You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

102 lines
8.4 KiB

  1. # vSphere CSI Driver
  2. vSphere CSI driver allows you to provision volumes over a vSphere deployment. The Kubernetes historic in-tree cloud provider is deprecated and will be removed in future versions.
  3. ## Prerequisites
  4. The vSphere user for CSI driver requires a set of privileges to perform Cloud Native Storage operations. Follow the [official guide](https://vsphere-csi-driver.sigs.k8s.io/driver-deployment/prerequisites.html#roles_and_privileges) to configure those.
  5. ## Kubespray configuration
  6. To enable vSphere CSI driver, uncomment the `vsphere_csi_enabled` option in `group_vars/all/vsphere.yml` and set it to `true`.
  7. To set the number of replicas for the vSphere CSI controller, you can change `vsphere_csi_controller_replicas` option in `group_vars/all/vsphere.yml`.
  8. You need to source the vSphere credentials you use to deploy your machines that will host Kubernetes.
  9. | Variable | Required | Type | Choices | Default | Comment |
  10. |-------------------------------------------------|----------|---------|-----------------|-------------------------|-----------------------------------------------------------------------------------------------------------------------------|
  11. | external_vsphere_vcenter_ip | TRUE | string | | | IP/URL of the vCenter |
  12. | external_vsphere_vcenter_port | TRUE | string | | "443" | Port of the vCenter API |
  13. | external_vsphere_insecure | TRUE | string | "true", "false" | "true" | set to "true" if the host above uses a self-signed cert |
  14. | external_vsphere_user | TRUE | string | | | User name for vCenter with required privileges (Can also be specified with the `VSPHERE_USER` environment variable) |
  15. | external_vsphere_password | TRUE | string | | | Password for vCenter (Can also be specified with the `VSPHERE_PASSWORD` environment variable) |
  16. | external_vsphere_datacenter | TRUE | string | | | Datacenter name to use |
  17. | external_vsphere_kubernetes_cluster_id | TRUE | string | | "kubernetes-cluster-id" | Kubernetes cluster ID to use |
  18. | external_vsphere_version | TRUE | string | | "7.0u1" | Vmware Vsphere version where located all VMs |
  19. | external_vsphere_cloud_controller_image_tag | TRUE | string | | "v1.31.0" | CPI manager image tag to use |
  20. | vsphere_syncer_image_tag | TRUE | string | | "v3.3.1" | Syncer image tag to use |
  21. | vsphere_csi_attacher_image_tag | TRUE | string | | "v4.3.0" | CSI attacher image tag to use |
  22. | vsphere_csi_controller | TRUE | string | | "v3.3.1" | CSI controller image tag to use |
  23. | vsphere_csi_controller_replicas | TRUE | integer | | 1 | Number of pods Kubernetes should deploy for the CSI controller |
  24. | vsphere_csi_liveness_probe_image_tag | TRUE | string | | "v2.10.0" | CSI liveness probe image tag to use |
  25. | vsphere_csi_provisioner_image_tag | TRUE | string | | "v2.1.0" | CSI provisioner image tag to use |
  26. | vsphere_csi_node_driver_registrar_image_tag | TRUE | string | | "v3.5.0" | CSI node driver registrar image tag to use |
  27. | vsphere_csi_driver_image_tag | TRUE | string | | "v3.3.1" | CSI driver image tag to use |
  28. | vsphere_csi_resizer_tag | TRUE | string | | "v1.8.0" | CSI resizer image tag to use |
  29. | vsphere_csi_aggressive_node_drain | FALSE | boolean | | false | Enable aggressive node drain strategy |
  30. | vsphere_csi_aggressive_node_unreachable_timeout | FALSE | int | | 300 | Timeout till node will be drained when it in an unreachable state |
  31. | vsphere_csi_aggressive_node_not_ready_timeout | FALSE | int | | 300 | Timeout till node will be drained when it in not-ready state |
  32. | vsphere_csi_namespace | TRUE | string | | "kube-system" | vSphere CSI namespace to use; kube-system for backward compatibility, should be change to vmware-system-csi on the long run |
  33. ## Usage example
  34. To test the dynamic provisioning using vSphere CSI driver, make sure to create a [storage policy](https://github.com/kubernetes/cloud-provider-vsphere/blob/master/docs/book/tutorials/kubernetes-on-vsphere-with-kubeadm.md#create-a-storage-policy) and [storage class](https://github.com/kubernetes/cloud-provider-vsphere/blob/master/docs/book/tutorials/kubernetes-on-vsphere-with-kubeadm.md#create-a-storageclass), then apply the following manifest:
  35. ```yml
  36. ---
  37. apiVersion: v1
  38. kind: PersistentVolumeClaim
  39. metadata:
  40. name: csi-pvc-vsphere
  41. spec:
  42. accessModes:
  43. - ReadWriteOnce
  44. resources:
  45. requests:
  46. storage: 1Gi
  47. storageClassName: mongodb-sc
  48. ---
  49. apiVersion: v1
  50. kind: Pod
  51. metadata:
  52. name: nginx
  53. spec:
  54. containers:
  55. - image: nginx
  56. imagePullPolicy: IfNotPresent
  57. name: nginx
  58. ports:
  59. - containerPort: 80
  60. protocol: TCP
  61. volumeMounts:
  62. - mountPath: /usr/share/nginx/html
  63. name: csi-data-vsphere
  64. volumes:
  65. - name: csi-data-vsphere
  66. persistentVolumeClaim:
  67. claimName: csi-pvc-vsphere
  68. readOnly: false
  69. ```
  70. Apply this conf to your cluster: ```kubectl apply -f nginx.yml```
  71. You should see the PVC provisioned and bound:
  72. ```ShellSession
  73. $ kubectl get pvc
  74. NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
  75. csi-pvc-vsphere Bound pvc-dc7b1d21-ee41-45e1-98d9-e877cc1533ac 1Gi RWO mongodb-sc 10s
  76. ```
  77. And the volume mounted to the Nginx Pod (wait until the Pod is Running):
  78. ```ShellSession
  79. kubectl exec -it nginx -- df -h | grep /usr/share/nginx/html
  80. /dev/sdb 976M 2.6M 907M 1% /usr/share/nginx/html
  81. ```
  82. ## More info
  83. For further information about the vSphere CSI Driver, you can refer to the official [vSphere Cloud Provider documentation](https://cloud-provider-vsphere.sigs.k8s.io/container_storage_interface.html).