Skip to content
This repository has been archived by the owner on Jun 29, 2022. It is now read-only.

Support Dynamic Provisioning of PersistentVolumes on AWS #379

Closed
iaguis opened this issue Apr 29, 2020 · 2 comments
Closed

Support Dynamic Provisioning of PersistentVolumes on AWS #379

iaguis opened this issue Apr 29, 2020 · 2 comments
Assignees
@BrainBlasted
Labels
area/kubernetes Core Kubernetes stuff kind/roadmap Roadmap issues platform/aws AWS-related priority/P1 High priority
Milestone
v0.2.0

Comments

@iaguis
Copy link
Contributor

iaguis commented Apr 29, 2020

This means PersistentVolumeClaims created are automatically provisioned with an EBS volume.

To do that we can use https://github.com/kubernetes-sigs/aws-ebs-csi-driver/

I took some notes while testing it that I captured in #145 (comment):

After that, I followed their Dynamic Provisioning example and everything worked as expected: the StorageClass was created, the PersistentVolumeClaim was created and after some seconds it was Bound, then the Pod using that claim was started and I could see that the Volume worked.

As they mention in their readme There are two ways to grant permissions to the ebs-csi-driver:

  • Creating an IAM user and adding its credentials to the cluster as a secret (the way I used)
  • Giving the InstanceProfile the right permissions for Worker nodes.

I'm not sure what's best so we should discuss it: the InstanceProfile route would mean that anything on that machine can do the operations listed in the policy IIUC so it seems creating an IAM user and placing it in a secret is safer (making sure the cluster is set up properly so only the CSI driver has access to the secret, of course).
@iaguis iaguis added area/kubernetes Core Kubernetes stuff platform/aws AWS-related kind/roadmap Roadmap issues labels Apr 29, 2020
@iaguis iaguis added this to the v0.2.0 milestone Apr 29, 2020
@iaguis iaguis mentioned this issue Apr 29, 2020
Open
@iaguis iaguis added the priority/P1 High priority label Apr 29, 2020
BrainBlasted added a commit that referenced this issue May 12, 2020
@BrainBlasted
Set up IAM resources for dynamic provisioning
3d7365c 
Creates the instance profile and policies needed for dynamic
provisioning of PVs to work on AWS

Related to #379
BrainBlasted added a commit that referenced this issue May 12, 2020
@BrainBlasted
Add aws-ebs-csi-driver for dynamic provisioning of PVs
7440384 
Sets up a helm chart for aws-ebs-csi-driver so dynamic
provisioning of PVs works with lokomotive. To test, follow
the example here: https://github.com/kubernetes-sigs/aws-ebs-csi-driver/tree/master/examples/kubernetes/dynamic-provisioning

The upstream helm chart does not work with their example, but the metadata for the in-tree chart is taken from it.

Related to #379
@BrainBlasted BrainBlasted mentioned this issue May 12, 2020
Merged
BrainBlasted added a commit that referenced this issue May 14, 2020
@BrainBlasted
Set up IAM resources for dynamic provisioning
9449028 
Creates the instance profile and policies needed for dynamic
provisioning of PVs to work on AWS

Related to #379
BrainBlasted added a commit that referenced this issue May 14, 2020
@BrainBlasted
Add aws-ebs-csi-driver for dynamic provisioning of PVs
6480e33 
Sets up a helm chart for aws-ebs-csi-driver so dynamic
provisioning of PVs works with lokomotive. To test, follow
the example here: https://github.com/kubernetes-sigs/aws-ebs-csi-driver/tree/master/examples/kubernetes/dynamic-provisioning

The upstream helm chart does not work with their example, but the metadata for the in-tree chart is taken from it.

Related to #379
@johananl
Copy link
Member

Note that before we can safely attach IAM roles to nodes, we should implement #467 for AWS.

BrainBlasted added a commit that referenced this issue May 22, 2020
@BrainBlasted
Set up IAM resources for dynamic provisioning
87c8c10 
Creates the instance profile and policies needed for dynamic
provisioning of PVs to work on AWS

Related to #379
BrainBlasted added a commit that referenced this issue May 22, 2020
@BrainBlasted
Add aws-ebs-csi-driver for dynamic provisioning of PVs
37ece59 
Sets up a helm chart for aws-ebs-csi-driver so dynamic
provisioning of PVs works with lokomotive. To test, follow
the example here: https://github.com/kubernetes-sigs/aws-ebs-csi-driver/tree/master/examples/kubernetes/dynamic-provisioning

The upstream helm chart does not work with their example, but the metadata for the in-tree chart is taken from it.

Related to #379
BrainBlasted added a commit that referenced this issue May 22, 2020
@BrainBlasted
Set up IAM resources for dynamic provisioning
3918b45 
Creates the instance profile and policies needed for dynamic
provisioning of PVs to work on AWS

Related to #379
BrainBlasted added a commit that referenced this issue May 22, 2020
@BrainBlasted
Add aws-ebs-csi-driver for dynamic provisioning of PVs
e914361 
Sets up a helm chart for aws-ebs-csi-driver so dynamic
provisioning of PVs works with lokomotive. To test, follow
the example here: https://github.com/kubernetes-sigs/aws-ebs-csi-driver/tree/master/examples/kubernetes/dynamic-provisioning

The upstream helm chart does not work with their example, but the metadata for the in-tree chart is taken from it.

Related to #379
BrainBlasted added a commit that referenced this issue May 25, 2020
@BrainBlasted
Create IAM role for dynamic volume provisioning support
4bf99fe 
Optionally sets up an IAM role that is required for dynamic volume provisioning to work on AWS.

Related to #379
BrainBlasted added a commit that referenced this issue May 25, 2020
@BrainBlasted
Create component for aws-ebs-csi-driver
3ac4fe2 
Creates a simple component for aws-ebs-csi-driver, which is required for dynamic volume provisioning to work on AWS.

Related to #379
BrainBlasted added a commit that referenced this issue May 26, 2020
@BrainBlasted
Create IAM role for dynamic volume provisioning support
1899eec 
Optionally sets up an IAM role that is required for dynamic volume provisioning to work on AWS.

Related to #379
BrainBlasted added a commit that referenced this issue May 26, 2020
@BrainBlasted
Create component for aws-ebs-csi-driver
1bc6e1c 
Creates a simple component for aws-ebs-csi-driver, which is required for dynamic volume provisioning to work on AWS.

Related to #379
BrainBlasted added a commit that referenced this issue May 27, 2020
@BrainBlasted
Create IAM role for dynamic volume provisioning support
a925e01 
Optionally sets up an IAM role that is required for dynamic volume provisioning to work on AWS.

Related to #379
BrainBlasted added a commit that referenced this issue May 27, 2020
@BrainBlasted
Create component for aws-ebs-csi-driver
be970e9 
Creates a simple component for aws-ebs-csi-driver, which is required for dynamic volume provisioning to work on AWS.

Related to #379
BrainBlasted added a commit that referenced this issue May 29, 2020
@BrainBlasted
Create component for aws-ebs-csi-driver
e7aa31d 
Creates a simple component for aws-ebs-csi-driver, which is required for dynamic volume provisioning to work on AWS.

Related to #379
BrainBlasted added a commit that referenced this issue May 29, 2020
@BrainBlasted
Create component for aws-ebs-csi-driver
63536e1 
Creates a simple component for aws-ebs-csi-driver, which is required for dynamic volume provisioning to work on AWS.

Related to #379
BrainBlasted added a commit that referenced this issue May 29, 2020
@BrainBlasted
Create component for aws-ebs-csi-driver
a0f3440 
Creates a simple component for aws-ebs-csi-driver, which is required for dynamic volume provisioning to work on AWS.

Related to #379
BrainBlasted added a commit that referenced this issue May 29, 2020
@BrainBlasted
Create component for aws-ebs-csi-driver
2f1244e 
Creates a simple component for aws-ebs-csi-driver, which is required for dynamic volume provisioning to work on AWS.

Related to #379
BrainBlasted added a commit that referenced this issue May 29, 2020
@BrainBlasted
Create component for aws-ebs-csi-driver
b819066 
Creates a simple component for aws-ebs-csi-driver, which is required for dynamic volume provisioning to work on AWS.

Related to #379
BrainBlasted added a commit that referenced this issue May 29, 2020
@BrainBlasted
Create IAM role for dynamic volume provisioning support
1610616 
Optionally sets up an IAM role that is required for dynamic volume provisioning to work on AWS.

Related to #379
BrainBlasted added a commit that referenced this issue May 29, 2020
@BrainBlasted
Create component for aws-ebs-csi-driver
1f5d385 
Creates a simple component for aws-ebs-csi-driver, which is required for dynamic volume provisioning to work on AWS.

Related to #379
BrainBlasted added a commit that referenced this issue Jun 1, 2020
@BrainBlasted
Create component for aws-ebs-csi-driver
5ab617f 
Creates a simple component for aws-ebs-csi-driver, which is required for dynamic volume provisioning to work on AWS.

Related to #379
BrainBlasted added a commit that referenced this issue Jun 2, 2020
@BrainBlasted
Create component for aws-ebs-csi-driver
a8011b9 
Creates a simple component for aws-ebs-csi-driver, which is required for dynamic volume provisioning to work on AWS.

Related to #379
invidian pushed a commit that referenced this issue Jun 3, 2020
@BrainBlasted @invidian
Create IAM role for dynamic volume provisioning support
4214ae2 
Optionally sets up an IAM role that is required for dynamic volume provisioning to work on AWS.

Related to #379
invidian pushed a commit that referenced this issue Jun 3, 2020
@BrainBlasted @invidian
Create component for aws-ebs-csi-driver
6b5eee6 
Creates a simple component for aws-ebs-csi-driver, which is required for dynamic volume provisioning to work on AWS.

Related to #379
BrainBlasted added a commit that referenced this issue Jun 5, 2020
@BrainBlasted
Create IAM role for dynamic volume provisioning support
d88cd01 
Optionally sets up an IAM role that is required for dynamic volume provisioning to work on AWS.

Related to #379
BrainBlasted added a commit that referenced this issue Jun 5, 2020
@BrainBlasted
Create component for aws-ebs-csi-driver
7dba4fa 
Creates a simple component for aws-ebs-csi-driver, which is required for dynamic volume provisioning to work on AWS.

Related to #379
BrainBlasted added a commit that referenced this issue Jun 5, 2020
@BrainBlasted
Create component for aws-ebs-csi-driver
75297e3 
Creates a simple component for aws-ebs-csi-driver, which is required for dynamic volume provisioning to work on AWS.

Related to #379
BrainBlasted added a commit that referenced this issue Jun 5, 2020
@BrainBlasted
Create IAM role for dynamic volume provisioning support
211e03c 
Optionally sets up an IAM role that is required for dynamic volume provisioning to work on AWS.

Related to #379
BrainBlasted added a commit that referenced this issue Jun 5, 2020
@BrainBlasted
Create component for aws-ebs-csi-driver
6ecb4b4 
Creates a simple component for aws-ebs-csi-driver, which is required for dynamic volume provisioning to work on AWS.

Related to #379
BrainBlasted added a commit that referenced this issue Jun 8, 2020
@BrainBlasted
Create IAM role for dynamic volume provisioning support
2c6eaab 
Optionally sets up an IAM role that is required for dynamic volume provisioning to work on AWS.

Related to #379
BrainBlasted added a commit that referenced this issue Jun 8, 2020
@BrainBlasted
Create component for aws-ebs-csi-driver
a23d82e 
Creates a simple component for aws-ebs-csi-driver, which is required for dynamic volume provisioning to work on AWS.

Related to #379
BrainBlasted added a commit that referenced this issue Jun 8, 2020
@BrainBlasted
Create IAM role for dynamic volume provisioning support
697af57 
Optionally sets up an IAM role that is required for dynamic volume provisioning to work on AWS.

Related to #379
BrainBlasted added a commit that referenced this issue Jun 8, 2020
@BrainBlasted
Create component for aws-ebs-csi-driver
3d6abaa 
Creates a simple component for aws-ebs-csi-driver, which is required for dynamic volume provisioning to work on AWS.

Related to #379
BrainBlasted added a commit that referenced this issue Jun 9, 2020
@BrainBlasted
Create IAM role for dynamic volume provisioning support
3f774ed 
Optionally sets up an IAM role that is required for dynamic volume provisioning to work on AWS.

Related to #379
BrainBlasted added a commit that referenced this issue Jun 9, 2020
@BrainBlasted
Create component for aws-ebs-csi-driver
8aa2b93 
Creates a simple component for aws-ebs-csi-driver, which is required for dynamic volume provisioning to work on AWS.

Related to #379
BrainBlasted added a commit that referenced this issue Jun 9, 2020
@BrainBlasted
aws/controllers: Create IAM role for dynamic volume provisioning support
a80fc42 
Optionally sets up an IAM role that is required for dynamic volume provisioning
to work on AWS.

Related to #379
BrainBlasted added a commit that referenced this issue Jun 9, 2020
@BrainBlasted
components: Create component for aws-ebs-csi-driver
7284bfa 
Creates a simple component for aws-ebs-csi-driver, which is required for
dynamic volume provisioning to work on AWS.

Related to #379
@iaguis
Copy link
Contributor Author

iaguis commented Jun 10, 2020

Fixed by #423

@iaguis iaguis closed this as completed Jun 10, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@BrainBlasted BrainBlasted

Labels
area/kubernetes Core Kubernetes stuff kind/roadmap Roadmap issues platform/aws AWS-related priority/P1 High priority
Projects
None yet
Milestone
v0.2.0
Development

No branches or pull requests
3 participants
@iaguis @johananl @BrainBlasted