Today, I’ll demo CSI volumes in Kubernetes world. We’ll see what CSI volumes are, why to use them and what advantage CSI volumes give over regular Kubernetes volumes.
What are CSI Volumes?
As you can see in Kubernetes docs, there are CSI volumes in addition to other popular Kubernetes volumes we have seen. What are these? In short, CSI volumes are volumes which are provisioned by CSI drivers. The drivers are implemented by storage providers (usually cloud ones) according to CSI (Container storage interface) specification. See a full list of implemented CSI drivers. Note that pods mount CSI volumes in the same way as regular Kubernetes volumes. It’s also important to note that CSI volumes are not specific to Kubernetes. Other orchestrators like docker-swarm support it. Let’s see now why we need CSI drivers.
In-tree Kubernetes volumes feature development is tied to Kubernetes releases. Hence external storage providers need a way to provision volumes and be independent of Kubernetes development process. That’s why out-of-tree volumes like CSI exist. Note that Kubernetes in-tree volumes will migrate to CSI volumes eventually. It makes sense because as Kubernetes devs put it:
CSI drivers allow for better maintainability (driver authors can define their own release cycle and support lifecycle) and reduce the opportunity for vulnerabilities (with less in-tree code, the risks of a mistake are reduced, and cluster operators can select only the storage drivers that their cluster requires).What is CSI Migration, and why migrate?
Kubernetes CSI volumes Demo
Let’s now see a demo of Kubernetes CSI volumes.
I’ll use Linode’s managed Kubernetes cluster for the demo. Check out how easy it is to create Kubernetes Cluster on Linode. Linode is a cloud service provider recently purchased by Akamai. With this purchase, Akamai became a competitor in the cloud providers market. You can repeat this demo on your own Linode account. Create one and get 100$ credit using this link.
In addition to Kubernetes cluster, you’ll need
helm installed on your local machine.
CSI Volumes on Linode
Let’s install Jenkins on Linode Kubernetes cluster:
helm repo add jenkinsci https://charts.jenkins.io helm repo update helm install jenkins -n jenkins --create-namespace jenkinsci/jenkins --set 'controller.serviceType=LoadBalancer'
Wait till all Jenkins resources are running, healthy and ready. Next, access
http://[loadBalancerIP:8080] in the browser to make sure Jenkins is available.
You wonder where Jenkins home data is? Thanks to Linode default storage class, the storage and its persistent volume was dynamically provisioned.
Now let’s see the persistent volume:
$ kubectl get pv NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE pvc-93b0b96aff7a4082 10Gi RWO Retain Bound jenkins/jenkins linode-block-storage-retain 142m kubectl describe pv pvc-93b0b96aff7a4082 Name: pvc-93b0b96aff7a4082 Labels: <none> Annotations: pv.kubernetes.io/provisioned-by: linodebs.csi.linode.com Finalizers: [kubernetes.io/pv-protection external-attacher/linodebs-csi-linode-com] StorageClass: linode-block-storage-retain Status: Bound Claim: jenkins/jenkins Reclaim Policy: Retain Access Modes: RWO VolumeMode: Filesystem Capacity: 10Gi Node Affinity: <none> Message: Source: Type: CSI (a Container Storage Interface (CSI) volume source) Driver: linodebs.csi.linode.com FSType: ext4 VolumeHandle: 679675-pvc93b0b96aff7a4082 ReadOnly: false VolumeAttributes: storage.kubernetes.io/csiProvisionerIdentity=1669991887535-8081-linodebs.csi.linode.com Events: <none>
We see the the volume is of type CSI and CSI driver used to provision it is
CSI Volumes Deep Dive
Let’s see resources involved in dynamic provisioning of CSI volumes on Linode.
$ kubectl get all -n kube-system | grep csi pod/csi-linode-controller-0 4/4 Running 0 155m pod/csi-linode-node-tkgq9 2/2 Running 0 154m daemonset.apps/csi-linode-node 1 1 1 1 1 <none> 155m statefulset.apps/csi-linode-controller 1/1 155m
There 2 main components in CSI implementation:
- csi controller pod as part of stateful set. It has 4 containers. Provisioner container watches for CSI PVCs, provisions storage and volumes for them using csi driver container. The pod has also snapshotter and resizer containers.
- csi node pod as part of daemon set. It has 2 containers. node-driver-registrar container registers csi driver to each node’s kubelet. Csi driver mounts the volumes to kubelet folders.
That’s it about Kubernetes CSI Volumes. As always, feel free to share.
- Become a Certified Kubernetes Administrator (CKA)!
- Become a Certified Kubernetes Application Developer (CKAD)!
- BUNDLE KUBERNETES FUNDAMENTALS & CKA CERTIFICATION (COURSE & CERTIFICATION) FOR THE BEST DEAL! $499 ONLY!
Kubernetes courses on Pluralsight:
- Deploying Stateful Applications in Kubernetes
- Configuring and Managing Kubernetes Storage and Scheduling
Sign up using this link to get exclusive discounts like 50% off your first month or 15% off an annual subscription)
Recommended Kubernetes books on Amazon.