Leftover Azure Files PVs after copy backup

Summary

It is possible that some Azure Files snapshot PVs will be left on a cluster after a copy backup finishes due to a lock on an Azure Storage Account or parent resource. Follow the instructions in this article to delete leftover volumes, and to configure copy backups of Azure Files volumes so that this will not happen.

Step-by-Step

Removing leftover volumes:

1. Check if the Azure Storage Account has any locks of type “Delete” in “Settings > Locks”.

2. If there is any “Delete” lock, remove it, remove leftover file shares and Kubernetes PVs, and then recreate the lock if desired.

How to properly set up copy backups of Azure Files PVs:

1. Define a new StorageClass, which points to an Azure Storage Account that does not have any “Delete” locks. Example:

   allowVolumeExpansion: true
   apiVersion: storage.k8s.io/v1
   kind: StorageClass
   metadata:
     name: azurefile-no-lock
   parameters:
     skuName: Standard_LRS
     location: uksouth
     storageAccount: storageaccount
     resourceGroup: storage-account-resource-group
   provisioner: file.csi.azure.com
   reclaimPolicy: Delete
   volumeBindingMode: Immediate
   

2. When defining or editing a copy backup, open the “Advanced options” section in the wizard, select “Enable storage class mapping for PV snapshots mounted during backup” and map all Storage Classes which use a Storage Account that has Delete locks to the new class(es).

3. Temporary volumes will now be created in the Azure Storage Account specified in the new StorageClass, and there should no longer be any leftover volumes.