►
From YouTube: Kubernetes SIG Storage - PVC/VolumeSnapshot Namespace Transfer Design Meeting 20210712
Description
Kubernetes Storage Special-Interest-Group (SIG) PVC/VolumeSnapshot Namespace Transfer Design Meeting - 12 July 2021
Meeting Notes/Agenda: -
Find out more about the Storage SIG here: https://github.com/kubernetes/community/tree/master/sig-storage
A
A
A
Okay,
so
just
I
put
the
bullet
points
here
to
summarize,
what
was
finding
you?
Can
you
have
access
to
the
document?
There
is
a
link
for
the
kit,
so
basically
everything
will
be
to
allow
the
bbc's
to
be
between
transfer
between
name
spaces,
so
the
pve
will
stay
the
same,
but
we
will
do
transfers
for
the
pvcs
they
would.
A
He
started
here
and
he
proposed
another
crd,
which
would
be
storage,
transfer,
request
and
storage
transfer
approval
and
and
then
there
will
be
a
controller
which
will
detect
like
if
there
is
a
match
and
once
there
is
a
match,
the
transfer
will
be
initiated
and
again
the
pv
as
the
pv
will
be
updated.
Accordingly,
the
source
pvc
will
be
deleted
and
the
target
one
will
be
created.
A
He
also
commented
that
this
instead
of
having
these
changes
in
the
api
itself,
we
can
have
crds,
which
has
a
storage
transfer,
request
and
storage
transfer
approval,
and
then
we
will
have
external
controller
instead
of
editing
the
pv
c
controller
entry.
You
have
external
controller
to
take
care
of
this
transfer
request
approval
and
it
will
maintain
the
conditions
and
open
the
condition
will
be
matched
it
will
initiate
a
transfer.
A
A
Okay,
so
this
is
a
crd
for
storage
transfer
request.
It
will
have
the
namespace
the
target
namespace
and
the
target
name,
and
also
the
source
namespace
that's
coming
from
the
pvc.
Sorry,
the
transfer
will
happen
and
there
will
be
approval.
That's
happening
from
that
from
the
other
side
from
the
namespace
that
will
be
receiving
the
pvc,
and
this
is
a
crd
for
the
storage
transfer
approval
and
it
will
have
also
a
similar
similar
to
the
crd
of
the
exploration
request.
But
of
course
we
will
have.
A
You
know
we'll
swap
the
approvals
the
target
name,
space
and
source
name
space,
the
condition
that
the
transfer
will
be
initiated
open
are
listed
here.
So
he
assumes
that
r
refers
to
request
and
a
refers
to
approval,
and
once
these
conditions
are
matched,
then
we
can
go
ahead
and
start
transferring.
A
Also,
he
emphasized
that
once
the
matching
is
complete
and
we
start
transcript
process
then
before
before
we
start
transfer
or
one
of
the
things
that
we
have
to
do
is
to
change
the
claim
policy
of
the
pv
to
retain.
So
we
make
sure
it
will
not
be
gone
by
when
the
original
or
the
source
name.
Pvc
will
be
deleted.
A
We
will
delete
the
pvc
as
a
source
one,
and
then
we
will
bind
the
pv
to
the
target.
Pvc,
sorry
yeah
to
the
name
space
and
then
we'll
create
the
pvc
which
will
have
the
same
respects
of
the
original
one
and
how
we
bind
to
the
pv
and
then,
after
that
we
can
change
back
the
claim
policy
to
the
original
one.
A
A
B
C
B
C
D
E
C
Yeah
so
so
I
started
working
on
something
around
these
way
of
red
hat
and
the
way
that
I
started
it
was.
I
had
a
cluster
scope
resource
where
you
could
just
define
everything
and
then
I
layered
name
space
scope
resources.
On
top
of
that
I
mean
that's
just
an
implementation
detail,
but
I
think
ultimately
you
want
the
name
space.
F
A
A
Yeah,
so
just
to
make
sure
that
we
are
on
the
same
page,
so
these
are
the
crds
and
then
christian
huffman
continued.
This
work
expanding
also
on
not
only
in
pvcs
but
also
to
one
snapshot,
and
he
also
follows
the
same
approach
as
having
crds.
As
you
can
see.
It's
almost
the
same
just
add
some
things
that
specific
to
the
secrets,
which
are
part
part
of
the
storage
class,
but
I
think
it's
the
same
approach
mainly
and
even
the
same
conditions.
A
He
just
added
some
things
like,
instead
of
instead
of
having
yeah,
we
can
have
a
finalizer
to
make
sure
that
the
bbc
source
will
be
deleted
instead
of
deleting
it
manually.
Also.
He
said
that
we
set
the
claim
policy,
as
michael
said,
yeah,
and
then
we
just
wait
for
the
pods
to
start
consuming
and
do
the
binding
and
again
reset
the
same
claim
policy
and
remove
the
finalizer.
So
we
have
a
normal
ppc
specifically
for
for
this
work,
evolving
snapshot.
A
We
would
create
the
snapshot
instead
of
the
pv
networking
space
and
do
the
binding
with
the
content.
Sorry
yeah,
one
snapshot
instead
of
pvc
and
the
volume
natural
content
instead
of
pv,
will
be
bind
to
this
on
snapshot,
and
then
we
will
delete
the
source.
One.
The
caveat
here
is
that
the
external
snap
shelter
will
be
need
to
update
the
immutability
of
some
fields.
These
are
immutable
right
now,
but
we
would
have
if
we
would
go
this
approach.
B
B
B
A
Yeah
exactly,
but
instead
of
having
annotations,
he
just
added
sync
like
some
specs
to
the
pvc
specifically
to
be
on
the
same
page.
He
added
the
async,
expect
transfer
destination,
namespace
and
destination
name
and
the
source
name,
space
and
source
name.
Also,
he
added
the
status
condition
type
because
we
would
need
this
while
doing
the
binding
and
transferring
he
actually
already
implemented
poc
for
the
ideal
case,
not
any
corner
case,
and
he
had
some
tests
correct.
A
A
A
So
he
has
to
check
the
status
first
and
then
he
has
to
change
the
condition.
I
think
there
is
actually
better
approach.
I
think
it's
more
clear
here.
If
you
can
see
he
clarified
this
with
comments
here
and
the
interaction
diagram
shows
this
very
clearly.
So
the
user
a
will
have
a
pvc.
A
and
user
b
will
have
bbc
b.
A
As
you
can
see
here,
the
condition
like
there's
a
phase
and
condition
both
we
check
for
both.
So
here
he's
here's
a
condition
is
bound,
but
sorry
the
phase
is
bound,
but
the
condition
is
transferring,
and
here
the
phase
is
bending
waiting
for
it
to
be
transferred,
but
the
condition
is
receiving
here
after
it's
already
bound.
So
we
have
to
unbind
this
from
the
pvc
a
so
we
just
set
it
to
lost
and
already
transferred,
and
then
we
can
go
ahead
and
declare
this
as
bound
to
the
bbcb.
A
A
However,
the
last
thing
was
that
he
like
just
wanted
to
show
you
that
he
had
already
poc,
so
he
actually,
this
one
was
the
main
thing,
the
biggest
changes
and
he
just
checked
for
conditions
in
the
attached
touch,
controller
and
the
pve
controller
and
open
these
conditions.
He
implements
the
changes
and
also
he
did
not
actually
make
a
lot
of
changes
inside
because
he
used
the
util
functions
which
take
a
bbc
or
pv
and
do
the
most
of
the
logic.
A
From
his
point
of
view,
this
is
actually
a
working
implementation,
but
it's
in
my
opinion.
We
have
to
make
changes
for
the
entry
and
I
think
the
crb
approach
is
better.
Maybe
it's
quite
harder
to
implement,
but
it's
much
more
bitter
and
I
just
want
to
go
yeah
to
here
where
he
proposed
exchange
yeah.
So
this
is
a
most
recent
changes
for
this
kit
and
I
would
like
to
hear
from
you
your
opinions
and
how
we
can
proceed
with
that.
From
your
point
of
view,.
E
I'm
fairly
new,
but
but
thank
you
so
much
mustafa
for
the
summary
you
have
given
the
from
my
point
of
view
again
very
new.
I
feel
that
transferring
ownership
over
storage
volume
we
have
to
be
very
careful
on
that
because
of
the
security
implement
situations
that
we
could
cause
by
transferring
the
ownership
of
some
data
volume
to
from
one
namespace
to
another.
So
I
I
really
like
the
acceptance
model
because
it
is
trackable,
it's
audible
and
it
it
kind
of
maintains
a
level
of
security.
E
Saying
I
allow
this
volume
to
be
transferred.
I
understand
that
we
can
transfer.
You
know
with
the
other
models,
but
from
a
multi-tenant
point
of
view,
I
I
feel
that
is
very
necessary
to
be
very
careful
on
how
we
do
that.
So
I
I
like-
and
I'm
not
talking
about
implementation,
I'm
talking
about
mainly
the
usability
of
it.
I
I
feel
that
you
know
it
feels
better
to
have
that
type
of
model.
It's
almost
like
a
cert
request,
an
acceptance
model
there
it's
already
in
kubernetes.
G
Yeah,
I
know
I
know
when
we
when
we
initially
started
looking
at
this
one
of
the
one
of
the
reasons
for
the
the
cr
and
the
transfer
requests
and
stuff
like
that
was,
was
exactly
that.
That
was
actually
a
big
part
of
it.
A
big
part
of
it
was
one
being
very
explicit
in
in
actually
making
one
of
these
transfers
take
place,
but
the
other
was
also
in
terms
of
it
gave
an
audit
trail
in
terms
of
the
objects
that
were
created
in
the
events
and
everything
else.
G
Now
I
I
don't
know
I
mean
you
may
be
able
to
achieve
that
same
thing
with
with
the
alternate
proposal
of
just
modifying
the
pvc.
That's
certainly
neat,
for
some
reason.
It
just
seems
to
me.
We
talked
about
that
and
I
thought
it
was
something
we
decided
wasn't
doable
or
a
good
idea,
but
things
change.
C
The
other
thing
about
the
api
is
just.
It
applies
to
many
types.
Obviously,
the
p,
the
pvc
one
is
specific
to
pvc
editing.
You
know
the
people
so
having
a
generic
kind
of
transfer
api
could
be
useful
for
more
resources,
different
resource
types,
so
you
know
the
pvc
and
snapshot
api
would
basically
be
the
same.
C
G
B
A
B
Okay,
so
the
implementation-
I
think
this
can
be.
This
can
be
an
external
controller
right.
It
does
not
have
to
be
added
if
okay,
so
if
we
are
doing
this
indentation
using
the
approach
that
modify
the
pvc
itself,
then
it
has
to
be
intriguing.
Modifying
the
entry
controller
mustafa
does
the
okay.
I
actually
did
not
look
at
the
the
poc,
the
third
with
the
which
time
is
it
the
fourth
attempt
actually
brought
up
by
osaka?
A
G
G
B
G
D
C
So,
if
you
know
at
one
moment
the
you
know,
no
pods
are
using
the
pvc
and
then
you
start
this
transfer
process
and
then
a
pod
starts
using
the
pvc
you're
going
to
have
to
you
may
be.
You
know
in
the
middle
of
a
transfer,
then
you're
going
to
have
to
wait
for
that
pvc
to
become
unbound
again,
where
you
wouldn't
get
in
such
states.
If
it
was
in
the
pv
controller,
probably.
B
C
B
B
C
C
Yeah,
so
I
there's
definitely
yeah,
so
we
basically
have
to
wait
until
no
pods
are
using
the
pvc
and
then
delete
the
source.
Pvc
and
then
once
that
thing
is
really
gone,
is
when
you
know
that
no
no
one
else
is
using
it,
and
then
you
can
create
the
new
pvc
and
up
you
know,
update
the
pv
reference
and
all
that.
B
B
G
G
This
transfer
process
kicks
off
or
or
at
least
it
starts,
but
at
the
same
time-
or
you
know,
milliseconds
or
seconds
after
or
whatever
another
pod
is,
is
launched
that
attaches
that
pvc,
so
you've
got
a
scenario
there
where,
where
bad
things
can
happen
right,
what
I
was
going
to
do
is
actually
just
cheat
and
reuse
the
in-use
status
and
and
say
that
it
was
in
use
by
the
by
the
transfer
process.
I
don't
that's
not
very
it's
not
very
cool,
but.
B
C
B
D
B
A
B
B
C
B
A
C
Yeah
yeah,
I
I
closed
out
my
cap
because
I
thought
christian
huffman
was
continuing
it,
but
if
someone
else
wants
to
create
a
new
one
or
or
I
reopen
mine
and
or
I
don't
know,
we
can
say
bernie's
offline
or
something,
but
I
stepped
away
from
this
for
a
while,
but
I'm
willing
to
come
in
and
and
help
a
little
bit
now.
If
you
know,
if
that's
good
to
whoever
is
wants
to
be
in
charge
of
things
now,.
A
A
F
C
The
main
thing
that
I
encountered
in
implementing
this
was
there
were
certain
time
in
times
when
you
would
could
make
some
metadata
updates
and,
like
the
pb
controller,
would
generate
an
event
that
you
probably
don't
want.
So
I
had
to
make
sure
to
get
the
order
of
things
correct
so
that
they
weren't
ever
like
two
pvcs
pointing
to
the
same
pb.
That
would
signal
an
event
I
think,
but
yeah.
So
I
can
kind
of
write
down
my
learnings
in
this
document
or
some
other
document.
B
B
D
No,
I
think
when,
when
we're
getting
closer
to
actually
getting
a
design
ready
for
review,
I
think
it
would
also
be
good
to
just
have
a
section
talking
about
the
previous
and
alternate
designs,
and
you
know
pros
and
cons
and
sort
of
why
we
decided
to
go
with
this
approach.
I
think
that
would
be
helpful
for
the
reviewers.