►
From YouTube: Kubernetes SIG Storage 20201008
Description
Kubernetes Storage Special-Interest-Group (SIG) Meeting - 08 October 2020
Meeting Notes/Agenda: https://docs.google.com/document/d/1-8KEG8AjAgKznS9NFm3qWqkGyCHmvU6HVl0sk5hwoAE/edit#heading=h.2qp3jl8ida2t
Find out more about the Storage SIG here: https://github.com/kubernetes/community/tree/master/sig-storage
Moderator: Saad Ali (Google)
A
All
right
today
is
october
8
2020.
This
is
the
meeting
of
the
kubernetes
storage
special
interest
group.
As
a
reminder,
this
meeting
is
public
recorded
and
posted
on
youtube
on
the
agenda.
Today
we
have
q2.
Well,
I
guess
this
is
no
longer
q2.
This
is
q3
q4
planning
for
the
1.20
release,
we're
going
to
go
through
the
items
that
we
have
in
our
planning
spreadsheet
and
get
status
updates
from
folks
important
dates
to
keep
in
mind.
A
A
A
If
you
have
anything
that
you
want
to
discuss
outside
of
status,
updates,
feel
free
to
add
them
to
the
agenda
and
once
we're
done
with
planning
we'll
come
back
to
that
with
that,
let's
go
ahead
and
jump
into
the
storage
planning,
spreadsheet
and
start
getting
status.
Updates,
I'm
going
to
create
a
new
entry
here
for
the
currents
to
status
to
the
left.
A
A
No
worries
we'll
we'll
come
back
to
that.
A
A
D
Yeah,
so
in
in
120
timeline,
we
are
working
on
bug,
fixing
the
read,
write
many
and
the
volume
deletion
pvc
being
deleted
and
getting
kept
finalized
for
recovery
from
resize
failure,
because
the
inline
cap
inline
pod,
resizing
cap
is
still
discussions
are
ongoing
and
we
would
like
to
update
that.
D
There
was
also
some
movement
movement
to
add
secrets
to
node
expansion.
Rpc
call.
So
if
we
have
to
make
a
change
into
pv
respect
for
that
then,
and
then
we
would
like
that
change
and
allow
volume
expansion,
change
that
you're
planning
to
move
from
storage
class
on
to
pv
to
go
together
rather
than
so
so
just
majority
of
work.
This
squadron
will
be
like
italy's
will
be
like
yeah
nailing
down
those
details.
A
C
Yeah,
so
cap
got
emerged.
C
Yes,
so
now
we
are
working
on
various
tasks,
so
submitted
a
pr
that
move
the
volume
snapshot,
data
source
to
ga,
that's
the
feature
gate
and
also
a
pr
that
updates
crds
from
beta
1
to
v1.
C
So
I'm
going
to
schedule
a
api
review
soon
and
then
there
is
also
a
matrix
work
for
snapshot.
Controller
grant
is
working
with
chanchan
on
that
and
then
there's
also
a
pr
working
progress
pr
by
kartik
using
patch
instead
of
update,
and
then
we
also
have
a
quite
a
few
e2e
tests
that
we
need
to
write.
C
So
we
have
a
few
people
working
on
them.
I
think
chris
from
michelle's
team
ronak
and
grant
all
going
to
work
on
e2
test,
and
then
we
still
have
a
couple
more
that
we
need
to
find
owners.
So
if
anyone
on
this
car
is
interested
in
in
helping
out,
please
let
me
know
we
do
have
this
merch
deadline,
which
is
november
12th
the
because
e3
tests
are
in
trees.
So
we
need
to
get
them
in
by
that
merge
their
line.
A
Yeah,
so
if
anybody
on
the
call
is
interested,
this
is
a
really
good
place
to
get
involved,
pretty
kind
of
not
super
scary
you're,
just
gonna,
you
know
start
adding
tests.
It's
a
good
way
to
learn
the
code
base
and
figure
out
how
to
start
contributing
to
the
core
of
kubernetes
kubernetes.
A
A
D
Yeah,
the
cap
is
updated
merged
and
I
think
we
have
a
decision
that
kind
of
solves
s
linux
at
least
as
well,
so
we
aren't
stuck
behind
it.
I
think
matt
from
google
has
will
be
moving
it
to
beta
michelle.
That's
still
right,
yeah
can
you
and
yeah,
so
we
should
be
good
to
go.
Okay.
A
And
so
should
I
put
matt's
name
here
as
the
dev.
D
A
And
then
se
linux
permission
handling
design.
It
sounded
like
he
in
your
status,
update.
You
mentioned
that
that's
been
unblocked
as
well.
D
D
If
he's
there
he's
not
so
yeah,
so
the
way
we
are
going
to
solve
is
use
mount
options,
but
if
the
we
are
going
to
first
emit
conflicting
slns
context
is
being
used
by
multiple
parts
same
volume,
they
are
going
to
report
that
as
a
matrix,
then
we
are
going
to
duplicate
support
for
that
and
reject
such
parts
by
a
cubelet,
admission
and
optionally
add
a
flag
to
cubelet
to
re-enable
old
behavior.
If
there
are
many
users
affected,
but
first
we
have
to
add
a
metric
so
that
we
know
how
many
users
are
using.
A
Volume
got
it
and
that
metric
would
be
added.
This
quarter.
D
A
Okay,
next
item
is
for
ben.
I
guess
I
guess
this
is
the
unassigned
one
new
design
for
volume
file
permission
handling
last
status.
Update
we
had
was
there's
some
overlap
with
recursive
handling.
I
guess
we
should
make
a
call
about
whether
we're
gonna
pursue
anything
here.
This
quarter
or
point
it
to
next
quarter.
F
E
So
I
I
did
a
little
bit
of
reading
on
like
what
what
the
state
of
the
art
in
this
area
is,
and
there
are
people
working
on
the
linux
kernel
trying
to
like
invent
something
that
sucks
less
than
the
status
quo.
I
mean,
of
course,
the
linux
kernel
always
has
problems,
because
certain
solutions
get
rejected,
for
you
know
other
reasons,
but
I
I
am
hopeful
that
that
I
don't
know
if,
if
it's
available
today,
but
you
know
something
will
be
available
in
the
next
few
linux
releases
that
might
make
this
problem
less
bad.
E
Of
course,
I
don't
know
how
that
helps
us
in
practice,
because
a
lot
of
people
run
relatively
old
linux
kernels
for
kubernetes,
so
it's
like
it
may
take
a
while
for
the
real
solution
to
sort
of
propagate
in,
but
I'm
hopeful
that
there
will
eventually
be
a
way
where
you
can
fix
the
file
system,
user
id
gid,
mappings
relative
to
the
process
space
ui
djid
mappings
such
that,
like
you,
don't
have
to
do,
play
these
funny
games
that
kubernetes
plays
with
reassigning
ownership
and
we
could
get
to
a
place
where
it
just
works.
A
G
To
reach
out
to
david
howells
at
red
hat,
because
he
does
a
lot
of
kernel,
work
for
red
hat
and
he
wrote
he
like.
He
wrote
fs
cash
and
he
wrote
the
afs
kernel
driver.
E
Yeah,
I
think
there
are
some
red
hat
people
involved
in
this
work.
It's
it's.
It's
vfs
layer,
work
and
the
kind
of
stuff
they
were
talking
about
was
you
know
like
shifting
bind
mounts
where
you
you
can
do
a
bind
mount
to
a
file
system
that,
like
shifts
all
the
uids
and
gids
over,
like
by
a
million
or
by
whatever
number
you
want
when
you
access
it
through
the
bind
mount
and
like
those
kinds
of
things,
would
if
we
had
them
kind
of
help
here,
because
that's
basically
how
kubernetes
also
does
it?
E
Is
it
sort
of
shifts
the
uid
gid
space
over?
So
like
a
something
like
that
or
I
have
seen
other
solutions
and-
and
there
are
all
the
kernel
people
are
aware
of
this
stuff-
I
think
it's
just
that.
I
don't
know
if
the
kubernetes
people
and
the
linux
people
are
talking
to
each
other.
H
Hey
we
just
did.
We
did
discuss
this
a
little
while
back
in
sig
windows.
It
seems
like
pretty
much
in
the
windows
kernel
side.
There
is
no
support,
there's
a
concept
of
permissions,
going
like
special
permissions
being
attached
to
a
user
identity
that
starts
off
the
container,
so
it's
kind
of
like
a
free-for-all.
Basically,
that
concept
is
just
not
there.
E
I
Much
more
complex
security
model-
and
this
is
tied
very
much
to
the
file
system
topology,
so
it
it
doesn't
fit
the
topple
model
of
the
linux
environment,
of
the
uid
gid.
E
That
doesn't
surprise
me.
I
just
yeah,
I
hope
someone
who
does
understand
windows
well
and
how
windows
containers
in
particular
works
is
thinking
about.
You
know
what
do
you
do
when
you
have
any
kind
of
mapping
and
how
that
affects
volumes
that
are
attached
and
their
owners?
So
you
don't
end
up
in
the
situation
we
have
on
linux,
where
you
can't
write
any
files.
A
So
I
guess
the
question
for
both
of
these
tasks
here
is:
is
there
any
further
progress
that
can
be
made
this
quarter
on
it
for
the
first
task?
It
sounds
like
we
should
pump
this
until
there's
something
better
available
in
the
kernel.
Is
that
right,
ben.
E
I
A
So,
what's
what's
your
advice
on
the
windows
side,
deep
anything
we
can
do
in
this
quarter
or
this
is
a
wait
and
see
what
emerges
problem.
H
H
Yeah
we
do
through
sig
windows.
There
was
a
couple
of
folks
from
the
kernel
team
who
specifically
called
out
that
you
know
they
haven't
seen
a
lot
of
requests
around
this
and
therefore
is
pretty
low
in
their
priority
relative
to
other
things
like
enabling
privileged
containers
overall.
H
A
A
All
right
next
item
is
csi
entry,
read-only
handling.
I
believe
I
poked
humble
for
a
status
update.
He
said
code
is
up
for
review
and
I
would
like
to
get
confirmation
on
sc
flag
storage
class
flag
to
take
it
to
completion
so
I'll
go
ahead
and
copy
that
status
over.
A
A
F
Yeah
yan
yan
took
a
look
at
it.
I
think
he
had
like
one
concern,
maybe
and
we'll
have
to
follow
up
on
it.
A
All
right
next
item
is
storage
capacity
tracking
with
patrick
anyone
have
updates
on
that
kept
merged
any
or.
A
Alpha,
okay
sounds
good.
Next
item
is
store,
is
pvc
inline
ephemeral
volumes
working
with
csi
driver,
also
patrick,
and
then
I
guess
the
next
one
is
also
related:
csi,
ephemeral
volumes,
yawn
or
michelle.
You
want
to
give
updates
on
both
of
those.
F
Yeah
so
they're
not
being
promoted
this
cycle
either.
So
I
think
what
is
it
which
item
pvc
ephemeral
volumes
that
one
should
be
alpha?
Okay,
we're
not
targeting
beta
this
quarter,
but
yeah
both
of
these
items.
I
think
we
need
to
have
a
meeting
to
figure
out
what
to
do
with
the
apis,
because
we
have
two
apis
that
are
very
similar,
but
not
quite
so.
I
think
that
is
going
to
be
a
major
thing
we
need
to
resolve
before
we
can
promote
any
of
these
features,
but
it
makes.
A
Sense,
it
looks
like
next
step.
Is
the
alignment
of
these
two
apis?
Do
you
know
who's
going
to
set
up
the
follow-up
meeting
on
this?
Would
that
be
patrick
or
we'll
follow
up
offline
on
over
email.
F
Yeah
patrick
had
sent
out
an
email
already
to
the
stick,
but
it
didn't
really
get
response.
I
think
we'll
have
to
follow
up
with
him
to
set
up
a
meeting
sounds
good.
A
All
right,
cool
next
item
is
spreading
over
failure,
domains
which
is
very
closely
related
to
volume
group
api
shang.
You
want
to
give
an
update
on
those
two.
C
C
A
A
Okay,
next
set
of
items
is
for
the
csi
generic
drivers.
We
have
iscsi
fiber,
channel
driver
and
flex
for
and
a
flex
adapter
fiber
channel
and
flex.
We
are
just
planning
to
deprecate
and
then
the
iscsi
one
there
is
a
community
maintained
repo
and
that
repo
needed
image,
building
testing
ci
cd
documentation.
That
sort
of
thing
michelle.
I
think
this
latter
two
or
we're
just
planning
to
deprecate
any
updates
on
the
nice
cozy
won.
F
No,
I
haven't
made
progress
on
this.
Okay,
but
yeah
the
the
fiber
channel
and
flex
driver
is
just
gonna,
be
deprecated
and
archived
for
iscsi.
I
need
to
follow
up
with
some
of
the
folks
that
originally
were
interested
in
helping
develop
the
driver
and
sort
of
follow
up
with
them
on
next.
F
A
A
A
A
A
Mark
that,
as
no
update,
we'll
get
a
update
next
time,
hopefully
csi
volume,
health,
shing.
C
Yeah,
so
we
are
working
on
implementing
modeling
house
in
the
host
csi
hostpass
driver
right
now.
So
after
that
we
can
add
et
test
for
that
there
is
another
idea
which
is
to
add
e2
test
just
using
the
csm
walk
driver,
so
we'll
be
looking
into
that
as
well.
A
E
Yeah,
so
so
this
this
kept
is
not
merged,
and
that's
because
I
realized,
as
part
of
the
the
changes
to
the
design,
that
it
needs
to
be
alpha
for
at
least
one
more
release,
because
we
need
to
introduce
like
a
new
validating
web
hook
and
once
you
move
to
beta,
it
will
be
too
late
to
do
that.
So
so
I'm
proposing
that
we
do
the
validating
web
hook
in
this
release,
keep
it
alpha.
A
So
do
we
want
to
switch
this
to
keeping
an
alpha
this
quarter,
so
let
me
go.
E
And
there's
a
pr
against
external
provisioner
or
csi
provision
or
whatever
the
repo.
A
Cool
all
right,
thanks
ben
for
that
update
next,
is
cozy
record.pr.
A
E
No,
no,
this
is
a
kubernetes.
That's
the
cap,
the
cap,
okay,
the
the
external
provisioner
pr
is
491,
an
external
provisioner.
A
All
right
next
item
is
cozy
sid
or
anybody
else
on
the
line.
J
Jeff
this
is
trini
yeah
thanks
saad
for
the
review
we
have
sat
together
as
a
team.
Yesterday
addressed
most
of
the
questions.
There
are
lots
of
details
that
we
filled
in
around
the
api
based
on
the
review.
J
There
are
a
few
more
outstanding
comments
on
the
pr
the
cap
is
taking
good
shape
right
now
or
hopefully
gets
merged.
On
the
coding
front.
We
are
doing
good
right
now.
We
have
progress
on
all
the
components
and
shooting
for
a
milestone,
end-to-end
test
with
greenfield
buckets
so
hopefully
we'll
have
quick,
merge
soon.
A
Nice
all
right,
thank
you
all
for
the
hard
work
on
that
and
yeah
I've
been
watching
the
cap.
It's
gotten
so
many
comments
now
that
you
get
the
github
unicorn
error
very
frequently,
which
means
that's
true,
it's
a
very,
very
popular
kept.
So
thank
you
for
all
your
hard
work
on
that.
A
Okay.
Next
item
here
is
fs
group
support
in
csi.
We
should
probably
move
this
up
with
the
rest
of
the
permissions
related
things.
This
is
assigned
to
christian
huffman.
Last
status
update
was
needed
to
add
into
end
tests
any
further
updates
on
this.
B
A
I
I'm
afraid
I've
dropped
the
ball
in
the
last
two
weeks.
I
had
three
rather
unexpected
visits
to
hospital
uh-oh
and
I've
been
kind
of
out,
and
but
I'm
I
have
a
meeting
with
matt
curry
tomorrow,
and
I
hope
that
that
will
it
will
set
me
free
to
move
on.
A
All
right
sounds
good.
Health
is
number
one,
so
take
care
of
yourself,
and
thank
you
we'll
get
to
this
next
set
of
items
is
csi
migration
for
the
various
cloud
providers.
First
up
is
vsphere
divian.
Any
updates.
C
It
looks
like
he's
not
on
the
call,
so
I
know
that
kiwi
has
been
doing
testing
still,
so
I
find
some
issues
and
being
tested
fixing
those
issues.
Overall,
it's
been
good,
but
I
still
have
not
got
a
confirmation
on
the
back
port
status.
There
are
still
a
couple
of
back
ports.
I
think
looks
like
they're
not
have
not
landed
yet
so.
A
Sounds
good
go
ahead
and
mark
that
as
started.
Next
up
is
azure
disk,
an
azure
file,
csi
migration
currently
assigned
to
andy
the
last
status
update
here
was
the
prs
were
out
any
further
updates
here.
F
Nope,
I
think
he's
andy's
continuing
to
work
on
the
azure
file
going
to
beta
azure
disk
is
still
going
to
remain
the
same.
Okay.
A
All
right
next
item
is
gce.
I
don't
believe
mac
carries
on
the
line
right.
A
So
matt
carey
is
officially
assigned
to
this
and
we'll
hopefully
be
giving
a
status
update
soon
aws.
We
have.
F
I
would
probably
oh
sorry
for
azure
disc.
I
would
probably
defer
that
for
this
quarter
I
don't
think
there's
going
to
be
any
work
on
that,
so.
A
A
Okay
and
on
the
aws
side,
any
updates
from
that
one.
A
A
Okay,
no
worries
is
there
anybody
else
on
the
call
that
is
familiar
with
openstack
cinder
knows
the
folks
working
on
it
and
is
willing
to
follow
up
and
see
if
we
can
find
an
owner.
A
I
think
what
it
comes
down
to
for
these
volume
plug-ins
is
we're
going
to
need
to
find
an
owner
who's
willing
to
take
on
csi
migration
or
or
agree
that
we're
going
to
do
a
deprecation
without
a
migration
which
means
disable
the
plug-in
entry,
and
what's
the
timeline
for
that,
I
think
minimum
it
would
have
to
be
a
year.
A
A
A
F
So,
at
least
for
the
openstack
cinder
one
in
the
enhancement
issue,
I
think
someone
was
commenting
on
it.
We
can
maybe
reach
out
to
them.
Okay,
that's
that's
good!.
C
Was
it
andrew
was
what
because
I
saw
his
name
as
the
owner
of
this
feature
in
that
features?
The
cube
features
that
go
file,
but
it's
probably
not
working
on
it
now,
but
I
don't
know.
D
I
can
there
are
some
people
that
they
had
who
are
working
on
supporting
the
cinder
driver.
I
wonder
if
I
I'll
try
to
ping
them
and
see
if
you
can
get.
A
A
I'm
going
to
put
your
name
as
a
question
mark
in
on
the
reviewer
side
just
to
see
if,
if
you
can
make
any
progress,
but
if
not
no
worries,
I
don't
I'm
not
expecting
any
miracles
here
yet.
A
Alright,
next
up,
we
have
cephs
and
seth
rbd
humble,
provided
us
an
update
here
as
well.
Further
testing
enhancements
are
in
progress,
so
looks
like
this
is
underway.
Thank
you,
humble
for
that
update.
A
Next
item
is
immutable
secrets
and
config
maps
wojtek.
This
would
remain
in
beta
for
120.
michelle.
Do
we
need
to
track
this,
or
can
I
just
cross
it
out.
A
Makes
sense
all
right
next
item
is
the
pvcs
created
by
stateful
said,
don't
get
auto
deleted
kk?
Are
you
on
the
line
by
any
chance.
K
Yes,
so
we
tried
for
the
120
deadline,
but
I
did
we
didn't
meet
it,
so
there
are
still
comments
which
we
have
got.
We
are
trying
to
address
them,
but
there's
been
significant
momentum
in
the
last.
A
K
K
All
right
so
volume
expansion.
I
have
not
spent
time
on
it.
I've
been
focused
on
the
like
the
pvc
autocreate
only.
G
K
Once
the
kept
pushes
out
I'll
spend
more
time
on
this,
okay.
A
And
do
you
want
to
keep
it
in
this
quarter?
Yes,.
I
A
It
okay,
yes,
so
we'll
focus
on
this
above
these.
A
Okay,
next
item
is
execution
hook.
Any
updates
on
that.
C
Yeah,
so
this
one
didn't
make
it
we're
not
going
to
go
after
this
time.
We
have
to
have
a
lot
of
comments
on
that
cap,
but
we
there
are
some
concerns
on
the
api
design
part
and
we
have
not
reached
consensus
on
some
of
those
things.
Yet
like
the
notification
right
now,
we
have
the
support
selector.
C
C
The
other
one
is
to
have
a
pause
list
instead
of
past
selector,
and
then
there
are
also
some
concerns
on
their
status
update.
I
think
jordan
prefers
to
have
a
one
pod
status,
but
that
means
that
we
do
need
to
have
just
one
party
in
the
notification,
but
tin
has
not
responded
on
that.
C
Whether
he's
okay
with
this
one,
two
one
mapping
yet
so,
if
it's
a
one
part
will
be
more
straightforward
or
if
we
do
a
part
list,
then
we
may
need
to
do
this
thing
like
the
what
I
did
for
this
endpoints
slice
thing.
So
maybe
we
need
to
do
that,
but
that
I'm
thinking
probably
gonna
need
to
have
another
api
object
to
do
that.
So
I
need
to
think
about
that
if
we
want
to
do
a
pod
list.
So
from
the
quietest
point
of
view
now,
I'm
thinking
actually
pause.
C
Selector
is
not
a
good
choice,
because
the
the
backup
controller
will
need
to
know
what
parts
are
selected
before
sending
those
requests.
It
needs
to
know
whether
the
class
is
successful
or
not.
It
can't
have
that
there's
a
like
partial,
determined
list
of
parts
right,
so
so
I
think
I'm
going
to
update
the
cap,
maybe
just
with
two
alternatives
and
then
pin
tim
and
jordan
and
see
if
they
can
agree
and
maybe
pick
one
of
them
so
yeah.
So
that's
the
status.
Yes,
I
think
this
is
awesome.
A
Thank
you
very
much.
That
is
a
massive
massive
cap,
so
thank
you
for
helping
drive
that
I
think,
especially
the
fact
that
it's
crosstig
and
a
lot
of
other
folks
are
interested
in
it.
I
think
this
is
very
valuable
to
the
community.
So
thank
you
all
right
next
item
here
is
the
mount
library
splitting
it
out
into
a
new
repo,
adding
into
end
tests.
J
Yeah,
this
is
really
actually
one
last
item.
There
is
to
remove
util's
mount
from
the
kids
rendering,
but
before
that
I
opened
a
pr
against
the
ca
advisor
which
is
dependent
on
utah's
month
that
pr
did
not
get
any
traction.
Yet
I
need
to
ping
someone
there.
I
don't
know,
but
once
that
is
merged,
I
think
I'll
work
with
michelle
to
to
remove.
F
A
F
Yeah,
so
yeah
is
going
to
work
on
implementing
this
feature
and
alpha
test
release
which
chain.
A
Chain
chat:
okay,
and
do
we
have
any
cap
or
anything
required.
F
Yeah
great,
I
think,
chris's
comment
on
this
is
unrelated,
got
it.
I'm
gonna
go
ahead
and
resolve
that.
F
A
A
F
A
Okay,
anything
else
in
terms
of
planning.
A
All
right,
then,
let's
go
ahead
and
switch
back
to
the
planning
spreadsheet
and
looks
like
we
have
a
miscellaneous
item
gary.
You
want
to
talk
about
this.
G
Yeah,
this
is
a
longer
version
of
a
talk
I
gave
at
the
vault
conference.
It's
really
for
you
know
novices,
but
it's
kind
of
an
inside
out
look
and
talks
about
my
experiences
with
csi
so
might
be
interesting
to
anybody
who
might
be
thinking
about
working
on
a
csi
driver
or
learning
about
csi,
because
it
kind
of
covers
that
including
everything
from
pvc
is
up.
A
Cool
well,
thank
you
for,
for
that
shout
out
anybody,
that's
interested!
This
might
be
good
to
attend
and
check
out.
Do
you
have
any
idea
on
how
folks
can
attend
what
they
need
to
do.
G
It's
a
free,
it's
a
free
conference.
There's
a
lot
of
interesting
talks,
it's
off
the
record!
Well,
I
won't
say
off
the
road
because
it's
recorded
this,
this,
the
sponsor
is
a
big
name.
A
Cool
all
right,
thank
you
for
that
anything
else.
Folks
have
today.