OpenShift Container Platform supports Microsoft Azure File volumes. You can provision your OpenShift Container Platform cluster with persistent storage using Azure. Some familiarity with Kubernetes and Azure is assumed.

The Kubernetes persistent volume framework allows administrators to provision a cluster with persistent storage and gives users a way to request those resources without having any knowledge of the underlying infrastructure. You can provision Azure File volumes dynamically.

Persistent volumes are not bound to a single project or namespace, and you can share them across the OpenShift Container Platform cluster. Persistent volume claims are specific to a project or namespace, and can be requested by users for use in applications.

High availability of storage in the infrastructure is left to the underlying storage provider.

Azure File volumes use Server Message Block.

In future OpenShift Container Platform versions, volumes provisioned using existing in-tree plugins are planned for migration to their equivalent CSI driver. CSI automatic migration should be seamless. Migration does not change how you use all existing API objects, such as persistent volumes, persistent volume claims, and storage classes. For more information about migration, see CSI automatic migration.

After full migration, in-tree plugins will eventually be removed in future versions of OpenShift Container Platform.

Additional resources

Create the Azure File share persistent volume claim

To create the persistent volume claim, you must first define a Secret object that contains the Azure account and key. This secret is used in the PersistentVolume definition, and will be referenced by the persistent volume claim for use in applications.

  • An Azure File share exists.

  • The credentials to access this share, specifically the storage account and key, are available.

  1. Create a Secret object that contains the Azure File credentials:

    $ oc create secret generic <secret-name> --from-literal=azurestorageaccountname=<storage-account> \ (1)
      --from-literal=azurestorageaccountkey=<storage-account-key> (2)
    1 The Azure File storage account name.
    2 The Azure File storage account key.
  2. Create a PersistentVolume object that references the Secret object you created:

    apiVersion: "v1"
    kind: "PersistentVolume"
      name: "pv0001" (1)
        storage: "5Gi" (2)
        - "ReadWriteOnce"
      storageClassName: azure-file-sc
        secretName: <secret-name> (3)
        shareName: share-1 (4)
        readOnly: false
    1 The name of the persistent volume.
    2 The size of this persistent volume.
    3 The name of the secret that contains the Azure File share credentials.
    4 The name of the Azure File share.
  3. Create a PersistentVolumeClaim object that maps to the persistent volume you created:

    apiVersion: "v1"
    kind: "PersistentVolumeClaim"
      name: "claim1" (1)
        - "ReadWriteOnce"
          storage: "5Gi" (2)
      storageClassName: azure-file-sc (3)
      volumeName: "pv0001" (4)
    1 The name of the persistent volume claim.
    2 The size of this persistent volume claim.
    3 The name of the storage class that is used to provision the persistent volume. Specify the storage class used in the PersistentVolume definition.
    4 The name of the existing PersistentVolume object that references the Azure File share.

Mount the Azure File share in a pod

After the persistent volume claim has been created, it can be used inside by an application. The following example demonstrates mounting this share inside of a pod.

  • A persistent volume claim exists that is mapped to the underlying Azure File share.

  • Create a pod that mounts the existing persistent volume claim:

    apiVersion: v1
    kind: Pod
      name: pod-name (1)
        - mountPath: "/data" (2)
          name: azure-file-share
        - name: azure-file-share
            claimName: claim1 (3)
    1 The name of the pod.
    2 The path to mount the Azure File share inside the pod. Do not mount to the container root, /, or any path that is the same in the host and the container. This can corrupt your host system if the container is sufficiently privileged, such as the host /dev/pts files. It is safe to mount the host by using /host.
    3 The name of the PersistentVolumeClaim object that has been previously created.