/
proc
/
self
/
root
/
snap
/
lxd
/
36883
/
share
/
lxd-documentation
/
explanation
/
csi
/
File Upload :
llllll
Current File: //proc/self/root/snap/lxd/36883/share/lxd-documentation/explanation/csi/index.html
<!doctype html> <html class="no-js" lang="en" data-content_root="../../"> <head><meta charset="utf-8"> <meta name="viewport" content="width=device-width,initial-scale=1"> <meta name="color-scheme" content="light dark"><meta name="viewport" content="width=device-width, initial-scale=1" /> <meta property="og:title" content="The LXD CSI driver" /> <meta property="og:type" content="website" /> <meta property="og:url" content="https://documentation.ubuntu.com/lxd/latest/explanation/csi/" /> <meta property="og:site_name" content="LXD documentation" /> <meta property="og:description" content="The LXD CSI driver is an open source implementation of the Container Storage Interface (CSI) that integrates LXD storage backends with Kubernetes. It leverages LXD’s wide range of supported storage..." /> <meta property="og:image" content="https://documentation.ubuntu.com/lxd/latest/_static/tag.png" /> <meta property="og:image:alt" content="LXD documentation" /> <meta name="description" content="The LXD CSI driver is an open source implementation of the Container Storage Interface (CSI) that integrates LXD storage backends with Kubernetes. It leverages LXD’s wide range of supported storage..." /> <link rel="index" title="Index" href="../../genindex/"><link rel="search" title="Search" href="../../search/"><link rel="next" title="Reference" href="../../reference/"><link rel="prev" title="Privilege delegation using BPF Token" href="../bpf/"> <link rel="canonical" href="https://documentation.ubuntu.com/lxd/explanation/csi/"> <link rel="shortcut icon" href="../../_static/favicon.ico"><!-- Generated with Sphinx 8.2.3 and Furo 2025.09.25 --> <title>The LXD CSI driver</title> <link rel="stylesheet" type="text/css" href="../../_static/pygments.css?v=d111a655" /> <link rel="stylesheet" type="text/css" href="../../_static/styles/furo.css?v=580074bf" /> <link rel="stylesheet" type="text/css" href="../../_static/copybutton.css?v=76b2166b" /> <link rel="stylesheet" type="text/css" href="../../_static/youtube.css" /> <link rel="stylesheet" type="text/css" href="../../_static/related-links.css" /> <link rel="stylesheet" type="text/css" href="../../_static/terminal-output.css" /> <link rel="stylesheet" type="text/css" href="../../_static/config-options.css" /> <link rel="stylesheet" type="text/css" href="../../_static/sphinx-design.min.css?v=95c83b7e" /> <link rel="stylesheet" type="text/css" href="../../_static/styles/furo-extensions.css?v=8dab3a3b" /> <link rel="stylesheet" type="text/css" href="../../_static/custom.css?v=66d86e9d" /> <link rel="stylesheet" type="text/css" href="../../_static/header.css?v=84f70f09" /> <link rel="stylesheet" type="text/css" href="../../_static/github_issue_links.css?v=af88fb93" /> <link rel="stylesheet" type="text/css" href="../../_static/furo_colors.css?v=c4ccdb8a" /> <link rel="stylesheet" type="text/css" href="../../_static/footer.css?v=bd05fc90" /> <link rel="stylesheet" type="text/css" href="../../_static/cookie-banner.css?v=b74831ab" /> </head> <body> <header id="header" class="p-navigation"> <script type="module" src="../../_static/js/bundle.js"> </script> <!-- Google Tag Manager --> <script> (function(w, d, s, l, i) { w[l] = w[l] || []; w[l].push({ 'gtm.start': new Date().getTime(), event: 'gtm.js' }); var f = d.getElementsByTagName(s)[0]; var j = d.createElement(s); var dl = ''; if (l != 'dataLayer') { dl = '&l=' + l; } j.async = true; j.src = 'https://www.googletagmanager.com/gtm.js?id=' + i + dl; f.parentNode.insertBefore(j, f); })(window, document, 'script', 'dataLayer', 'GTM-KNX3CJC'); </script> <div class="p-navigation__nav" role="menubar"> <ul class="p-navigation__links" role="menu"> <li> <a class="p-logo" href="https://canonical.com/lxd" aria-current="page"> <img src="../../_static/tag.png" alt="Logo" class="p-logo-image"> <div class="p-logo-text p-heading--4">LXD </div> </a> </li> <li class="nav-ubuntu-com"> <a href="https://canonical.com/lxd" class="p-navigation__link">canonical.com/lxd</a> </li> <li> <a href="#" class="p-navigation__link nav-more-links">More resources</a> <ul class="more-links-dropdown"> <li> <a href="https://ubuntu.com/lxd/install/" class="p-navigation__sub-link p-dropdown__link">Install LXD</a> </li> <li> <a href="https://ubuntu.com/lxd/manage/" class="p-navigation__sub-link p-dropdown__link">Manage LXD</a> </li> <li> <a href="https://discourse.ubuntu.com/c/lxd/" class="p-navigation__sub-link p-dropdown__link">Forum</a> </li> <li> <a href="https://github.com/canonical/lxd" class="p-navigation__sub-link p-dropdown__link">GitHub</a> </li> </ul> </li> </ul> </div> </header> <script> document.body.dataset.theme = localStorage.getItem("theme") || "auto"; </script> <svg xmlns="http://www.w3.org/2000/svg" style="display: none;"> <symbol id="svg-toc" viewBox="0 0 24 24"> <title>Contents</title> <svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 1024 1024"> <path d="M408 442h480c4.4 0 8-3.6 8-8v-56c0-4.4-3.6-8-8-8H408c-4.4 0-8 3.6-8 8v56c0 4.4 3.6 8 8 8zm-8 204c0 4.4 3.6 8 8 8h480c4.4 0 8-3.6 8-8v-56c0-4.4-3.6-8-8-8H408c-4.4 0-8 3.6-8 8v56zm504-486H120c-4.4 0-8 3.6-8 8v56c0 4.4 3.6 8 8 8h784c4.4 0 8-3.6 8-8v-56c0-4.4-3.6-8-8-8zm0 632H120c-4.4 0-8 3.6-8 8v56c0 4.4 3.6 8 8 8h784c4.4 0 8-3.6 8-8v-56c0-4.4-3.6-8-8-8zM115.4 518.9L271.7 642c5.8 4.6 14.4.5 14.4-6.9V388.9c0-7.4-8.5-11.5-14.4-6.9L115.4 505.1a8.74 8.74 0 0 0 0 13.8z"/> </svg> </symbol> <symbol id="svg-menu" viewBox="0 0 24 24"> <title>Menu</title> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather-menu"> <line x1="3" y1="12" x2="21" y2="12"></line> <line x1="3" y1="6" x2="21" y2="6"></line> <line x1="3" y1="18" x2="21" y2="18"></line> </svg> </symbol> <symbol id="svg-arrow-right" viewBox="0 0 24 24"> <title>Expand</title> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather-chevron-right"> <polyline points="9 18 15 12 9 6"></polyline> </svg> </symbol> <symbol id="svg-sun" viewBox="0 0 24 24"> <title>Light mode</title> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="1" stroke-linecap="round" stroke-linejoin="round" class="feather-sun"> <circle cx="12" cy="12" r="5"></circle> <line x1="12" y1="1" x2="12" y2="3"></line> <line x1="12" y1="21" x2="12" y2="23"></line> <line x1="4.22" y1="4.22" x2="5.64" y2="5.64"></line> <line x1="18.36" y1="18.36" x2="19.78" y2="19.78"></line> <line x1="1" y1="12" x2="3" y2="12"></line> <line x1="21" y1="12" x2="23" y2="12"></line> <line x1="4.22" y1="19.78" x2="5.64" y2="18.36"></line> <line x1="18.36" y1="5.64" x2="19.78" y2="4.22"></line> </svg> </symbol> <symbol id="svg-moon" viewBox="0 0 24 24"> <title>Dark mode</title> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="1" stroke-linecap="round" stroke-linejoin="round" class="icon-tabler-moon"> <path stroke="none" d="M0 0h24v24H0z" fill="none" /> <path d="M12 3c.132 0 .263 0 .393 0a7.5 7.5 0 0 0 7.92 12.446a9 9 0 1 1 -8.313 -12.454z" /> </svg> </symbol> <symbol id="svg-sun-with-moon" viewBox="0 0 24 24"> <title>Auto light/dark, in light mode</title> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="1" stroke-linecap="round" stroke-linejoin="round" class="icon-custom-derived-from-feather-sun-and-tabler-moon"> <path style="opacity: 50%" d="M 5.411 14.504 C 5.471 14.504 5.532 14.504 5.591 14.504 C 3.639 16.319 4.383 19.569 6.931 20.352 C 7.693 20.586 8.512 20.551 9.25 20.252 C 8.023 23.207 4.056 23.725 2.11 21.184 C 0.166 18.642 1.702 14.949 4.874 14.536 C 5.051 14.512 5.231 14.5 5.411 14.5 L 5.411 14.504 Z"/> <line x1="14.5" y1="3.25" x2="14.5" y2="1.25"/> <line x1="14.5" y1="15.85" x2="14.5" y2="17.85"/> <line x1="10.044" y1="5.094" x2="8.63" y2="3.68"/> <line x1="19" y1="14.05" x2="20.414" y2="15.464"/> <line x1="8.2" y1="9.55" x2="6.2" y2="9.55"/> <line x1="20.8" y1="9.55" x2="22.8" y2="9.55"/> <line x1="10.044" y1="14.006" x2="8.63" y2="15.42"/> <line x1="19" y1="5.05" x2="20.414" y2="3.636"/> <circle cx="14.5" cy="9.55" r="3.6"/> </svg> </symbol> <symbol id="svg-moon-with-sun" viewBox="0 0 24 24"> <title>Auto light/dark, in dark mode</title> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="1" stroke-linecap="round" stroke-linejoin="round" class="icon-custom-derived-from-feather-sun-and-tabler-moon"> <path d="M 8.282 7.007 C 8.385 7.007 8.494 7.007 8.595 7.007 C 5.18 10.184 6.481 15.869 10.942 17.24 C 12.275 17.648 13.706 17.589 15 17.066 C 12.851 22.236 5.91 23.143 2.505 18.696 C -0.897 14.249 1.791 7.786 7.342 7.063 C 7.652 7.021 7.965 7 8.282 7 L 8.282 7.007 Z"/> <line style="opacity: 50%" x1="18" y1="3.705" x2="18" y2="2.5"/> <line style="opacity: 50%" x1="18" y1="11.295" x2="18" y2="12.5"/> <line style="opacity: 50%" x1="15.316" y1="4.816" x2="14.464" y2="3.964"/> <line style="opacity: 50%" x1="20.711" y1="10.212" x2="21.563" y2="11.063"/> <line style="opacity: 50%" x1="14.205" y1="7.5" x2="13.001" y2="7.5"/> <line style="opacity: 50%" x1="21.795" y1="7.5" x2="23" y2="7.5"/> <line style="opacity: 50%" x1="15.316" y1="10.184" x2="14.464" y2="11.036"/> <line style="opacity: 50%" x1="20.711" y1="4.789" x2="21.563" y2="3.937"/> <circle style="opacity: 50%" cx="18" cy="7.5" r="2.169"/> </svg> </symbol> <symbol id="svg-pencil" viewBox="0 0 24 24"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="1" stroke-linecap="round" stroke-linejoin="round" class="icon-tabler-pencil-code"> <path d="M4 20h4l10.5 -10.5a2.828 2.828 0 1 0 -4 -4l-10.5 10.5v4" /> <path d="M13.5 6.5l4 4" /> <path d="M20 21l2 -2l-2 -2" /> <path d="M17 17l-2 2l2 2" /> </svg> </symbol> <symbol id="svg-eye" viewBox="0 0 24 24"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="1" stroke-linecap="round" stroke-linejoin="round" class="icon-tabler-eye-code"> <path stroke="none" d="M0 0h24v24H0z" fill="none" /> <path d="M10 12a2 2 0 1 0 4 0a2 2 0 0 0 -4 0" /> <path d="M11.11 17.958c-3.209 -.307 -5.91 -2.293 -8.11 -5.958c2.4 -4 5.4 -6 9 -6c3.6 0 6.6 2 9 6c-.21 .352 -.427 .688 -.647 1.008" /> <path d="M20 21l2 -2l-2 -2" /> <path d="M17 17l-2 2l2 2" /> </svg> </symbol> </svg> <input type="checkbox" class="sidebar-toggle" name="__navigation" id="__navigation" aria-label="Toggle site navigation sidebar"> <input type="checkbox" class="sidebar-toggle" name="__toc" id="__toc" aria-label="Toggle table of contents sidebar"> <label class="overlay sidebar-overlay" for="__navigation"></label> <label class="overlay toc-overlay" for="__toc"></label> <a class="skip-to-content muted-link" href="#furo-main-content">Skip to content</a> <div class="page"> <header class="mobile-header"> <div class="header-left"> <label class="nav-overlay-icon" for="__navigation"> <span class="icon"><svg><use href="#svg-menu"></use></svg></span> </label> </div> <div class="header-center"> <a href="../../"><div class="brand">LXD</div></a> </div> <div class="header-right"> <div class="theme-toggle-container theme-toggle-header"> <button class="theme-toggle" aria-label="Toggle Light / Dark / Auto color theme"> <svg class="theme-icon-when-auto-light"><use href="#svg-sun-with-moon"></use></svg> <svg class="theme-icon-when-auto-dark"><use href="#svg-moon-with-sun"></use></svg> <svg class="theme-icon-when-dark"><use href="#svg-moon"></use></svg> <svg class="theme-icon-when-light"><use href="#svg-sun"></use></svg> </button> </div> <label class="toc-overlay-icon toc-header-icon" for="__toc"> <span class="icon"><svg><use href="#svg-toc"></use></svg></span> </label> </div> </header> <aside class="sidebar-drawer"> <div class="sidebar-container"> <div class="sidebar-sticky"><a class="sidebar-brand" href="../../"> </a><form class="sidebar-search-container" method="get" action="../../search/" role="search"> <input class="sidebar-search" placeholder="Search" name="q" aria-label="Search"> <input type="submit" value="Go"> <input type="hidden" name="check_keywords" value="yes"> <input type="hidden" name="area" value="default"> </form> <div id="searchbox"></div><div class="sidebar-scroll"><div class="sidebar-tree"> <ul class="current"> <li class="toctree-l1"><a class="reference internal" href="../../">LXD</a></li> <li class="toctree-l1"><a class="reference internal" href="../../tutorial/first_steps/">Tutorial</a></li> <li class="toctree-l1 has-children"><a class="reference internal" href="../../howto/">How-to guides</a><input aria-label="Toggle navigation of How-to guides" class="toctree-checkbox" id="toctree-checkbox-1" name="toctree-checkbox-1" role="switch" type="checkbox"/><label for="toctree-checkbox-1"><span class="icon"><svg><use href="#svg-arrow-right"></use></svg></span></label><ul> <li class="toctree-l2 has-children"><a class="reference internal" href="../../getting_started/">Getting started</a><input aria-label="Toggle navigation of Getting started" class="toctree-checkbox" id="toctree-checkbox-2" name="toctree-checkbox-2" role="switch" type="checkbox"/><label for="toctree-checkbox-2"><span class="icon"><svg><use href="#svg-arrow-right"></use></svg></span></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../installing/">Install LXD</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/initialize/">Initialize LXD</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/access_ui/">Access the UI</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/access_documentation/">Access documentation locally</a></li> </ul> </li> <li class="toctree-l2 has-children"><a class="reference internal" href="../../operation/">LXD server and client</a><input aria-label="Toggle navigation of LXD server and client" class="toctree-checkbox" id="toctree-checkbox-3" name="toctree-checkbox-3" role="switch" type="checkbox"/><label for="toctree-checkbox-3"><span class="icon"><svg><use href="#svg-arrow-right"></use></svg></span></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../howto/server_expose/">Expose LXD to the network</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/server_configure/">Configure the LXD server</a></li> <li class="toctree-l3 has-children"><a class="reference internal" href="../../howto/oidc/">Configure single sign-on with OIDC</a><input aria-label="Toggle navigation of Configure single sign-on with OIDC" class="toctree-checkbox" id="toctree-checkbox-4" name="toctree-checkbox-4" role="switch" type="checkbox"/><label for="toctree-checkbox-4"><span class="icon"><svg><use href="#svg-arrow-right"></use></svg></span></label><ul> <li class="toctree-l4"><a class="reference internal" href="../../howto/oidc_auth0/">How to configure Auth0</a></li> <li class="toctree-l4"><a class="reference internal" href="../../howto/oidc_ory/">How to configure Ory Hydra</a></li> <li class="toctree-l4"><a class="reference internal" href="../../howto/oidc_keycloak/">How to configure Keycloak</a></li> <li class="toctree-l4"><a class="reference internal" href="../../howto/oidc_entra_id/">How to configure Entra ID</a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../remotes/">Add remote servers</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/lxc_alias/">Add command aliases</a></li> </ul> </li> <li class="toctree-l2 has-children"><a class="reference internal" href="../../instances/">Instances</a><input aria-label="Toggle navigation of Instances" class="toctree-checkbox" id="toctree-checkbox-5" name="toctree-checkbox-5" role="switch" type="checkbox"/><label for="toctree-checkbox-5"><span class="icon"><svg><use href="#svg-arrow-right"></use></svg></span></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../howto/instances_create/">Create instances</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/instances_configure/">Configure instances</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/instances_manage/">Manage instances</a></li> <li class="toctree-l3"><a class="reference internal" href="../../profiles/">Use profiles</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/instances_troubleshoot/">Troubleshoot errors</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/instances_ubuntu_pro_attach/">Auto attach Ubuntu Pro</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/instances_access_files/">Access files</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/instances_console/">Access the console</a></li> <li class="toctree-l3"><a class="reference internal" href="../../instance-exec/">Run commands</a></li> <li class="toctree-l3"><a class="reference internal" href="../../cloud-init/">Use cloud-init</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/instances_routed_nic_vm/">Add a routed NIC to a VM</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/instances_backup/">Back up instances</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/instances_migrate/">Migrate instances</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/import_machines_to_instances/">Import existing machines</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/container_gpu_passthrough_with_docker/">Pass NVIDIA GPUs</a></li> </ul> </li> <li class="toctree-l2 has-children"><a class="reference internal" href="../../images/">Images</a><input aria-label="Toggle navigation of Images" class="toctree-checkbox" id="toctree-checkbox-6" name="toctree-checkbox-6" role="switch" type="checkbox"/><label for="toctree-checkbox-6"><span class="icon"><svg><use href="#svg-arrow-right"></use></svg></span></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../howto/images_remote/">Use remote images</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/images_manage/">Manage images</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/images_profiles/">Associate profiles</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/images_copy/">Copy and import images</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/images_create/">Create images</a></li> </ul> </li> <li class="toctree-l2 has-children"><a class="reference internal" href="../../projects/">Projects</a><input aria-label="Toggle navigation of Projects" class="toctree-checkbox" id="toctree-checkbox-7" name="toctree-checkbox-7" role="switch" type="checkbox"/><label for="toctree-checkbox-7"><span class="icon"><svg><use href="#svg-arrow-right"></use></svg></span></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../howto/projects_create/">Create and configure</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/projects_work/">Work with projects</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/projects_confine/">Confine users to projects</a></li> </ul> </li> <li class="toctree-l2 has-children"><a class="reference internal" href="../../storage/">Storage</a><input aria-label="Toggle navigation of Storage" class="toctree-checkbox" id="toctree-checkbox-8" name="toctree-checkbox-8" role="switch" type="checkbox"/><label for="toctree-checkbox-8"><span class="icon"><svg><use href="#svg-arrow-right"></use></svg></span></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../howto/storage_pools/">Manage pools</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/storage_volumes/">Manage volumes</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/storage_buckets/">Manage buckets</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/storage_create_instance/">Create an instance in a pool</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/storage_backup_volume/">Back up a volume</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/storage_move_volume/">Move or copy a volume</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/storage_csi/">Use the LXD CSI driver with Kubernetes</a></li> </ul> </li> <li class="toctree-l2 has-children"><a class="reference internal" href="../../networks/">Networking</a><input aria-label="Toggle navigation of Networking" class="toctree-checkbox" id="toctree-checkbox-9" name="toctree-checkbox-9" role="switch" type="checkbox"/><label for="toctree-checkbox-9"><span class="icon"><svg><use href="#svg-arrow-right"></use></svg></span></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../howto/network_create/">Create a network</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/network_configure/">Configure a network</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/network_bgp/">Configure as BGP server</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/network_acls/">Configure network ACLs</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/network_forwards/">Configure forwards</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/network_zones/">Configure network zones</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/network_bridge_firewalld/">Configure your firewall</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/network_bridge_resolved/">Integrate with resolved</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/network_ovn_setup/">Set up OVN</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/network_load_balancers/">Configure load balancers</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/network_ovn_peers/">Configure peer routing</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/network_ipam/">Display IPAM information</a></li> </ul> </li> <li class="toctree-l2 has-children"><a class="reference internal" href="../../clustering/">Clustering</a><input aria-label="Toggle navigation of Clustering" class="toctree-checkbox" id="toctree-checkbox-10" name="toctree-checkbox-10" role="switch" type="checkbox"/><label for="toctree-checkbox-10"><span class="icon"><svg><use href="#svg-arrow-right"></use></svg></span></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../howto/cluster_form/">Form a cluster</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/cluster_manage/">Manage a cluster</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/cluster_config_networks/">Configure networks</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/cluster_config_storage/">Configure storage</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/cluster_manage_instance/">Manage instances</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/cluster_groups/">Set up cluster groups</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/cluster_placement_groups/">Use placement groups</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/cluster_recover/">Recover a cluster</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/cluster_vip/">Set up a highly available virtual IP</a></li> </ul> </li> <li class="toctree-l2 has-children"><a class="reference internal" href="../../production-setup/">Production setup</a><input aria-label="Toggle navigation of Production setup" class="toctree-checkbox" id="toctree-checkbox-11" name="toctree-checkbox-11" role="switch" type="checkbox"/><label for="toctree-checkbox-11"><span class="icon"><svg><use href="#svg-arrow-right"></use></svg></span></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../howto/benchmark_performance/">Benchmark performance</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/network_increase_bandwidth/">Increase bandwidth</a></li> <li class="toctree-l3"><a class="reference internal" href="../../metrics/">Monitor metrics</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/logs_loki/">Send logs to Loki</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/grafana/">Set up Grafana</a></li> <li class="toctree-l3"><a class="reference internal" href="../../backup/">Back up a server</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/disaster_recovery/">Recover instances</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/disaster_recovery_replication/">Disaster recovery with storage replication</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../howto/snap/">Manage the snap</a></li> <li class="toctree-l2"><a class="reference internal" href="../../howto/security_harden/">Harden security</a></li> <li class="toctree-l2 has-children"><a class="reference internal" href="../../howto/troubleshoot/">Troubleshooting</a><input aria-label="Toggle navigation of Troubleshooting" class="toctree-checkbox" id="toctree-checkbox-12" name="toctree-checkbox-12" role="switch" type="checkbox"/><label for="toctree-checkbox-12"><span class="icon"><svg><use href="#svg-arrow-right"></use></svg></span></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../howto/network_bridge_firewalld/">Configure your firewall</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/instances_troubleshoot/">Troubleshoot instances</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/dqlite_troubleshoot/">Troubleshoot Dqlite</a></li> <li class="toctree-l3"><a class="reference internal" href="../../debugging/">Debug LXD</a></li> <li class="toctree-l3"><a class="reference internal" href="../../faq/">Frequently asked</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../support/">Get support</a></li> <li class="toctree-l2"><a class="reference internal" href="../../contributing/">Contribute to LXD</a></li> <li class="toctree-l2"><a class="reference internal" href="../../howto/devlxd_authenticate/">How to authenticate to the DevLXD API</a></li> </ul> </li> <li class="toctree-l1 current has-children"><a class="reference internal" href="../">Explanation</a><input aria-label="Toggle navigation of Explanation" checked="" class="toctree-checkbox" id="toctree-checkbox-13" name="toctree-checkbox-13" role="switch" type="checkbox"/><label for="toctree-checkbox-13"><span class="icon"><svg><use href="#svg-arrow-right"></use></svg></span></label><ul class="current"> <li class="toctree-l2"><a class="reference internal" href="../lxd_lxc/"><code class="docutils literal notranslate"><span class="pre">lxd</span></code> and <code class="docutils literal notranslate"><span class="pre">lxc</span></code></a></li> <li class="toctree-l2"><a class="reference internal" href="../instances/">Containers and VMs</a></li> <li class="toctree-l2"><a class="reference internal" href="../../image-handling/">Local and remote images</a></li> <li class="toctree-l2"><a class="reference internal" href="../storage/">Storage pools, volumes, and buckets</a></li> <li class="toctree-l2"><a class="reference internal" href="../networks/">Networking setups</a></li> <li class="toctree-l2"><a class="reference internal" href="../../database/">The LXD Dqlite database</a></li> <li class="toctree-l2"><a class="reference internal" href="../lxc_show_info/"><code class="docutils literal notranslate"><span class="pre">lxc</span></code> <code class="docutils literal notranslate"><span class="pre">show</span></code> and <code class="docutils literal notranslate"><span class="pre">info</span></code></a></li> <li class="toctree-l2"><a class="reference internal" href="../../authentication/">Remote API authentication</a></li> <li class="toctree-l2"><a class="reference internal" href="../authorization/">Remote API authorization</a></li> <li class="toctree-l2"><a class="reference internal" href="../projects/">Instances grouping with projects</a></li> <li class="toctree-l2"><a class="reference internal" href="../clusters/">Clusters</a></li> <li class="toctree-l2"><a class="reference internal" href="../performance_tuning/">Performance tuning</a></li> <li class="toctree-l2"><a class="reference internal" href="../security/">Security</a></li> <li class="toctree-l2"><a class="reference internal" href="../bpf/">Privilege delegation using BPF Token</a></li> <li class="toctree-l2 current current-page"><a class="current reference internal" href="#">The LXD CSI driver</a></li> </ul> </li> <li class="toctree-l1 has-children"><a class="reference internal" href="../../reference/">Reference</a><input aria-label="Toggle navigation of Reference" class="toctree-checkbox" id="toctree-checkbox-14" name="toctree-checkbox-14" role="switch" type="checkbox"/><label for="toctree-checkbox-14"><span class="icon"><svg><use href="#svg-arrow-right"></use></svg></span></label><ul> <li class="toctree-l2"><a class="reference internal" href="../../requirements/">Requirements</a></li> <li class="toctree-l2"><a class="reference internal" href="../../architectures/">Architectures</a></li> <li class="toctree-l2 has-children"><a class="reference internal" href="../../reference/release-notes/">Release notes</a><input aria-label="Toggle navigation of Release notes" class="toctree-checkbox" id="toctree-checkbox-15" name="toctree-checkbox-15" role="switch" type="checkbox"/><label for="toctree-checkbox-15"><span class="icon"><svg><use href="#svg-arrow-right"></use></svg></span></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../reference/release-notes/release-notes-6.6/">LXD 6.6</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../reference/releases-snap/">Releases and snap</a></li> <li class="toctree-l2"><a class="reference internal" href="../../reference/remote_image_servers/">Remote image servers</a></li> <li class="toctree-l2"><a class="reference internal" href="../../reference/image_format/">Image format</a></li> <li class="toctree-l2"><a class="reference internal" href="../../guest-os-compatibility/">Guest OS compatibility</a></li> <li class="toctree-l2"><a class="reference internal" href="../../container-environment/">Container environment</a></li> <li class="toctree-l2"><a class="reference internal" href="../../config-options/">Configuration option index</a></li> <li class="toctree-l2"><a class="reference internal" href="../../server/">Server configuration</a></li> <li class="toctree-l2 has-children"><a class="reference internal" href="../instance_config/">Instance configuration</a><input aria-label="Toggle navigation of Instance configuration" class="toctree-checkbox" id="toctree-checkbox-16" name="toctree-checkbox-16" role="switch" type="checkbox"/><label for="toctree-checkbox-16"><span class="icon"><svg><use href="#svg-arrow-right"></use></svg></span></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../reference/instance_properties/">Instance properties</a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/instance_options/">Instance options</a></li> <li class="toctree-l3 has-children"><a class="reference internal" href="../../reference/devices/">Devices</a><input aria-label="Toggle navigation of Devices" class="toctree-checkbox" id="toctree-checkbox-17" name="toctree-checkbox-17" role="switch" type="checkbox"/><label for="toctree-checkbox-17"><span class="icon"><svg><use href="#svg-arrow-right"></use></svg></span></label><ul> <li class="toctree-l4"><a class="reference internal" href="../../reference/standard_devices/">Standard devices</a></li> <li class="toctree-l4"><a class="reference internal" href="../../reference/devices_none/">Type: <code class="docutils literal notranslate"><span class="pre">none</span></code></a></li> <li class="toctree-l4"><a class="reference internal" href="../../reference/devices_nic/">Type: <code class="docutils literal notranslate"><span class="pre">nic</span></code></a></li> <li class="toctree-l4"><a class="reference internal" href="../../reference/devices_disk/">Type: <code class="docutils literal notranslate"><span class="pre">disk</span></code></a></li> <li class="toctree-l4"><a class="reference internal" href="../../reference/devices_unix_char/">Type: <code class="docutils literal notranslate"><span class="pre">unix-char</span></code></a></li> <li class="toctree-l4"><a class="reference internal" href="../../reference/devices_unix_block/">Type: <code class="docutils literal notranslate"><span class="pre">unix-block</span></code></a></li> <li class="toctree-l4"><a class="reference internal" href="../../reference/devices_usb/">Type: <code class="docutils literal notranslate"><span class="pre">usb</span></code></a></li> <li class="toctree-l4"><a class="reference internal" href="../../reference/devices_gpu/">Type: <code class="docutils literal notranslate"><span class="pre">gpu</span></code></a></li> <li class="toctree-l4"><a class="reference internal" href="../../reference/devices_infiniband/">Type: <code class="docutils literal notranslate"><span class="pre">infiniband</span></code></a></li> <li class="toctree-l4"><a class="reference internal" href="../../reference/devices_proxy/">Type: <code class="docutils literal notranslate"><span class="pre">proxy</span></code></a></li> <li class="toctree-l4"><a class="reference internal" href="../../reference/devices_unix_hotplug/">Type: <code class="docutils literal notranslate"><span class="pre">unix-hotplug</span></code></a></li> <li class="toctree-l4"><a class="reference internal" href="../../reference/devices_tpm/">Type: <code class="docutils literal notranslate"><span class="pre">tpm</span></code></a></li> <li class="toctree-l4"><a class="reference internal" href="../../reference/devices_pci/">Type: <code class="docutils literal notranslate"><span class="pre">pci</span></code></a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../reference/instance_units/">Units for storage and network limits</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../reference/preseed_yaml_fields/">Preseed YAML file fields</a></li> <li class="toctree-l2"><a class="reference internal" href="../../reference/projects/">Project configuration</a></li> <li class="toctree-l2 has-children"><a class="reference internal" href="../../reference/storage_drivers/">Storage drivers</a><input aria-label="Toggle navigation of Storage drivers" class="toctree-checkbox" id="toctree-checkbox-18" name="toctree-checkbox-18" role="switch" type="checkbox"/><label for="toctree-checkbox-18"><span class="icon"><svg><use href="#svg-arrow-right"></use></svg></span></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../reference/storage_dir/">Directory - <code class="docutils literal notranslate"><span class="pre">dir</span></code></a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/storage_btrfs/">Btrfs - <code class="docutils literal notranslate"><span class="pre">btrfs</span></code></a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/storage_lvm/">LVM - <code class="docutils literal notranslate"><span class="pre">lvm</span></code></a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/storage_zfs/">ZFS - <code class="docutils literal notranslate"><span class="pre">zfs</span></code></a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/storage_ceph/">Ceph RBD - <code class="docutils literal notranslate"><span class="pre">ceph</span></code></a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/storage_powerflex/">Dell PowerFlex - <code class="docutils literal notranslate"><span class="pre">powerflex</span></code></a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/storage_pure/">Pure Storage - <code class="docutils literal notranslate"><span class="pre">pure</span></code></a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/storage_alletra/">HPE Alletra - <code class="docutils literal notranslate"><span class="pre">alletra</span></code></a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/storage_cephfs/">CephFS - <code class="docutils literal notranslate"><span class="pre">cephfs</span></code></a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/storage_cephobject/">Ceph Object - <code class="docutils literal notranslate"><span class="pre">cephobject</span></code></a></li> </ul> </li> <li class="toctree-l2 has-children"><a class="reference internal" href="../../reference/networks/">Networks</a><input aria-label="Toggle navigation of Networks" class="toctree-checkbox" id="toctree-checkbox-19" name="toctree-checkbox-19" role="switch" type="checkbox"/><label for="toctree-checkbox-19"><span class="icon"><svg><use href="#svg-arrow-right"></use></svg></span></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../reference/network_bridge/">Bridge network</a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/network_ovn/">OVN network</a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/network_macvlan/">Macvlan network</a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/network_physical/">Physical network</a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/network_sriov/">SR-IOV network</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../reference/cluster_member_config/">Cluster configuration</a></li> <li class="toctree-l2"><a class="reference internal" href="../../reference/placement_groups/">Placement group configuration</a></li> <li class="toctree-l2"><a class="reference internal" href="../../reference/server_settings/">Production server settings</a></li> <li class="toctree-l2"><a class="reference internal" href="../../reference/provided_metrics/">Provided metrics</a></li> <li class="toctree-l2"><a class="reference internal" href="../../reference/permissions/">Permissions</a></li> <li class="toctree-l2 has-children"><a class="reference internal" href="../../restapi_landing/">REST API</a><input aria-label="Toggle navigation of REST API" class="toctree-checkbox" id="toctree-checkbox-20" name="toctree-checkbox-20" role="switch" type="checkbox"/><label for="toctree-checkbox-20"><span class="icon"><svg><use href="#svg-arrow-right"></use></svg></span></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../rest-api/">Main API documentation</a></li> <li class="toctree-l3"><a class="reference internal" href="../../api/">Main API specification</a></li> <li class="toctree-l3"><a class="reference internal" href="../../api-extensions/">Main API extensions</a></li> <li class="toctree-l3"><a class="reference internal" href="../../events/">Events API documentation</a></li> <li class="toctree-l3"><a class="reference internal" href="../../dev-lxd/">Instance API</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../reference/driver_csi/">LXD CSI driver reference</a></li> <li class="toctree-l2 has-children"><a class="reference internal" href="../../reference/manpages/">Man pages</a><input aria-label="Toggle navigation of Man pages" class="toctree-checkbox" id="toctree-checkbox-21" name="toctree-checkbox-21" role="switch" type="checkbox"/><label for="toctree-checkbox-21"><span class="icon"><svg><use href="#svg-arrow-right"></use></svg></span></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../reference/manpages/lxc/"><code class="docutils literal notranslate"><span class="pre">lxc</span></code></a></li> </ul> </li> <li class="toctree-l2 has-children"><a class="reference internal" href="../../internals/">Internals</a><input aria-label="Toggle navigation of Internals" class="toctree-checkbox" id="toctree-checkbox-22" name="toctree-checkbox-22" role="switch" type="checkbox"/><label for="toctree-checkbox-22"><span class="icon"><svg><use href="#svg-arrow-right"></use></svg></span></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../environment/">Environment variables</a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/uefi_variables/">UEFI variables for VMs</a></li> <li class="toctree-l3"><a class="reference internal" href="../../daemon-behavior/">Daemon behavior</a></li> <li class="toctree-l3"><a class="reference internal" href="../../syscall-interception/">System call interception</a></li> <li class="toctree-l3"><a class="reference internal" href="../../userns-idmap/">User namespace setup</a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/ovn-internals/">OVN implementation</a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/vm_live_migration_internals/">VM live migration implementation</a></li> </ul> </li> <li class="toctree-l2"><a class="reference external" href="https://github.com/canonical/lxd">Project repository</a></li> <li class="toctree-l2"><a class="reference external" href="https://images.lxd.canonical.com">Image server</a></li> </ul> </li> </ul> </div> </div> </div> </div> </aside> <div class="main"> <div class="content"> <div class="article-container"> <a href="#" class="back-to-top muted-link"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"> <path d="M13 20h-2V8l-5.5 5.5-1.42-1.42L12 4.16l7.92 7.92-1.42 1.42L13 8v12z"></path> </svg> <span>Back to top</span> </a> <div class="content-icon-container"> <div class="view-this-page"> <a class="muted-link" href="../../_sources/explanation/csi.md.txt" title="View this page"> <svg><use href="#svg-eye"></use></svg> <span class="visually-hidden">View this page</span> </a> </div> <div class="theme-toggle-container theme-toggle-content"> <button class="theme-toggle" aria-label="Toggle Light / Dark / Auto color theme"> <svg class="theme-icon-when-auto-light"><use href="#svg-sun-with-moon"></use></svg> <svg class="theme-icon-when-auto-dark"><use href="#svg-moon-with-sun"></use></svg> <svg class="theme-icon-when-dark"><use href="#svg-moon"></use></svg> <svg class="theme-icon-when-light"><use href="#svg-sun"></use></svg> </button> </div> <label class="toc-overlay-icon toc-content-icon" for="__toc"> <span class="icon"><svg><use href="#svg-toc"></use></svg></span> </label> </div> <article role="main" id="furo-main-content"> <section id="the-lxd-csi-driver"> <span id="exp-csi"></span><h1>The LXD CSI driver<a class="headerlink" href="#the-lxd-csi-driver" title="Link to this heading">¶</a></h1> <p>The LXD CSI driver is an open source implementation of the Container Storage Interface (CSI) that integrates LXD storage backends with Kubernetes.</p> <p>It leverages LXD’s wide range of supported storage drivers, enabling dynamic provisioning of both local and remote volumes. Depending on the storage pool, the CSI supports provisioning of both block and filesystem volumes.</p> <p>The driver is compatible with standalone and clustered LXD deployments, including <a class="reference external" href="https://canonical.com/microcloud">MicroCloud</a>.</p> <section id="storage-capabilities"> <span id="exp-csi-capabilities"></span><h2>Storage capabilities<a class="headerlink" href="#storage-capabilities" title="Link to this heading">¶</a></h2> <p>The LXD CSI driver supports all <a class="reference internal" href="../../reference/storage_drivers/#storage-drivers-local"><span class="std std-ref">Local</span></a>, <a class="reference internal" href="../../reference/storage_drivers/#storage-drivers-remote"><span class="std std-ref">Remote</span></a>, and <a class="reference internal" href="../../reference/storage_drivers/#storage-drivers-shared"><span class="std std-ref">Shared</span></a> storage drivers provided by LXD. The table below lists its capabilities.</p> <div class="table-wrapper colwidths-auto docutils container"> <table class="docutils align-default"> <thead> <tr class="row-odd"><th class="head"><p>Capability</p></th> <th class="head"><p>Supported</p></th> <th class="head"><p>Storage drivers</p></th> <th class="head"><p>Description</p></th> </tr> </thead> <tbody> <tr class="row-even"><td><p>Dynamic provisioning</p></td> <td><p>✓</p></td> <td><p><a class="reference internal" href="../../reference/storage_drivers/#storage-drivers-local"><span class="std std-ref">Local</span></a>, <a class="reference internal" href="../../reference/storage_drivers/#storage-drivers-remote"><span class="std std-ref">Remote</span></a>, and <a class="reference internal" href="../../reference/storage_drivers/#storage-drivers-shared"><span class="std std-ref">Shared</span></a></p></td> <td><p>Volumes are created and deleted on demand through PersistentVolumeClaims.</p></td> </tr> <tr class="row-odd"><td><p>Filesystem volumes</p></td> <td><p>✓</p></td> <td><p><a class="reference internal" href="../../reference/storage_drivers/#storage-drivers-local"><span class="std std-ref">Local</span></a>, <a class="reference internal" href="../../reference/storage_drivers/#storage-drivers-remote"><span class="std std-ref">Remote</span></a>, and <a class="reference internal" href="../../reference/storage_drivers/#storage-drivers-shared"><span class="std std-ref">Shared</span></a></p></td> <td><p>Supported when the driver provides filesystem volumes.</p></td> </tr> <tr class="row-even"><td><p>Shared filesystem volumes</p></td> <td><p>- (coming-soon)</p></td> <td><p><a class="reference internal" href="../../reference/storage_drivers/#storage-drivers-shared"><span class="std std-ref">Shared</span></a></p></td> <td><p>Allows attaching storage volume to multiple nodes simultaneously (through the use of volume access modes <code class="docutils literal notranslate"><span class="pre">ReadWriteMany</span></code> and <code class="docutils literal notranslate"><span class="pre">ReadOnlyMany</span></code>).</p></td> </tr> <tr class="row-odd"><td><p>Block volumes</p></td> <td><p>✓</p></td> <td><p><a class="reference internal" href="../../reference/storage_drivers/#storage-drivers-local"><span class="std std-ref">Local</span></a> and <a class="reference internal" href="../../reference/storage_drivers/#storage-drivers-remote"><span class="std std-ref">Remote</span></a></p></td> <td><p>Supported when the driver provides block volumes.</p></td> </tr> <tr class="row-even"><td><p>Volume expansion</p></td> <td><p>✓</p></td> <td><p><a class="reference internal" href="../../reference/storage_drivers/#storage-drivers-local"><span class="std std-ref">Local</span></a>, <a class="reference internal" href="../../reference/storage_drivers/#storage-drivers-remote"><span class="std std-ref">Remote</span></a>, and <a class="reference internal" href="../../reference/storage_drivers/#storage-drivers-shared"><span class="std std-ref">Shared</span></a></p></td> <td><p>Allows increasing the storage volume capacity. Block volumes can be expanded only while offline (detached), whereas filesystem volumes can be expanded while online (attached).</p></td> </tr> <tr class="row-odd"><td><p>Volume snapshots</p></td> <td><p>- (coming-soon)</p></td> <td><p><a class="reference internal" href="../../reference/storage_drivers/#storage-drivers-local"><span class="std std-ref">Local</span></a>, <a class="reference internal" href="../../reference/storage_drivers/#storage-drivers-remote"><span class="std std-ref">Remote</span></a>, and <a class="reference internal" href="../../reference/storage_drivers/#storage-drivers-shared"><span class="std std-ref">Shared</span></a></p></td> <td><p>Allows creating storage volume snapshots. This also requires VolumeSnapshot custom resource definition (CRD).</p></td> </tr> <tr class="row-even"><td><p>Volume cloning</p></td> <td><p>✓</p></td> <td><p><a class="reference internal" href="../../reference/storage_drivers/#storage-drivers-local"><span class="std std-ref">Local</span></a>, <a class="reference internal" href="../../reference/storage_drivers/#storage-drivers-remote"><span class="std std-ref">Remote</span></a>, and <a class="reference internal" href="../../reference/storage_drivers/#storage-drivers-shared"><span class="std std-ref">Shared</span></a></p></td> <td><p>Allows using existing storage volume as a source for a new one.</p></td> </tr> <tr class="row-odd"><td><p>Topology-aware scheduling</p></td> <td><p>✓</p></td> <td><p><a class="reference internal" href="../../reference/storage_drivers/#storage-drivers-local"><span class="std std-ref">Local</span></a></p></td> <td><p>Access to local volumes is by default restricted to nodes on the same LXD cluster member. The driver sets topology constraints accordingly so the scheduler can place Pods on compatible nodes.</p></td> </tr> </tbody> </table> </div> </section> <section id="architecture"> <span id="exp-csi-architecture"></span><h2>Architecture<a class="headerlink" href="#architecture" title="Link to this heading">¶</a></h2> <p>The LXD CSI driver follows the Container Storage Interface (CSI) model. It is deployed in Kubernetes as a set of controller and node components that interact with the Kubernetes API server, Kubelet, and the LXD API to provision and manage storage volumes.</p> <p>The diagram below illustrates the main components and their interactions:</p> <figure class="align-default"> <a class="reference internal image-reference" href="../../_images/architecture.svg"><img alt="LXD CSI driver architecture" src="../../_images/architecture.svg" style="width: 100%;" /> </a> </figure> <section id="components"> <span id="exp-csi-architecture-components"></span><h3>Components<a class="headerlink" href="#components" title="Link to this heading">¶</a></h3> <p>The LXD CSI driver primarily consists of the controller and node services. The controller service is responsible for external volume management operations, such as creating storage volumes and attaching them to the Kubernetes nodes. The node service, on the other hand, handles internal node operations, such as mounting attached volume to the desired Kubernetes Pod.</p> <section id="lxd-and-devlxd"> <span id="exp-csi-architecture-devlxd"></span><h4>LXD and DevLXD<a class="headerlink" href="#lxd-and-devlxd" title="Link to this heading">¶</a></h4> <p>LXD provides the storage backend for the LXD CSI driver.</p> <p>The driver primarily interacts with the <a class="reference internal" href="../../dev-lxd/#dev-lxd"><span class="std std-ref">DevLXD API</span></a>, which exposes LXD functionality to local processes inside an instance through the <code class="docutils literal notranslate"><span class="pre">/dev/lxd/sock</span></code> Unix socket. In virtual machines, a LXD agent running inside the guest VM intercepts requests on this socket and delivers them to the DevLXD API over a Vsock connection, providing the same experience as in containers.</p> <p>When a request is received, the DevLXD API first verifies that the caller is authorized to perform the requested operation on the target entity (for example, a storage volume). If authorized, the corresponding handler in the main <a class="reference internal" href="../../rest-api/#rest-api"><span class="std std-ref">LXD API</span></a> is invoked to execute the operation against the configured storage backend.</p> </section> <section id="control-plane-components"> <span id="exp-csi-architecture-cp"></span><h4>Control plane components<a class="headerlink" href="#control-plane-components" title="Link to this heading">¶</a></h4> <section id="kubernetes-api-server"> <span id="exp-csi-architecture-cp-k8s-api"></span><h5>Kubernetes API server<a class="headerlink" href="#kubernetes-api-server" title="Link to this heading">¶</a></h5> <p>At the core of Kubernetes, the <a class="reference external" href="https://kubernetes.io/docs/concepts/overview/kubernetes-api/">API server ↗</a> acts as the single source of truth for cluster state. It stores objects such as Pods, PersistentVolumeClaims (PVCs), PersistentVolumes (PVs), and VolumeAttachments. All CSI components, Kubelets, and controllers observe the API server for changes and reconcile state accordingly.</p> </section> <section id="csi-controller-service"> <span id="exp-csi-architecture-cp-controller"></span><h5>CSI controller service<a class="headerlink" href="#csi-controller-service" title="Link to this heading">¶</a></h5> <p>The CSI controller service implements the controller-side Remote Procedure Calls (RPCs) defined by the CSI specification. It runs as a Kubernetes Deployment and communicates with the LXD API through the DevLXD socket. The controller is responsible for creating and deleting volumes, as well as attaching and detaching them from nodes.</p> <p>Alongside the controller run the CSI controller sidecars, helper containers maintained by the Kubernetes CSI project. These integrate the controller with Kubernetes resources.</p> <ul class="simple"> <li><p><code class="docutils literal notranslate"><span class="pre">external-provisioner</span></code>: watches PVCs and PVs and invokes volume creation or deletion.</p></li> <li><p><code class="docutils literal notranslate"><span class="pre">external-attacher</span></code>: watches VolumeAttachment objects and invokes volume attachment or detachment.</p></li> <li><p><code class="docutils literal notranslate"><span class="pre">external-resizer</span></code>: watches for PVC updates and triggers volume expansion when user requests more storage on a PVC object.</p></li> <li><p><code class="docutils literal notranslate"><span class="pre">livenessprobe</span></code>: exposes an HTTP <code class="docutils literal notranslate"><span class="pre">/healthz</span></code> endpoint used by the Kubelet as a liveness probe to monitor the health of the CSI driver.</p></li> </ul> <p>Leader election ensures that only one replica of the controller sidecars is active at a time.</p> </section> </section> <section id="node-components"> <span id="exp-csi-architecture-node"></span><h4>Node components<a class="headerlink" href="#node-components" title="Link to this heading">¶</a></h4> <section id="kubelet"> <span id="exp-csi-architecture-node-kubelet"></span><h5>Kubelet<a class="headerlink" href="#kubelet" title="Link to this heading">¶</a></h5> <p>On every worker node, the <a class="reference external" href="https://kubernetes.io/docs/concepts/architecture/#kubelet">Kubelet ↗</a> monitors the API server for Pods scheduled to run on that node. Before starting Pod containers, it invokes the CSI node plugin to stage and publish any required volumes.</p> </section> <section id="csi-node-service"> <span id="exp-csi-architecture-node-node"></span><h5>CSI node service<a class="headerlink" href="#csi-node-service" title="Link to this heading">¶</a></h5> <p>The CSI node service runs as a DaemonSet on every worker node and implements the node-side RPCs of the CSI specification. It bind-mounts volumes into Pods when requested and cleans up mount points when Pods are deleted.</p> <p>Supporting the node service are the node CSI sidecars, most notably the <code class="docutils literal notranslate"><span class="pre">node-driver-registrar</span></code>, which registers the plugin with Kubelet so that it can receive volume operations.</p> <p>The node service also communicates with the local DevLXD API socket to determine which LXD cluster member the node is running on. This information is used to configure topology constraints, ensuring that the Kubernetes scheduler only places Pods on nodes that can access the required volumes, since local volumes created on one cluster member cannot be attached to another.</p> </section> </section> </section> <section id="relation-to-kubernetes-primitives"> <span id="exp-csi-architecture-k8s-primitives"></span><h3>Relation to Kubernetes primitives<a class="headerlink" href="#relation-to-kubernetes-primitives" title="Link to this heading">¶</a></h3> <p>The LXD CSI driver integrates directly with standard Kubernetes storage objects and translates them into LXD operations.</p> <section id="storageclass"> <span id="exp-csi-architecture-k8s-primitives-sc"></span><h4>StorageClass<a class="headerlink" href="#storageclass" title="Link to this heading">¶</a></h4> <p>A <a class="reference external" href="https://kubernetes.io/docs/concepts/storage/storage-classes/">StorageClass ↗</a>, as defined for the LXD CSI driver, represents a LXD storage pool where volumes are created and managed. The StorageClass also defines default settings applied to every volume created with that StorageClass. These settings cover provisioning timing, volume parameters, mount options, and reclaim behavior. When a PersistentVolumeClaim references a StorageClass, the driver provisions the volume in the selected LXD storage pool using those settings. Multiple StorageClasses can reference the same LXD storage pool while keeping different defaults.</p> </section> <section id="persistentvolumeclaim-pvc"> <span id="exp-csi-architecture-k8s-primitives-pvc"></span><h4>PersistentVolumeClaim (PVC)<a class="headerlink" href="#persistentvolumeclaim-pvc" title="Link to this heading">¶</a></h4> <p>A <a class="reference external" href="https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims">PVC ↗</a> represents a user request for storage volume. When a PVC references a StorageClass for the LXD CSI driver, the <code class="docutils literal notranslate"><span class="pre">external-provisioner</span></code> sidecar detects it and invokes the driver’s controller over RPC to create the volume in the configured LXD storage pool.</p> </section> <section id="persistentvolume-pv"> <span id="exp-csi-architecture-k8s-primitives-pv"></span><h4>PersistentVolume (PV)<a class="headerlink" href="#persistentvolume-pv" title="Link to this heading">¶</a></h4> <p>Each PVC that is successfully provisioned is bound to a <a class="reference external" href="https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistent-volumes">PV ↗</a>. The PV contains metadata such as capacity, access mode, and an identifier managed by the driver, referencing the LXD volume. The PV therefore serves as the Kubernetes-side representation of the LXD volume.</p> </section> <section id="volumeattachment"> <span id="exp-csi-architecture-k8s-primitives-va"></span><h4>VolumeAttachment<a class="headerlink" href="#volumeattachment" title="Link to this heading">¶</a></h4> <p>When a volume is attached to a node, Kubernetes creates a <a class="reference external" href="https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/volume-attachment-v1/">VolumeAttachment ↗</a> object to track the relationship between a volume and the node. The <code class="docutils literal notranslate"><span class="pre">external-attacher</span></code> sidecar watches these objects and invokes the driver’s controller to attach or detach the volume as needed. With the LXD CSI driver, this attaches or detaches the LXD volume to the target LXD instance.</p> </section> </section> </section> <section id="life-cycle"> <span id="exp-csi-lifecycle"></span><h2>Life cycle<a class="headerlink" href="#life-cycle" title="Link to this heading">¶</a></h2> <figure class="align-default"> <a class="reference internal image-reference" href="../../_images/lifecycle.svg"><img alt="LXD CSI driver life cycle" src="../../_images/lifecycle.svg" style="width: 100%;" /> </a> </figure> <p>The diagram above illustrates how a Pod with a PersistentVolumeClaim (PVC) progresses through the CSI volume life cycle. It shows the interactions between the Kubernetes control plane, the LXD CSI driver, and the LXD storage backend.</p> <ol class="arabic simple"> <li><p>An administrator creates a Pod that references a PVC.</p></li> <li><p>The Kubernetes scheduler assigns the Pod to a specific worker node.</p></li> <li><p>The <code class="docutils literal notranslate"><span class="pre">external-provisioner</span></code> sidecar requests volume creation from the CSI controller. If the volume is successfully created, the external-attacher similarly requests the volume to be attached to the previously selected node.</p></li> <li><p>The request is authorized by the DevLXD API, which verifies that the desired operation is allowed to be executed on a particular LXD entity.</p></li> <li><p>Upon successful authorization, the request is forwarded to the main LXD API.</p></li> <li><p>The LXD API creates the requested volume in the configured storage pool.</p></li> <li><p>The volume is attached to the node where the Pod was previously scheduled.</p></li> <li><p>Kubelet invokes the CSI node service requesting the attached volume to be mounted into the Pod.</p></li> <li><p>The node service bind-mounts the volume into the Pod.</p></li> <li><p>With the volume mounted and available, Kubelet starts the Pod’s containers.</p></li> </ol> <p>When the Pod and PVC are deleted, these steps run in reverse order. The volume is unpublished, detached from the node, and finally deleted from the LXD storage pool.</p> </section> <section id="security"> <span id="exp-csi-security"></span><h2>Security<a class="headerlink" href="#security" title="Link to this heading">¶</a></h2> <p>The LXD CSI driver relies on the <a class="reference internal" href="../../dev-lxd/#dev-lxd"><span class="std std-ref">DevLXD APIs</span></a> for volume management. These APIs are disabled by default and must be explicitly enabled on each instance that is hosting a Kubernetes node through the <a class="configref reference internal" href="../../reference/instance_options/#instance-security:security.devlxd"><code class="docutils literal notranslate"><span class="pre">security.devlxd</span></code></a> and <a class="configref reference internal" href="../../reference/instance_options/#instance-security:security.devlxd.management.volumes"><code class="docutils literal notranslate"><span class="pre">security.devlxd.management.volumes</span></code></a> configuration options.</p> <p>DevLXD enforces project-level isolation, allowing access to LXD entities only within a project where an invoked instance is running. As a result, each Kubernetes cluster must run inside a single LXD <a class="reference internal" href="../projects/#exp-projects"><span class="std std-ref">project</span></a>.</p> <p>Operations that require elevated permissions (such as creating or attaching volumes) use token-based authentication. The token, stored as a Kubernetes Secret, identifies the caller and is checked by LXD’s <a class="reference internal" href="../authorization/#fine-grained-authorization"><span class="std std-ref">Fine-grained authorization</span></a> system. Ownership of volumes, snapshots, and devices is tracked in the LXD configuration and ensures the identity can later manage only entities it has previously created.</p> </section> <section id="related-topics"> <h2>Related topics<a class="headerlink" href="#related-topics" title="Link to this heading">¶</a></h2> <p>How-to guides:</p> <ul class="simple"> <li><p><a class="reference internal" href="../../howto/storage_csi/#howto-storage-csi"><span class="std std-ref">How to use the LXD CSI driver with Kubernetes</span></a></p></li> </ul> <p>Reference:</p> <ul class="simple"> <li><p><a class="reference internal" href="../../reference/driver_csi/#ref-csi"><span class="std std-ref">LXD CSI driver reference</span></a></p></li> </ul> </section> </section> </article> </div> <footer> <div class="related-pages"> <a class="next-page" href="../../reference/"> <div class="page-info"> <div class="context"> <span>Next</span> </div> <div class="title">Reference</div> </div> <svg class="furo-related-icon"><use href="#svg-arrow-right"></use></svg> </a> <a class="prev-page" href="../bpf/"> <svg class="furo-related-icon"><use href="#svg-arrow-right"></use></svg> <div class="page-info"> <div class="context"> <span>Previous</span> </div> <div class="title">Privilege delegation using BPF Token</div> </div> </a> </div> <div class="bottom-of-page"> <div class="left-details"> <div class="copyright"> Copyright © 2014-2025 LXD contributors </div> <div class="last-updated"> Last updated on Nov 27, 2025</div> <div class="show-source"> <a class="muted-link" href="../../_sources/explanation/csi.md.txt" rel="nofollow">Show source</a> </div> </div> <div> <a class="display-contributors">Thanks to our contributor!</a> <div id="overlay"></div> <ul class="all-contributors"> <li> <a href="https://github.com/canonical/lxd/commit/58d900c0ea4894084dc4ba83eb95dbc6d86d6903" class="contributor">Din Music</a> </li> </ul> </div> <div class="right-details"> <div class="ask-discourse"> <a class="muted-link" href="https://discourse.ubuntu.com/c/lxd/">Ask a question on Discourse</a> </div> <div class="ask-matrix"> <a class="muted-link" href="https://matrix.to/#/#documentation:ubuntu.com">Ask a question on Matrix</a> </div> <div class="issue-github"> <a class="muted-link" href="https://github.com/canonical/lxd/issues/new?title=doc%3A+ADD+A+TITLE&body=DESCRIBE+THE+ISSUE%0A%0A---%0ADocument: explanation/csi.md">Open a GitHub issue for this page</a> </div> <div class="edit-github"> <a class="muted-link" href="https://github.com/canonical/lxd/edit/main/doc/explanation/csi.md">Edit this page on GitHub</a> </div> </div> </div> </div> </footer> </div> <aside class="toc-drawer"> <div class="toc-sticky toc-scroll"> <div class="toc-title-container"> <span class="toc-title"> Contents </span> </div> <div class="toc-tree-container"> <div class="toc-tree"> <ul> <li><a class="reference internal" href="#">The LXD CSI driver</a><ul> <li><a class="reference internal" href="#storage-capabilities">Storage capabilities</a></li> <li><a class="reference internal" href="#architecture">Architecture</a><ul> <li><a class="reference internal" href="#components">Components</a><ul> <li><a class="reference internal" href="#lxd-and-devlxd">LXD and DevLXD</a></li> <li><a class="reference internal" href="#control-plane-components">Control plane components</a><ul> <li><a class="reference internal" href="#kubernetes-api-server">Kubernetes API server</a></li> <li><a class="reference internal" href="#csi-controller-service">CSI controller service</a></li> </ul> </li> <li><a class="reference internal" href="#node-components">Node components</a><ul> <li><a class="reference internal" href="#kubelet">Kubelet</a></li> <li><a class="reference internal" href="#csi-node-service">CSI node service</a></li> </ul> </li> </ul> </li> <li><a class="reference internal" href="#relation-to-kubernetes-primitives">Relation to Kubernetes primitives</a><ul> <li><a class="reference internal" href="#storageclass">StorageClass</a></li> <li><a class="reference internal" href="#persistentvolumeclaim-pvc">PersistentVolumeClaim (PVC)</a></li> <li><a class="reference internal" href="#persistentvolume-pv">PersistentVolume (PV)</a></li> <li><a class="reference internal" href="#volumeattachment">VolumeAttachment</a></li> </ul> </li> </ul> </li> <li><a class="reference internal" href="#life-cycle">Life cycle</a></li> <li><a class="reference internal" href="#security">Security</a></li> <li><a class="reference internal" href="#related-topics">Related topics</a></li> </ul> </li> </ul> </div> </div> </div> </aside> </div> </div><script src="../../_static/jquery.js?v=5d32c60e"></script> <script src="../../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script> <script src="../../_static/documentation_options.js?v=187304be"></script> <script src="../../_static/doctools.js?v=9bcbadda"></script> <script src="../../_static/sphinx_highlight.js?v=dc90522c"></script> <script src="../../_static/scripts/furo.js?v=46bd48cc"></script> <script src="../../_static/clipboard.min.js?v=a7894cd8"></script> <script src="../../_static/copybutton.js?v=f281be69"></script> <script src="../../_static/config-options.js"></script> <script src="../../_static/design-tabs.js?v=f930bc37"></script> <script src="../../_static/header-nav.js?v=e117ad08"></script> <script src="../../_static/footer.js?v=5acea47a"></script> <script src="../../_static/github_issue_links.js?v=32bb732f"></script> <script src="../../_static/js/bundle.js?v=a4d88309"></script> <script> const github_url = "https://github.com/canonical/lxd"; </script> </body> </html>
Copyright ©2k19 -
Hexid
|
Tex7ure