The second release of 2023 for Kubernetes CSI Driver & Dell Container Storage Modules (CSM) is here !

The official changelog can be consulted on the CHANGELOG directory of the CSM repository

• CSI Features
  • Supported Kubernetes distributions
  • CSI PowerMax
  • CSI PowerScale
• CSM Features
  • CSM Operator
  • CSM Wizard
  • CSM Authorization
  • CSM Replication
• Useful links

CSI Features

Supported Kubernetes distributions

The newly supported Kubernetes distributions are :

• OpenShift 4.12

CSI PowerMax

Since a couple of version the CSI PowerMax reverseproxy is enabled by default. The TLS certificate secret creation is now pre-packaged via cert-manager avoiding manual steps for the administrator.

A volume can be mounted to a Pod in readOnly, this is default behavior for a configMap or secret. That option is now supported for RawBlock devices too.

apiVersion: v1
kind: Pod
metadata:
  name: task-pv-pod
spec:
  volumes:
    - name: task-pv-storage
      persistentVolumeClaim:
        claimName: task-pv-claim
        # What ever is the accessMode it will be read-only for the Pod
        readOnly: true
...

CSM v1.5 introduced the capacity to provision fiber-channel LUNs to Kubernetes worker nodes through VMware Raw Device Mapping. It had the limitation of the RDM/LUN to be sticky to a single ESXi host, which means the Pod could not move to another worker node.

The auto-RDM feature works at the HostGroup level in PowerMax and therefore supports clusters with multiple ESXi hosts.

We are exposing the host I/O limits on storage groups parameter via the StorageClass. Host I/O limit is here to implement QoS at the worker node level and to prevent noisy neighbour behavior.

CSI PowerScale

The Storage Capacity Tracking is used by the Kubernetes scheduler to make sure the node and backend storage have enough capacity for Pod/PVC.

Allow user to set Quota limit parameters from the PVC and StorageClass requests. It allows the user to have better control of the quota parameters ( parameters (Soft Limit, AdvisoryLimit, Softgrace period) attached to each PVC

If quota limit values are specified in both storageClass and PVC, the PVC settings take precedence.

CSM Features

CSM Operator

Unity & PowerMax can be installed via the CSM operator.

The CSM resiliency and CSM-Replication for CSI-PowerFlex are now available in the CSM Operator.

CSM Wizard

CSM wizard is the most easy and straight forward way to install the Dell CSI drivers and Container Storage Modules.

In that release we add the support for Unity, PowerScale and PowerFlex.

We removed the option to give seperate namespace for driver and modules to keep it keep it simple.

CSM Authorization

CSM Authorization security is harden as karavictl command requires administrator token.

We have a workflow to:

• Generate an administrator token token output to YAML file.
• Mandate an administrator token to run karavictl commands.
• Rotate a new token if access token is expired but refresh token is still valid.
• Report error on expired token.

The Secrets Encryption is enabled by default

• All secrets will be encrypted by default using AES-CBC key type
• After installation/upgrade all secrets will be encrypted
• The AES-CBC key type is the default key type
• The AES-CBC key type is the only key type supported

CSM Replication

When you use CSM replication there are two volumes created the active one and the replica. Pre CSM v1.7, if you remove the two PVs the physical replica wasn’t deleted.

Now on PV deletion we cascade the removal to all the objects including the replicas block volumes in PowerStore, PowerMax, and PowerFlex so there are no more orphan volumes.

Useful links

Stay informed of the latest updates of Dell CSM eco-system by subscribing to :

• The Dell CSM Github repository
• Our DevOps & Automation Youtube playlist
• The Slack