$ sudo yum install samba-client samba-common cifs-utils
OpenShift Container Platform supports Azure File volumes. You can provision your OpenShift Container Platform cluster with persistent storage using Azure. Some familiarity with Kubernetes and Azure is assumed.
High availability of storage in the infrastructure is left to the underlying storage provider. |
Install samba-client
, samba-common
, and cifs-utils
on all nodes:
$ sudo yum install samba-client samba-common cifs-utils
Enable SELinux booleans on all nodes:
$ /usr/sbin/setsebool -P virt_use_samba on
$ /usr/sbin/setsebool -P virt_sandbox_use_samba on
Define the Azure Storage Account name and key in a secret configuration, which is then converted to base64 for use by OpenShift Container Platform.
Obtain an Azure Storage Account name and key and encode to base64:
apiVersion: v1
kind: Secret
metadata:
name: azure-secret
type: Opaque
data:
azurestorageaccountname: azhzdGVzdA==
azurestorageaccountkey: eElGMXpKYm5ub2pGTE1Ta0JwNTBteDAyckhzTUsyc2pVN21GdDRMMTNob0I3ZHJBYUo4akQ2K0E0NDNqSm9nVjd5MkZVT2hRQ1dQbU02WWFOSHk3cWc9PQ==
Save the secret definition to a file, for example azure-secret.yaml, then create the secret:
$ oc create -f azure-secret.yaml
Verify that the secret was created:
$ oc get secret azure-secret
NAME TYPE DATA AGE
azure-secret Opaque 1 23d
You must define your persistent volume in an object definition before creating it in OpenShift Container Platform:
apiVersion: "v1"
kind: "PersistentVolume"
metadata:
name: "pv0001" (1)
spec:
capacity:
storage: "5120Gi" (2)
accessModes:
- "ReadWriteMany"
azureFile: (3)
secretName: azure-secret (4)
shareName: example (5)
readOnly: false (6)
1 | The name of the volume. This is how it is identified via persistent volume claims or from pods. |
2 | The amount of storage allocated to this volume. |
3 | This defines the volume type being used: azureFile plug-in. |
4 | The name of the secret used. |
5 | The name of the file share. |
6 | Defaults to false (read/write). ReadOnly here forces the ReadOnly setting in VolumeMounts .
|
Now you can request storage using persistent volume claims, which can now use your new persistent volume.
Persistent volume claims only exist in the user’s namespace and can only be referenced by a pod within that same namespace. Any attempt to access a persistent volume from a different namespace causes the pod to fail. |