diff --git a/deploy/kubernetes/webhook-example/README.md b/deploy/kubernetes/webhook-example/README.md index 21b35bc0..4c0a66f6 100644 --- a/deploy/kubernetes/webhook-example/README.md +++ b/deploy/kubernetes/webhook-example/README.md @@ -2,16 +2,6 @@ The snapshot validating webhook is an HTTP callback which responds to [admission requests](https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/). It is part of a larger [plan](https://github.com/kubernetes/enhancements/tree/master/keps/sig-storage/1900-volume-snapshot-validation-webhook#proposal) to tighten validation for volume snapshot objects. This webhook introduces the [ratcheting validation](https://github.com/kubernetes/enhancements/tree/master/keps/sig-storage/1900-volume-snapshot-validation-webhook#backwards-compatibility) mechanism targeting the tighter validation. The cluster admin or Kubernetes distribution admin should install the webhook alongside the snapshot controllers and CRDs. -> :warning: **WARNING**: Cluster admins choosing not to install the webhook server and participate in the phased release process can cause future problems when upgrading from `v1beta1` to `v1` volumesnapshot API, if there are currently persisted objects which fail the new stricter validation. Potential impacts include being unable to delete invalid snapshot objects. - -## Prerequisites - -The following are prerequisites to use this validating webhook: - -- K8s version 1.17+ (v1.9+ to use `admissionregistration.k8s.io/v1beta1`, v1.16+ to use `admissionregistration.k8s.io/v1`, v1.17+ to use `snapshot.storage.k8s.io/v1beta1`) -- ValidatingAdmissionWebhook is [enabled](https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/#prerequisites). (in v1.18+ it will be enabled by default) -- API `admissionregistration.k8s.io/v1beta1` or `admissionregistration.k8s.io/v1` is enabled. - ## How to build the webhook Build the binary diff --git a/examples/kubernetes/invalid-snapshot-v1beta1.yaml b/examples/kubernetes/invalid-snapshot-v1beta1.yaml deleted file mode 100644 index b4901216..00000000 --- a/examples/kubernetes/invalid-snapshot-v1beta1.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: snapshot.storage.k8s.io/v1beta1 -kind: VolumeSnapshot -metadata: - name: new-snapshot-demo -spec: - volumeSnapshotClassName: csi-hostpath-snapclass - source: # Only one of the two fields should be set for a snapshot. Therefore this snapshot is invalid. - persistentVolumeClaimName: pvc - volumeSnapshotContentName: vsc diff --git a/examples/kubernetes/snapshot-v1beta1.yaml b/examples/kubernetes/snapshot-v1beta1.yaml deleted file mode 100644 index 86a102b8..00000000 --- a/examples/kubernetes/snapshot-v1beta1.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: snapshot.storage.k8s.io/v1beta1 -kind: VolumeSnapshot -metadata: - name: new-snapshot-demo -spec: - volumeSnapshotClassName: csi-hostpath-snapclass - source: - persistentVolumeClaimName: hpvc diff --git a/examples/kubernetes/snapshotclass-v1beta1.yaml b/examples/kubernetes/snapshotclass-v1beta1.yaml deleted file mode 100644 index 41df498a..00000000 --- a/examples/kubernetes/snapshotclass-v1beta1.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: snapshot.storage.k8s.io/v1beta1 -kind: VolumeSnapshotClass -metadata: - name: csi-hostpath-snapclass -driver: hostpath.csi.k8s.io -deletionPolicy: Delete