Configuring local storage for virtual machines - Virtual machines | Container-native virtualization

About the hostpath provisioner
Configuring SELinux for the hostpath provisioner on Red Hat Enterprise Linux CoreOS 8
Using the hostpath provisioner to enable local storage
Creating a StorageClass object

You can configure local storage for your virtual machines by using the hostpath provisioner feature.

About the hostpath provisioner

The hostpath provisioner is a local storage provisioner designed for container-native virtualization. If you want to configure local storage for virtual machines, you must enable the hostpath provisioner first.

When you install the container-native virtualization Operator, the hostpath provisioner Operator is automatically installed. To use it, you must:

Configure SELinux:
- If you use Red Hat Enterprise Linux CoreOS 8 workers, you must create a MachineConfig object on each node.
- Otherwise, apply the SELinux label container_file_t to the PersistentVolume (PV) backing directory on each node.
Create a HostPathProvisioner custom resource.
Create a StorageClass object for the hostpath provisioner.

The hostpath provisioner Operator deploys the provisioner as a DaemonSet on each node when you create its custom resource. In the custom resource file, you specify the backing directory for the PersistentVolumes that the hostpath provisioner creates.

Configuring SELinux for the hostpath provisioner on Red Hat Enterprise Linux CoreOS 8

You must configure SELinux before you create the HostPathProvisioner custom resource. To configure SELinux on Red Hat Enterprise Linux CoreOS 8 workers, you must create a MachineConfig object on each node.

If you do not use Red Hat Enterprise Linux CoreOS workers, skip this procedure.

Prerequisites

Create a backing directory on each node for the PersistentVolumes (PVs) that the hostpath provisioner creates.

If you select a directory that shares space with your operating system, you can exhaust the space on that partition, causing the node to stop functioning. To avoid this issue, create a separate partition and point the hostpath provisioner to that directory.

Procedure

Create the MachineConfig file. For example:
```
$ touch machineconfig.yaml
```

Edit the file, ensuring that you include the directory where you want the hostpath provisioner to create PVs. For example:

apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
metadata:
  name: 50-set-selinux-for-hostpath-provisioner
  labels:
    machineconfiguration.openshift.io/role: worker
spec:
  config:
    ignition:
      version: 2.2.0
    systemd:
      units:
        - contents: |
            [Unit]
            Description=Set SELinux chcon for hostpath provisioner
            Before=kubelet.service

            [Service]
            ExecStart=/usr/bin/chcon -Rt container_file_t <path/to/backing/directory> (1)

            [Install]
            WantedBy=multi-user.target
          enabled: true
          name: hostpath-provisioner.service

1	Specify the backing directory where you want the provisioner to create PVs.

Create the MachineConfig object:

$ oc create -f machineconfig.yaml -n <namespace>

Using the hostpath provisioner to enable local storage

To deploy the hostpath provisioner and enable your virtual machines to use local storage, first create a HostPathProvisioner custom resource.

Prerequisites

Create a backing directory on each node for the PersistentVolumes (PVs) that the hostpath provisioner creates.

Apply the SELinux context container_file_t to the PV backing directory on each node. For example:
```
$ sudo chcon -t container_file_t -R </path/to/backing/directory>
```
If you use Red Hat Enterprise Linux CoreOS 8 workers, you must configure SELinux by using a MachineConfig manifest instead.

Procedure

Create the HostPathProvisioner custom resource file. For example:
```
$ touch hostpathprovisioner_cr.yaml
```

Edit the file, ensuring that the spec.pathConfig.path value is the directory where you want the hostpath provisioner to create PVs. For example:

apiVersion: hostpathprovisioner.kubevirt.io/v1alpha1
kind: HostPathProvisioner
metadata:
  name: hostpath-provisioner
spec:
  imagePullPolicy: IfNotPresent
  pathConfig:
    path: "</path/to/backing/directory>" (1)
    useNamingPrefix: "false" (2)

1	Specify the backing directory where you want the provisioner to create PVs.
2	Change this value to `true` if you want to use the name of the PersistentVolumeClaim (PVC) that is bound to the created PV as the prefix of the directory name.

If you did not create the backing directory, the provisioner attempts to create it for you. If you did not apply the container_file_t SELinux context, this can cause Permission denied errors.

Create the custom resource in the openshift-cnv namespace:

$ oc create -f hostpathprovisioner_cr.yaml -n openshift-cnv

Creating a StorageClass object

When you create a StorageClass object, you set parameters that affect the dynamic provisioning of PersistentVolumes (PVs) that belong to that storage class.

You cannot update a StorageClass object’s parameters after you create it.

Procedure

Create a YAML file for defining the storage class. For example:
```
$ touch storageclass.yaml
```

Edit the file. For example:

apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: hostpath-provisioner (1)
provisioner: kubevirt.io/hostpath-provisioner
reclaimPolicy: Delete (2)
volumeBindingMode: WaitForFirstConsumer (3)

1	You can optionally rename the storage class by changing this value.
2	The two possible `reclaimPolicy` values are `Delete` and `Retain`. If you do not specify a value, the storage class defaults to `Delete`.
3	The `volumeBindingMode` value determines when dynamic provisioning and volume binding occur. Specify `WaitForFirstConsumer` to delay the binding and provisioning of a PV until after a Pod that uses the PersistentVolumeClaim (PVC) is created. This ensures that the PV meets the Pod’s scheduling requirements.

Create the StorageClass object:
```
$ oc create -f storageclass.yaml
```

Additional information

Storage Classes