kubernetes: If multiple default StorageClasses exist, pvc request fails

Do we want to stop the creation of a StorageClass with the “is-default” annotation, if one already exists on the cluster?

If I create multiple “default” storage classes

[root@screeley-sc1 gce]# kubectl get storageclass
NAME            TYPE                   ISDEFAULT
another-class   kubernetes.io/gce-pd   NO        
generic1-slow   kubernetes.io/gce-pd   YES       
generic2-fast   kubernetes.io/gce-pd   YES

and then try to submit a PVC, I get this error

[root@screeley-sc1 gce]# kubectl create -f gce-pvc-multidefault.yaml 
Error from server (Forbidden): error when creating "gce-pvc-multidefault.yaml": persistentvolumeclaims "pvc-default" is forbidden: Internal error occurred: 2 default StorageClasses were found

@kubernetes/sig-storage

About this issue

  • Original URL
  • State: closed
  • Created 8 years ago
  • Reactions: 7
  • Comments: 44 (26 by maintainers)

Most upvoted comments

This is an interesting scenario I also ran into with EKS 1.17 (I don’t think it’s specific to version). I have to agree with @agilgur5 that this type of situation should not really occur and the storage class shouldn’t even be created if there is already another with the default annotation. It causes a lot of confusion downstream when one goes to actually start using PVCs and realizes “oh crap, I have 2 defaults defined… now I have to go figure out what might still be using the other one non-explicitly before I delete it”.

Obviously the counter argument is one could be explicit about the “new” one, but that still seems wrong, to even allow a second default annotated storageclass of the same kind, at a minimum.

+5
farvour on Sep 11, 2020

This should be fixed by https://github.com/kubernetes/kubernetes/pull/110559

+4
jsafrane on Sep 12, 2022

/reopen /lifecycle frozen /uncc

+3
lavalamp on Sep 6, 2022

The bug still exists need to re-open it.

/reopen

+3
altitude1326 on Jun 17, 2022

Same here:

kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: gp2-encrypted
  annotations:
    storageclass.kubernetes.io/is-default-class: "true"
provisioner: kubernetes.io/aws-ebs
volumeBindingMode: WaitForFirstConsumer
parameters:
  type: gp2
  fsType: ext4
  encrypted: "true"

When a new storage class is created, both are marked as default :

NAME                      PROVISIONER             RECLAIMPOLICY   VOLUMEBINDINGMODE      ALLOWVOLUMEEXPANSION   AGE
gp2 (default)             kubernetes.io/aws-ebs   Delete          WaitForFirstConsumer   false                  3d
gp2-encrypted (default)   kubernetes.io/aws-ebs   Delete          WaitForFirstConsumer   true                   128m

Creating a PVC yields the following error: forbidden: Internal error occurred: 2 default StorageClasses were found

+3
gdraganic on Sep 28, 2020

/reopen

+3
j-griffith on Jul 29, 2019

@lavalamp: Reopened this issue.

In response to this:

/reopen /lifecycle frozen /uncc

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

+1
k8s-ci-robot on Sep 6, 2022

@msau42 can you do somthing for reopen and treat this bug please ?

+1
altitude1326 on Jun 17, 2022

@altitude1326: You can’t reopen an issue/PR unless you authored it or you are a collaborator.

In response to this:

The bug still exists need to re-open it.

/reopen

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

+1
k8s-ci-robot on Jun 17, 2022

/remove-lifecycle stale still there the issue…

+1
immae1 on Apr 6, 2022
Read more comments on GitHub
← kubernetes: I can't reach service IPs on the network. Unable to access application from web.
kubernetes: ignored pod-eviction-timeout settings →