$ oc create secret generic <secret-name> --from-literal=azurestorageaccountname=<storage-account> \ (1)
--from-literal=azurestorageaccountkey=<storage-account-key> (2)
OKD supports Microsoft Azure File volumes. You can provision your OKD cluster with persistent storage using Azure. Some familiarity with Kubernetes and Azure is assumed.
The Kubernetes persistent volume framework allows administrators to provision a cluster with persistent storage and gives users a way to request those resources without having any knowledge of the underlying infrastructure. You can provision Azure File volumes dynamically.
Persistent volumes are not bound to a single project or namespace, and you can share them across the OKD cluster. Persistent volume claims are specific to a project or namespace, and can be requested by users for use in applications.
High availability of storage in the infrastructure is left to the underlying storage provider. |
Azure File volumes use Server Message Block. |
To create the persistent volume claim, you must first define a secret
object that contains the Azure account and key. This secret is used in the PersistentVolume
definition, and will be referenced by the persistent volume claim for use in applications.
An Azure File share exists.
The credentials to access this share, specifically the storage account and key, are available.
Create a secret
object that contains the Azure File credentials:
$ oc create secret generic <secret-name> --from-literal=azurestorageaccountname=<storage-account> \ (1)
--from-literal=azurestorageaccountkey=<storage-account-key> (2)
1 | The Azure File storage account name. |
2 | The Azure File storage account key. |
Create a PersistentVolume
object that references the secret
object you created:
apiVersion: "v1"
kind: "PersistentVolume"
metadata:
name: "pv0001" (1)
spec:
capacity:
storage: "5Gi" (2)
accessModes:
- "ReadWriteOnce"
storageClassName: azure-file-sc
azureFile:
secretName: <secret-name> (3)
shareName: share-1 (4)
readOnly: false
1 | The name of the persistent volume. |
2 | The size of this persistent volume. |
3 | The name of the secret that contains the Azure File share credentials. |
4 | The name of the Azure File share. |
Create a PersistentVolumeClaim
object that maps to the persistent volume you created:
apiVersion: "v1"
kind: "PersistentVolumeClaim"
metadata:
name: "claim1" (1)
spec:
accessModes:
- "ReadWriteOnce"
resources:
requests:
storage: "5Gi" (2)
storageClassName: azure-file-sc (3)
volumeName: "pv0001" (4)
1 | The name of the persistent volume claim. |
2 | The size of this persistent volume claim. |
3 | The name of the storage class that is used to provision the persistent volume.
Specify the storage class used in the PersistentVolume definition. |
4 | The name of the existing PersistentVolume object that references the
Azure File share. |
After the persistent volume claim has been created, it can be used inside by an application. The following example demonstrates mounting this share inside of a pod.
A persistent volume claim exists that is mapped to the underlying Azure File share.
Create a pod that mounts the existing persistent volume claim:
apiVersion: v1
kind: Pod
metadata:
name: pod-name (1)
spec:
containers:
...
volumeMounts:
- mountPath: "/data" (2)
name: azure-file-share
volumes:
- name: azure-file-share
persistentVolumeClaim:
claimName: claim1 (3)
1 | The name of the pod. |
2 | The path to mount the Azure File share inside the pod. Do not mount to the container root, / , or any path that is the same in the host and the container. This can corrupt your host system if the container is sufficiently privileged, such as the host /dev/pts files. It is safe to mount the host by using /host . |
3 | The name of the PersistentVolumeClaim object that has been previously created. |