Enforcing precedence for key rotation

Configure how Fusion Data Foundation determines key rotation order by enforcing precedence between persistent volume claims (PVCs) and storage classes.

In key rotation, precedence refers to the order in which the system checks for scheduled annotations. In Fusion Data Foundation, the default precedence is set to storage class (recommended). This means the system reads annotations only from the storage class.

However, if you want the system to check the PVC first and then fall back to the storage class, you can configure this behavior by setting the schedule-precedence to PVC in the CSI-addons ConfigMap.

You can define the ConfigMap for csi-addons as follows:

apiVersion: v1
kind: ConfigMap
metadata:
  name: csi-addons-config
  namespace: openshift-storage
data:
  "schedule-precedence": "pvc"

Restart the csi-addons operator pod for the changes to take effect:

oc delete po -n openshift-storage -l "app.kubernetes.io/name=csi-addons"