diff --git a/modules/storage-ephemeral-vols-lifecycle.adoc b/modules/storage-ephemeral-vols-lifecycle.adoc index 618ff01142ca..29393e7070dc 100644 --- a/modules/storage-ephemeral-vols-lifecycle.adoc +++ b/modules/storage-ephemeral-vols-lifecycle.adoc @@ -8,8 +8,10 @@ [id="generic-ephemeral-vols-lifecycle_{context}"] = Lifecycle and persistent volume claims -The parameters for a volume claim are allowed inside a volume source of a pod. Labels, annotations, and the whole set of fields for persistent volume claims (PVCs) are supported. When such a pod is created, the ephemeral volume controller then creates an actual PVC object (from the template shown in the _Creating generic ephemeral volumes_ procedure) in the same namespace as the pod, and ensures that the PVC is deleted when the pod is deleted. This triggers volume binding and provisioning in one of two ways: +[role="_abstract"] +The parameters for a volume claim are allowed inside a volume source of a pod. Labels, annotations, and the whole set of fields for persistent volume claims (PVCs) are supported. When such a pod is created, the ephemeral volume controller then creates an actual PVC object (from the template shown in the _Creating generic ephemeral volumes_ procedure) in the same namespace as the pod, and ensures that the PVC is deleted when the pod is deleted. +This triggers volume binding and provisioning in one of two ways: * Either immediately, if the storage class uses immediate volume binding. + diff --git a/modules/storage-ephemeral-vols-overview.adoc b/modules/storage-ephemeral-vols-overview.adoc index c66f89d036e1..a99936b2afa6 100644 --- a/modules/storage-ephemeral-vols-overview.adoc +++ b/modules/storage-ephemeral-vols-overview.adoc @@ -8,8 +8,7 @@ [id="generic-ephemeral-vols-overview_{context}"] = Overview -Generic ephemeral volumes are a type of ephemeral volume that can be provided by all storage drivers that support persistent volumes and dynamic provisioning. Generic ephemeral volumes are similar to `emptyDir` volumes in that they provide a per-pod directory for scratch data, which is usually empty after provisioning. - +[role="_abstract"] Generic ephemeral volumes are specified inline in the pod spec and follow the pod's lifecycle. They are created and deleted along with the pod. Generic ephemeral volumes have the following features: diff --git a/modules/storage-ephemeral-vols-procedure.adoc b/modules/storage-ephemeral-vols-procedure.adoc index 8cd74ef08cb9..0ae552800aeb 100644 --- a/modules/storage-ephemeral-vols-procedure.adoc +++ b/modules/storage-ephemeral-vols-procedure.adoc @@ -3,11 +3,13 @@ // * storage/generic-ephemeral-vols.adoc //* microshift_storage/generic-ephemeral-volumes-microshift.adoc - :_mod-docs-content-type: PROCEDURE [id="generic-ephemeral-vols-procedure_{context}"] = Creating generic ephemeral volumes +[role="_abstract"] +You can create generic ephemeral volumes as needed. + .Procedure . Create the `pod` object definition and save it to a file. @@ -30,7 +32,7 @@ spec: name: data command: [ "sleep", "1000000" ] volumes: - - name: data <1> + - name: data ephemeral: volumeClaimTemplate: metadata: @@ -49,4 +51,5 @@ endif::microshift[] storage: 1Gi ---- -<1> Generic ephemeral volume claim. ++ +* `spec.volumes.name`: Name of the generic ephemeral volume claim. diff --git a/modules/storage-ephemeral-vols-pvc-naming.adoc b/modules/storage-ephemeral-vols-pvc-naming.adoc index 236fca08e9b0..e8405d8afb51 100644 --- a/modules/storage-ephemeral-vols-pvc-naming.adoc +++ b/modules/storage-ephemeral-vols-pvc-naming.adoc @@ -7,6 +7,7 @@ [id="generic-ephemeral-vols-pvc-naming_{context}"] = Persistent volume claim naming +[role="_abstract"] Automatically created persistent volume claims (PVCs) are named by a combination of the pod name and the volume name, with a hyphen (-) in the middle. This naming convention also introduces a potential conflict between different pods, and between pods and manually created PVCs. For example, `pod-a` with volume `scratch` and `pod` with volume `a-scratch` both end up with the same PVC name, `pod-a-scratch`. diff --git a/modules/storage-ephemeral-vols-security.adoc b/modules/storage-ephemeral-vols-security.adoc index f1f49e31e641..7b7b0e9fb17b 100644 --- a/modules/storage-ephemeral-vols-security.adoc +++ b/modules/storage-ephemeral-vols-security.adoc @@ -7,6 +7,7 @@ [id="generic-ephemeral-security_{context}"] = Security +[role="_abstract"] You can enable the generic ephemeral volume feature to allows users who can create pods to also create persistent volume claims (PVCs) indirectly. This feature works even if these users do not have permission to create PVCs directly. Cluster administrators must be aware of this. If this does not fit your security model, use an admission webhook that rejects objects such as pods that have a generic ephemeral volume. The normal namespace quota for PVCs still applies, so even if users are allowed to use this new mechanism, they cannot use it to circumvent other policies. diff --git a/storage/generic-ephemeral-vols.adoc b/storage/generic-ephemeral-vols.adoc index db0f0277efae..f07fee74aa82 100644 --- a/storage/generic-ephemeral-vols.adoc +++ b/storage/generic-ephemeral-vols.adoc @@ -1,8 +1,12 @@ :_mod-docs-content-type: ASSEMBLY [id="generic-ephemeral-volumes"] -= Generic ephemeral volumes + include::_attributes/common-attributes.adoc[] :context: generic-ephemeral-volumes += Generic ephemeral volumes + +[role="_abstract"] +Generic ephemeral volumes are a type of ephemeral volume that can be provided by all storage drivers that support persistent volumes and dynamic provisioning. Generic ephemeral volumes are similar to `emptyDir` volumes in that they provide a per-pod directory for scratch data, which is usually empty after provisioning. toc::[]