abhilashshetty04
commented
7 months ago Hi @sepich , Thanks for raising the issue.
-
This was the design decision in the zfs local pv as well. By having resources like lvmvolume and lvmnode as CR we make sure: a. We keep node and controller component completely stateless. Rely on k8s etcd to store the resource objects. b. We dont have to have gRPC CRUD interface between controller and node. Since its controller driven, core storage operations are driven by CR state. c. This makes lvm-localpv completely k8s native in a way. users can investigate storage resource with kubectl plugin.
-
We already have the support to disable snapshot cr install. Part of following PR https://github.com/openebs/lvm-localpv/pull/243 https://github.com/openebs/lvm-localpv/blob/develop/deploy/helm/charts/values.yaml#L171C20-L171C20
sepich
Describe the problem/challenge you have We are investigating migration to your project from
metal-stack/csi-driver-lvm. Unfortunately with more features it seems also comes more complexity, and we cannot find reasons for that:Most important question is why do you need permission to read all cluster Secrets? https://github.com/openebs/lvm-localpv/blob/db17d08700266368d9de18904a6bef74ef2c4dff/deploy/helm/charts/templates/rbac.yaml#L18 We cannot find any mentions for this in docs, and in go code
Another thing which seems poorly documented is why do you need custom CRDs? Putting aside snapshots, which we do not use. What kind of problem do you solve with
lvmnodes.local.openebs.ioandlvmvolumes.local.openebs.io? Why do you need separate controller and state, which can just be stored directly on nodes.Describe the solution you'd like It is nice you have ability to disable
crd.volumeSnapshotin your helm chart. Would be nice to also have ability to disable Secrets permissions and the rest of CRD, and clearly understand what would it break.Thank you.