{"id":42307786,"url":"https://github.com/enix/san-iscsi-csi","last_synced_at":"2026-02-06T16:01:44.693Z","repository":{"id":46960526,"uuid":"337051842","full_name":"enix/san-iscsi-csi","owner":"enix","description":"Dothill (Seagate) AssuredSAN dynamic provisioner for Kubernetes (CSI plugin).","archived":true,"fork":false,"pushed_at":"2023-10-25T14:59:41.000Z","size":430,"stargazers_count":30,"open_issues_count":11,"forks_count":15,"subscribers_count":6,"default_branch":"main","last_synced_at":"2025-10-17T04:20:38.263Z","etag":null,"topics":["csi-driver","iscsi","kubernetes","multipath","persistent-volumes","storage"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/enix.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-02-08T11:21:13.000Z","updated_at":"2025-09-25T10:11:09.000Z","dependencies_parsed_at":"2024-06-19T00:11:27.755Z","dependency_job_id":"c940cb59-c231-44b7-a738-fa7280101500","html_url":"https://github.com/enix/san-iscsi-csi","commit_stats":null,"previous_names":["enix/dothill-csi"],"tags_count":36,"template":false,"template_full_name":null,"purl":"pkg:github/enix/san-iscsi-csi","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/enix%2Fsan-iscsi-csi","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/enix%2Fsan-iscsi-csi/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/enix%2Fsan-iscsi-csi/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/enix%2Fsan-iscsi-csi/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/enix","download_url":"https://codeload.github.com/enix/san-iscsi-csi/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/enix%2Fsan-iscsi-csi/sbom","scorecard":{"id":377462,"data":{"date":"2025-08-11","repo":{"name":"github.com/enix/san-iscsi-csi","commit":"b9470a5e68c114523605a9587d3262435e176a76"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.6,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Maintained","score":0,"reason":"project is archived","details":["Warn: Repository is archived."],"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: containerImage not pinned by hash: Dockerfile:20","Warn: containerImage not pinned by hash: Dockerfile:43: pin your Docker image by updating ubuntu:18.04 to ubuntu:18.04@sha256:152dc042452c496007f07ca9127571cb9c29697f42acbfad72324b2bb2e43c98","Info:   0 out of   2 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Vulnerabilities","score":8,"reason":"2 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2022-0322 / GHSA-cg3q-j54f-5p7p","Warn: Project is vulnerable to: GO-2023-2153 / GHSA-m425-mq94-257g / GHSA-qppj-fm5r-hxr3"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-18T14:36:09.101Z","repository_id":46960526,"created_at":"2025-08-18T14:36:09.101Z","updated_at":"2025-08-18T14:36:09.101Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29167870,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-06T15:38:29.831Z","status":"ssl_error","status_checked_at":"2026-02-06T15:37:48.592Z","response_time":59,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["csi-driver","iscsi","kubernetes","multipath","persistent-volumes","storage"],"created_at":"2026-01-27T11:12:46.285Z","updated_at":"2026-02-06T16:01:44.687Z","avatar_url":"https://github.com/enix.png","language":"Go","funding_links":[],"categories":["Go"],"sub_categories":[],"readme":"|❗ Warning |\n|:----------|\n|As of January 2023, this project is no longer maintained by Enix, and Seagate has taken over the project. We have archived the repository, and we invite you to join this project at [Seagate/seagate-exos-x-csi](https://github.com/Seagate/seagate-exos-x-csi).|\n\n\n# SAN iSCSI CSI driver\n\nA dynamic persistent volume (PV) provisioner for iSCSI-compatible SAN based storage systems.\n\n[![Build status](https://gitlab.com/enix.io/dothill-csi/badges/main/pipeline.svg)](https://gitlab.com/enix.io/dothill-csi/-/pipelines)\n[![Go Report Card](https://goreportcard.com/badge/github.com/enix/san-iscsi-csi)](https://goreportcard.com/report/github.com/enix/san-iscsi-csi)\n[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0)\n\n## Introduction\n\nDealing with persistent storage on kubernetes can be particularly cumbersome, especially when dealing with on-premises installations, or when the cloud-provider persistent storage solutions are not applicable.\n\nEntry-level SAN appliances usually propose a low-cost, still powerful, solution to enable redundant persistent storage, with the flexibility of attaching it to any host on your network.\n\n## This project\n\n`san-iscsi-csi` implements the **Container Storage Interface** in order to facilitate dynamic provisioning of persistent volumes, on an iSCSI-compatible SAN based storage, from a kubernetes cluster.\n\nConsidering that this project reached a certain level of maturity, and as of version `3.0.0`, this csi driver is proposed as an open-source project.\nAs of version `4.0.0` it is distributed under the Apache 2.0 [license](./LICENSE).\n\nMigration process between v3.x and v4.x (and between all major versions more generally) is described in a dedicated [documentation page](./docs/migrate-from-v3-to-v4.md).\n\n### Equipment compatibility\n\nAlthough this project is developped and tested on HPE MSA 2050 \u0026 2060 equipments, it should work with a lot of other references from various brands.\nAll dothill AssuredSAN based equipements share a common API which **may or may not be advertised** by the final integrator.\nWe are therefore looking for tests and feedbacks while using other references.\n\nDothill systems was acquired by Seagate in 2015 for its AssuredSAN family of hybrid storage.\n\nSeagate continues to maintain the line-up with subsequent series :\n- [Seagate AssuredSAN](https://www.seagate.com/fr/fr/support/dothill-san/assuredsan-pro-5000-series/) 3000/4000/5000/6000 series\n\nIt is also privately labeled by some of the world's most prominent storage brands :\n- [Hewlett Packard Enterprise MSA](https://www.hpe.com/fr/fr/storage/msa-shared-storage.html) 1050, 1060, 1062 and 2050, 2060, 2062 models.\n- [Dell EMC PowerVault ME4](https://www.dell.com/en-us/work/shop/productdetailstxn/powervault-me4-series) series.\n- Quantum StorNex series.\n- Lenovo DS series.\n- ...\n\n## Roadmap\n\nThis project has reached a `beta` stage, and we hope to promote it to `general availability` with the help of external users and contributors. Feel free to help !\n\nThe following features are considered for the near future :\n- modular equipment / API support\n- additional prometheus metrics\n\nTo a lesser extent, the following features are considered for a longer term future :\n- Raw blocks support\n- Authentication proxy, as appliances lack correct right management\n\n## Features\n\n| Features / Availability   |  roadmap  | alpha | beta  | general availability |\n|---------------------------|-----------|-------|-------|----------------------|\n| dynamic provisioning      |           |       | 2.3.x |                      |\n| resize                    |           | 2.4.x | 3.0.0 |                      |\n| snapshot                  |           | 3.1.x |       |                      |\n| prometheus metrics        |           | 3.1.x |       |                      |\n| modular API support       | mid term  |       |       |                      |\n| raw blocks                | long term |       |       |                      |\n| iscsi chap authentication | long term |       |       |                      |\n| authentication proxy      | long term |       |       |                      |\n| overview web ui           | long term |       |       |                      |\n| fiber channel             | maybe     |       |       |                      |\n\n## Installation\n\n### Install dependencies on your node(s)\n\nAfter having shipped `iscsid` and `multipathd` as sidecars on each nodes, we finally decided to extract them and let them run on the host, especially for portability purposes. Indeed, it may happens that the version of `multipathd` running in sidecars don't match the version which would run on the host if it was installed and may produce incompatibilities with the kernel and other tools like `udev`. More about this in the [FAQ](./docs/troubleshooting.md#multipathd-segfault-or-a-volume-got-corrupted).\n\nTo run `iscsid` and `multipathd` on your host, first install `open-iscsi` and `multipath-tools` packages, then start the corresponding services. Here is an example on how to do it, it may vary depending on your OS. This was tested against ubuntu 20 and debian buster.\n\n```bash\napt update\napt install open-iscsi multipath-tools -y\nservice iscsid start\nservice multipathd start\n```\n\n### Multipathd additionnal configuration\n\nFor the plugin to work with multipathd, you have to install the following configuration on your hosts. We advise to put it in `/etc/multipath/conf.d/san-iscsi-csi.conf`.\n\n```conf\ndefaults {\n  polling_interval 2\n  find_multipaths \"yes\"\n  retain_attached_hw_handler \"no\"\n  disable_changed_wwids \"yes\"\n  user_friendly_names \"no\"\n}\n```\n\nAfter the configuration has been created, restart multipathd to reload it (`service multipathd restart`).\n\n### Deploy the provisioner to your kubernetes cluster\n\nThe preferred approach to install this project is to use the provided [Helm Chart](https://artifacthub.io/packages/helm/enix/san-iscsi-csi).\n\n#### Configure your release\n\nCreate a `values.yaml` file. It should contain configuration for your release.\n\nPlease read the san-iscsi-csi helm-chart [README.md](https://github.com/enix/helm-charts/blob/master/charts/san-iscsi-csi/README.md#values) for more details about this file.\n\n#### Install the helm chart\n\nYou should first add our charts repository, and then install the chart as follows.\n\n```sh\nhelm repo add enix https://charts.enix.io/\nhelm install my-release enix/san-iscsi-csi -f ./example/values.yaml\n```\n\n### Create a storage class\n\nIn order to dynamically provision persistants volumes, you first need to create a storage class as well as his associated secret. To do so, please refer to this [example](./example/storage-class.yaml).\n\n### Run a test pod\n\nTo make sure everything went well, there's a example pod you can deploy in the `example/` directory. If the pod reaches the `Running` status, you're good to go!\n\n```sh\nkubectl apply -f example/pod.yaml\n```\n\n## Documentation\n\nYou can find more documentation in the [docs](./docs) directory.\n\n## Command-line arguments\n\nYou can have a list of all available command line flags using the `-help` switch.\n\n### Logging\n\nLogging can be modified using the `-v` flag :\n\n- `-v 0` : Standard logs to follow what's going on (default if not specified)\n- `-v 9` : Debug logs (quite awful to see)\n\nFor advanced logging configuration, see [klog](https://github.com/kubernetes/klog).\n\n### Development\n\nYou can start the drivers over TCP so your remote dev cluster can connect to them.\n\n```\ngo run ./cmd/\u003cdriver\u003e -bind=tcp://0.0.0.0:10000\n```\n\n## Testing\n\nYou can run sanity checks by using the `sanity` helper script in the `test/` directory:\n\n```\n./test/sanity\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fenix%2Fsan-iscsi-csi","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fenix%2Fsan-iscsi-csi","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fenix%2Fsan-iscsi-csi/lists"}