Kubernetes CSI features with Pure service orchestrator
The Pure Service Orchestrator 5.2.0 release now supports the kubernetes container storage interface 1.2.0 specification (in addition to 1.0.and 1.1). It brings new and exciting functionality: volume resize, snapshot and import amongst others.
For those or you asking ‘what is the pure service orchestrator’ refer to this blog to find out more.
In this article, I will go over an automated ansible script that showcases the pure storage service orchestrators integration with these CSI capabilities.
The ansible code can be found on my gitlab site here:
The playbook requires a kubernetes cluster, in this example I will be using a one node master/worker. This k8s cluster has iSCSI access to a Flasharray and NFS access to a Flashblade as well as the latest 5.2.0 pure storage orchestrator installed and configured for both storage platforms. In this run of the demo we will be using the Flasharray.
The ansible playbook starts by requesting information about the target kubernetes cluster (ip and sudo password) and based on that it creates a host entry that is used in the main demo section. This makes the playbook more portable as it does not rely on a hardcoded hosts definition file but one that is created during its execution.
This is accomplished using the below ansible task:
tasks:
— name: add_host
add_host:
hostname: “{{ k8s_node }}”
groups: k8s_targetThe playbook proceeds with a few verification steps such as validating the pure service orchestrator version or iSCSI / NFS connectivity.
It creates a volume with some data and a snapshot leveraging the purestorage ansible modules, this is all done at the host layer so no kubernetes yet. The playbook will be using this snapshot of our physical hosts volume as the source to be imported into kubernetes. Here is the preliminary step in action:
Now for some kubernetes and the CSI features I mentioned:
- Import of an existing volume
To import our ‘existing’ volume I use the following persistent volume and persistent volume claim definitions, (ansible variables replaced):
apiVersion: v1
kind: PersistentVolume
metadata:
annotations:
pv.kubernetes.io/provisioned-by: pure-csi
name: volume-2-import-k8s-pv
spec:
accessModes:
- ReadWriteOnce
capacity:
storage: 4Gi
claimRef:
apiVersion: v1
kind: PersistentVolumeClaim
name: volume-2-import-k8s-pvc
namespace: default
csi:
driver: pure-csi
volumeHandle: volume-2-import
volumeAttributes:
backend: block
persistentVolumeReclaimPolicy: Delete
storageClassName: pure-block
volumeMode: FilesystemapiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: volume-2-import-k8s-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 4Gi
volumeName: volume-2-import-k8s-pv
2) Snapshot of a PVC and restore to a new PVC
The volume snapshot is created using the following definition example:
apiVersion: snapshot.storage.k8s.io/v1alpha1
kind: VolumeSnapshot
metadata:
name: source-pvc-snap
spec:
snapshotClassName: pure-snapshotclass
source:
name: source-pvc
kind: PersistentVolumeClaimOnce deployed the volumesnapshot creates via the Pure Service Orchestrator CSI implementation a snapshot on the source volume within our Flasharray. I can now leverage this snapshot to create, for example, a pvc for a test dev deployment:
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: restore-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
storageClassName: pure-block
dataSource:
kind: VolumeSnapshot
name: source-pvc-snap
apiGroup: snapshot.storage.k8s.io3) Resize of a PVC
The resize operation is initiated by editing / patching our persistent volume claim:
kubectl patch pvc {{ prefix }}-k8s-pvc-restore -p='{"spec": {"resources": {"requests": {"storage": "20Gi"}}}}'The backend Flasharray volume as well as the persistent volume are resized immediately, but for the new space to be visible at the pvc and pod layers it requires the pod be restarted.
CSI features are maturing, and as shown Pure Storage provides up to date and simple integration to leverage these. This enables your end users to get access to the latest functionality without compromise or administration complexity.
Further documentation is available here.
