search

kubernetes-sigs / aws-efs-csi-driver

CSI Driver for Amazon EFS https://aws.amazon.com/efs/
Apache License 2.0
723 stars 554 forks source link

Dynamic Provisioning does not create different access point when PV has the same name in seperate namespaces #1505

Open tschirmer opened 2 days ago

tschirmer commented 2 days ago

/kind bug

What happened? Created 2 PVCs with the same name (using the same helm chart) in different namespaces while using "reuseAccessPoint". The resulting Volume Handle was the same on both dynamically created PVs. I understand this is for portability, but a namespace separation option is needed as well

What you expected to happen? 2 PVCs should create 2 dynamically created PVs and require 2 different access points for namespace isolation.

How to reproduce it (as minimally and precisely as possible)?

---
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: aws-efs-csi
provisioner: efs.csi.aws.com
mountOptions:
  - tls
  - iam
parameters:
  provisioningMode: efs-ap
  fileSystemId: fs-******
  directoryPerms: "700"
  reuseAccessPoint: "true" 

---
apiVersion: v1
kind: Namespace
metadata:
  name: test-1
---
apiVersion: v1
kind: Namespace
metadata:
  name: test-2

---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: duplicate-name-for-pvc
  namespace: test-1
  annotations:
    volume.beta.kubernetes.io/storage-class: "aws-efs-csi"
spec:
  storageClassName: "aws-efs-csi"
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 1Gi

---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: duplicate-name-for-pvc
  namespace: test-2
  annotations:
    volume.beta.kubernetes.io/storage-class: "aws-efs-csi"
spec:
  storageClassName: "aws-efs-csi"
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 1Gi
kubectl get pv  "$(kubectl get  pvc -n test-1 duplicate-name-for-pvc --template="{{.spec.volumeName}})"  --template="{{.spec.csi.volumeHandle}}"
kubectl get pv  "$(kubectl get  pvc -n test-2 duplicate-name-for-pvc --template="{{.spec.volumeName}})"  --template="{{.spec.csi.volumeHandle}}"

These should be different. But are not.

Environment

Server Version: version.Info{Major:"1", Minor:"31", GitVersion:"v1.31.1-eks-ce1d5eb", GitCommit:"13dba3fbdc91154b8ad7d77d07933985753810cc", GitTreeState:"clean", BuildDate:"2024-09-21T09:30:36Z", GoVersion:"go1.22.6", Compiler:"gc", Platform:"linux/amd64"}