CSI (Container Storage Interface) driver for Kubernetes and other container orchestrators

[cskinfill]

Tell us more about this new feature.

Any plans to implement a CSI driver(container storage interface) that would allow a kubernetes cluster to mount an s3 bucket as a Persistent Volume?

[dannycjones]

Thank you for the feedback. We've heard this ask from a few customers and we're looking into it, but nothing to share right now.

That being said, I encourage you to explore if existing CSI drivers such as the CSI for Amazon FSx for Lustre may work for your use case if you haven't already. An FSx for Lustre filesystem can be linked to an Amazon S3 bucket, as documented here: https://docs.aws.amazon.com/fsx/latest/LustreGuide/create-dra-linked-data-repo.html

[MrMarkW]

@dannycjones Can you provide any updates now that Mountpoint for S3 has been released for GA? https://aws.amazon.com/blogs/aws/mountpoint-for-amazon-s3-generally-available-and-ready-for-production-workloads/

[dannycjones]

I have no update to share right now.

Our goal has been to get Mountpoint into customers' hands as a production product, which we've shared this week with the release of v1.0.0. We're still looking into how we can best support customers using mountpoint-s3 with Kubernetes, but there is no information for me to share at this time.

[everpeace]

Hi, I'm devloping/operating an in-house ML platform on the top of EKS clusters and now providing "CSI for Amazon FSx for Lustre" as a high-throughput cache for users to read their S3 data.

And now, we can see mountpoint-s3 as a more cost effective alternative. So, we would be very happy if we will hear that mountpoint-s3 have a plan to support kubernetes CSI in the near future!!

Moreover, normally FUSE(filesystem in user namespace) require privilege operation. But we, as a platform provider, we don't want to give any privilege permission to user pods even to side-car containers.

So, we would expect mountpoint-s3

• supports kubernetes CSI
• with an appropriate privilege isolation
  • similar to https://github.com/GoogleCloudPlatform/gcs-fuse-csi-driver
  • In gcs-fuse-csi-driver,
    • fuse process runs in a sidecar container in a user pod and user pod does NOT require any privilege
    • but, only csi driver daemonset pods require privilege
    • ref: this can be achieved via File Descriptor Transfer over Unix Domain Sockets
      • csi driver mounts(normally it needs privilege) /dev/fuse, and
      • passes the opened file descriptor to a sidecar container in a user pod over unix domain socket which will be created in emptyDir volume in a sidecar.
      • the sidecar will no need to mount but just to talk FUSE protocol to already opened & passed file descriptor. (thus, no need privilege in a sidecar)

[barryib]

Thanks @dannycjones for the update.

I know it's hard to get a precise ETA, but it'll help users to invest in other alternatives while waiting for the CSI driver to have a roughly estimated target. Should we expect something for the re:Invent ? This year ? Q1 2024 ? H1 2024, later ? etc.

[dannycjones]

Thanks @dannycjones for the update.

I know it's hard to get a precise ETA, but it'll help users to invest in other alternatives while waiting for the CSI driver to have a roughly estimated target. Should we expect something for the re:Invent ? This year ? Q1 2024 ? H1 2024, later ? etc.

I get that, and absolutely see the value in delivering this feature for users on Kubernetes. I can't share an estimated date, but it is something we're actively working on!

[vara-bonthu]

Thank you, @dannycjones The mountpoint-s3 CSI Driver is set to be an excellent addition for EKS customers, particularly those running Data and ML workloads on Amazon EKS. I'm eagerly anticipating this feature and plan to conduct some benchmarks to demonstrate its capabilities through the Data on EKS (DoEKS) blueprints. 👍🏼

[everpeace]

This issue can be solved by using https://github.com/pfnet-research/meta-fuse-csi-plugin

[jamesbornholt]

Very excited to say we just launched the new Mountpoint for Amazon S3 CSI driver: https://github.com/awslabs/mountpoint-s3-csi-driver. It's also available as an EKS add-on for easy installation in an EKS-managed Kubernetes cluster. Thanks again for all your feedback on Mountpoint!