mattcary · mattcary · May 16, 2020 · May 4, 2020 · May 6, 2020 · May 7, 2020
diff --git a/README.md b/README.md
@@ -70,7 +70,7 @@ that represents availability by zone.
 | Snapshots       | Alpha | 1.13                          | Any                          | v0.3.0             | Alpha              |
 | Resize (Expand) | Alpha | 1.14                          | 1.14                         | v0.6.0             | Alpha              |
 | Resize (Expand) | Beta  | 1.16                          | 1.16                         | v0.7.0             | Stable             |
-
+| Snapshots       | Beta  | 1.17                          | Any                          | master             | Stable             |
 
 ### Future Features
 

diff --git a/deploy/kubernetes/base/controller.yaml b/deploy/kubernetes/base/controller.yaml
@@ -48,6 +48,14 @@ spec:
           volumeMounts:
             - name: socket-dir
               mountPath: /csi
+        - name: csi-snapshotter
+          image: gke.gcr.io/csi-snapshotter
+          args:
+            - "--v=5"
+            - "--csi-address=/csi/csi.sock"
+          volumeMounts:
+            - name: socket-dir
+              mountPath: /csi
         - name: gce-pd-driver
           # Don't change base image without changing pdImagePlaceholder in
           # test/k8s-integration/main.go

diff --git a/deploy/kubernetes/base/setup-cluster.yaml b/deploy/kubernetes/base/setup-cluster.yaml
@@ -36,7 +36,12 @@ rules:
   - apiGroups: [""]
     resources: ["nodes"]
     verbs: ["get", "list", "watch"]
-
+  - apiGroups: ["snapshot.storage.k8s.io"]
+    resources: ["volumesnapshots"]
+    verbs: ["get", "list"]
+  - apiGroups: ["snapshot.storage.k8s.io"]
+    resources: ["volumesnapshotcontents"]
+    verbs: ["get", "list"]
 ---
 
 kind: ClusterRoleBinding
@@ -193,3 +198,36 @@ roleRef:
 subjects:
 - kind: ServiceAccount
   name: csi-gce-pd-node-sa
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: csi-gce-pd-snapshotter-role
+rules:
+  - apiGroups: [""]
+    resources: ["events"]
+    verbs: ["list", "watch", "create", "update", "patch"]
+  # Secrets resource omitted since GCE PD snapshots does not require them
+  - apiGroups: ["snapshot.storage.k8s.io"]
+    resources: ["volumesnapshotclasses"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["snapshot.storage.k8s.io"]
+    resources: ["volumesnapshotcontents"]
+    verbs: ["create", "get", "list", "watch", "update", "delete"]
+  - apiGroups: ["snapshot.storage.k8s.io"]
+    resources: ["volumesnapshotcontents/status"]
+    verbs: ["update"]
+---
+
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: csi-gce-pd-controller-snapshotter-binding
+subjects:
+  - kind: ServiceAccount
+    name: csi-gce-pd-controller-sa
+roleRef:
+  kind: ClusterRole
+  name: csi-gce-pd-snapshotter-role
+  apiGroup: rbac.authorization.k8s.io
diff --git a/deploy/kubernetes/overlays/alpha/controller_add_snapshotter.yaml b/deploy/kubernetes/overlays/alpha/controller_add_snapshotter.yaml
diff --git a/deploy/kubernetes/overlays/alpha/kustomization.yaml b/deploy/kubernetes/overlays/alpha/kustomization.yaml
@@ -2,17 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 bases:
 - ../stable
-patches:
-- controller_add_snapshotter.yaml
-patchesJson6902:
-- target:
-    group: rbac.authorization.k8s.io
-    version: v1
-    kind: ClusterRole
-    name: csi-gce-pd-provisioner-role
-  path: rbac_add_snapshots_to_provisioner.yaml
-resources:
-- rbac_add_snapshotter.yaml
-# Reapplying namespace transformer to include newly added RBAC rules.
-namespace:
-  gce-pd-csi-driver
+
diff --git a/deploy/kubernetes/overlays/alpha/rbac_add_snapshots_to_provisioner.yaml b/deploy/kubernetes/overlays/alpha/rbac_add_snapshots_to_provisioner.yaml
diff --git a/deploy/kubernetes/overlays/alpha/rbac_add_snapshotter.yaml b/deploy/kubernetes/overlays/alpha/rbac_add_snapshotter.yaml
diff --git a/deploy/kubernetes/overlays/prow-gke-release-staging-head/kustomization.yaml b/deploy/kubernetes/overlays/prow-gke-release-staging-head/kustomization.yaml
@@ -18,3 +18,6 @@ images:
 - name: gke.gcr.io/csi-resizer
   newName: quay.io/k8scsi/csi-resizer
   newTag: "canary"
+- name: gke.gcr.io/csi-snapshotter
+  newName: quay.io/k8scsi/csi-snapshotter
+  newTag: "canary"
diff --git a/deploy/kubernetes/overlays/prow-gke-release-staging-rc/enable_sidecar_metrics.yaml b/deploy/kubernetes/overlays/prow-gke-release-staging-rc/enable_sidecar_metrics.yaml
@@ -12,3 +12,8 @@
 - op: add
   path: /spec/template/spec/containers/2/args/-
   value: "--metrics-address=:22013"
+
+# for external-snapshotter
+- op: add
+  path: /spec/template/spec/containers/3/args/-
+  value: "--metrics-address=:22014"
diff --git a/deploy/kubernetes/overlays/prow-gke-release-staging-rc/kustomization.yaml b/deploy/kubernetes/overlays/prow-gke-release-staging-rc/kustomization.yaml
@@ -18,7 +18,9 @@ images:
 - name: gke.gcr.io/csi-resizer
   newName: gcr.io/gke-release-staging/csi-resizer
   newTag: "v0.5.0-gke.0"
-
+- name: gke.gcr.io/csi-snapshotter
+  newName: gcr.io/gke-release-staging/csi-snapshotter
+  newTag: "v2.1.1-gke.0"
 patchesJson6902:
 - target:
     group: apps

diff --git a/deploy/kubernetes/overlays/stable/kustomization.yaml b/deploy/kubernetes/overlays/stable/kustomization.yaml
@@ -20,3 +20,6 @@ images:
 - name: gke.gcr.io/csi-resizer
   newName: gke.gcr.io/csi-resizer
   newTag: "v0.4.0-gke.0"
+- name: gke.gcr.io/csi-snapshotter
+  newName: gke.gcr.io/csi-snapshotter
+  newTag: "v2.1.1-gke.0"
diff --git a/docs/kubernetes/user-guides/snapshots.md b/docs/kubernetes/user-guides/snapshots.md
@@ -1,25 +1,8 @@
-# Kubernetes Snapshots User Guide (Alpha)
+# Kubernetes Snapshots User Guide (Beta)
 
->**Attention:** VolumeSnapshot is an alpha feature. Make sure you have enabled it in Kubernetes API server using `--feature-gates=VolumeSnapshotDataSource=true` flag.
+>**Attention:** Attention: VolumeSnapshot is a Beta feature enabled by default in Kubernetes 1.17+. Attention: VolumeSnapshot is only available in the driver version "master".
 
-### Install Driver with alpha snapshot feature
-
-1. [One-time per project] Create GCP service account for the CSI driver and set required roles
-
-    ```
-    PROJECT=your-project-here                       # GCP project
-    GCE_PD_SA_NAME=my-gce-pd-csi-sa                 # Name of the service account to create
-    GCE_PD_SA_DIR=/my/safe/credentials/directory    # Directory to save the service account key
-    ./deploy/setup-project.sh
-    ```
-
-1. Deploy driver to Kubernetes Cluster
-
-    ```
-    GCE_PD_SA_DIR=/my/safe/credentials/directory    # Directory to get the service account key
-    GCE_PD_DRIVER_VERSION=alpha                     # Driver version to deploy
-    ./deploy/kubernetes/deploy-driver.sh
-    ```
+### Install Driver with beta snapshot feature as described [here](driver-install.md)
 
 ### Snapshot Example
 
@@ -79,19 +62,34 @@
     The output is similar to this:
 
     ```yaml
-    apiVersion: snapshot.storage.k8s.io/v1alpha1
     kind: VolumeSnapshot
     metadata:
-      ...
-      name: snapshot-source-pvc
-      namespace: default
-      ...
+        creationTimestamp: "2020-05-13T21:48:08Z"
+        finalizers:
+        - snapshot.storage.kubernetes.io/volumesnapshot-as-source-protection
+        - snapshot.storage.kubernetes.io/volumesnapshot-bound-protection
+        generation: 1
+        managedFields:
+        - apiVersion: snapshot.storage.k8s.io/v1beta1
+        fieldsType: FieldsV1
+        fieldsV1:
+            f:status:
+            f:readyToUse: {}
+        manager: snapshot-controller
+        operation: Update
+        time: "2020-05-13T21:49:42Z"
+        name: snapshot-source-pvc
+        namespace: default
+        resourceVersion: "531499"
+        selfLink: /apis/snapshot.storage.k8s.io/v1beta1/namespaces/default/volumesnapshots/snapshot-source-pvc
+        uid: a10fd0ff-b868-4527-abe7-74d5b420731e
     spec:
-      snapshotClassName: default-snapshot-class
-      snapshotContentName: snapcontent-b408076b-720b-11e9-b9e3-42010a800014
-      ...
+      source:
+        persistentVolumeClaimName: source-pvc
+      volumeSnapshotClassName: csi-gce-pd-snapshot-class
     status:
-      creationTime: "2019-05-09T03:37:01Z"
+      boundVolumeSnapshotContentName: snapcontent-a10fd0ff-b868-4527-abe7-74d5b420731e
+      creationTime: "2020-05-13T21:48:43Z"
       readyToUse: true
       restoreSize: 6Gi
     ```

diff --git a/examples/kubernetes/snapshot/default-volumesnapshotclass.yaml b/examples/kubernetes/snapshot/default-volumesnapshotclass.yaml
@@ -1,7 +1,6 @@
-apiVersion: snapshot.storage.k8s.io/v1alpha1
+apiVersion: snapshot.storage.k8s.io/v1beta1
 kind: VolumeSnapshotClass
 metadata:
-  annotations:
-    snapshot.storage.kubernetes.io/is-default-class: "true"
-  name: default-snapshot-class
-snapshotter: pd.csi.storage.gke.io
+  name: csi-gce-pd-snapshot-class
+driver: pd.csi.storage.gke.io
+deletionPolicy: Delete
diff --git a/examples/kubernetes/snapshot/snapshot.yaml b/examples/kubernetes/snapshot/snapshot.yaml
@@ -1,8 +1,8 @@
-apiVersion: snapshot.storage.k8s.io/v1alpha1
+apiVersion: snapshot.storage.k8s.io/v1beta1
 kind: VolumeSnapshot
 metadata:
   name: snapshot-source-pvc
 spec:
+  volumeSnapshotClassName: csi-gce-pd-snapshot-class
   source:
-    kind: PersistentVolumeClaim
-    name: source-pvc
+    persistentVolumeClaimName: source-pvc
diff --git a/test/k8s-integration/config/pd-volumesnapshotclass.yaml b/test/k8s-integration/config/pd-volumesnapshotclass.yaml
@@ -0,0 +1,6 @@
+apiVersion: snapshot.storage.k8s.io/v1beta1
+kind: VolumeSnapshotClass
+metadata:
+  name: csi-gce-pd-snapshot-class
+driver: pd.csi.storage.gke.io
+deletionPolicy: Delete
diff --git a/test/k8s-integration/config/test-config-template.in b/test/k8s-integration/config/test-config-template.in
@@ -1,5 +1,9 @@
 StorageClass:
   FromFile: {{.StorageClassFile}}
+{{if .SnapshotClassFile }}
+SnapshotClass:
+  FromFile: {{ .SnapshotClassFile }}
+{{end}}
 DriverInfo:
   Name: csi-gcepd
   SupportedFsType:

diff --git a/test/k8s-integration/driver-config.go b/test/k8s-integration/driver-config.go
@@ -9,8 +9,9 @@ import (
 )
 
 type driverConfig struct {
-	StorageClassFile string
-	Capabilities     []string
+	StorageClassFile  string
+	SnapshotClassFile string
+	Capabilities      []string
 }
 
 const (
@@ -21,7 +22,7 @@ const (
 
 // generateDriverConfigFile loads a testdriver config template and creates a file
 // with the test-specific configuration
-func generateDriverConfigFile(pkgDir, storageClassFile, deploymentStrat string) (string, error) {
+func generateDriverConfigFile(pkgDir, storageClassFile, snapshotClassFile, deploymentStrat string) (string, error) {
 	// Load template
 	t, err := template.ParseFiles(filepath.Join(pkgDir, testConfigDir, configTemplateFile))
 	if err != nil {
@@ -51,7 +52,6 @@ func generateDriverConfigFile(pkgDir, storageClassFile, deploymentStrat string)
 	}
 
 	/* Unsupported Capabilities:
-	   snapshotDataSource
 	   pvcDataSource
 	   RWX
 	   volumeLimits # PD Supports volume limits but test is very slow
@@ -72,9 +72,18 @@ func generateDriverConfigFile(pkgDir, storageClassFile, deploymentStrat string)
 		return "", fmt.Errorf("got unknown deployment strat %s, expected gce or gke", deploymentStrat)
 	}
 
+	var absSnapshotClassFilePath string
+	// If snapshot class is passed in as argument, include snapshot specific driver capabiltiites.
+	if snapshotClassFile != "" {
+		caps = append(caps, "snapshotDataSource")
+		// Update the absolute file path pointing to the snapshot class file, if it is provided as an argument.
+		absSnapshotClassFilePath = filepath.Join(pkgDir, testConfigDir, snapshotClassFile)
+	}
+
 	params := driverConfig{
-		StorageClassFile: filepath.Join(pkgDir, testConfigDir, storageClassFile),
-		Capabilities:     caps,
+		StorageClassFile:  filepath.Join(pkgDir, testConfigDir, storageClassFile),
+		SnapshotClassFile: absSnapshotClassFilePath,
+		Capabilities:      caps,
 	}
 
 	// Write config file