knative admission webhook: validation failed: Persistent volume claim support is disabled

Question

I am trying to deploy service on eks with knative installed on eks, here eks configured with fargate-profile. I want to mount efs to my service for that i have created StorageClass,PersistentVolume and PersistentVolumeClaim below are the respective yml

storageclass.yml

kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: my-sc
provisioner: efs.csi.aws.com
parameters:
  provisioningMode: efs-ap
  fileSystemId: fs-1234
  directoryPerms: "775"
reclaimPolicy: Retain

efs-pv.yml

kind: PersistentVolume
metadata:
  name: my-pv
spec:
  capacity:
    storage: 100Gi
  volumeMode: Filesystem
  accessModes:
    - ReadWriteMany
  persistentVolumeReclaimPolicy: Retain
  storageClassName: my-sc
  csi:
    driver: efs.csi.aws.com
    volumeHandle: fs-1234

efs-pvc.yml

kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: my-pvc
spec:
  accessModes:
    - ReadWriteMany
  storageClassName: my-sc
  resources:
    requests:
      storage: 100Gi

all the sc, pv and pvc get created successfully

Now I am trying to use my-pvc in my Service my-service.yml like below

apiVersion: serving.knative.dev/v1
kind: Service
metadata:
  name: myservice
  annotations:
    serving.knative.dev/efs-storage-class: my-sc
spec:
  template:
    spec:
      containers:
        - env:
            - name: key
              value: val
          image: image:latest
          ports:
            - containerPort: 8080
          volumeMounts:
            - mountPath: /app/data
              name: data
              readOnly: true # warning were given for not setting readOnly=true
      volumes:
        - name: data
          persistentVolumeClaim:
            claimName: my-pvc
            readOnly: true
    metadata:
      annotations:
        autoscaling.knative.dev/metric: concurrency
        autoscaling.knative.dev/target: '1'
        autoscaling.knative.dev/minScale: '1'
        autoscaling.knative.dev/maxScale: '5'
        autoscaling.knative.dev/scaleDownDelay: 60s
        autoscaling.knative.dev/window: 600s

when I try to run following command kubectl apply -f my-service.yml it gives validation error, here the complete error

Error from server (BadRequest): error when creating "my-service.yml": admission webhook "validation.webhook.serving.knative.dev" denied the request: validation failed: Persistent volume claim support is disabled, but found persistent volume claim my-pvc: must not set the field(s): spec.template.spec.volumes[0].persistentVolumeClaim

Error simply means PVC is disabled, in order to use PVC I need to enable PVC.

But How and where(in configMap?)?

in In serving-core.yml i found kubernetes.podspec-persistent-volume-claim: "Disabled" which is example.

So I have tried to add configMap (Just guess) with kubernetes.podspec-persistent-volume-claim like below:

apiVersion: v1
kind: ConfigMap
metadata:
  namespace: knative-serving
  name: kubernetes.podspec-persistent-volume-claim
data:
  kubernetes.podspec-persistent-volume-claim: enabled

But nothing changed only configmap got created, Any help will be appreciated

Answer 1

You need to set the flag in the config-features ConfigMap. That ConfigMap should already have one key, named _example. You'll need to add your key above or below the example. The _example key is ignored by Knative, but provides a place for documentation for system administrators.

Answer 2

The E. Anderson answer is correct: you need to set the flag in the config-features ConfigMap.

However, if you installed Knative Serving by using the Knative Operator, you'll need to set the config using the specific custom resource. Otherwise the Operator will reconcile and reset your configmap as soon as you edit it.

apiVersion: operator.knative.dev/v1beta1
kind: KnativeServing
metadata:
  name: knative-serving
spec:
  config:
    features:
      kubernetes.podspec-persistent-volume-claim: enabled
      kubernetes.podspec-persistent-volume-write: enabled