|
26 | 26 | - [Security](#security) |
27 | 27 | - [User Story](#user-story) |
28 | 28 | - [Bucket Provisioning with Service Account based Authn (for pods)](#bucket-provisioning-with-service-account-based-authn-for-pods) |
| 29 | +- [Object Lifecycle](#object-lifecycle) |
29 | 30 | - [COSI API Reference](#cosi-api-reference) |
30 | 31 | - [Bucket](#bucket) |
31 | 32 | - [BucketRequest](#bucketrequest) |
@@ -569,6 +570,47 @@ The above volume definition will prompt kubernetes to retrieve the secret and pl |
569 | 570 |
|
570 | 571 | Workloads are expected to read the definition in this file to access a bucket. The API of `bucket.json` follows the same versioning and lifecycle as the rest of the COSI APIs. |
571 | 572 |
|
| 573 | +# Object Lifecycle |
| 574 | + |
| 575 | +The following resources are created by an admin |
| 576 | + |
| 577 | +- BucketClass |
| 578 | +- BucketAccessClass |
| 579 | + |
| 580 | +The following resources are created by a user. They are created with a reference to their corresponding class objects: |
| 581 | + |
| 582 | +- BucketRequest -> BucketClass |
| 583 | +- BucketAccessRequest -> BucketAccessClass, BucketRequest |
| 584 | + |
| 585 | +Note that a BucketAccessRequest also must point to a BucketRequest. |
| 586 | + |
| 587 | +The COSI controller responds by creating the following objects |
| 588 | + |
| 589 | +- BucketRequest <-> Bucket (1:1) |
| 590 | +- BucketAccessRequest <-> BucketAccess (1:1) |
| 591 | + |
| 592 | +In addition, the BucketAccess will point to the Bucket pointed to by the specified BucketRequest |
| 593 | + |
| 594 | +- BucketAccess -> Bucket |
| 595 | + |
| 596 | +Notes: |
| 597 | + |
| 598 | + - The resulting BucketAccess will point to the same Bucket pointed to by the Bucket Request. |
| 599 | + - The BucketClass and BucketAccessClass objects are copied into Bucket and BucketAccess respectively. |
| 600 | + - There are **NO** cycles in the relationship graph of the above mentioned API objects. |
| 601 | + - Mutations are not supported in the API. |
| 602 | + |
| 603 | +When a user deletes the BucketRequest, then depending on the DeletionPolicy, the following happens: |
| 604 | + |
| 605 | +- If deletionPolicy is Delete, then Bucket deletion is also triggered. |
| 606 | +- If deletionPolicy is Retain, then Bucket is left as is, but the BucketRequest is deleted. |
| 607 | + |
| 608 | +Only when all accessors (BucketAccess) of the Bucket are deleted, is the Bucket itself cleaned up. An orphaned Bucket can be "recovered" by manually creating a new BucketRequest object that points to the orphaned Bucket. This manual style of associating BucketRequests to Buckets will only succeed if the Bucket is not already bound to a different BucketRequest. |
| 609 | + |
| 610 | +When a user deletes a BucketAccessRequest, the corresponding BucketAccess is also deleted. In addition, the secret pointed to by the BucketAccess is also deleted. If a pod has that secret mountedwhen delete is called, then the secret will not be deleted, but will instead have its deletionTimestamp set. In this way, access to a Bucket is preserved until the application pod dies. |
| 611 | + |
| 612 | +When an admin deletes any of the Class objects, it does not affect existing Buckets and BucketAccesses as they store a copy of the fields in the corresponding class objects. If a Bucket or BucketAccess is manually deleted by an admin, then the cluster is considered to be in an invalid state. Manual recovery is possible if data is not already lost. |
| 613 | + |
572 | 614 | # COSI API Reference |
573 | 615 |
|
574 | 616 | ## Bucket |
|
0 commit comments