Skip to content

keyporttech/helm-csi-driver-nfs

BranchesTags

Repository files navigation

csi-driver-nfs

Version: 0.1.0 Type: application AppVersion: 2.0.0

A Kubnetes Helm chart that mounts NFS volumes hosted on a remote server.

Homepage: https://github.com/keyporttech/helm-charts

Introduction

This Kubernetes helm chart allows the management of Network File System (NFS) storage. It does this by deploying, to each node in the cluster, a pod running both the driver and CSI Node Driver Registrar sidecar containers. Applications can access existing NFS shares by simply specifying a Storage Class (SC), Persistent Volume (PV) and Persistent Volume Claim (PVC).

This chart was developed and tested on kubernetes version 1.19, but should work on earlier or later versions.

Requirements

Kubernetes: >=1.14

  • helm 3 installation
  • Nodes have enought resources to run the chart pod.
  • Any one namespace to deploy into.
  • NFS Client installed on each node in the cluster.
  • An NFS server and existing accessible shares (confirm that the shares are accessible from one or more of the cluster nodes).

Images:

Installing the Chart

There are two methods that can be used to install the chart.

Use the chart from the Keyporttech Helm Repository

helm repo add keyporttech https://keyporttech.github.io/helm-charts/
helm install my-release keyporttech/csi-driver-nfs -n my-namespace

or clone this repo and install from the local file system.

$ helm install my-release . -n my-namespace

Only a single instance of the NFS CSI Driver can exist in a cluster so only one helm release of the chart is permissible.

Tip: There should not be a need to modify any of the chart values. Use the default values.yaml file.

Uninstalling the Chart

To uninstall/delete the my-release deployment:

$ helm uninstall my-release -n my-namespace

All resources associated with the last release of the chart as well as its release history will be deleted.

Storage

This chart enables applications to access existing NFS shares through SCs, PVs and PVCs. By default no shares will be deleted when the chart is uninstalled.

In the repository root folder there is a examples subfolder containing the nginx web server. It shows how to create a sc, pv and pvc outside the chart so that an application can mount an existing NFS share.

Applications do not have to be installed into the same namespace as this chart. Already deployed applications can remain in their current namespace and be updated to use the driver.

See nginx pod example below. The following may need to change:

  • SC, PV and PVC name
  • PV and PVC storage size
  • PV mountOptions and volumeAttributes
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: csi-driver-nfs-nginx-sc
  annotations:
    storageclass.kubernetes.io/is-default-class: "false"
provisioner: nfs.csi.k8s.io
reclaimPolicy: Retain
volumeBindingMode: Immediate
parameters:
  storagepolicyname: "NFS CSI Driver"  # Optional Parameter
---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: csi-driver-nfs-nginx-pv
spec:
  #claimRef:
  #  name: csi-driver-nfs-nginx-pvc
  #  namespace: apps
  accessModes:
  - ReadWriteMany
  persistentVolumeReclaimPolicy: Retain
  capacity:
    storage: 1Gi
  volumeMode: Filesystem
  storageClassName: csi-driver-nfs-nginx-sc
  mountOptions:
    - nfsvers=3
    - nolock
    #- hard
  csi:
    driver: nfs.csi.k8s.io
    volumeHandle: nginx-data-id
    volumeAttributes:
      # NFS server and mount path i.e. share or its subdirectory
      # server: IP or FQDN i.e. host.example.com
      server: 192.168.x.x
      share: /mnt/pool/share/csi-dir
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: csi-driver-nfs-nginx-pvc
spec:
  storageClassName: csi-driver-nfs-nginx-sc
  accessModes:
  - ReadWriteMany
  resources:
    requests:
      storage: 1Gi
---
apiVersion: v1
kind: Pod
metadata:
  name: nginx
spec:
  #serviceAccount: csi-driver-nfs-nodeplugin
  containers:
  - image: maersk/nginx
    name: nginx
    ports:
    - containerPort: 80
      protocol: TCP
    volumeMounts:
      - mountPath: /var/www
        name: nginx-data-nfs
  volumes:
  - name: nginx-data-nfs
    persistentVolumeClaim:
      claimName: csi-driver-nfs-nginx-pvc

This will enable direct communication between the NFS server and the CSI Driver running in the cluster.

Values

Key Type Default Description
affinity object {} List of rules for which nodes the pod is eligible to be scheduled. This method relies on node labels.
csiDriver.csiDriverName string "nfs.csi.k8s.io" NFS CSI Driver name hardcoded in executable
csiDriver.image.pullPolicy string "IfNotPresent" When the image is pulled
csiDriver.image.repository string "registry.keyporttech.com/csi-driver-nfs" Repository for the NFS CSI Driver
csiDriver.image.tag string "2.0.0" Version tag for the image
csiDriver.name string "csi-driver-nfs" NFS CSI Driver container name
csiDriver.securityContext.allowPrivilegeEscalation bool true Can the current user context of the container be changed
csiDriver.securityContext.capabilities.add list ["SYS_ADMIN"] System admininstrator capability
csiDriver.securityContext.privileged bool true Does the driver have operating system administrative capabilities
fullnameOverride string "" If not empty, replaces the generated name for the deployment
imagePullSecrets list [] List of secrets used to pull a private images for the pod
nameOverride string "" If not empty, replaces the name of the chart
nodeSelector object {} List of key-value pairs used to select a node for pod deployment. In order for the node to be eligible it must have each of the specified key-value pairs as labels.
podAnnotations object {} A list of annotations for the pod
podSecurityContext object {} Specifies the privilege and access control settings of the pod
rbac.enable bool false Specfies whether ClusterRole and ClusterRoleBinding will be enabled for ServiceAccount
replicaCount int 1 Number of pods to load balance between
resources object {} Specifies the cpu and memory to be allocated for the pod
serviceAccount.annotations object {} List of annotations for the account
serviceAccount.create bool false Specifies whether a service account should be created
serviceAccount.name string "" The name of the service account. If empty, a name is generated.
sidecar.image.pullPolicy string "IfNotPresent" When the image is pulled
sidecar.image.repository string "k8s.gcr.io/sig-storage/csi-node-driver-registrar" Repository for the Registrar CSI Driver
sidecar.image.tag string "v1.3.0" Version tag for the image
sidecar.name string "csi-driver-registrar" Registrar CSI Driver container name
sidecar.securityContext object {} Specifies the privilege and access control settings of the container
tolerations list [] List of tolerations which allow the pod to be scheduled onto nodes with matching taints

Source Code

Maintainers

Name Email Url
Keyport Technologies, Inc. [email protected] https://keyporttech.github.io/

Contributing

Please see keyporttech charts contribution guidelines

About

Helm chart for NFS CSI Driver

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages