feature know that it is working for their instance? + + + +- [ ] Events + - Event Reason: +- [x] API .status + - Condition name: `Bound` for a PV that is provisioned from a PVC referencing `VolumeSnapshotLink` + - Other field: +- [x] Other (treat as last resort) + - Details: Check if a `VolumePopulator` CRD to allow popluating from `VolumeSnapshotLink` CRD exists. + +###### What are the reasonable SLOs (Service Level Objectives) for the enhancement? + + + +###### What are the SLIs (Service Level Indicators) an operator can use to determine the health of the service? + + + +- [x] Metrics + - Metric name: TBD (Need to discuss if existing metrics for "claims" queue is sufficient). + - [Optional] Aggregation method: prometheus + - Components exposing the metric: CSI external-provisioner for each CSI plugin + +###### Are there any missing metrics that would be useful to have to improve observability of this feature? + + + +Existing metrics only provides number of claims remains in the queue and number of retries for the claims. +To identify what kind of data source was specified for the claim with errors, per data source type metrics may be needed. + +### Dependencies + + + +###### Does this feature depend on any specific services running in the cluster? + + + +- Features: + - CSI feature ([GA](https://kubernetes.io/blog/2019/01/15/container-storage-interface-ga/) in v1.13) + - AnyVolumeDataSource feature ([Beta](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.24.md#api-change) in v1.24) + +- Services: + - CSI external provisioner and CSI plugins + - Usage description: + - Impact of its outage on the feature: The PV isn't provisioned. + - Impact of its degraded performance or high-error rates on the feature: Provision of PV becomes slow or error. + - volume-data-source-validator + - Usage description: + - Impact of its outage on the feature: The PV isn't populated. + - Impact of its degraded performance or high-error rates on the feature: Populating PV becomes slow or error. + +### Scalability + + + +###### Will enabling / using this feature result in any new API calls? + + +- GET `VolumeSnapshotLink` API call: + - originating component(s): CSI external-provisioner + - this API call is triggered once in each [`Provision` call](https://github.com/kubernetes-csi/external-provisioner/blob/master/pkg/controller/controller.go#L719) in CSI external-provisioner when `VolumeSnapshotLink` is referenced from PVC. +- GET(LIST) `ReferencePolicy` API call: + - originating component(s): CSI external-provisioner + - this API call is triggered once in each [`Provision` call](https://github.com/kubernetes-csi/external-provisioner/blob/master/pkg/controller/controller.go#L719) in CSI external-provisioner when `VolumeSnapshotLink` is referenced from PVC. + +###### Will enabling / using this feature result in introducing new API types? + + + +- API type: `VolumeSnapshotLink` CRD +- Supported number of objects per namespace (for namespace-scoped objects): TBD +(Estimated maximum number is the number of `VolumeSnapshot`s that should be shared across namespace or +the number of PVs per namespace). + +###### Will enabling / using this feature result in any new calls to the cloud provider? + + + +No. + +###### Will enabling / using this feature result in increasing size or count of the existing API objects? + + + +No. + +###### Will enabling / using this feature result in increasing time taken by any operations covered by existing SLIs/SLOs? + + + +No. + +Currently, no SLIs/SLOs are defined for PV provisioning, but no performance change is expected for existing PV provisioning by this feature. +For a new provisioning from cross-namespace snapshot, it may take more time than existing PV provisioning due to the extra API calls. + +###### Will enabling / using this feature result in non-negligible increase of resource usage (CPU, RAM, disk, IO, ...) in any components? + + + +No. + +### Troubleshooting + + + +###### How does this feature react if the API server and/or etcd is unavailable? + +Existing PV provisioning also fails. + +###### What are other known failure modes? + + + +###### What steps should be taken if SLOs are not being met to determine the problem? + +## Implementation History + + + +## Drawbacks + + + +## Alternatives + + + +- Implement transfer feature for `VolumeSnapshot`: + - Pros: + - Can have more control over the transferred `VolumeSnapshot`, like modifying and deleting + - Can potentially be used to directly clone the `VolumeSnapshot` to other namespaces for [backup use case](https://github.com/kubernetes/enhancements/pull/2849#issuecomment-957693334) + - Cons: + - Need to handle [race conditions](https://github.com/kubernetes/enhancements/pull/2849#discussion_r682057570) + - Need to consider [referenced Secrets](https://github.com/kubernetes/enhancements/pull/2849#discussion_r692459041) from snapshot after transferred + +## Infrastructure Needed (Optional) + + diff --git a/keps/sig-storage/3294-provision-volumes-from-cross-namespace-snapshots/kep.yaml b/keps/sig-storage/3294-provision-volumes-from-cross-namespace-snapshots/kep.yaml new file mode 100644 index 000000000000..c94244be3e5a --- /dev/null +++ b/keps/sig-storage/3294-provision-volumes-from-cross-namespace-snapshots/kep.yaml @@ -0,0 +1,56 @@ +title: Provision volumes from cross-namespace snapshots +kep-number: 3294 +authors: + - "@Elbehery" + - "@mkimuram" +owning-sig: sig-storage +participating-sigs: + - sig-storage +status: provisional +creation-date: 2022-04-06 +reviewers: + - "@xing-yang" + - "@mhenriks" + - "@jsafrane" + - "@bswartz" +approvers: + - "@xing-yang" + - "@jsafrane" + - "@saad-ali" + +##### WARNING !!! ###### +# prr-approvers has been moved to its own location +# You should create your own in keps/prod-readiness +# Please make a copy of keps/prod-readiness/template/nnnn.yaml +# to keps/prod-readiness/sig-xxxxx/00000.yaml (replace with kep number) +#prr-approvers: + +see-also: + - "/keps/sig-storage/1495-volume-populators" + +# The target maturity stage in the current dev cycle for this KEP. +stage: alpha + +# The most recent milestone for which work toward delivery of this KEP has been +# done. This can be the current (upcoming) milestone, if it is being actively +# worked on. +latest-milestone: "v1.25" + +# The milestone at which this feature was, or is targeted to be, at each stage. +milestone: + alpha: "v1.25" + beta: "v1.26" + stable: "v1.28" + +# The following PRR answers are required at alpha release +# List the feature gate name and the components for which it must be enabled +#feature-gates: +# - name: MyFeature +# components: +# - kube-apiserver +# - kube-controller-manager +#disable-supported: true + +# The following PRR answers are required at beta release +#metrics: +# - my_feature_metric