Add Persistent Volume Support Using DigitalOcean Block Storage - Part II
This is the 2nd part in our $65 Kubernetes Cluster on DigitalOcean series, you can goto Part I to read on how to setup your cluster if you haven't done so yet.
There's also a video tutorial here for those who prefer to watch instead of read.
Introduction
By default, when you setup a kubernetes cluster on digitalocean manually, there isn't any persistent volume support even though digitalocean has block storage.
Our aim is to enable persistent volume support backed by digitalocean's block storage using a storage provisioner plugin.
This tutorial assumes you have a running kubernetes cluster setup on digitalocean using CoreOS (setup might vary for other operating systems) with RBAC enabled (usually enabled by default with versions 1.9 and above).
You'll need a digitalocean access token, get one from your account here.
Step 1: Configure Access Token
Base64 encode your digitalocean access token, you can use base64encode.org. You should get an encoded string like this:
W2RpZ2l0YWwtb2NlYW4tdG9rZW4taGVyZV0K==
Insert the encoded string into the following yaml file and save it your system as digitalocean-secret.yml
And finally create the secret using the command:
kubectl create -f digitalocean-secret.yml
We'll need to create the volume plugin directory and tell the kubelet service where the directory lives, this has to be done on the kubenetes master & all worker nodes. Save this script as blockstorage-pv.sh
And run the following command:
ssh core@[kubernetes-master-ip-goes-here] "bash -s" < ./blockstorage-pv.sh
ssh core@[repeat-for-each-worker-node-ip-goes-here] "bash -s" < ./blockstorage-pv.sh
If everything goes well, it should exit with out any errors.
Next we'll need to update the kube-controller manager with the right path to ssl certs, as the defaults don't exist, we'll need point it to the default volume plugin directory. Ssh into your kubernetes master with ssh core@[kubernetes-master-ip-goes-here] and update the following file /etc/kubernetes/manifests/kube-controller-manager.yaml using the root user:
Under spec.containers.command add the following:
- --flex-volume-plugin-dir=/etc/kubernetes/kubelet-plugins/volume
Under spec.containers.volumeMounts add the following:
- mountPath: /etc/kubernetes/kubelet-plugins/volume name: flexvolume-mount readOnly: true
Under spec.volumes update the following:
- hostPath: path: /etc/ssl/certs type: DirectoryOrCreate name: ca-certs
with this yaml (this will update the ssl certs to the right path):
- hostPath: path: /usr/share/ca-certificates type: DirectoryOrCreate name: ca-certs
And then add the flex volume-mount:
- hostPath: path: /etc/kubernetes/kubelet-plugins/volume type: DirectoryOrCreate name: flexvolume-mount
Save the file and finally restart the sublet service with systemctl restart kubelet
Step 4: Deploy the digitalocean storage provisioner plugin
Deploy RBAC rules
Save the rbac rules as digitalocean-flexplugin-rbac.yml and create the rules using the following:
kubectl create -f digitalocean-flexplugin-rbac.yml
Deploy digitalocean provisioner
Save the provisioner as digitalocean-provisioner.yml and deploy using the following:
kubectl create -f digitalocean-provisioner.yml
Deploy the digitalocean flexplugin
Save the flexplugin as digitalocean-flexplugin-deploy.yml and deploy using the following:
kubectl create -f digitalocean-flexplugin-deploy.yml
Deploy the storage class
Important! : Change the zone on Line 8 above to the same region as your cluster & also the name on Line 4.
Save the storage class as ditigalocean-sc.yml and deploy using the following:
kubectl create -f ditigalocean-sc.yml
Step 5
Let's deploy a sample application which will utilise a persistent volume to make sure our deployment is working.
Important! : Change the storageClassName on Line 11 above to the same name you gave your storage class.
Save the deployment as ditigalocean-pv-example.yml and deploy using the following:
kubectl create -f ditigalocean-pv-example.yml
To check If your deployment succeeds, goto your digitalocean account under Droplets > Volumes , you should see a 1Gb volume provisioned and attached to one of your nodes. If this is the case, you have successfully added persistent volume support to your kubernetes cluster. Yay!!!
Conclusion
Next in our series, we'll install and enable our kubernetes dashboard! But still to come, installing helm & automatic ssl certificates backed by letsencrypt. Stay tuned.
I hope this helps.
This article Add Persistent Volume Support Using DigitalOcean Block Storage - Part II originally appeared on Chuka’s blog.
