Terraform-provider-kubernetes: kubernetes_persistent_volume to support arg secret_namespace for azure_file volume type

Created on 10 Feb 2021  ·  2Comments  ·  Source: hashicorp/terraform-provider-kubernetes

Description

Resource kubernetes_persistent_volume should expose secret_namespace argument for azure_file volume type, consistently with k8s api

Empirically, this feature become _almost necessary_ with AKS/K8S version 1.19. When spec.azureFile.secretNamespace is not specified, with version 1.18 pods would lookup for azure file secret in their own namespace, with version 1.19 they look that up in the default namespace.

Potential Terraform Configuration

resource "kubernetes_persistent_volume" "data" {
  metadata {
    name = "my-data-pv"
  }
  spec {
    capacity = {
      storage = "100Gi"
    }
    access_modes       = ["ReadWriteMany"]
    storage_class_name = "azurefile"

    persistent_volume_source {
      azure_file {
        secret_namespace = "my-namespace"  # Here is the argument yet to be supported in TF provider
        secret_name      =  "bla"
        share_name       =  "blabla"
        read_only        = "false"
      }
    }

    mount_options = [
      ...
    ]
  }
}

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment
enhancement help wanted themcoverage
Source
picture ortelli-oxalide
👍8

Most helpful comment

I also need this because we've upgraded our AKS to 1.19 and the persistent volume stopped working. As a workaround we've moved our secret to the default namespace but we'd like to have this done properly by setting the secret_namespace.

I've opened a PR #1204

picture bancek on 17 Mar 2021
👍4

All 2 comments

I also need this because we've upgraded our AKS to 1.19 and the persistent volume stopped working. As a workaround we've moved our secret to the default namespace but we'd like to have this done properly by setting the secret_namespace.

I've opened a PR #1204

bancek picture bancek on 17 Mar 2021
👍4

I'm going to lock this issue because it has been closed for _30 days_ ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!

hashibot[bot] picture hashibot[bot] on 29 Apr 2021
Was this page helpful?
0 / 5 - 0 ratings

Related issues

yaman picture yaman  ·  4Comments
dmitry-mightydevops picture dmitry-mightydevops  ·  3Comments
heidemn picture heidemn  ·  4Comments
dhild picture dhild  ·  4Comments
landorg picture landorg  ·  3Comments