Persistent storage using AWS Elastic Block Store

    The Kubernetes persistent volume framework allows administrators to provision a cluster with persistent storage and gives users a way to request those resources without having any knowledge of the underlying infrastructure. You can dynamically provision AWS EBS volumes. Persistent volumes are not bound to a single project or namespace; they can be shared across the OKD cluster. Persistent volume claims are specific to a project or namespace and can be requested by users. You can define a KMS key to encrypt container-persistent volumes on AWS.

    For OKD, automatic migration from AWS EBS in-tree to the Container Storage Interface (CSI) driver is available as a Technology Preview (TP) feature. With migration enabled, volumes provisioned using the existing in-tree driver are automatically migrated to use the AWS EBS CSI driver. For more information, see CSI automatic migration feature.

    Storage classes are used to differentiate and delineate storage levels and usages. By defining a storage class, users can obtain dynamically provisioned persistent volumes.

    Creating the persistent volume claim

    Prerequisites

    Storage must exist in the underlying infrastructure before it can be mounted as a volume in OKD.

    1. In the persistent volume claims overview, click Create Persistent Volume Claim.

    2. Define the desired options on the page that appears.

      1. Select the previously-created storage class from the drop-down menu.

      2. Enter a unique name for the storage claim.

      3. Select the access mode. This selection determines the read and write access for the storage claim.

      4. Define the size of the storage claim.

    Before OKD mounts the volume and passes it to a container, it checks that the volume contains a file system as specified by the parameter in the persistent volume definition. If the device is not formatted with the file system, all data from the device is erased and the device is automatically formatted with the given file system.

    Maximum number of EBS volumes on a node

    By default, OKD supports a maximum of 39 EBS volumes attached to one node. This limit is consistent with the . The volume limit depends on the instance type.

    For information about accessing additional storage options, such as volume snapshots, that are not possible with in-tree volume plug-ins, see AWS Elastic Block Store CSI Driver Operator.

    Defining a KMS key to encrypt container-persistent volumes on AWS is useful when you have explicit compliance and security guidelines when deploying to AWS.

    Prerequisites

    • Underlying infrastructure must contain storage.

    • You must create a customer KMS key on AWS.

    Procedure

    1. Create a storage class:

    3. Create workload containers to consume the PVC:

    Additional resources

    • See for information about accessing additional storage options, such as volume snapshots, that are not possible with in-tree volume plugins.