BYO storageaccount docs are not entirely correct

[davidkarlsen]

BYO docs point to doing https://raw.githubusercontent.com/kubernetes-sigs/blob-csi-driver/master/deploy/example/storageclass-blob-secret.yaml

but if you have an existing storageaccount - and you have a private-endpoint for it (so you don't want the controller to create service-endpoint settings), then the correct mix is:

parameters:
  protocol: nfs
  storageAccount: theaccountname
  resourceGroup: theresourcegroup
  networkEndpointType: privateEndpoint <-- this has to be set to avoid the controller to attempt to create serviceendpoints
  # not required - use the cloud creds instead:
  #csi.storage.k8s.io/provisioner-secret-name: azure-secret
  #csi.storage.k8s.io/provisioner-secret-namespace: blob-csi-driver
  #csi.storage.k8s.io/node-stage-secret-name: azure-secret
  #csi.storage.k8s.io/node-stage-secret-namespace: blob-csi-driver

I also noticed that the driver will mount using theaccountname.privatelink.blob.core.windows.net - but as long as you use private DNS it should not be necessary to use the privatelink name, as DNS will handle it via CNAMing.

[andyzhangx]

thanks for the check, I think we need a BYO account for nfs protocol

[k8s-triage-robot]

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Mark this issue as fresh with /remove-lifecycle stale
• Close this issue with /close
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale