diff --git a/keps/prod-readiness/sig-storage/3314.yaml b/keps/prod-readiness/sig-storage/3314.yaml new file mode 100644 index 00000000000..d0d92253337 --- /dev/null +++ b/keps/prod-readiness/sig-storage/3314.yaml @@ -0,0 +1,3 @@ +kep-number: 3314 +alpha: + approver: "@johnbelamaric" diff --git a/keps/sig-storage/3314-csi-changed-block-tracking/README.md b/keps/sig-storage/3314-csi-changed-block-tracking/README.md new file mode 100644 index 00000000000..37dcc2ba52a --- /dev/null +++ b/keps/sig-storage/3314-csi-changed-block-tracking/README.md @@ -0,0 +1,875 @@ + +# KEP-3314: CSI Changed Block Tracking + + + + + + +- [Release Signoff Checklist](#release-signoff-checklist) +- [Summary](#summary) +- [Motivation](#motivation) + - [Goals](#goals) + - [Non-Goals](#non-goals) +- [Proposal](#proposal) + - [User Stories (Optional)](#user-stories-optional) + - [Story 1](#story-1) + - [Story 2](#story-2) + - [Notes/Constraints/Caveats (Optional)](#notesconstraintscaveats-optional) + - [Risks and Mitigations](#risks-and-mitigations) +- [Design Details](#design-details) + - [Test Plan](#test-plan) + - [Prerequisite testing updates](#prerequisite-testing-updates) + - [Unit tests](#unit-tests) + - [Integration tests](#integration-tests) + - [e2e tests](#e2e-tests) + - [Graduation Criteria](#graduation-criteria) + - [Upgrade / Downgrade Strategy](#upgrade--downgrade-strategy) + - [Version Skew Strategy](#version-skew-strategy) +- [Production Readiness Review Questionnaire](#production-readiness-review-questionnaire) + - [Feature Enablement and Rollback](#feature-enablement-and-rollback) + - [Rollout, Upgrade and Rollback Planning](#rollout-upgrade-and-rollback-planning) + - [Monitoring Requirements](#monitoring-requirements) + - [Dependencies](#dependencies) + - [Scalability](#scalability) + - [Troubleshooting](#troubleshooting) +- [Implementation History](#implementation-history) +- [Drawbacks](#drawbacks) +- [Alternatives](#alternatives) +- [Infrastructure Needed (Optional)](#infrastructure-needed-optional) + + +## Release Signoff Checklist + + + +Items marked with (R) are required *prior to targeting to a milestone / release*. + +- [x] (R) Enhancement issue in release milestone, which links to KEP dir in [kubernetes/enhancements] (not the initial KEP PR) +- [ ] (R) KEP approvers have approved the KEP status as `implementable` +- [x] (R) Design details are appropriately documented +- [x] (R) Test plan is in place, giving consideration to SIG Architecture and SIG Testing input (including test refactors) + - [ ] e2e Tests for all Beta API Operations (endpoints) + - [ ] (R) Ensure GA e2e tests meet requirements for [Conformance Tests](https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/conformance-tests.md) + - [ ] (R) Minimum Two Week Window for GA e2e tests to prove flake free +- [x] (R) Graduation criteria is in place + - [ ] (R) [all GA Endpoints](https://github.com/kubernetes/community/pull/1806) must be hit by [Conformance Tests](https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/conformance-tests.md) +- [ ] (R) Production readiness review completed +- [ ] (R) Production readiness review approved +- [ ] "Implementation History" section is up-to-date for milestone +- [ ] User-facing documentation has been created in [kubernetes/website], for publication to [kubernetes.io] +- [ ] Supporting documentation—e.g., additional design documents, links to mailing list discussions/SIG meetings, relevant PRs/issues, release notes + + + +[kubernetes.io]: https://kubernetes.io/ +[kubernetes/enhancements]: https://git.k8s.io/enhancements +[kubernetes/kubernetes]: https://git.k8s.io/kubernetes +[kubernetes/website]: https://git.k8s.io/website + +## Summary + + + +This KEP proposes new CSI API that can be used to identify the list of changed +blocks between pairs of CSI volume snapshots. CSI drivers can implement this API +to expose their changed block tracking (CBT) services to enable efficient and +reliable differential backup of data stored in CSI volumes. + +## Motivation + + + +Changed block tracking (CBT) techniques have been used by commercial backup +systems to efficiently back up large amount of data in block volumes. They +identify block-level changes between two arbitrary pair of snapshots of the +same block volume, and selectively back up what has changed between the two +checkpoints. This type of differential backup approach is a lot more efficient +than backing up the entire volume. + +This KEP proposes a design to extend the Kubernetes CSI framework to utilize +these CBT features to bring efficient, cloud-native data protection to +Kubernetes users. + +### Goals + + + +* Provide a secure, idiomatic CSI API to efficiently identify changes between +two arbitrary pairs of CSI volume snapshots of the same block volume. +* Relay large amount of CBT data from the storage provider back to the user +without exhausting cluster resources, nor introducing flaky resource spikes. +* This API is an optional component of the CSI framework. +* Provide CBT support for both block as well as file system mode (backed by block +volume) persistent volumes. + +### Non-Goals + + + +* Retrieval of the actual changed data blocks is outside the scope of this KEP. +The proposed API only returns the metadata that helps to identify the actual data +blocks +* Support of file changed list tracking for network file shares is out-of-scope. + +## Proposal + + + +### User Stories (Optional) + + + +#### Story 1 + +#### Story 2 + +### Notes/Constraints/Caveats (Optional) + + + +### Risks and Mitigations + + + +## Design Details + + + +### Test Plan + + + +[x] I/we understand the owners of the involved components may require updates to +existing tests to make this code solid enough prior to committing the changes necessary +to implement this enhancement. + +##### Prerequisite testing updates + + + +##### Unit tests + + + + + +All unit tests will be included in the out-of-tree CSI repositories, with no +impact on the test coverage of the core packages. + +##### Integration tests + + + + + +None. + +##### e2e tests + + + +Test setup: + +* A sample client to initiate the CBT session and the subsequent CBT GRPC +requests. +* A mock backend snapshot service generates mock responses with CBT payloads to +be returned to the client. + +Test scenarios: + +* Verify the CBT request/response flow from the client to the CSI driver. +* Verify that the CBT controller can discover the CBT-enabled CSI driver. +* Verify the mutating webhook's ability to ensure authorized access to the +volume snapshots. +* Token management: TBD + +### Graduation Criteria + + + +### Upgrade / Downgrade Strategy + + + +### Version Skew Strategy + + + +## Production Readiness Review Questionnaire + + + +### Feature Enablement and Rollback + + + +###### How can this feature be enabled / disabled in a live cluster? + + + +- [ ] Feature gate (also fill in values in `kep.yaml`) + - Feature gate name: + - Components depending on the feature gate: +- [x] Other + - Describe the mechanism: The new components will be implemented as part of the +out-of-tree CSI framework. Storage providers can embed the CBT sidecar component +in their CSI drivers, if they choose to support this feature. Users will also +need to install the CBT controller and mutating webhook. + - Will enabling / disabling the feature require downtime of the control + plane? No. + - Will enabling / disabling the feature require downtime or reprovisioning + of a node? No. + +###### Does enabling the feature change any default behavior? + + + +No. + +###### Can the feature be disabled once it has been enabled (i.e. can we roll back the enablement)? + + + +Yes, the CBT feature can be disabled by uninstalling the CBT controller from the +cluster and remove the CBT sidecar from the CSI driver. + +###### What happens if we reenable the feature if it was previously rolled back? + +No effects as all custom resources would have been removed when the CBT +controller was previously uninstalled. + +###### Are there any tests for feature enablement/disablement? + + + +No. + +### Rollout, Upgrade and Rollback Planning + + + +###### How can a rollout or rollback fail? Can it impact already running workloads? + + + +###### What specific metrics should inform a rollback? + + + +###### Were upgrade and rollback tested? Was the upgrade->downgrade->upgrade path tested? + + + +###### Is the rollout accompanied by any deprecations and/or removals of features, APIs, fields of API types, flags, etc.? + + + +### Monitoring Requirements + + + +###### How can an operator determine if the feature is in use by workloads? + + + +###### How can someone using this feature know that it is working for their instance? + + + +- [ ] Events + - Event Reason: +- [ ] API .status + - Condition name: + - Other field: +- [ ] Other (treat as last resort) + - Details: + +###### What are the reasonable SLOs (Service Level Objectives) for the enhancement? + + + +###### What are the SLIs (Service Level Indicators) an operator can use to determine the health of the service? + + + +- [ ] Metrics + - Metric name: + - [Optional] Aggregation method: + - Components exposing the metric: +- [ ] Other (treat as last resort) + - Details: + +###### Are there any missing metrics that would be useful to have to improve observability of this feature? + + + +### Dependencies + + + +###### Does this feature depend on any specific services running in the cluster? + + + +### Scalability + + + +###### Will enabling / using this feature result in any new API calls? + + + +###### Will enabling / using this feature result in introducing new API types? + + + +###### Will enabling / using this feature result in any new calls to the cloud provider? + + + +###### Will enabling / using this feature result in increasing size or count of the existing API objects? + + + +###### Will enabling / using this feature result in increasing time taken by any operations covered by existing SLIs/SLOs? + + + +###### Will enabling / using this feature result in non-negligible increase of resource usage (CPU, RAM, disk, IO, ...) in any components? + + + +###### Can enabling / using this feature result in resource exhaustion of some node resources (PIDs, sockets, inodes, etc.)? + + + +### Troubleshooting + + + +###### How does this feature react if the API server and/or etcd is unavailable? + +###### What are other known failure modes? + + + +###### What steps should be taken if SLOs are not being met to determine the problem? + +## Implementation History + + + +## Drawbacks + + + +## Alternatives + + + +The aggregated API server solution described in [#3367][0] was deemed unsuitable +because of the potentially large amount of CBT payloads that will be proxied +through the K8s API server. Further discussion can be found in this [thread][1]. + +An approach based on using volume populator to store the CBT payloads on-disk, +instead of sending them over the network was also considered. But the amount of +pod creation/deletion churns and latency incurred made this solution +inappropriate. + +The previous design which involved generating and returning a RESTful callback +endpoint to the caller, to serve CBT payloads was superceded by the aggregation +extension mechanism as described in [#3367][0], due to the requirement for more +structured request and response payloads. + +## Infrastructure Needed (Optional) + + + +[0]: https://github.com/kubernetes/enhancements/pull/3367 +[1]: https://github.com/kubernetes/enhancements/pull/3367#pullrequestreview-1133441329 diff --git a/keps/sig-storage/3314-csi-changed-block-tracking/kep.yaml b/keps/sig-storage/3314-csi-changed-block-tracking/kep.yaml new file mode 100644 index 00000000000..0d7c63abe28 --- /dev/null +++ b/keps/sig-storage/3314-csi-changed-block-tracking/kep.yaml @@ -0,0 +1,52 @@ +title: KEP Template +kep-number: 3314 +authors: + - "@carlbraganza" + - "@ihcsim" + - "@PrasadG193" +owning-sig: sig-storage +participating-sigs: + - sig-storage +status: "" +creation-date: 2023-06-12 +reviewers: + - "@xing-yang" + - "@bswartz" +approvers: + - "@xing-yang" + - "@msau42" + - "@thockin" + +##### WARNING !!! ###### +# prr-approvers has been moved to its own location +# You should create your own in keps/prod-readiness +# Please make a copy of keps/prod-readiness/template/nnnn.yaml +# to keps/prod-readiness/sig-xxxxx/00000.yaml (replace with kep number) +#prr-approvers: + +see-also: +replaces: + +# The target maturity stage in the current dev cycle for this KEP. +stage: alpha + +# The most recent milestone for which work toward delivery of this KEP has been +# done. This can be the current (upcoming) milestone, if it is being actively +# worked on. +latest-milestone: "v1.29" + +# The milestone at which this feature was, or is targeted to be, at each stage. +milestone: + alpha: "v1.29" + beta: "" + stable: "" + +# The following PRR answers are required at alpha release +# List the feature gate name and the components for which it must be enabled +feature-gates: + - name: + components: +disable-supported: true + +# The following PRR answers are required at beta release +metrics: