Difference between revisions of "Aws-ebs-csi-driver"

From wikieduonline
Jump to navigation Jump to search
 
(51 intermediate revisions by 8 users not shown)
Line 2: Line 2:
 
[[Amazon EBS CSI driver]]
 
[[Amazon EBS CSI driver]]
 
* https://github.com/kubernetes-sigs/aws-ebs-csi-driver
 
* https://github.com/kubernetes-sigs/aws-ebs-csi-driver
 +
* [[aws-ebs-csi-driver Installation]]
  
 +
Version:
 +
* <code>[[aws eks describe-addon-versions --addon-name aws-ebs-csi-driver]]</code>
  
 +
The in-tree StorageClass provisioner is named <code>[[kubernetes.io/aws-ebs]]</code>. The Amazon EBS CSI [[StorageClass]] provisioner is named <code>[[ebs.csi.aws.com]]</code><ref>https://docs.aws.amazon.com/eks/latest/userguide/ebs-csi-migration-faq.html</ref>
 +
 +
== Events ==
 
  [[kubectl get events]]
 
  [[kubectl get events]]
  default 8m51s      Warning  FailedScheduling      pod/myprometheus-alertmanager-5967d4ff85-5glkh    running [[PreBind plugin]] "[[VolumeBinding]]": binding volumes: [[timed out waiting for the condition]]
+
  default 8m51s      Warning  [[FailedScheduling]]       pod/myprometheus-alertmanager-5967d4ff85-5glkh    running [[PreBind plugin]] "[[VolumeBinding]]": binding volumes: [[timed out waiting for the condition]]
  default    4m58s      Normal    ExternalProvisioning  persistentvolumeclaim/myprometheus-alertmanager  waiting for a volume to be created, either by external provisioner "[[ebs.csi.aws.com]]" or manually created by system administrator
+
  default    4m58s      Normal    [[ExternalProvisioning]]   persistentvolumeclaim/myprometheus-alertmanager  [[waiting for a volume to be created, either by external provisioner]] "[[ebs.csi.aws.com]]" or manually created by system administrator
 
 
 
 
== Installation ==
 
 
 
 
 
=== 0) Install driver ===
 
helm repo add aws-ebs-csi-driver https://kubernetes-sigs.github.io/aws-ebs-csi-driver
 
[[helm repo update]]
 
helm upgrade --install aws-ebs-csi-driver --namespace [[kube-system]] aws-ebs-csi-driver/aws-ebs-csi-driver
 
 
 
Release "aws-ebs-csi-driver" does not exist. Installing it now.
 
NAME: aws-ebs-csi-driver
 
LAST DEPLOYED: Mon Sep 26 08:02:42 2022
 
NAMESPACE: [[kube-system]]
 
STATUS: deployed
 
REVISION: 1
 
TEST SUITE: None
 
NOTES:
 
To verify that aws-ebs-csi-driver has started, run:
 
 
    [[kubectl get pod -n kube-system]] -l "app.kubernetes.io/name=aws-ebs-csi-driver,app.kubernetes.io/instance=aws-ebs-csi-driver"
 
 
NOTE: The [CSI Snapshotter](https://github.com/kubernetes-csi/external-snapshotter) controller and [[CRDs]] will no longer be installed as part of this chart and moving forward will be a prerequisite of using the [[snap shotting]] functionality.
 
 
 
Output after installation:
 
[[kubectl get pod -n kube-system]] -l "app.kubernetes.io/name=aws-ebs-csi-driver,app.kubernetes.io/instance=aws-ebs-csi-driver"
 
NAME                                READY  STATUS    RESTARTS  AGE
 
ebs-csi-controller-7687b8974-2t8nf  5/5    Running  0          2m15s
 
ebs-csi-controller-7687b8974-vpjln  5/5    Running  0          2m15s
 
ebs-csi-node-4nxsp                  3/3    Running  0          2m15s
 
ebs-csi-node-6n8dp                  3/3    Running  0          2m15s
 
ebs-csi-node-d4j8z                  3/3    Running  0          2m15s
 
 
 
 
 
=== 1) Grant driver IAM permissions ===
 
Choose one of the following methods:
 
* 1.1 Using IAM [[instance profile]] - attach <code>[[arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy]]</code> policy to the [[instance profile]] IAM role and turn on access to instance metadata for the instance(s) on which the driver Deployment will run
 
* 1.2 EKS only: Using [[IAM roles for ServiceAccounts]] - create an [[IAM role]], attach the policy to it, then follow the [[IRSA]] documentation to associate the IAM role with the driver Deployment service account, which if you are installing via Helm is determined by value <code>[[controller.serviceAccount.name]]</code>, <code>[[ebs-csi-controller-sa]]</code> by default
 
* 1.3 Using secret object - create an IAM user, attach the policy to it, then create a generic secret called aws-secret in the kube-system namespace with the user's credentials
 
[[kubectl create secret generic]] aws-secret --namespace kube-system --from-literal "key_id=${AWS_ACCESS_KEY_ID}" --from-literal "access_key=${AWS_SECRET_ACCESS_KEY}"
 
  
 
== Related ==
 
== Related ==
* <code>[[aws-efs-csi-driver]]</code>
+
* [[Terraform EKS submodule: aws-ebs-csi-driver]]
 +
* <code>[[aws-efs-csi-driver]], [[efs.csi.aws.com]]</code>
 
* <code>[[aws eks create-addon]]</code>
 
* <code>[[aws eks create-addon]]</code>
 +
* [[Amazon EBS CSI driver]]
 +
* <code>[[aws_eks_addon]]</code>
 +
* https://aws.amazon.com/blogs/containers/amazon-ebs-csi-driver-is-now-generally-available-in-amazon-eks-add-ons/
 +
* <code>[[persitentvolume-controller]]</code>
 +
* [[Kubernetes storage classes]]
 +
* <code>[[kubectl delete pods -n kube-system -l=app=ebs-csi-controller]]</code>
 +
* [[ebs-csi-controller-sa]]
 +
* [[Managing the Amazon EBS CSI driver as an Amazon EKS add-on]] https://docs.aws.amazon.com/eks/latest/userguide/managing-ebs-csi.html#csi-iam-role
 +
* [[Terraform EKS module: cluster_addons]]
 +
* [[Terraform EKS resource: aws eks addon]]
 +
* [[ebs_csi_irsa_role]]
 +
* [[Terraform submodule: iam-assumable-role-with-oidc]]
  
 
== See also ==
 
== See also ==
* {{CSI}}
+
* {{aws-ebs-csi-driver}}
* {{EKS}}
+
* {{PVC}}
 +
* {{EKS addons}}
  
 
[[Category:EKS]]
 
[[Category:EKS]]

Latest revision as of 16:25, 29 February 2024

Amazon EBS CSI driver

Version:

The in-tree StorageClass provisioner is named kubernetes.io/aws-ebs. The Amazon EBS CSI StorageClass provisioner is named ebs.csi.aws.com[1]

Events[edit]

kubectl get events
default 8m51s       Warning   FailedScheduling       pod/myprometheus-alertmanager-5967d4ff85-5glkh    running PreBind plugin "VolumeBinding": binding volumes: timed out waiting for the condition
default     4m58s       Normal    ExternalProvisioning   persistentvolumeclaim/myprometheus-alertmanager   waiting for a volume to be created, either by external provisioner "ebs.csi.aws.com" or manually created by system administrator

Related[edit]

See also[edit]

  • https://docs.aws.amazon.com/eks/latest/userguide/ebs-csi-migration-faq.html
  • Advertising: