Kubernetes Persistent Volume

By


PVCs are requests for those resources and also act as claim checks to the resource. So a persistent volume (PV) is the "physical" volume on the host machine that stores your persistent data. A persistent volume claim (PVC) is a request for the platform to create a PV for you, and you attach PVs to your pods via a PVC.

The Local Persistent Volumes feature has been promoted to GA in Kubernetes 1.14. A local persistent volume represents a local disk directly-attached to a single Kubernetes Node.

In the Kubernetes system, local disks can be used through HostPathLocalVolume.

  • HostPath: The volume itself does not contain scheduling information. If you want to fix each pod on a node, you need to configure scheduling information, such as nodeSelector, for the pod.
  • LocalVolume: The volume itself contains scheduling information, and the pods using this volume will be fixed on a specific node, which can ensure data continuity.

Local Persistent Volumes allow you to access local disk by using the standard PVC object.

Create StorageClass with WaitForFirstConsumer Binding Mode

First, a StorageClass should be created that sets volumeBindingMode: WaitForFirstConsumer to enable volume topology-aware scheduling. This mode instructs Kubernetes to wait to bind a PVC until a Pod using it is scheduled.



storage.yml

kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: local-storage
provisioner: kubernetes.io/no-provisioner
volumeBindingMode: WaitForFirstConsumer

Prepare volume on the host

# Execute these commands on the worker node where the POD will be located
mkdir -p /data/volumes/pv1
chmode 777 /data/volumes/pv1

Create Local PersistentVolume

Create PersistentVolume with a reference to local-storage StorageClass

PersistentVolume.yml

apiVersion: v1
kind: PersistentVolume
metadata:
  name: test-local-pv
spec:
  capacity:
    storage: 10Gi
  accessModes:
  - ReadWriteOnce
  persistentVolumeReclaimPolicy: Retain
  storageClassName: local-storage
  local:
    path: /data/volumes/pv1
  nodeAffinity:
    required:
      nodeSelectorTerms:
      - matchExpressions:
        - key: kubernetes.io/hostname
          operator: In
          values:
          - master
          - wokernode

Create a PersistentVolumeClaim

Create PersistentVolumeClaim with a reference to local-storage StorageClass

PersistentVolumeClaim.yml


kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: test-pvc
spec:
  accessModes:
  - ReadWriteOnce
  storageClassName: local-storage
  resources:
    requests:
      storage: 10Gi

The status of test-local-pv is Available because the POD has not yet been created.

Create a POD with local persistent volume


pod.yml

apiVersion: v1
kind: Pod
metadata:
  name: test-local-vol
  labels:
    name: test-local-vol
spec:
  containers:
  - name: app
    image: nginx
    volumeMounts:
      - name: local-persistent-storage
        mountPath: /usr/share/nginx/html
  volumes:
    - name: local-persistent-storage
      persistentVolumeClaim:
        claimName: test-pvc


and create service manifest for service to access 
svc.yml

kind: kind: Service
apiVersion: v1
metadata:
  name:  Service Name
spec:
  selector:
    name: test-local-vol
  type:  NodePort
  ports:
  - name:  http
    port:  80
    targetPort:  80
    nodePort: 31123

Check the status of PersistentVolume and PersistentVolumeClaim

[root@master pvc]# kubectl apply -f PersistentVolumeClaim.yml -f PersistentVolume.yml -f storage.yml -f pod.yml -f svc.yml
persistentvolumeclaim/test-pvc created
persistentvolume/test-local-pv created
storageclass.storage.k8s.io/local-storage created
pod/test-local-vol created
service/svc created


[root@master ec2-user]# kubectl get pv
NAME            CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM              STORAGECLASS    REASON   AGE
test-local-pv   10Gi       RWO            Retain           Bound    default/test-pvc   local-storage            78m
[root@master ec2-user]# kubectl get pvc
NAME       STATUS   VOLUME          CAPACITY   ACCESS MODES   STORAGECLASS    AGE
test-pvc   Bound    test-local-pv   10Gi       RWO            local-storage   78m
[root@master ec2-user]#

You can see the file on the host’s path.

cd /data/volumes/pv1/     #persistent storage path git clone https://github.com/GudditiNaganjaneyulu/MyResume.gitmv -r MyResume/* .access the application using port NAME         TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE
kubernetes   ClusterIP   10.96.0.1       <none>        443/TCP        4d20h
svc          NodePort    10.98.114.169   <none>        80:31123/TCP   4m9s  
http://<node ip:31123>Note: Even If your pod dies/deletes the volume claim can be binded again to path with have same previous data .

Summary
The primary benefit of Local Persistent Volumes over remote persistent storage is performance: local disks usually offer higher IOPS and throughput and lower latency compared to remote storage systems. Kubernetes local volumes have following features:
  • PersistentVolumeClaim will wait for a POD to show up before a local persistent volume is bound
  • Once a local persistent volume is bound to a claim, it remains bound, even if the requesting POD has died or has been deleted
  • A new POD can attach to the existing data in a local volume by referencing the same PersistentVolumeClaim
  • Similar to NFS shares, Kubernetes persistent local volumes allow multiple PODs to have read/write access
Examples of good workloads include software defined storage systems and replicated databases. Other types of applications should continue to use highly available, remotely accessible, durable storage.

Comments

Post a Comment

Popular posts from this blog

Remote Friendly Companies

By
Image
 List of companies provide remote opportunities NAME WEBSITE REGION &yet andyet.com Worldwide 10up 10up.com Worldwide 15Five 15five.com Europe, Americas 17hats 17hats.com Worldwide 18F 18f.gsa.gov USA 1Password 1password.com North America, UK 42 Technologies 42technologies.com Worldwide abiturma abiturma.de Germany Ably ably.io Europe Abstract API abstractapi.com Worldwide acct acct.global Worldwide Acivilate acivilate.com USA Acquia acquia.com Worldwide ActiveCampaign activecampaign.com Dublin, Ireland; USA Ad Hoc adhocteam.us USA Adaface adaface.com Asia AddStructure bazaarvoice.com USA Adzuna adzuna.co.uk Worldwide AE Studio ae.studio USA, BR Aerolab aerolab.co Latin America AgFlow agflow.com Europe Aha! aha.io Worldwide Aim India aimincorp.com India Airbyte airbyte.com Europe, North America, Latin America AirGarage airgarage.com USA AirTreks airtreks.com USA Aivitex aivitex.de Germany Algorand algorand.com USA Algorithmia algorithmia.com the USA or Canada ALICE aliceplatfor...
Read more

Docker Image Vulnerabilities and Scanner Guide: A Quick Overview

By
Image
V ulnerabilities in Docker images can expose your system to potential cyber threats. Tools like Docker Scout, Trivy,.. offer a fast and comprehensive way to scan for these vulnerabilities, ensuring a secure containerized environment. What is a Vulnerability? A vulnerability is a weakness or flaw in software that can be exploited by attackers to compromise a system’s security. In the context of Docker, vulnerabilities can exist within container images, making them potential entry points for cyber threats. Docker Image Vulnerabilities Docker images serve as the building blocks for containers. These images can contain   outdated   or   flawed components   that may pose security risks. Identifying and mitigating these vulnerabilities is crucial for a   secure containerized environment. Image Vulnerability Database:   https://dso.docker.com/explore Here are the top 5 tools to scan Docker images: Docker scout Trivy Clair Anchore Engine Dagda Synk Scan Docker Imag...
Read more

Introduction to Istio, Kiali, Jaeger, Grafana, and Prometheus

By
Image
Are you curious about the magic behind those seamless web applications and services you use daily? Well, let's take a peek into the fascinating world of microservices and the tools that make them work like a charm: Istio, Kiali, Jaeger, Grafana, and Prometheus. These tools might sound a bit technical, but fear not! We're here to break it down in the simplest way possible. 1. Istio: The Traffic Director Istio is an open source service mesh that layers transparently onto existing distributed applications. Istio’s powerful features provide a uniform and more efficient way to secure, connect, and monitor services. Istio is the path to load balancing, service-to-service authentication, and monitoring – with few or no service code changes.  The control plane takes your desired configuration, and its view of the services, and dynamically programs the proxy servers, updating them as the rules or the environment changes. Before utilizing Istio After utilizing Istio Imagine you're m...
Read more