Bug 1394866

Summary: Describe the different storage options "volumes", "pv" and "pvc"
Product: OpenShift Container Platform Reporter: Eric Rich <erich>
Component: DocumentationAssignee: Vikram Goyal <vigoyal>
Status: CLOSED EOL QA Contact: Vikram Goyal <vigoyal>
Severity: medium Docs Contact: Vikram Goyal <vigoyal>
Priority: unspecified    
Version: 3.3.0CC: aos-bugs, jokerman, mmccomas
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-08-10 06:40:27 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Eric Rich 2016-11-14 15:43:45 UTC 
Document URL: https://docs.openshift.com/container-platform/3.3/dev_guide/volumes.html#overview

Section Number and Name: Understanding Volumes 

Describe the issue: 

We do a very poor job of explain volumes, and how the interact with the system (get mounted) or attached to pods. The key part of this issue is the use of "--source" in sections of our docs. 

  > https://bugzilla.redhat.com/show_bug.cgi?id=1393568

When this option is used, over a PVC, the PV that is created, and mounted, may be subject to SCC restrictions. However in addition to not calling out these SCC restrictions, we don't properly highlight the benefits of PVC's (which is the focus of this bullet point). 

We also do a poor job of explaining how SCC's can limit or restrict what "users" can or can not do with volumes. 

  > https://docs.openshift.com/enterprise/3.2/release_notes/ose_3_2_release_notes.html#ose-32-security
  > The new Volumes field in SCCs allows an administrator full control over which volume plug-ins may be specified.
  > ... 
  > By default, regular users are now forbidden from directly mounting any of the remote volume type; they must use a persistent volume claim (PVC).

Suggestions for improvement: 

  1. Diagram and Describe a flow of how a pod mount a volume (what process it goes through). Include information on how it interacts with the host (in situation where that is needed). 

     - Point is to show why PVC's are important, and highlight the value they provide to the end user. It should also be noted, that admins have the "control" to limit or provide users with the ability to directly mount PV's should they choose, by altering SCC's. 

  2. Better document how and admin can control, the PV's that can be mounted, by altering SCC rules and policies.