Embed Size (px)
Citation preview
1
Dynamic Provisioning of
AWS EBS Persistent Volumes [Edition 4]
[Last Update 201126]
For any issues/help contact : [email protected]
2
Contents
1 Introduction .........................................................................................................................................................3
2 Documentation ....................................................................................................................................................5 2.1 EKS Documentation.................................................................................................................................................... 5
3 Pre-Requisite .......................................................................................................................................................6
4 Persistent Volumes Dynamic provisioning – AWS EBS .........................................................................7 4.1 Built-in storage classes ............................................................................................................................................. 7 4.2 Deploy Amazon EBS CSI driver to Amazon EKS................................................................................................ 7 4.3 Deploy Sample application & verify the CSI driver....................................................................................... 10 4.4 Clean-up resources ................................................................................................................................................... 15
5 Remove Cluster ................................................................................................................................................ 16
6 Summary............................................................................................................................................................. 17
3
1 INTRODUCTION
StorageClass provides a way for administrators to describe the "classes" of storage they offer. Different classes might map to quality-of-service levels, or to backup policies, or to arbitrary policies determined by the cluster administrators.
Dynamic volume provisioning allows storage volumes to be created on-demand. Without dynamic provisioning, cluster administrators have to manually make calls to their cloud or storage provider to create new storage volumes, and then create PersistentVolume objects to represent them in Kubernetes. The dynamic provisioning feature eliminates the need for cluster administrators to pre-provision storage. Instead, it automatically provisions storage when it is requested by users.
In this guide we’ll cover:
Dynamic provisioning of Persistent Volumes – AWS EBS
• Built-in storage classes
• To deploy the Amazon EBS CSI driver to an Amazon EKS cluster
• To deploy a sample application and verify that the CSI driver is working
5
2 DOCUMENTATION
2.1 EKS Documentation
1. Persistent storage in Amazon EKS https://aws.amazon.com/premiumsupport/knowledge-center/eks-persistent-storage/
6
3 PRE-REQUISITE
• Create EKS Cluster on AWS Cloud.
Note: Follow Activity Guide Create_EKS_Cluster_ed** from portal
1. After provisioning the EKS cluster verify the status of the nodes and check on the default resources of the cluster
$ kubectl get nodes
$ kubectl get all
7
4 PERSISTENT VOLUMES DYNAMIC PROVISIONING – AWS EBS
4.1 Built-in storage classes
1. List the built-in storage classes in AWS EKS cluster
$ kubectl get sc
4.2 Deploy Amazon EBS CSI
driver to Amazon EKS
1. Create an IAM policy called Amazon_EBS_CSI_Driver for your node instance profile.
Note: Amazon EBS CSI Driver allows to make calls to AWS APIs on your behalf. Use below AWS CLI commands to create the IAM policy in your AWS account. You can view the policy document on GitHub.
2. Download the policy document from GitHub.
$ curl -O https://raw.githubusercontent.com/kubernetes-sigs/aws-ebs-csi-driver/v0.5.0/docs/example-iam-policy.json
3. Create the policy.
$ aws iam create-policy --policy-name Amazon_EBS_CSI_Driver --policy-document file://example-iam-policy.json
8
Note: This will create IAM Policy in AWS
4. Take note of the policy ARN that is returned above
9
5. Get the IAM role name for your nodes. Use the following command to print the aws-auth configmap.
$ kubectl -n kube-system describe configmap aws-auth
6. Record the role name for any rolearn values that have the system:nodes group assigned to them.
In the previous example output, the role name is eksctl-k21-eks-cluster-cli-nodegr-NodeInstanceRole-HQ9VLTUKZSHK You should have one value for each node group in your cluster.
7. Attach the new Amazon_EBS_CSI_Driver IAM policy to each of the node IAM roles you identified earlier with the following command, substituting the red text with your own AWS account number and node IAM role name.
10
$ aws iam attach-role-policy --policy-arn arn:aws:iam::265208284733:policy/Amazon_EBS_CSI_Driver --role-name eksctl-k21-eks-cluster-cli-nodegr-NodeInstanceRole-HQ9VLTUKZSHK
8. Deploy the Amazon EBS CSI Driver with the following command.
$ kubectl apply -k "github.com/kubernetes-sigs/aws-ebs-csi-driver/deploy/kubernetes/overlays/stable/?ref=master"
4.3 Deploy Sample application &
verify the CSI driver
1. This procedure uses the Dynamic volume provisioning example from the Amazon EBS Container Storage Interface (CSI) driver GitHub repository to consume a dynamically-provisioned Amazon EBS volume.
2. Clone the Amazon EBS Container Storage Interface (CSI) driver GitHub repository to your local system.
$ git clone https://github.com/kubernetes-sigs/aws-ebs-csi-driver.git
3. Navigate to the dynamic-provisioning example directory.
$ cd aws-ebs-csi-driver/examples/kubernetes/dynamic-provisioning/
4. Verify the content of storageclass.yaml file. The provisioner for this storage class AWS EBS. Create storage class using below file.
$ cd specs/
$ vim storageclass.yaml
11
5. Verify the content of claim.yaml file. The claim requests a disk named that is 4Gi in size with ReadWriteOnce access. The EBS class is specified as the storage class.
$ vim claim.yaml
6. A application pod can be created with access to the disk. Check the content of pod-pod.yaml file
$ vim pod.yaml
12
7. Deploy the ebs-sc storage class, ebs-claim persistent volume claim, and app sample application from the specs directory.
$ cd ..
$ kubectl apply -f specs/
$ kubectl get sc
8. Check the status of newly created pvc and see that dynamically a pv is created and bounded
$ kubectl get pvc
$ kubectl get pv
13
Note: This should create EBS in AWS of 4 GB
9. Check the creation of pod
$ kubectl get pods
10. Describe the ebs-sc storage class
$ kubectl describe storageclass ebs-sc
14
11. Describe the pod and see that the volume details are mentions in pod specification
$ kubectl describe pod app
12. Verify that the pod is successfully writing data to the volume.
kubectl exec -it app cat /data/out.txt
15
4.4 Clean-up resources
1. Detach Policy
aws iam detach-role-policy --policy-arn arn:aws:iam::265208284733:policy/Amazon_EBS_CSI_Driver --role-name eksctl-k21-eks-cluster-cli-nodegr-NodeInstanceRole-HQ9VLTUKZSHK
2. Remove K8s resources
$ cd specs/
$ kubectl delete -f pod.yaml
$ kubectl delete -f claim.yaml
16
5 REMOVE CLUSTER
1. Delete your AWS EKS cluster with nodes (this will take 10-20 minutes)
eksctl delete cluster \
--name k21-eks-cluster-cli \
--region us-east-2
17
6 SUMMARY
In this guide we Covered:
• Built-in storage classes
• Deploy the Amazon EBS CSI driver to Amazon EKS cluster
• Deploy a sample application and verify that the CSI driver is working
