Support specifying volume tags via PVC labels or annotations

[tsjnsn]

Is your feature request related to a problem?/Why is this needed
Applying unique sets of tags based on application requirements currently requires creating a storageclass specific to the application and set of tags. This makes it difficult to maintain tags when there is a lot of variety in keys and values

/feature

Describe the solution you'd like in detail
Ideally, you could specify list of tags in the PVC, that way the storage class can remain application-agnostic. One of the following options should work -

• controller can inspect a pre-defined annotation or label on the PVC to determine which AWS tags should be applied to the volume
• the existing templating for StorageClasses can be extended to expose PVC labels/annotations so any custom tags in the PVC can be referenced there

Describe alternatives you've considered

Additional context

[TomBillietKlarrio]

also: it would allow tags to be changed. Since you can't update storageclasses (they're immutable)

[michealliang123]

If we can use PVC lable against sc in dynamic provisioning,This is great for maintaining your own tags independently between each project!

[torredil]

Hi all, thanks for the feature request - we've made a note of this and will evaluate it in the near future.

One key consideration is that there is currently a limitation in Kubernetes where CSI drivers do not have the ability to retrieve tags applied to a PVC from the CreateVolume request passed in by the external provisioner.

We will provide more updates as we make progress on the evaluation and any plans to support this, thanks!

/kind feature

[ishaankalra]

@torredil Till then, cant we have the labels/annotation part at least, considering it cannot be changed once created?

[nickvanw]

If it's useful, we (PlanetScale) worked around this limitation by deploying https://github.com/mtougeron/k8s-pvc-tagger which supports AWS and GCP

[ConnorJC3]

Hi all, after some discussion, we don't currently plan to support this in the driver itself.

The Kubernetes community intentionally does not supply annotations/labels to CSI drivers: kubernetes-csi/external-provisioner#86. Because of this, the only solution would involve a work-around that directly bypasses this design and introduces race condition and correctness concerns.

We do support dynamic tag values based on the PVC name and namespace, and the PV name: https://github.com/kubernetes-sigs/aws-ebs-csi-driver/blob/master/docs/tagging.md#storageclass-tagging. We have seen these features utilized in usecases such as cost tagging and tagging volumes for DLM policies.

We are working on the ability to modify the tags of existing volumes using Kubernetes's VolumeAttributesClass feature. We expect to release this capability sometime in the next few EBS CSI releases. (Note, however, that because VACs are an alpha feature they are not yet supported by EKS. We are engaging with the upstream community to push VAC to beta/GA in future Kubernetes releases.)