CSI base Object Storage driver/plug-in. Currently, the driver supports s3fs and rclone mounters.
For building the driver docker and GO should be installed on the system
-
Install latest Go
-
Set the
GOPATHenvironment variable. -
Build the driver image
$ mkdir -p $GOPATH/src/github.com/IBM $ cd $GOPATH/src/github.com/IBM/ $ git clone https://github.com/IBM/ibm-object-csi-driver.git $ cd ibm-object-csi-driverexport RHSM_USER=<RHSM_USER> export RHSM_PASS=<RHSM_PASS> make container
An image named ibm-object-csi-driver:latest is created. Please retag and push the image to suitable registries to deploy in cluster.
Deploy the resources
Review deploy/ibmCloud/kustomization.yaml file.
Update images if required
- name: cos-driver-image
newName: icr.io/ibm/ibm-object-csi-driver
newTag: v1.0.1
Update IBM COS endpoint and locationconstraint as per the region of your cluster
value: "https://s3.direct.au-syd.cloud-object-storage.appdomain.cloud"
value: "au-syd-standard"
kubectl apply -k deploy/ibmCloud/
To clean up the deployment
kubectl delete -k deploy/ibmCloud/
After deployment following storage classes will be available in the cluster
NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE
ibm-object-storage-smart-rclone cos.s3.csi.ibm.io Delete Immediate false
ibm-object-storage-smart-rclone-retain cos.s3.csi.ibm.io Retain Immediate false
ibm-object-storage-smart-s3fs cos.s3.csi.ibm.io Delete Immediate false
ibm-object-storage-smart-s3fs-retain cos.s3.csi.ibm.io Retain Immediate false
ibm-object-storage-standard-rclone cos.s3.csi.ibm.io Delete Immediate false
ibm-object-storage-standard-rclone-retain cos.s3.csi.ibm.io Retain Immediate false
ibm-object-storage-standard-s3fs cos.s3.csi.ibm.io Delete Immediate false
ibm-object-storage-standard-s3fs-retain cos.s3.csi.ibm.io Retain Immediate false
kubectl apply -k deploy/ibmUnmanaged/
To clean up the deployment
kubectl delete -k deploy/ibmUnmanaged/
Provide proper values for parameters in secret under examples/cos-s3-csi-pvc-secret.yaml
-
Create Secret, PVC and POD
kubectl create -f examples/cos-s3-csi-pvc-secret.yamlIf you want to use your own bucket, bucketName should be specified in the secret. If left empty, a temp bucket will be generated.
kubectl create -f examples/cos-s3-csi-pvc.yamlkubectl create -f examples/cos-csi-app.yamlIf rclone mount options need to be provided they can be provided in Secret using StringData field. For example
stringData: mountOptions: | upload_concurrency=30 low_level_retries=3For non-root user support, in the Secret user can add
uidwhich must matchRunAsUserin Pod spec.stringData: uid: "3000" # Provide uid to run as non root user. This must match runAsUser in SecurityContext of pod spec.User can skip changes in Secret and directly use Pod Spec to enforce non root volume mount by providing
RunAsUservalue same asFsGroup. -
Verify PVC is in
Boundstate -
Check for successful mount
If mounter type is rclone, you will see
mount | grep rclone
rclone-remote:rcloneambfail on /data type fuse.rclone (rw,nosuid,nodev,relatime,user_id=0,group_id=0)
If mounter type is s3fs, you will see
root@cos-csi-app:/# mount | grep s3fs
s3fs on /data type fuse.s3fs (rw,nosuid,nodev,relatime,user_id=0,group_id=0,allow_other)
Collect logs using below commands to check failure messages
oc logs cos-s3-csi-controller-0 -c cos-csi-provisioneroc logs cos-s3-csi-driver-xxx -c cos-csi-driver