Skip to content

StorageClass Reference

This reference guide covers all parameters and configuration options available in StorageClasses for dynamic provisioning with the Scality S3 CSI driver.

Basic StorageClass Structure

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: s3-dynamic
  annotations:
    storageclass.kubernetes.io/is-default-class: "false"
provisioner: s3.csi.scality.com
reclaimPolicy: Delete
volumeBindingMode: Immediate
parameters:
  # CSI-specific parameters
mountOptions:
  # Mount options for all volumes using this StorageClass

Required Fields

Field Value Description
provisioner s3.csi.scality.com Must match the CSI driver name
reclaimPolicy Delete or Retain Controls bucket fate when PV is deleted (bucket deletion only occurs if empty)
volumeBindingMode Immediate or WaitForFirstConsumer When to create the bucket

For more information on parameters, see the Kubernetes StorageClass documentation.

Basic Examples for different secret configurations

Separate provisioner and node secrets
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: s3-basic
provisioner: s3.csi.scality.com
reclaimPolicy: Delete
volumeBindingMode: Immediate
parameters:
  csi.storage.k8s.io/provisioner-secret-name: s3-provisioner-secret
  csi.storage.k8s.io/provisioner-secret-namespace: kube-system
  csi.storage.k8s.io/node-publish-secret-name: s3-node-secret
  csi.storage.k8s.io/node-publish-secret-namespace: kube-system
mountOptions:
  - allow-delete
  - allow-other
Only node publish secrets - Driver level secrets will be used for CreateBucket and DeleteBucket operations
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: s3-basic
provisioner: s3.csi.scality.com
reclaimPolicy: Delete
volumeBindingMode: Immediate
parameters:
  csi.storage.k8s.io/node-publish-secret-name: s3-node-secret
  csi.storage.k8s.io/node-publish-secret-namespace: kube-system
mountOptions:
  - allow-delete
  - allow-other
Only provisioner secrets - Driver level secrets will be used for mount operations
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: s3-basic
provisioner: s3.csi.scality.com
reclaimPolicy: Delete
volumeBindingMode: Immediate
parameters:
  csi.storage.k8s.io/provisioner-secret-name: s3-provisioner-secret
  csi.storage.k8s.io/provisioner-secret-namespace: kube-system
mountOptions:
  - allow-delete
  - allow-other
No secrets - Driver level secrets will be used for CreateBucket, DeleteBucket and mount operations
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: s3-basic
provisioner: s3.csi.scality.com
reclaimPolicy: Delete
volumeBindingMode: Immediate
parameters:
mountOptions:
  - allow-delete
  - allow-other

Volume Binding Mode Examples

Immediate binding (Default) - Bucket created immediately when PVC is created
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: s3-immediate
provisioner: s3.csi.scality.com
reclaimPolicy: Delete
volumeBindingMode: Immediate  # Default behavior
parameters:
  csi.storage.k8s.io/provisioner-secret-name: s3-provisioner-secret
  csi.storage.k8s.io/provisioner-secret-namespace: kube-system
  csi.storage.k8s.io/node-publish-secret-name: s3-node-secret
  csi.storage.k8s.io/node-publish-secret-namespace: kube-system
mountOptions:
  - allow-delete
  - allow-other
WaitForFirstConsumer - Bucket creation delayed until pod is scheduled
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: s3-wait-for-consumer
provisioner: s3.csi.scality.com
reclaimPolicy: Delete
volumeBindingMode: WaitForFirstConsumer  # Wait for pod scheduling
parameters:
  csi.storage.k8s.io/provisioner-secret-name: s3-provisioner-secret
  csi.storage.k8s.io/provisioner-secret-namespace: kube-system
  csi.storage.k8s.io/node-publish-secret-name: s3-node-secret
  csi.storage.k8s.io/node-publish-secret-namespace: kube-system
mountOptions:
  - allow-delete
  - allow-other
WaitForFirstConsumer with ${pv.name} templating - Requires delayed binding
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: s3-pv-name-templating
provisioner: s3.csi.scality.com
reclaimPolicy: Delete
volumeBindingMode: WaitForFirstConsumer  # Required for ${pv.name} templating
parameters:
  # Using ${pv.name} templating requires WaitForFirstConsumer
  csi.storage.k8s.io/provisioner-secret-name: "${pv.name}-secret"
  csi.storage.k8s.io/provisioner-secret-namespace: "${pvc.namespace}"
  csi.storage.k8s.io/node-publish-secret-name: "${pv.name}-secret"
  csi.storage.k8s.io/node-publish-secret-namespace: "${pvc.namespace}"
mountOptions:
  - allow-delete
  - allow-other

Usage Examples

PVC using StorageClass for dynamic provisioning
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: my-app-storage
  namespace: default
spec:
  accessModes:
    - ReadWriteMany
  storageClassName: s3-immediate  # References the StorageClass
  resources:
    requests:
      storage: 100Gi  # Arbitrary value for S3 - actual size is unlimited
Pod using the above PVC
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
apiVersion: v1
kind: Pod
metadata:
  name: s3-app
spec:
  containers:
    - name: app
      image: ubuntu
      command: ["/bin/sh"]
      args: ["-c", "echo 'Hello from the container!' >> /data/$(date -u).txt; tail -f /dev/null"]
      volumeMounts:
        - name: persistent-storage
          mountPath: /data
  volumes:
    - name: persistent-storage
      persistentVolumeClaim:
        claimName: my-app-storage  # References the PVC created above
Pod with inline PVC using StorageClass
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
apiVersion: v1
kind: Pod
metadata:
  name: s3-inline-app
spec:
  containers:
    - name: app
      image: ubuntu
      command: ["/bin/sh"]
      args: ["-c", "echo 'Hello from inline PVC!' >> /data/$(date -u).txt; tail -f /dev/null"]
      volumeMounts:
        - name: persistent-storage
          mountPath: /data
  volumes:
    - name: persistent-storage
      persistentVolumeClaim:
        claimName: app-storage  # Inline PVC defined below
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: app-storage
  namespace: default
spec:
  accessModes:
    - ReadWriteMany
  storageClassName: s3-immediate  # References StorageClass for dynamic provisioning
  resources:
    requests:
      storage: 50Gi