AKS icon indicating copy to clipboard operation
AKS copied to clipboard

Published 20 hours ago verified publisher icon Azure

[BUG] Managed CSI Blob Driver doesn't clean all resources after being uninstalled

Open Vegoo89 opened this issue 1 year ago • 11 comments

Describe the bug After Blob CSI is uninstalled, it doesn't clean all resources from the cluster (e.g. service account and clusterrole), so if I try to bring my own CSI and install it via helm chart, it fails.

To Reproduce Steps to reproduce the behavior:

  1. Enable Blob CSI on the AKS Cluster
  2. Disable Blob CSI on the AKS Cluster
  3. Try to install Blob CSI using Helm

Expected behavior After disabling the managed Blob CSI, Helm chart installation should work

Screenshots None

Environment (please complete the following information):

  • CLI not used
  • Kubernetes version 1.29.2

Additional context None

Vegoo89 avatar Apr 09 '24 12:04 Vegoo89

/assign @cvvz

andyzhangx avatar Apr 10 '24 12:04 andyzhangx

@Vegoo89 thanks for reporting this issue. May I know why do you want to use open source blob csi driver instead of managed one?

andyzhangx avatar Apr 10 '24 12:04 andyzhangx

We are using 1.24 which provides workload identity integration with static provisioning without storage key usage. AKS currently supports 1.23 in Kubernetes 1.29.2 version.

Vegoo89 avatar Apr 10 '24 13:04 Vegoo89

We are using 1.24 which provides workload identity integration with static provisioning without storage key usage. AKS currently supports 1.23 in Kubernetes 1.29.2 version.

Did you get the Workload identity to work for the Blob Csi Driver on AKS 1.29.2? For us it didn't work. The releases are a bit confusing. blob-csi-driver has it mentioned in the 1.24.0 but AKS says it is supported since the last release which only uses the 1.23.3. Nevertheless, we will just wait for the AKS with 1.24.0 blob-csi-driver.

mkemmerz avatar Apr 11 '24 11:04 mkemmerz

We are using 1.24 which provides workload identity integration with static provisioning without storage key usage. AKS currently supports 1.23 in Kubernetes 1.29.2 version.

Did you get the Workload identity to work for the Blob Csi Driver on AKS 1.29.2? For us it didn't work. The releases are a bit confusing. blob-csi-driver has it mentioned in the 1.24.0 but AKS says it is supported since the last release which only uses the 1.23.3. Nevertheless, we will just wait for the AKS with 1.24.0 blob-csi-driver.

Yes, that is why I installed my own CSI Driver using Helm chart. With managed one (1.23.x) currently it doesn't work.

Vegoo89 avatar Apr 11 '24 12:04 Vegoo89

Hi @Vegoo89 have you upgraded your cluster to use the managed Blob CSI driver? It was upgraded to 1.24.1 in this release, Does the issue still exist?

AllenWen-at-Azure avatar Aug 29 '24 14:08 AllenWen-at-Azure

@azure/azure-container-storage-team would you be able to assist?

microsoft-github-policy-service[bot] avatar Aug 29 '24 14:08 microsoft-github-policy-service[bot]

@VyabaRamadoss, @AllenWen-at-Azure would you be able to assist?

microsoft-github-policy-service[bot] avatar Aug 29 '24 14:08 microsoft-github-policy-service[bot]

This issue will now be closed because it hasn't had any activity for 7 days after stale. Vegoo89 feel free to comment again on the next 7 days to reopen or open a new issue after that time if you still have a question/issue or suggestion.

microsoft-github-policy-service[bot] avatar Sep 13 '24 02:09 microsoft-github-policy-service[bot]