Portworx CSI Release Notes
Portworx CSI (PX-CSI) is a lightweight storage orchestration solution that uses the Kubernetes Container Storage Interface (CSI) framework to integrate the Everpure platforms.
PX-CSI integrates with Kubernetes to directly access FlashArray Direct Access volumes (FADA) and FlashBlade Direct Access volumes (FBDA).
If you're setting up PX-CSI for the first time, see Install Portworx CSI. If you're already using PX-CSI, upgrade to the latest version. For upgrade instructions, see Upgrade Portworx CSI.
For information about supported versions, release numbering, and support phases, refer to the PX-CSI Life Cycle Support Policy.
PX-CSI 26.2.0
June 9, 2026
Supported Operator version: 26.2.0 or later
What's New
-
FlashBlade with secure multi-tenancy
PX-CSI now supports FlashBlade Realms for secure multi-tenancy with isolated credentials and resource boundaries. Configure the
realmfield inpure.jsonand use thepure_nfs_policyandpure_nfs_serverStorageClass parameters to create file systems in the realm. Secure multi-tenancy requires Purity version 4.6.1 or later. For more information, see Use FlashBlade as Backend Storage and Dynamic Provisioning of FlashBlade File Systems. -
FlashBlade multi-server support
PX-CSI now supports provisioning file systems on specific NFS servers instead of the default
_array_serverto enable data access isolation. Use thepure_nfs_policy,pure_nfs_server, andpure_nfs_endpointStorageClass parameters. Requires Purity version 4.6.1 or later. For more information, see StorageClass reference. -
Native NVMe multipath support
PX-CSI now supports Native NVMe Multipath for NVMe with FlashArray. The driver automatically detects whether the host uses Native NVMe Multipath or DM-multipath and discovers the correct device path. This feature provides faster failover, improved performance, and simplified operations on modern Linux distributions that default to kernel-managed NVMe multipathing. No configuration changes are required. For more information, see System Requirements.
-
Volume Group Snapshot Support for FlashArray block volumes
PX-CSI now supports the
VolumeGroupSnapshotresource, enabling crash-consistent snapshots of multiple FlashArray-backed PVCs in a single operation. PX-CSI maps each group snapshot to a FlashArray protection group snapshot, ensuring that all member volumes are snapshoted at the same point in time. Kubernetes creates individualVolumeSnapshotobjects for each PVC, which you can use with the standard restore workflow. Requires Purity version 6.4.10 or later. For more information, see Snapshot of FlashArray PVC. -
Block PV deletion when snapshots exist
PX-CSI now supports blocking PersistentVolume deletion when the backend volume has existing snapshots. Set the
ENABLE_VOLUME_DELETION_WITH_SNAPSHOTSenvironment variable tofalsein theStorageClusterspecification to enforce this check. When enabled, PX-CSI returns aFailedPreconditionerror and generates aVolumeFailedDeleteKubernetes event when snapshots are detected, preventing accidental data loss. For more information, see Delete a PVC. -
Increased volume attachments per node
PX-CSI now supports attaching up to 1024 volumes to a single node, enabling higher workload density without any architectural constraints. For more information, see Volume attachment limits. -
Host connection health monitoring
PX-CSI now exposes Prometheus metrics for the health of host storage connections. The CSI node driver periodically checks iSCSI sessions, NVMe subsystems and NVMe connections, and FC hosts and remote ports, and reports their status as Prometheus metrics labeled with the node name. Use these metrics to detect degraded or lost storage connections before they affect your workloads. For more information, see Host connection health metrics.
-
NFS over TLS for FlashArray file services
PX-CSI now supports NFS over TLS for FlashArray file services. Add
xprtsec=tlstomountOptionsin the StorageClass to enable TLS for NFS traffic. This feature supports NFSv3 and NFSv4.1 and requires Purity version 6.10.6 or later and Linux kernel 6.12 or later on worker nodes withnfs-utils,ktls-util(tlshd), andopensslinstalled. For more information, see Dynamic Provisioning of FlashArray File Services. -
NFS over TLS for FlashBlade file systems
PX-CSI now supports NFS over TLS for FlashBlade file systems. Add
xprtsec=tlstomountOptionsin the StorageClass and specifypure_nfs_policythat references an export rule with TLS enabled. This feature supports NFSv3 and NFSv4.1 and requires Purity version 4.6.0 or later and Linux kernel 6.12 or later on worker nodes withnfs-utils,ktls-util(tlshd), andopensslinstalled. For more information, see Dynamic Provisioning of FlashBlade File Systems. -
Two-Node Arbiter (TNA) support for OpenShift
PX-CSI now supports Red Hat OpenShift two-node with arbiter (TNA) clusters for edge deployments.
-
Single node cluster support
PX-CSI now supports running on a single-node Kubernetes cluster. This feature allows you to deploy PX-CSI in environments with limited resources. For more information about PX-CSI requirements, see System Requirements.
-
Wind River Cloud Platform support
PX-CSI now supports Wind River Cloud Platform (WRCP) clusters running version 25.09. For more information about WRCP, see Wind River Cloud Platform.
Resolved Issues
| Issue Number | Issue Description | Severity |
|---|---|---|
| PWX-53602 | In ActiveCluster setups, when PURE_ISCSI_ALLOWED_IFACES is configured and participating FlashArrays present different LUNs for a PVC, workloads that consume that PVC might fail to reach the Running state because PX-CSI was unable to mount the PersistentVolumes. | Major |
| PWX-54578 | In ActiveCluster setups, when PURE_ISCSI_ALLOWED_IFACES is configured and the LUN ID associated with a PVC is greater than 255, NodeStageVolume might fail and workloads that use the associated PVC fail to reach the Running state. | Major |
Known Issues
-
PWX-54219: Restoring from a snapshot for file systems in a FlashBlade Realm is not supported when you use realm-scoped user credentials.
Workaround: Use FlashBlade array-scoped (global) credentials instead of realm-scoped credentials for the restore operation.
Affected version: 26.2.0