Use AWS EBS Storage¶
You can use AWS volumes as the persistent storage for your application by using Kubernetes to deploy AWS Elastic Block Store (EBS). Before you can use EBS volumes, you must configure MKE to use the AWS infrastructure.
Configure AWS infrastructure for Kubernetes¶
To configure the AWS infrastructure:
Configure the following AWS Identity and Access Management (IAM) master and worker node permissions, as doing so is required to provision EBS volumes using Kubernetes PersistentVolumeClaims:
IAM permission
Master
Worker
ec2:DescribeInstances
Yes
Yes
ec2:AttachVolume
Yes
Yes
ec2:DetachVolume
Yes
Yes
ec2:DescribeVolumes
Yes
Yes
ec2:DescribeSecurityGroups
Yes
Yes
ec2:CreateVolume
Yes
No
ec2:DeleteVolume
Yes
No
ec2:CreateTags
Yes
No
Set the host name of the EC2 instances to the private DNS host name of the instance.
Change the system host name so that it does not use a public DNS name.
Label the EC2 instances using the key
KubernetesCluster
and assign the same value across all nodes, for example,MKEKubenertesCluster
.Configure your cluster for use with AWS volumes. Select from the following options:
In a new cluster during installation, issue the following cloud provider flag:
--cloud-provider=aws
.In an existing cluster:
Update the MKE configuration file as follows:
[cluster_config] ... cloud_provider = "aws"
Update
ucp-agent
to propagate the new configuration.
Deploy AWS EBS volumes¶
You can now create PersistentVolumes (PVs) that deploy EBS volumes that are attached to hosts and mounted inside Pods. The EBS volumes are provisioned dynamically such they are created, attached, and destroyed according to the life cycle of the PVs. Users do not need direct access to AWS, as they request the required resources directly using Kubernetes primitives.
Mirantis recommends that you use the StorageClass
and
PersistentVolumeClaim
resources, as these abstraction layers provide more
portability and control over the storage layer across environments.
To deploy an AWS EBS volume:
Create a
StorageClass
to map a standard class of storage to thegp2
storage type in AWS EBS:cat <<EOF | kubectl create -f - kind: StorageClass apiVersion: storage.k8s.io/v1 metadata: name: standard provisioner: kubernetes.io/aws-ebs parameters: type: gp2 reclaimPolicy: Retain mountOptions: - debug EOF
Create a PersistentVolumeClaim (PVC) that makes a request for
1Gi
of storage from thestandard
storage class:cat <<EOF | kubectl create -f - kind: PersistentVolumeClaim apiVersion: v1 metadata: name: task-pv-claim spec: storageClassName: standard accessModes: - ReadWriteOnce resources: requests: storage: 1Gi EOF
Deploy a PersistentVolume with the following Pod specification:
cat <<EOF | kubectl create -f - kind: Pod apiVersion: v1 metadata: name: task-pv-pod spec: volumes: - name: task-pv-storage persistentVolumeClaim: claimName: task-pv-claim containers: - name: task-pv-container image: nginx ports: - containerPort: 80 name: "http-server" volumeMounts: - mountPath: "/usr/share/nginx/html" name: task-pv-storage EOF
Verify that the PV is created and bound to the PVC:
kubectl get pv
Example output:
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE pvc-751c006e-a00b-11e8-8007-0242ac110012 1Gi RWO Retain Bound default/task-pv-claim standard 3h
Verify that the AWS console indicates that a volume has been provisioned with a matching name, a type of
gp2
, and a size of1Gi
.