You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

128 lines
4.2 KiB

  1. # Azure Disk CSI Driver
  2. The Azure Disk CSI driver allows you to provision volumes for pods with a Kubernetes deployment over Azure Cloud. The CSI driver replaces to volume provisioning done by the in-tree azure cloud provider which is deprecated.
  3. This documentation is an updated version of the in-tree Azure cloud provider documentation (azure.md).
  4. To deploy Azure Disk CSI driver, uncomment the `azure_csi_enabled` option in `group_vars/all/azure.yml` and set it to `true`.
  5. ## Azure Disk CSI Storage Class
  6. If you want to deploy the Azure Disk storage class to provision volumes dynamically, you should set `persistent_volumes_enabled` in `group_vars/k8s_cluster/k8s_cluster.yml` to `true`.
  7. ## Parameters
  8. Before creating the instances you must first set the `azure_csi_` variables in the `group_vars/all.yml` file.
  9. All of the values can be retrieved using the azure cli tool which can be downloaded here: <https://docs.microsoft.com/en-us/cli/azure/install-azure-cli?view=azure-cli-latest>
  10. After installation you have to run `az login` to get access to your account.
  11. ### azure\_csi\_tenant\_id + azure\_csi\_subscription\_id
  12. Run `az account show` to retrieve your subscription id and tenant id:
  13. `azure_csi_tenant_id` -> tenantId field
  14. `azure_csi_subscription_id` -> id field
  15. ### azure\_csi\_location
  16. The region your instances are located in, it can be something like `francecentral` or `norwayeast`. A full list of region names can be retrieved via `az account list-locations`
  17. ### azure\_csi\_resource\_group
  18. The name of the resource group your instances are in, a list of your resource groups can be retrieved via `az group list`
  19. Or you can do `az vm list | grep resourceGroup` and get the resource group corresponding to the VMs of your cluster.
  20. The resource group name is not case sensitive.
  21. ### azure\_csi\_vnet\_name
  22. The name of the virtual network your instances are in, can be retrieved via `az network vnet list`
  23. ### azure\_csi\_vnet\_resource\_group
  24. The name of the resource group your vnet is in, can be retrieved via `az network vnet list | grep resourceGroup` and get the resource group corresponding to the vnet of your cluster.
  25. ### azure\_csi\_subnet\_name
  26. The name of the subnet your instances are in, can be retrieved via `az network vnet subnet list --resource-group RESOURCE_GROUP --vnet-name VNET_NAME`
  27. ### azure\_csi\_security\_group\_name
  28. The name of the network security group your instances are in, can be retrieved via `az network nsg list`
  29. ### azure\_csi\_aad\_client\_id + azure\_csi\_aad\_client\_secret
  30. These will have to be generated first:
  31. - Create an Azure AD Application with:
  32. ```ShellSession
  33. az ad app create --display-name kubespray --identifier-uris http://kubespray --homepage http://kubespray.com --password CLIENT_SECRET
  34. ```
  35. Display name, identifier-uri, homepage and the password can be chosen
  36. Note the AppId in the output.
  37. - Create Service principal for the application with:
  38. ```ShellSession
  39. az ad sp create --id AppId
  40. ```
  41. This is the AppId from the last command
  42. - Create the role assignment with:
  43. ```ShellSession
  44. az role assignment create --role "Owner" --assignee http://kubespray --subscription SUBSCRIPTION_ID
  45. ```
  46. azure\_csi\_aad\_client\_id must be set to the AppId, azure\_csi\_aad\_client\_secret is your chosen secret.
  47. ### azure\_csi\_use\_instance\_metadata
  48. Use instance metadata service where possible. Boolean value.
  49. ## Test the Azure Disk CSI driver
  50. To test the dynamic provisioning using Azure CSI driver, make sure to have the storage class deployed (through persistent volumes), and apply the following manifest:
  51. ```yml
  52. ---
  53. apiVersion: v1
  54. kind: PersistentVolumeClaim
  55. metadata:
  56. name: pvc-azuredisk
  57. spec:
  58. accessModes:
  59. - ReadWriteOnce
  60. resources:
  61. requests:
  62. storage: 1Gi
  63. storageClassName: disk.csi.azure.com
  64. ---
  65. kind: Pod
  66. apiVersion: v1
  67. metadata:
  68. name: nginx-azuredisk
  69. spec:
  70. nodeSelector:
  71. kubernetes.io/os: linux
  72. containers:
  73. - image: nginx
  74. name: nginx-azuredisk
  75. command:
  76. - "/bin/sh"
  77. - "-c"
  78. - while true; do echo $(date) >> /mnt/azuredisk/outfile; sleep 1; done
  79. volumeMounts:
  80. - name: azuredisk
  81. mountPath: "/mnt/azuredisk"
  82. volumes:
  83. - name: azuredisk
  84. persistentVolumeClaim:
  85. claimName: pvc-azuredisk
  86. ```