Closed acortelyou closed 3 weeks ago
I believe the copyVolume
method should receive dstResourceGroup, dstAccountName
parameters from CreateVolume
to be used inside copyBlobContainer
which currently builds the dstPath
using the source accountName
which is incorrect.
/kind bug
fixed in v1.23.5 and v1.24.2
I am trying to use the CSI Volume Cloning feature to copy a blob volume from a source storage account with
Blob Data Reader
into a destination storage account withBlob Data Contributor
.This is desirable in order to dynamically provision a copy of a blob container from a read-only global source storage account into a read-write cluster adjacent regional destination storage account, which can then be automatically reclaimed when no longer needed.
It appears that when cloning a blob volume, the controller server mistakenly attempts to provision the new blob container in the source storage account instead of the destination storage account.
The system identity does not have the permissions to write to the source storage and fails.
I am including a lightly anonymized copy of the logs and kubernetes resources for repro.
What happened:
What you expected to happen:
A dynamic blob container should have been provisioned in the storage account specified in the datacopy storage class.
How to reproduce it:
See example kubernetes specs below.
Anything else we need to know?:
Functioning volume cloning is a highly desirable feature.
Environment:
kubectl version
): Client Version: v1.29.2 Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3 Server Version: v1.28.10