Digital Ocean Spaces and kubernetes volumes

kamilgregorczyk · July 29, 2018, 9:19pm

Hi everyone, is it currently possible to use Digital Ocean’s Spaces (or any other DO service) for storage with kubernetes cluster running on digital ocean?

I’d like to use rancher on production with DO droplets but I’m failing to find a good way to implement persistent volumes

kops seems to be using it

github.com

kubernetes/kops/blob/master/docs/tutorial/digitalocean.md

# Getting Started with kops on DigitalOcean

**WARNING**: digitalocean support on kops is currently **alpha** meaning it is in the early stages of development and subject to change, please use with caution.

## Requirements

* [kops version >= 1.9 installed](../install.md)
* [kubectl installed](../install.md)
* [DigitalOcean account](https://cloud.digitalocean.com/registrations/new)
* [DigitalOcean access token](https://www.digitalocean.com/community/tutorials/how-to-use-the-digitalocean-api-v2#how-to-generate-a-personal-access-token)
* [DigitalOcean Spaces bucket with API Keys](https://www.digitalocean.com/community/tutorials/how-to-create-a-digitalocean-space-and-api-key)
* [DigitalOcean domain](https://www.digitalocean.com/community/tutorials/an-introduction-to-digitalocean-dns#adding-a-domain). To point your domain registrar to DigitalOcean's nameservers follow [this guide](https://www.digitalocean.com/community/tutorials/how-to-point-to-digitalocean-nameservers-from-common-domain-registrars)
* [Setup your SSH key](https://www.digitalocean.com/community/tutorials/how-to-use-ssh-keys-with-digitalocean-droplets)

## Environment Variables

It is important to set the following environment variables:
```bash
export KOPS_STATE_STORE=do://<bucket-name> # where <bucket-name> is the name of the bucket you set earlier
export DIGITALOCEAN_ACCESS_TOKEN=<access-token>  # where <access-token> is the access token generated earlier to use the V2 API

This file has been truncated. show original

praveenperera · July 29, 2018, 10:52pm

Yes I got it working yesterday it was actually surprisingly simple. Follow the instructions here: https://github.com/digitalocean/csi-digitalocean

It can all be done in the browser terminal of rancher (Launch kubectl).

You just have to create a secret.yaml file

apiVersion: v1
kind: Secret
metadata:
  name: digitalocean
  namespace: kube-system
stringData:
  access-token: "a05dd2f26b9b9ac2asdas__REPLACE_ME____123cb5d1ec17513e06da"

and create it

kubectl create -f ./secret.yml

and then

kubectl apply -f https://raw.githubusercontent.com/digitalocean/csi-digitalocean/master/deploy/kubernetes/releases/csi-digitalocean-v0.1.0.yaml

Now you will see digital ocean storage class under, storage classes named do-block-storage

kamilgregorczyk · July 30, 2018, 11:45am

Thanks for your solution, could you please tell me what happens when given PVC requests 5 gigabytes and it fills it up? will pod that’s using that PVC stop working because of insufficient disk space, will PVC increase its request quota to more gigabytes or maybe nothing happens once the limit is met?

rubenmch · July 30, 2018, 4:28pm

Have you tested if the files written to the volume are still there after recreating or upgrading the pod that uses the volume?

I tested the csi-digitalocen driver with rancher 2.0.4 and after recreating or upgrading a deployment that uses the persistent volume the persistent volume was empty, all the files were lost, also the digitalocean block storage volume was also empty if the pod was removed and the volume detached.

I created an issue in the csi-digitalocean repository:

github.com/digitalocean/csi-digitalocean

Files not persisted/written to block storage volume

opened 02:53PM - 19 Jul 18 UTC

closed 04:29PM - 01 Aug 18 UTC

rubenmch

I have a kubernetes cluster setup using Rancher 2.0 (https://rancher.com/). I… followed the install instructions and created the Persistent Volume Claim and pod. I can see in DigitalOcean the volume is created and I can access the mounted directory in the busybox container shell and write files to it. However when the pod is removed and a new pod is created using the same persistent volume claim, the volume is empty and all the previous files are lost. Also if I delete the pod and instead of creating a new pod I attach the volume to a new droplet directly in digitalocean I see the volume is empty. The files created in the /data directory of the busybox pod are not in the block storage volume. I tested the same setup in rancher using a different storage driver (rancher/longhorn) and the files were correctly persisted across different pods. Is there a setting I'm missing to make the files be written to the volume? I followed the instructions step by step copying the yaml as is.

praveenperera · July 30, 2018, 5:50pm

What does the YAML for your PVC look like?

Did you try adding persistentVolumeReclaimPolicy: Retain to it?

rubenmch · July 30, 2018, 9:53pm

It’s the PVC example from the csi-digitalocean driver Readme, I also tried with the Retain reclaim policy but the same happened.

I tried the same setup in a cluster set up with Kontena Pharos and everything worked as expected so maybe it’s something specific to Rancher. That’s why I wanted to know if your setup is working correctly.

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: csi-pvc
spec:
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 5Gi
  storageClassName: do-block-storage

praveenperera · July 31, 2018, 12:34am

I was quickly testing yesterday to evaluate if I could move from AWS to DO. I checked again, and no I have the same problem. If I delete a pod or upgrade all data is lost. Sorry I should have checked that.

UPDATE: Fatih found the issue. It has to do with RKE installation defaults.

Solution:

Cluster Options > Edit as Yaml add the following lines:

services:
  kube-api:
    extra_args:
      feature-gates: MountPropagation=true

  kubelet:
    extra_args:
      feature-gates: MountPropagation=true

Troyhy · March 18, 2019, 10:23am

HI

I have similar problem with Hetzner cloud. I need to enable
–feature-gates=CSINodeInfo=true,CSIDriverRegistry=true

I try to add this config to cluster, but without error it is not accepted. I can save it, but editing again and service section is missing.

I’m running Rancher 2.2.0-RC6

driver_name: "rancherkubernetesengine"
# 
#   # Rancher Config
# 
docker_root_dir: "/var/lib/docker"
enable_cluster_alerting: false
enable_cluster_monitoring: true
enable_network_policy: false
local_cluster_auth_endpoint: 
  enabled: true
name: "sandbox"

services:
  kube-api:
    extra_args:
      feature-gates: CSINodeInfo=true,CSIDriverRegistry=true

  kubelet:
    extra_args:
      feature-gates: CSINodeInfo=true,CSIDriverRegistry=true

Topic		Replies	Views
Digital Ocean Persistent Volumes - How are folks implementing this? Rancher 1.x	3	1831	April 28, 2018
Object storage feature on DigitalOcean	1	1124	July 3, 2017
Rancher 2.6 and Digital Ocean volume Rancher	0	324	March 23, 2022
Configure DigitalOcean hosts with User Data Rancher 1.x	0	839	January 13, 2017
Create storage class for node local path Rancher	1	1433	November 24, 2018

Digital Ocean Spaces and kubernetes volumes

Related Topics