$ sudo yum install samba-client samba-common cifs-utils
OpenShift Container Platform supports Microsoft Azure File volumes. You can provision your OpenShift Container Platform cluster with persistent storage using Azure. Some familiarity with Kubernetes and Azure is assumed.
High availability of storage in the infrastructure is left to the underlying storage provider. |
Install samba-client
, samba-common
, and cifs-utils
on all nodes:
$ sudo yum install samba-client samba-common cifs-utils
Enable SELinux booleans on all nodes:
$ /usr/sbin/setsebool -P virt_use_samba on
$ /usr/sbin/setsebool -P virt_sandbox_use_samba on
Mount options are not available in OpenShift Container Platform 3.7.43. You cannot use Azure File in OpenShift Container Platform 3.7.43. To use Azure file, upgrade to OpenShift Container Platform 3.7.46. |
While Azure Disk is compatible with multiple regional clouds, Azure File supports only the Azure public cloud, because the endpoint is hard-coded.
Define the Azure Storage Account name and key in a secret configuration, which is then converted to base64 for use by OpenShift Container Platform.
Obtain an Azure Storage Account name and key and encode to base64:
apiVersion: v1
kind: secret
metadata:
name: azure-secret
type: Opaque
data:
azurestorageaccountname: azhzdGVzdA==
azurestorageaccountkey: eElGMXpKYm5ub2pGTE1Ta0JwNTBteDAyckhzTUsyc2pVN21GdDRMMTNob0I3ZHJBYUo4akQ2K0E0NDNqSm9nVjd5MkZVT2hRQ1dQbU02WWFOSHk3cWc9PQ==
Save the secret definition to a file, for example azure-secret.yaml, then create the secret:
$ oc create -f azure-secret.yaml
Verify that the secret was created:
$ oc get secret azure-secret
NAME TYPE DATA AGE
azure-secret Opaque 1 23d
Define the PV in an object definition before creating it in OpenShift Container Platform:
apiVersion: "v1"
kind: "PersistentVolume"
metadata:
name: "pv0001" (1)
spec:
capacity:
storage: "5Gi" (2)
accessModes:
- "ReadWriteMany"
azureFile: (3)
secretName: azure-secret (4)
shareName: example (5)
readOnly: false (6)
1 | The name of the volume. This is how it is identified via PV claims or from pods. |
2 | The amount of storage allocated to this volume. |
3 | This defines the volume type being used: azureFile plug-in. |
4 | The name of the secret used. |
5 | The name of the file share. |
6 | Defaults to false (read/write). ReadOnly here forces the ReadOnly setting in VolumeMounts . |
Save the definition to a file, for example azure-file-pv.yaml, and create the PV:
$ oc create -f azure-file-pv.yaml
persistentvolume "pv0001" created
Verify that the PV was created:
$ oc get pv
NAME LABELS CAPACITY ACCESSMODES STATUS CLAIM REASON AGE
pv0001 <none> 5Gi RWM Available 2s
Now you can request storage using PV claims, which can now use your new PV.
PV claims only exist in the user’s namespace and can only be referenced by a pod within that same namespace. Any attempt to access a PV from a different namespace causes the pod to fail. |