Today we will see how to deploy AWS EBS CSI driver in Kubernetes and will check dynamic provision of EBS.
AWS Elastic Block Store(EBS) : It is a high performance storage block service designed to use with AWS EC2 instances for high throughput and transaction.
Container Storage Interface (CSI) : It is a standard for exposing arbitrary block and file storage systems to containerized workloads on Container Orchestration Systems (COs) like Kubernetes, Mesos, Docker, and Cloud Foundry.
Requirements :
Kubernetes version : v1.14 or v1.15
Kubernetes Cluster created in AWS EC2 Instances
AWS IAM role(EBS access) which attached to EC2 instances
Step 1 :
EC2 to EBS access :
There are two ways to allow access to kubernetes cluster to EBS,
1. Create a secret in Kubernetes cluster with AWS key id and secret key.
eg : kubernetes secret yaml file,
# vi secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: aws-secret
namespace: kube-system
stringData:
key_id: "AKIAIOSFODNN7EXAMPLE"
access_key: "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXA"
save and exit.
# kubectl apply -f secret.yaml
2. Create an IAM role which will allow access from EC2 to EBS with below permission and attach the role to the Kubernetes cluster instances.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ec2:AttachVolume",
"ec2:CreateSnapshot",
"ec2:CreateTags",
"ec2:CreateVolume",
"ec2:DeleteSnapshot",
"ec2:DeleteTags",
"ec2:DeleteVolume",
"ec2:DescribeInstances",
"ec2:DescribeSnapshots",
"ec2:DescribeTags",
"ec2:DescribeVolumes",
"ec2:DetachVolume",
"ec2:ModifyVolume"
],
"Resource": "*"
}
]
}
Step 2 :
Install AWS EBS CSI Driver,
We can install in two ways,
Go to Kubernetes Master,
by kubectl,
# kubectl apply -k "github.com/kubernetes-sigs/aws-ebs-csi-driver/deploy/kubernetes/overlays/stable/?ref=master"
or
by helm chart,
# helm install --name aws-ebs-csi-driver https://github.com/kubernetes-sigs/aws-ebs-csi-driver/releases/download/v0.4.0/helm-chart.tgz
Example helm chart output,
Step 3 :
Check aws-ebs-csi-driver pods status in Kubernetes to make sure its got installed successfully,
# kubectl get pods -n kube-system
here you can see ebs pods will be running based on no. of worker nodes. make sure the pods status is running.I have a cluster with three servers.
Step 4 :
Deploy a dynamic provision pod to verify EBS provision,
1.Create storage class for EBS,
# vi storageclass.yaml
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
name: ebs-storage
provisioner: ebs.csi.aws.com
volumeBindingMode: WaitForFirstConsumer
save and exit.
# kubectl apply -f storageclass.yaml
to see the created storage class,
# kubectl get storageclass
2.Create persistent volume claim,
# vi pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: ebs-claim
spec:
accessModes:
- ReadWriteOnce
storageClassName: ebs-storage
resources:
requests:
storage: 2Gi
save and exit.
# kubectl apply -f pvc.yaml
to check the pvc status,
# kubectl get pvc
3.Create a pod,
# vi pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: app
spec:
containers:
- name: app
image: centos
command: ["/bin/sh"]
args: ["-c", "while true; do echo $(date -u) >> /data/out.txt; sleep 5; done"]
volumeMounts:
- name: persistent-storage
mountPath: /data
volumes:
- name: persistent-storage
persistentVolumeClaim:
claimName: ebs-claim
save and exit.
# kubectl apply -f pod.yaml
to check the pod status,
# kubectl get pods
Step 5 :
Verify PV and PVC which is created automatically with EBS,
# kubectl get pv
# kubectl get pvc
# kubectl describe pv
Get the volume id and verify same volume id will be there in AWS EBS with the created size.
Thats all, AWS EBS CSI driver has been installed in kubernetes cluster and did dynamic EBS provision.
Step 3 command heading needs change as it mentions "kubernetes" instead of "kubectl".
ReplyDeleteThanks its updated.
DeletePost a Comment