diff --git a/pkg/manager/volumes/delegation/aws/ebs_modifier.go b/pkg/manager/volumes/delegation/aws/ebs_modifier.go index 0f51b8fe002..96573039c93 100644 --- a/pkg/manager/volumes/delegation/aws/ebs_modifier.go +++ b/pkg/manager/volumes/delegation/aws/ebs_modifier.go @@ -88,6 +88,11 @@ func (m *EBSModifier) Validate(spvc, dpvc *corev1.PersistentVolumeClaim, ssc, ds } func (m *EBSModifier) ModifyVolume(ctx context.Context, pvc *corev1.PersistentVolumeClaim, pv *corev1.PersistentVolume, sc *storagev1.StorageClass) ( /*wait*/ bool, error) { + if pv == nil { + klog.V(4).Infof("Persistent volume is nil, skip modifying PV for %s. This may be caused by no relevant permissions", pvc.Spec.VolumeName) + return false, nil + } + desired, err := m.getExpectedVolume(pvc, pv, sc) if err != nil { return false, err diff --git a/pkg/manager/volumes/delegation/interface.go b/pkg/manager/volumes/delegation/interface.go index ea0e24e210f..8c31fee5cbb 100644 --- a/pkg/manager/volumes/delegation/interface.go +++ b/pkg/manager/volumes/delegation/interface.go @@ -23,7 +23,8 @@ import ( type VolumeModifier interface { MinWaitDuration() time.Duration - // ModifyVolume modifies the underlay volume of pvc to match the args of storageclass + // ModifyVolume modifies the underlay volume of pvc to match the args of storageclass. + // If no PV permission (e.g `-cluster-permission-pv=false`), the `pv` may be nil and will return `false, nil`. ModifyVolume(ctx context.Context, pvc *corev1.PersistentVolumeClaim, pv *corev1.PersistentVolume, sc *storagev1.StorageClass) (bool, error) Validate(spvc, dpvc *corev1.PersistentVolumeClaim, ssc, dsc *storagev1.StorageClass) error diff --git a/pkg/manager/volumes/pod_vol_modifier.go b/pkg/manager/volumes/pod_vol_modifier.go index f90e66aaf74..7348bcea17a 100644 --- a/pkg/manager/volumes/pod_vol_modifier.go +++ b/pkg/manager/volumes/pod_vol_modifier.go @@ -298,6 +298,11 @@ func getDesiredVolumeByName(vs []DesiredVolume, name v1alpha1.StorageVolumeName) } func (p *podVolModifier) getBoundPVFromPVC(pvc *corev1.PersistentVolumeClaim) (*corev1.PersistentVolume, error) { + if p.deps.PVLister == nil { + klog.V(4).Infof("Persistent volumes lister is unavailable, skip getting PV for %s. This may be caused by no relevant permissions", pvc.Spec.VolumeName) + return nil, nil + } + name := pvc.Spec.VolumeName return p.deps.PVLister.Get(name)