Configuring a custom backend¶
Available since MOSK 24.3 TechPreview
MOSK enables its clients to define their own volume backends
for the MOSK Block Storage service (OpenStack Cinder)
through the spec:features:cinder:volume:backends
structure in the
OpenStackDeployment
custom resource:
spec:
features:
cinder:
volume:
backends:
<UNIQUE_BACKEND_NAME>:
enabled: true
type: statefulset
create_volume_type: true
values:
conf:
images:
labels:
pod:
The enabled
and create_volume_type
parameters are optional. With
create_volume_type
set to true
(default), the new backend
will be added to the Cinder bootstrap job. Once this job is completed,
the volume type for the custom backend will be created in OpenStack.
The supported value for type
is statefulset
.
The list of keys you can override in the values.yaml
file of the Cinder
chart includes conf
, images
, labels
, and pod
.
When you define the custom backend for the Block Storage service, MOSK deploys individual pods for it. These pods have separate Secrets for configuration files and ConfigMaps for scripts.
Example of configuration of a custom volume backend for Cinder:
The configuration example deploys an additional StatefulSet for the Cinder
volume backend using the NFS driver, running a single replica on nodes
labeled kubernetes.io/hostname:service-node
. Privilege escalation for
the Cinder volume and backup pods is driver-specific and may not be required.
spec:
features:
cinder:
volume:
backends:
nfs-volume:
type: statefulset
values:
conf:
cinder:
DEFAULT:
cluster: ""
enabled_backends: volumes-extra-nfs
volumes-extra-nfs:
nas_host: 1.2.3.4
nas_share_path: /cinder_volume
nas_secure_file_operations: false
nfs_mount_point_base: /tmp/mountpoints
nfs_snapshot_support: true
volume_backend_name: volumes-extra-nfs
volume_driver: cinder.volume.drivers.nfs.NfsDriver
pod:
replicas:
volume: 1
security_context:
cinder_volume:
container:
cinder_volume:
privileged: true
labels:
volume:
node_selector_key: kubernetes.io/hostname
node_selector_value: service-node
services:
block-storage:
cinder:
values:
conf:
enable_iscsi: true
pod:
security_context:
cinder_backup:
container:
cinder_backup:
privileged: true