mountpoint-s3 icon indicating copy to clipboard operation
mountpoint-s3 copied to clipboard

Published 20 hours ago verified publisher icon awslabs

CSI (Container Storage Interface) driver

Open cskinfill opened this issue 1 year ago • 1 comments

Tell us more about this new feature.

Any plans to implement a CSI driver(container storage interface) that would allow a kubernetes cluster to mount an s3 bucket as a Persistent Volume?

cskinfill avatar Mar 15 '23 10:03 cskinfill

Thank you for the feedback. We've heard this ask from a few customers and we're looking into it, but nothing to share right now.

That being said, I encourage you to explore if existing CSI drivers such as the CSI for Amazon FSx for Lustre may work for your use case if you haven't already. An FSx for Lustre filesystem can be linked to an Amazon S3 bucket, as documented here: https://docs.aws.amazon.com/fsx/latest/LustreGuide/create-dra-linked-data-repo.html

dannycjones avatar Mar 15 '23 16:03 dannycjones

@dannycjones Can you provide any updates now that Mountpoint for S3 has been released for GA? https://aws.amazon.com/blogs/aws/mountpoint-for-amazon-s3-generally-available-and-ready-for-production-workloads/

MrMarkW avatar Aug 10 '23 17:08 MrMarkW

I have no update to share right now.

Our goal has been to get Mountpoint into customers' hands as a production product, which we've shared this week with the release of v1.0.0. We're still looking into how we can best support customers using mountpoint-s3 with Kubernetes, but there is no information for me to share at this time.

dannycjones avatar Aug 11 '23 13:08 dannycjones

Hi, I'm devloping/operating an in-house ML platform on the top of EKS clusters and now providing "CSI for Amazon FSx for Lustre" as a high-throughput cache for users to read their S3 data.

And now, we can see mountpoint-s3 as a more cost effective alternative. So, we would be very happy if we will hear that mountpoint-s3 have a plan to support kubernetes CSI in the near future!!

Moreover, normally FUSE(filesystem in user namespace) require privilege operation. But we, as a platform provider, we don't want to give any privilege permission to user pods even to side-car containers.

So, we would expect mountpoint-s3

  • supports kubernetes CSI
  • with an appropriate privilege isolation
    • similar to https://github.com/GoogleCloudPlatform/gcs-fuse-csi-driver
    • In gcs-fuse-csi-driver,
      • fuse process runs in a sidecar container in a user pod and user pod does NOT require any privilege
      • but, only csi driver daemonset pods require privilege
      • ref: this can be achieved via File Descriptor Transfer over Unix Domain Sockets
        • csi driver mounts(normally it needs privilege) /dev/fuse, and
        • passes the opened file descriptor to a sidecar container in a user pod over unix domain socket which will be created in emptyDir volume in a sidecar.
        • the sidecar will no need to mount but just to talk FUSE protocol to already opened & passed file descriptor. (thus, no need privilege in a sidecar)

everpeace avatar Aug 14 '23 07:08 everpeace

Thanks @dannycjones for the update.

I know it's hard to get a precise ETA, but it'll help users to invest in other alternatives while waiting for the CSI driver to have a roughly estimated target. Should we expect something for the re:Invent ? This year ? Q1 2024 ? H1 2024, later ? etc.

barryib avatar Nov 07 '23 09:11 barryib

Thanks @dannycjones for the update.

I know it's hard to get a precise ETA, but it'll help users to invest in other alternatives while waiting for the CSI driver to have a roughly estimated target. Should we expect something for the re:Invent ? This year ? Q1 2024 ? H1 2024, later ? etc.

I get that, and absolutely see the value in delivering this feature for users on Kubernetes. I can't share an estimated date, but it is something we're actively working on!

dannycjones avatar Nov 07 '23 10:11 dannycjones

Thank you, @dannycjones The mountpoint-s3 CSI Driver is set to be an excellent addition for EKS customers, particularly those running Data and ML workloads on Amazon EKS. I'm eagerly anticipating this feature and plan to conduct some benchmarks to demonstrate its capabilities through the Data on EKS (DoEKS) blueprints. 👍🏼

vara-bonthu avatar Nov 14 '23 09:11 vara-bonthu

This issue can be solved by using https://github.com/pfnet-research/meta-fuse-csi-plugin

everpeace avatar Nov 22 '23 04:11 everpeace

Very excited to say we just launched the new Mountpoint for Amazon S3 CSI driver: https://github.com/awslabs/mountpoint-s3-csi-driver. It's also available as an EKS add-on for easy installation in an EKS-managed Kubernetes cluster. Thanks again for all your feedback on Mountpoint!

jamesbornholt avatar Nov 28 '23 05:11 jamesbornholt