Need to pass UserCredentials in Create/Delete Image #28
Comments
|
per http://blog.kubernetes.io/2018/01/introducing-container-storage-interface.html, credentials are not supported in alpha. Closing. |
jsafrane
pushed a commit
to jsafrane/external-provisioner
that referenced
this issue
Sep 8, 2020
carry: Add BZ component to OWNERS
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently storage class doesn't have credentials API, external-provisioner passes everything into Parameters but not into UserCredentials.
This is a problem for certain volumes such as rbd. We currently use parameters to store plaint text secret to get around this issue.
Ideally credentials should still be encoded as a K8S Secret. External provisioner needs a mechanism to get credentials from StorageClass, either through a special parameter, annotation, or new API fields, then passes these credentials into UserCredentials in CreateVolume and DeleteVolume calls.
thanks @sbezverk for his early investigation into this issue
The text was updated successfully, but these errors were encountered: