Storage classes
Kestrel provides two OpenStack Cinder storage classes: csi-cinder-sc-delete (the default; reclaim policy Delete) and csi-cinder-sc-retain (reclaim policy Retain). Both are block volumes and support ReadWriteOnce only. ReadWriteMany (shared) volumes are not offered through a storage class — open a ticket with RCS to have a per-tenant NFS volume provisioned. These are the only two storage classes allowed on the cluster; naming any other storageClassName is rejected at admission and the PVC stays Pending.
csi-cinder-sc-delete (default)
Section titled “csi-cinder-sc-delete (default)”| Property | Value |
|---|---|
| Provisioner | cinder.csi.openstack.org |
| Access modes | ReadWriteOnce (RWO) |
| Volume type | Block (Cinder volume) |
| Reclaim policy | Delete |
| Backup | None (tenant-accessible) |
This is the cluster default — a PVC that omits storageClassName gets csi-cinder-sc-delete. Each volume is a Cinder block volume mounted into exactly one Pod at a time. Use this for any single-writer workload: databases, caches, processing pipelines, or any Pod that needs dedicated storage where it is acceptable for the volume to be destroyed when the claim is deleted.
RWO means the volume can be mounted by one node at a time. If you reschedule the Pod to a different node (e.g. during a rolling update), the volume detaches and reattaches — there is a brief unavailability window during the transition, but no data is lost.
csi-cinder-sc-retain
Section titled “csi-cinder-sc-retain”| Property | Value |
|---|---|
| Provisioner | cinder.csi.openstack.org |
| Access modes | ReadWriteOnce (RWO) |
| Volume type | Block (Cinder volume) |
| Reclaim policy | Retain |
| Backup | None (tenant-accessible) |
csi-cinder-sc-retain is identical to the default class except that deleting the PVC leaves the underlying Cinder volume in place. The PersistentVolume moves to Released rather than being deleted, so the data survives an accidental kubectl delete pvc. Use this for stateful data you cannot afford to lose to a mistaken claim deletion. Note that a Released volume is not automatically rebound to a new PVC — recovery requires manual intervention, so this is a safety net against deletion, not a self-service restore mechanism.
When to pick which
Section titled “When to pick which”| Scenario | Class |
|---|---|
| Single-Pod database or cache | csi-cinder-sc-delete |
| Processing pipeline with one writer | csi-cinder-sc-delete |
| Stateful data that must survive accidental PVC deletion | csi-cinder-sc-retain |
| Scratch or rebuildable data | csi-cinder-sc-delete |
| You are unsure | csi-cinder-sc-delete — it is the default |
Shared (ReadWriteMany) volumes
Section titled “Shared (ReadWriteMany) volumes”Neither storage class supports ReadWriteMany — both are block volumes restricted to ReadWriteOnce. There is no storage class on Kestrel that provisions a shared, multi-writer volume. If multiple Pods need to read and write the same path concurrently, RCS can provision a per-tenant NFS volume and wire it in as a static PersistentVolume. Open a ticket to request one. See Persistent volumes in practice for the PV/PVC pattern once it has been provisioned.
What neither class provides
Section titled “What neither class provides”- Automatic backups. Neither class snapshots or replicates your data to an off-cluster location. If you need backups, build them into your workload (e.g. a CronJob that dumps to an external target).
- Shared (RWX) access. Both classes are block volumes limited to
ReadWriteOnce. Shared access requires a per-tenant NFS volume from RCS (see above). - Per-tenant encryption at rest. There is no per-PVC or per-tenant key — any at-rest protection is provided cluster-wide by the OpenStack storage layer, not tenant-scoped.
See Persistent volumes in practice for how to request a PVC using either class.