PersistentVolume with EBS

PersistentVolume を EKS で使う

とりあえず以下を参照しながら進めた。

Configure AWS EBS Storage for Kubernetes | Docker docs
https://docs.docker.com/ee/ucp/kubernetes/configure-aws-storage/

A Basic Guide to Kubernetes Storage: PVS, PVCs, Statefulsets and More | portworx
https://portworx.com/basic-guide-kubernetes-storage/

PV の準備

EBS Volume の作成

まずは EBS を AWS EC2 視点で作ればいいみたい。

$ aws ec2 create-volume --availability-zone eu-west-1a --volume-type gp2 --size 20
{
    "AvailabilityZone": "eu-west-1a",
    "CreateTime": "2019-02-25T20:46:03.000Z",
    "Encrypted": false,
    "Size": 20,
    "SnapshotId": "",
    "State": "creating",
    "VolumeId": "vol-xxxxxxxxxx",
    "Iops": 100,
    "Tags": [],
    "VolumeType": "gp2"
}

PersistentVolume リソースの作成

$ cat pv-ebs.yaml 
kind: PersistentVolume
apiVersion: v1
metadata:
  name: test-pv
spec:
  capacity:
    storage: 20Gi
  accessModes:
    - ReadWriteOnce
  awsElasticBlockStore:
    volumeID: vol-xxxxxxxxxx
    fsType: ext4

$ kubectl apply -f pv-ebs.yaml 
persistentvolume "test-pv" created

$ kubectl get persistentvolumes
NAME      CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS      CLAIM     STORAGECLASS   REASON    AGE
test-pv   20Gi       RWO            Retain           Available                                      39s

これで PV リソース自体の作成は完了。
これで、 Kubernetes 的にも、これが永続化領域として認識された。

PersistentVolumeClaim の作成

$ cat pvc-ebs.yaml 
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: test-pvc
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 20Gi

$ kubectl apply -f pvc-ebs.yaml 
persistentvolumeclaim "test-pvc" created

$ kubectl get persistentvolumeclaims
NAME       STATUS    VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS   AGE
test-pvc   Bound     pvc-1234abcd-1111-1111-1111-112233445566   20Gi       RWO            gp2            15s

これまた簡単に PVC が作れた。
PV と PVC の関連付けも以下の通り確認できる。

$ kubectl get persistentvolumes
NAME                                       CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS      CLAIM              STORAGECLASS   REASON    AGE
pvc-1234abcd-1111-1111-1111-112233445566   20Gi       RWO            Delete           Bound       default/test-pvc   gp2                      5m
test-pv                                    20Gi       RWO            Retain           Available                                               12m

Pod からの利用

以下、マニフェスト例。

apiVersion: v1
kind: Pod
metadata:
  name: sample-pvc-pod
spec:
  containers:
    - name: nginx-container
      image: nginx:1.12
      ports:
        - containerPort: 80
          name: "http"
      volumeMounts:
      - mountPath: "/usr/share/nginx/html"
        name: nginx-pvc
  volumes:
    - name: nginx-pvc
      persistentVolumeClaim:
       claimName: test-pvc

StorageClass

ストレージクラス
https://docs.aws.amazon.com/ja_jp/eks/latest/userguide/storage-classes.html

Ingress with ALBNetworkPolicy with Calico