troubleshoot icon indicating copy to clipboard operation
troubleshoot copied to clipboard

Published 20 hours ago verified publisher icon replicatedhq

storageclass analyzer should be able to pass/warn/fail on more than name

Open programmerq opened this issue 3 years ago • 1 comments

Describe the rationale for the suggested feature.

Since kubernetes has so many storage options, it is critical to help an end-user ensure they have the correct capabilities for a given application. The current storageclass analyzer can only look at the name of the storageclass, which can be fairly arbitrary.

Describe the feature

In particular, the provisioner of a storageclass is what matters. The provisioner is what determines whether a volume with that storageclass can be used. as readwriteonce, readwritemany, etc. Many provisioners also have configurable options that are visible inside the storageclass definition.

allowVolumeExpansion is directly available in the storageclass and is another option that would be important to be able to do checks on.

Having some builtin checks on common provisioners might be helpful (see the table of capabilities here: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes)

Some possible example output:

Check WARN
Title: Adequate Storage Class
Message: Default Storage Class is using HostPath provisioner, which is not supported.
Detected cephfs provisioner in storage class "ceph", which supports readwritemany. Be sure to specify --values storageclass=cephfs when installing or upgrading the helm chart.

or

Check FAIL
Title: Default Storage Class
Message: Default Storage Class found, but the AzureDisk provisioner does not support readwritemany access mode.

or

Check WARN
Title: block filesystem type
Message: org.democratic-csi.iscsi provisioner option fsType: ext4 is not tested. Use fsType: xfs for full support.

Describe alternatives you've considered

I briefly experimented with using the regex analyzer to determine more information about the storageclass, but regex is not powerful enough to deal with multiple storageclasses in the single output file. There's not a good way to relate a given pattern with a given class.

Additional context

For any application with an HA mode, a local disk or host path type storageclass should at least be a warning. An nfs-only provisioner may be desirable for some types of data, but a block-storage provisioner may be desirable for other types. Having this ability in both the preflight check and support bundle analyzers will really help steer folks into the right direction.

programmerq avatar Nov 04 '21 19:11 programmerq

This applies to some of the analyzers which don't make use of when option. eg: no warn: secrets-analyzer no warn: configmap (not documented) no warn: deployment-status

pavansokkenagaraj avatar Mar 03 '22 18:03 pavansokkenagaraj