Overview

OpenShift Container Platform supports Azure File volumes. You can provision your OpenShift Container Platform cluster with persistent storage using Azure. Some familiarity with Kubernetes and Azure is assumed.

High availability of storage in the infrastructure is left to the underlying storage provider.

Creating the Persistent Volume

Azure File does not support the Recycle recycling policy.

Creating the Azure Storage Account Secret

Define the Azure Storage Account name and key in a secret configuration, which is then converted to base64 for use by OpenShift Container Platform.

  1. Obtain an Azure Storage Account name and key and encode to base64:

    apiVersion: v1
    kind: Secret
    metadata:
      name: azure-secret
    type: Opaque
    data:
      azurestorageaccountname: azhzdGVzdA==
      azurestorageaccountkey: eElGMXpKYm5ub2pGTE1Ta0JwNTBteDAyckhzTUsyc2pVN21GdDRMMTNob0I3ZHJBYUo4akQ2K0E0NDNqSm9nVjd5MkZVT2hRQ1dQbU02WWFOSHk3cWc9PQ==
  2. Save the secret definition to a file, for example azure-secret.yaml, then create the secret:

    $ oc create -f azure-secret.yaml
  3. Verify that the secret was created:

    # oc get secret azure-secret
    NAME          TYPE      DATA      AGE
    azure-secret   Opaque    1         23d

You must define your persistent volume in an object definition before creating it in OpenShift Container Platform:

Persistent Volume Object Definition Using Azure File
apiVersion: "v1"
kind: "PersistentVolume"
metadata:
  name: "pv0001" (1)
spec:
  capacity:
    storage: "5120Gi" (2)
  accessModes:
    - "ReadWriteMany"
  azureFile: (3)
    secretName: azure-secret (4)
    shareName: example (5)
    readOnly: false  (6)
1 The name of the volume. This will be how it is identified via persistent volume claims or from pods.
2 The amount of storage allocated to this volume.
3 This defines the volume type being used: azureFile plug-in.
4 The name of the secret used.
5 The name of the file share.
6 Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

Now you can request storage using persistent volume claims, which can now use your new persistent volume.

Persistent volume claims only exist in the user’s namespace and can only be referenced by a pod within that same namespace. Any attempt to access a persistent volume from a different namespace causes the pod to fail.