Kubernetes CSI Volumes Demo

Today, I’ll demo CSI volumes in Kubernetes world. We’ll see what CSI volumes are, why to use them and what advantage CSI volumes give over regular Kubernetes volumes. If you later find this article useful read the disclaimer on ways to thank me.

What are CSI Volumes?

As you can see in Kubernetes docs, there are CSI volumes in addition to other popular Kubernetes volumes we have seen. What are these? In short, CSI volumes are volumes which are provisioned by CSI drivers. The drivers are implemented by storage providers (usually cloud ones) according to CSI (Container storage interface) specification. See a full list of implemented CSI drivers. Note that pods mount CSI volumes in the same way as regular Kubernetes volumes. It’s also important to note that CSI volumes are not specific to Kubernetes. Other orchestrators like docker-swarm support it. Let’s see now why we need CSI drivers.

Motivation

In-tree Kubernetes volumes feature development is tied to Kubernetes releases. Hence external storage providers need a way to provision volumes and be independent of Kubernetes development process. That’s why out-of-tree volumes like CSI exist. Note that Kubernetes in-tree volumes will migrate to CSI volumes eventually. It makes sense because as Kubernetes devs put it:

CSI drivers allow for better maintainability (driver authors can define their own release cycle and support lifecycle) and reduce the opportunity for vulnerabilities (with less in-tree code, the risks of a mistake are reduced, and cluster operators can select only the storage drivers that their cluster requires).

What is CSI Migration, and why migrate?

Kubernetes CSI volumes Demo

Let’s now see a demo of Kubernetes CSI volumes.

Demo Prerequisites

I’ll use Linode’s managed Kubernetes cluster for the demo. Check out how easy it is to create Kubernetes Cluster on Linode. Linode is a cloud service provider recently purchased by Akamai. With this purchase, Akamai became a competitor in the cloud providers market. You can repeat this demo on your own Linode account. Create one and get 100$ credit using this link.

In addition to Kubernetes cluster, you’ll need kubectl and helm installed on your local machine.

CSI Volumes on Linode

Let’s install Jenkins on Linode Kubernetes cluster:

helm repo add jenkinsci https://charts.jenkins.io
helm repo update
helm install jenkins -n jenkins --create-namespace jenkinsci/jenkins --set 'controller.serviceType=LoadBalancer'

Wait till all Jenkins resources are running, healthy and ready. Next, access http://[loadBalancerIP:8080] in the browser to make sure Jenkins is available.

You wonder where Jenkins home data is? Thanks to Linode default storage class, the storage and its persistent volume was dynamically provisioned.

Now let’s see the persistent volume:

$ kubectl get pv
NAME                   CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM             STORAGECLASS                  REASON   AGE
pvc-93b0b96aff7a4082   10Gi       RWO            Retain           Bound    jenkins/jenkins   linode-block-storage-retain            142m
kubectl describe pv pvc-93b0b96aff7a4082 
Name:            pvc-93b0b96aff7a4082
Labels:          <none>
Annotations:     pv.kubernetes.io/provisioned-by: linodebs.csi.linode.com
Finalizers:      [kubernetes.io/pv-protection external-attacher/linodebs-csi-linode-com]
StorageClass:    linode-block-storage-retain
Status:          Bound
Claim:           jenkins/jenkins
Reclaim Policy:  Retain
Access Modes:    RWO
VolumeMode:      Filesystem
Capacity:        10Gi
Node Affinity:   <none>
Message:         
Source:
    Type:              CSI (a Container Storage Interface (CSI) volume source)
    Driver:            linodebs.csi.linode.com
    FSType:            ext4
    VolumeHandle:      679675-pvc93b0b96aff7a4082
    ReadOnly:          false
    VolumeAttributes:      storage.kubernetes.io/csiProvisionerIdentity=1669991887535-8081-linodebs.csi.linode.com
Events:                <none>

We see the the volume is of type CSI and CSI driver used to provision it is linodebs.csi.linode.com.

CSI Volumes Deep Dive

Let’s see resources involved in dynamic provisioning of CSI volumes on Linode.

$ kubectl get all -n kube-system  | grep csi
pod/csi-linode-controller-0                    4/4     Running   0              155m
pod/csi-linode-node-tkgq9                      2/2     Running   0              154m
daemonset.apps/csi-linode-node   1         1         1       1            1           <none>                   155m
statefulset.apps/csi-linode-controller   1/1     155m

There 2 main components in CSI implementation:

• csi controller pod as part of stateful set. It has 4 containers. Provisioner container watches for CSI PVCs, provisions storage and volumes for them using csi driver container. The pod has also snapshotter and resizer containers.
• csi node pod as part of daemon set. It has 2 containers. node-driver-registrar container registers csi driver to each node’s kubelet. Csi driver mounts the volumes to kubelet folders.

Summary

That’s it about Kubernetes CSI Volumes. As always, feel free to share. If you found this article useful read the disclaimer on ways to thank me.

You may also find below articles interesting:

• Kubernetes StatefulSets Demo
• Go Docker CI in GitLab
• Clone Private Repositories in GitLab Pipelines

• Become a Certified Kubernetes Administrator (CKA)!
• Become a Certified Kubernetes Application Developer (CKAD)!
• BUNDLE KUBERNETES FUNDAMENTALS & CKA CERTIFICATION (COURSE & CERTIFICATION) FOR THE BEST DEAL! $499 ONLY!

Recommended Kubernetes courses on Pluralsight:

• Deploying Stateful Applications in Kubernetes
• Configuring and Managing Kubernetes Storage and Scheduling

Sign up using this link to get exclusive discounts like 50% off your first month or 15% off an annual subscription)

Recommended Kubernetes books on Amazon.