aws-ebs-csi-driver Installation

From wikieduonline
Jump to navigation Jump to search

aws-ebs-csi-driver Installation

0) Install driver

helm repo add aws-ebs-csi-driver
helm repo update
helm upgrade --install aws-ebs-csi-driver --namespace kube-system aws-ebs-csi-driver/aws-ebs-csi-driver
Release "aws-ebs-csi-driver" does not exist. Installing it now.
NAME: aws-ebs-csi-driver
LAST DEPLOYED: Mon Sep 26 08:02:42 2022
NAMESPACE: kube-system
STATUS: deployed
To verify that aws-ebs-csi-driver has started, run:

    kubectl get pod -n kube-system -l ","

NOTE: The [ CSI Snapshotter ]( controller and CRDs will no longer be installed as part of this chart and moving forward will be a prerequisite of using the snap shotting functionality.

Output after installation:

kubectl get pod -n kube-system -l ","
NAME                                 READY   STATUS    RESTARTS   AGE
ebs-csi-controller-7687b8974-2t8nf   5/5     Running   0          2m15s
ebs-csi-controller-7687b8974-vpjln   5/5     Running   0          2m15s
ebs-csi-node-4nxsp                   3/3     Running   0          2m15s
ebs-csi-node-6n8dp                   3/3     Running   0          2m15s 
ebs-csi-node-d4j8z                   3/3     Running   0          2m15s

1) Grant driver IAM permissions

Choose one of the following methods:


kubectl get events
default       107s        Warning   ProvisioningFailed     persistentvolumeclaim/myprometheus-server         (combined from similar events): failed to provision volume with StorageClass "gp2": rpc error: code = Internal desc = Could not create volume "pvc-4e14416c-c9c2-4d39-b749-9ce0fa98d597": could not create volume in EC2: UnauthorizedOperation: You are not authorized to perform this operation. Encoded authorization failure message: Goz6E3qExxxxx.../...
(combined from similar events): failed to provision volume with StorageClass "gp2": rpc error: code = Internal desc = Could not create volume "pvc-641db932-4715-4f5a-b2d2-9c0c4117dd27": could not create volume in EC2: WebIdentityErr: failed to retrieve credentials caused by: AccessDenied: Not authorized to perform sts:AssumeRoleWithWebIdentity status code: 403, request id: 6bc69eb4-96a6-4167-b5e3-1234567890
kubectl delete pods -n kube-system -l=app=ebs-csi-controller
aws eks describe-addon-versions --addon-name aws-ebs-csi-driver

See also
