Accommodate VGS workflows in PVC CSI plugin #9019
Open
+1,869
−68
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
shubham-pampattiwar
force-pushed
the
vgs-task-3
branch
from
8d32a1f to
163a968
Compare
shubham-pampattiwar
force-pushed
the
vgs-task-3
branch
from
163a968 to
de70c1e
Compare
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #9019 +/- ##
==========================================
+ Coverage 60.05% 60.07% +0.02%
==========================================
Files 378 378
Lines 42883 43249 +366
==========================================
+ Hits 25754 25983 +229
- Misses 15582 15696 +114
- Partials 1547 1570 +23 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
shubham-pampattiwar
force-pushed
the
vgs-task-3
branch
3 times, most recently
from
65c1223 to
c388581
Compare
github-actions
bot
added
the
Dependencies
shubham-pampattiwar
force-pushed
the
vgs-task-3
branch
2 times, most recently
from
88bbb2f to
7499884
Compare
shubham-pampattiwar
force-pushed
the
vgs-task-3
branch
5 times, most recently
from
1d83920 to
b2e5096
Compare
|
👁️ |
kaovilai
previously approved these changes
Jul 2, 2025
There was a problem hiding this comment.
VGS (VolumeGroupSnapshot) Workflow Diagram
This diagram illustrates the VGS workflow implementation in the PVC CSI plugin (pkg/backup/actions/csi/pvc_action.go).
flowchart TB
Start([PVC Backup Item Action Execute]) --> ValidateBackup{Validate Backup Phase}
ValidateBackup -->|Invalid Phase| End1[Return without modification]
ValidateBackup -->|Valid| ValidatePVC{Validate PVC and PV}
ValidatePVC -->|No Storage Class| Error1[Error: No Storage Class]
ValidatePVC -->|Not CSI Volume| SkipPVC[Mark as Skipped<br/>Add SkippedNoCSIPVAnnotation]
ValidatePVC -->|Valid CSI Volume| CheckSnapshot{Should Perform Snapshot?}
SkipPVC --> End1
Error1 --> End1
CheckSnapshot -->|No| End1
CheckSnapshot -->|Yes| GetVSRef[getVolumeSnapshotReference]
GetVSRef --> CheckVGSLabel{Check VGS Label<br/>backup.Spec.VolumeGroupSnapshotLabelKey}
CheckVGSLabel -->|No Label or Empty| LegacyPath[Legacy: createVolumeSnapshot]
CheckVGSLabel -->|Has Label with Group Value| VGSPath[VGS Workflow Path]
%% Legacy Path
LegacyPath --> GetStorageClass[Get Storage Class]
GetStorageClass --> GetVSClass[Get VolumeSnapshotClass]
GetVSClass --> CreateVS[Create Individual VolumeSnapshot]
CreateVS --> VSCreated[VS Created]
%% VGS Path
VGSPath --> FindExistingVS{Find Existing VS<br/>for Current Backup}
FindExistingVS -->|Found with VGS Name| ReuseVS[Reuse Existing VS]
FindExistingVS -->|Not Found| CreateVGSFlow[Start VGS Creation Flow]
CreateVGSFlow --> ListGroupedPVCs[List All PVCs<br/>with Same Group Label]
ListGroupedPVCs --> DetermineDriver{Determine CSI Driver<br/>for Grouped PVCs}
DetermineDriver -->|Multiple Drivers| Error2[Error: Multiple CSI Drivers]
DetermineDriver -->|Single Driver| DetermineVGSClass[Determine VGS Class<br/>1. PVC Annotation<br/>2. Backup Annotation<br/>3. Default Label]
Error2 --> End1
DetermineVGSClass --> CreateVGS[Create VolumeGroupSnapshot<br/>with Label Selector]
CreateVGS --> WaitVSStatus[Wait for VS Objects<br/>to have Status and VGS Name]
WaitVSStatus --> UpdateVS[Update VS Objects:<br/>- Remove VGS Owner Ref<br/>- Remove Finalizers<br/>- Add Backup Labels]
UpdateVS --> WaitVGSC[Wait for VGSC Binding<br/>in VGS Status]
WaitVGSC --> PatchVGSC[Patch VGSC<br/>DeletionPolicy to Retain]
PatchVGSC --> DeleteResources[Delete VGS and VGSC]
DeleteResources --> GetVSForPVC[Get VS for Current PVC<br/>Match by:<br/>- PVC Name<br/>- VGS Name<br/>- Backup Labels]
GetVSForPVC --> VSReady[VS Ready for Use]
ReuseVS --> VSReady
VSCreated --> VSReady
VSReady --> CheckDataMover{Check SnapshotMoveData}
CheckDataMover -->|True| DataMoverPath[Data Mover Workflow]
CheckDataMover -->|False| StandardPath[Standard Backup Path]
DataMoverPath --> WaitVSCHandle[Wait for VSC Handle]
WaitVSCHandle --> CreateDataUpload[Create DataUpload CR]
CreateDataUpload -->|Success| AddDataUploadAnnotation[Add DataUpload Annotation]
CreateDataUpload -->|Failure| CleanupVS[Cleanup VS and Log Error]
CleanupVS --> End1
AddDataUploadAnnotation --> UpdatePVC[Update PVC with Labels/Annotations]
StandardPath --> AddVSToBackup[Add VS to Additional Items]
AddVSToBackup --> UpdatePVC
UpdatePVC --> ReturnResult[Return Updated PVC<br/>with Additional Items]
ReturnResult --> End2([End])
%% Style classes
classDef errorNode fill:#ff6b6b,stroke:#c92a2a,color:#fff
classDef successNode fill:#51cf66,stroke:#2f9e44,color:#fff
classDef decisionNode fill:#ffd43b,stroke:#fab005,color:#000
classDef processNode fill:#74c0fc,stroke:#339af0,color:#000
classDef vgsNode fill:#ff8cc8,stroke:#f06595,color:#000
class Error1,Error2,CleanupVS errorNode
class VSCreated,VSReady,ReturnResult successNode
class ValidateBackup,ValidatePVC,CheckSnapshot,CheckVGSLabel,FindExistingVS,DetermineDriver,CheckDataMover decisionNode
class GetVSRef,LegacyPath,VGSPath,CreateVGSFlow,ListGroupedPVCs,DetermineVGSClass,CreateVGS,WaitVSStatus,UpdateVS,WaitVGSC,PatchVGSC,DeleteResources,GetVSForPVC processNode
class CreateVGS,WaitVSStatus,UpdateVS,WaitVGSC,PatchVGSC,DeleteResources vgsNode
Key Components and Flow
1. Main Workflow Branches
- VGS Path: When PVC has VGS label (defined by
backup.Spec.VolumeGroupSnapshotLabelKey) - Legacy Path: When PVC doesn't have VGS label - creates individual VolumeSnapshot
2. VGS Creation Process
- Check for Existing VS: First checks if a VS already exists for this PVC in the current backup
- Group PVC Discovery: Lists all PVCs with the same group label
- Driver Validation: Ensures all grouped PVCs use the same CSI driver
- VGS Class Selection: Determines appropriate VolumeGroupSnapshotClass using hierarchy:
- PVC-level annotation override
- Backup-level annotation override
- Default class with label
- VGS Creation: Creates VolumeGroupSnapshot with label selector
- VS Status Wait: Waits for all VS objects to report VGS name in status
- VS Updates: Removes owner references, finalizers, adds backup labels
- VGSC Binding: Waits for VolumeGroupSnapshotContent binding
- Retention Policy: Patches VGSC to Retain deletion policy
- Cleanup: Deletes VGS and VGSC (VS objects remain)
3. Decision Points and Error Handling
- Multiple CSI Drivers: Fails if grouped PVCs use different drivers
- Missing VGS Class: Fails if no appropriate VGS class found
- Timeout Handling: Uses backup's CSI snapshot timeout for all wait operations
- VS Not Found: Errors if VS can't be found after VGS creation
4. Resource Relationships
- VGS (VolumeGroupSnapshot): Groups multiple PVCs for atomic snapshot
- VGSC (VolumeGroupSnapshotContent): Backing content for VGS
- VS (VolumeSnapshot): Individual snapshots created by VGS
- VSC (VolumeSnapshotContent): Backing content for each VS
5. Key Features
- Idempotency: Reuses existing VS if found for current backup
- Atomic Operations: All grouped PVCs snapshot together
- Resource Cleanup: VGS/VGSC deleted after VS creation
- Retention: VGSC patched to Retain before deletion
- Label Propagation: Backup labels added to VS objects
shubham-pampattiwar
force-pushed
the
vgs-task-3
branch
from
b2e5096 to
4f8612b
Compare
blackpiglet
reviewed
Jul 4, 2025
blackpiglet
reviewed
Jul 4, 2025
blackpiglet
reviewed
Jul 4, 2025
blackpiglet
reviewed
Jul 4, 2025
blackpiglet
reviewed
Jul 4, 2025
blackpiglet
reviewed
Jul 4, 2025
Lyndon-Li
reviewed
Jul 9, 2025
Lyndon-Li
reviewed
Jul 9, 2025
Lyndon-Li
reviewed
Jul 9, 2025
shubham-pampattiwar
force-pushed
the
vgs-task-3
branch
from
4f8612b to
11175d4
Compare
shubham-pampattiwar
force-pushed
the
vgs-task-3
branch
from
11175d4 to
8b27966
Compare
|
@Lyndon-Li @blackpiglet Updated the PR to address the review comments and feedback. PTAL, Thanks ! |
blackpiglet
reviewed
Jul 15, 2025
blackpiglet
reviewed
Jul 15, 2025
|
@shubham-pampattiwar @Lyndon-Li was on vacation this week. |
Signed-off-by: Shubham Pampattiwar <[email protected]> Add changelog file Signed-off-by: Shubham Pampattiwar <[email protected]> make update Signed-off-by: Shubham Pampattiwar <[email protected]> lint fix Signed-off-by: Shubham Pampattiwar <[email protected]> add unit tests for getVSForPVC func Signed-off-by: Shubham Pampattiwar <[email protected]> Use v1beta1 instead of v1 v1alpha1 Signed-off-by: Shubham Pampattiwar <[email protected]> go mod tidy Signed-off-by: Shubham Pampattiwar <[email protected]> update updateVGSCreatedVS func to use retry on conflict Signed-off-by: Shubham Pampattiwar <[email protected]> make update minor fix Signed-off-by: Shubham Pampattiwar <[email protected]> fix ut assert Signed-off-by: Shubham Pampattiwar <[email protected]> Address PR feedback Signed-off-by: Shubham Pampattiwar <[email protected]> minor updates Signed-off-by: Shubham Pampattiwar <[email protected]>
shubham-pampattiwar
force-pushed
the
vgs-task-3
branch
from
8b27966 to
ab34939
Compare
|
@blackpiglet Thanks for the review. I have updated the PR addressing your latest feedback. PTAL ! |
blackpiglet
reviewed
Jul 16, 2025
| // Finalizer constants | ||
| const ( | ||
| VolumeSnapshotFinalizerGroupProtection = "snapshot.storage.kubernetes.io/volumesnapshot-in-group-protection" | ||
| VolumeSnapshotFinalizerSourceProtection = "snapshot.storage.kubernetes.io/volumesnapshot-as-source-protection" |
There was a problem hiding this comment.
Please note that we can refer to the external-snapshotter's definition instead of declaring it here again.
There was a problem hiding this comment.
That util package isn’t published in the Go module path, so importing it directly isn’t possible.
There was a problem hiding this comment.
There was a problem hiding this comment.
There was a problem hiding this comment.
looked at the wrong version: https://pkg.go.dev/github.com/kubernetes-csi/external-snapshotter
😓
There was a problem hiding this comment.
~/experiments
❯ go build test.go
~/experiments
❯ go run .
Hello, snapshot.storage.kubernetes.io/volumesnapshot-as-source-protection
~/experiments
❯ cat test.go
package main
import (
"fmt"
"github.com/kubernetes-csi/external-snapshotter/v8/pkg/utils"
)
func main() {
fmt.Printf("Hello, %s\n", utils.VolumeSnapshotAsSourceFinalizer)
}
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Thank you for contributing to Velero!
Please add a summary of your change
PR implements support for VolumeGroupSnapshot (VGS) in the CSI PVC plugin with handling for three scenarios:
Applies common branching for datamover and non-datamover workflows based on the resolved VS. Adds unit tests for VGS-based logic
Does your change fix a particular issue?
Fixes #8936
Related to sub-task of #8865
Please indicate you've done the following:
make new-changelog) or comment/kind changelog-not-requiredon this PR.site/content/docs/main.