Skip to content

Ability to enforce granular resource limits on CreateVolumeRequest #42

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
Jgoldick opened this issue Jun 19, 2017 · 2 comments
Closed

Ability to enforce granular resource limits on CreateVolumeRequest #42

Jgoldick opened this issue Jun 19, 2017 · 2 comments

Comments

@Jgoldick
Copy link

While perhaps out of scope, the CO should not need to know that there are storage resource limits based on admin identity or any other policy beyond of cluster-wide shared resources. In order to apply resource quotas at the Controller Plugin level there should be provision for passing the owning identity associated with a Volume. The identity of the creating admin could probably be used but it's not clear to me that this security context is supplied by the gRPC workflow from CO to the Controller Plugin.

This also implies a potential new error code for CreateVolumeRequest to describe a resource quota limit being exceeded.
@jdef
Copy link
Member

jdef commented Jun 26, 2017

Related to Quota (#9) and Principal (#30)

@saad-ali
Copy link
Member

saad-ali commented Nov 1, 2018

#17 (comment)
We have secrets per RPC that a plugin can used by CO to pass identity information. That can be used to implement a per identity quota.

@saad-ali saad-ali closed this as completed Nov 1, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jdef @saad-ali @Jgoldick