Cross-namespace storage data sources
Status
| Status | Min K8s Version | Max K8s Version | external-provisioner Version |
|---|---|---|---|
| Alpha | 1.26 | - | 3.4.0+ |
Overview
By default, a VolumeSnapshot is a namespace-scoped resource while a VolumeSnapshotContent is a cluster-scope resource.
Consequently, you can not restore a snapshot from a different namespace than the source.
With that feature enabled, you can specify a namespace attribute in the dataSourceRef. Once Kubernetes checks that access is OK, the new PersistentVolume can populate its data from the storage source specified in another
namespace.
See the Kubernetes Enhancement Proposal for more details on the background, design and discussions.
Usage
To enable this feature, cluster administrators must:
- Install a CRD for
ReferenceGrantssupplied by the gateway API project - Enable the
AnyVolumeDataSourceandCrossNamespaceVolumeDataSourcefeature gates for the kube-apiserver and kube-controller-manager - Install a CRD for the specific
VolumeSnapShotcontroller - Start the CSI Provisioner controller with the argument
--feature-gates=CrossNamespaceVolumeDataSource=true - Grant the CSI Provisioner with get, list, and watch permissions for
referencegrants(API groupgateway.networking.k8s.io) - Install the CSI driver
For more information about how to use the feature, visit the Kubernetes blog page.