Skip to main content
Version: 3.1

StorageClass for CSI

The following CSI StorageClass enables your tenants to create volumes using their token stored in a secret in their namespace.

When using CSI, the storage class references the secret for the three types of supported operations:

  • provision

  • node-publish (mount/unmount)

  • controller-expand

    apiVersion: storage.k8s.io/v1
    kind: StorageClass
    metadata:
    name: px-storage
    provisioner: pxd.portworx.com
    parameters:
    repl: "1"
    csi.storage.k8s.io/provisioner-secret-name: px-user-token
    csi.storage.k8s.io/provisioner-secret-namespace: ${pvc.namespace}
    csi.storage.k8s.io/node-publish-secret-name: px-user-token
    csi.storage.k8s.io/node-publish-secret-namespace: ${pvc.namespace}
    csi.storage.k8s.io/controller-expand-secret-name: px-user-token
    csi.storage.k8s.io/controller-expand-secret-namespace: ${pvc.namespace}
    allowVolumeExpansion: true

Note the value ${pvc.namespace}. This will ensure that the CSI controller gets the appropriate token, which is tied to the namespace of the PVC.

Was this page helpful?