Using AWS EBS Volumes in Kubernetes To Store Persistent Data for Kubernetes Versions > 1.23

AWS EBS!!

I had written a speedrun on how to create persistent volume claims using AWS EBS in a previous mentioned blog post here. However the steps shown there won’t work for kubernetes clusters version above 1.23 due to a feature enabled in these versions called CSI Migration. So some additional steps have to be taken to create PVC’s for these versions as shown below:

An IAM Role needs to be attached to the worker nodes with the following permissions :

{
“Version”: “2012–10–17”,
“Statement”: [
{
“Effect”: “Allow”,
“Action”: [
“ec2:AttachVolume”,
“ec2:CreateSnapshot”,
“ec2:CreateTags”,
“ec2:CreateVolume”,
“ec2:DeleteSnapshot”,
“ec2:DeleteTags”,
“ec2:DeleteVolume”,
“ec2:DescribeAvailabilityZones”,
“ec2:DescribeInstances”,
“ec2:DescribeSnapshots”,
“ec2:DescribeTags”,
“ec2:DescribeVolumes”,
“ec2:DescribeVolumesModifications”,
“ec2:DetachVolume”,
“ec2:ModifyVolume”
],
“Resource”: “*”
}
]
}

Next we need to install AWS EBS CSI Driver using helm as shown below:

helm repo add aws-ebs-csi-driver https://kubernetes-sigs.github.io/aws-ebs-csi-driverhelm repo updatehelm upgrade — install aws-ebs-csi-driver \
— namespace kube-system \
— set enableVolumeScheduling=true \
— set enableVolumeResizing=true \
— set ‘podAnnotations.iam\.amazonaws\.com/role’=ROLE_ARN \
— set ‘node.podAnnotations.iam\.amazonaws\.com/role’=ROLE_ARN \
aws-ebs-csi-driver/aws-ebs-csi-driver

Here ROLE_ARN is the kubernetes role assigned to kubernetes worker node

Next we can create a storage class using the below example where values can be accordingly changed. Pay attention as it’s slightly different from the one generally used:

kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
name: aws-ebs-k8
labels:
deploy: aws-ebs-k8
namespace: monitoring
provisioner: ebs.csi.aws.com
volumeBindingMode: Immediate
parameters:
type: gp2 # This configures SSDs (recommended).
allowVolumeExpansion: true
reclaimPolicy: Retain
allowedTopologies:
- matchLabelExpressions:
— key: topology.ebs.csi.aws.com/zone
values:
— us-west-2b

Now we can create a persistent volume claim directly by using the storage class name which we configured above:

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
labels:
deploy: pvc-k8
name: pvc-k8
spec:
accessModes:
— ReadWriteOnce
resources:
requests:
storage: 20Gi
storageClassName: aws-ebs-k8

Applying this configuration would create a persistent volume claim as well as an EBS volume , and further the claim can be used to attach to a kubernetes application.

--

--

--

Hardcore Infra Engineer guy. Follow me for a wide variety of topics in the field of cyber security and dev(sec)ops. OSCP,CRTE,CRTP,CKA,CKAD holder.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

CI/CD and Dockerize a React project

JSON serialization: Ignore selective properties or null properties

CS373 Fall 2020: Zongying Mo

Part 2: Application of literal and dependent object types in Scala 3 (Dotty)

Build Docker From Scratch With PostgreSQL & Django app

How to Create Multiple Bots With a Single Twitter Developer Account

Pandadoc Vs | Awesomesuite.com

question list for maths for competitive programming

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Arnav Tripathy

Arnav Tripathy

Hardcore Infra Engineer guy. Follow me for a wide variety of topics in the field of cyber security and dev(sec)ops. OSCP,CRTE,CRTP,CKA,CKAD holder.

More from Medium

Using AWS EBS Volumes in Kubernetes To Store Persistent Data for Kubernetes Versions < 1.23

Backup an entire Kubernetes cluster using Velero to AWS S3

Deconstructing DevOps — a simple walkthrough of Docker & Kubernetes

How To Set up a Simple Kubernetes Cluster on Google Cloud Platform