Create SharedVolume

Resources

[1] AWS EFS Operator: https://github.com/openshift/aws-efs-operator
[2] AWS EFS Operator Installation/Configuration: https://access.redhat.com/articles/5025181

Creating the SharedVolume

The communishift ansible role will create the AWS EFS filesystem and accesspoint, and then creates a Secret called communishift-project-name-efs-credentials in the tenants project. The structure of the secret is as follows:

data:
  efs_filesystem_id: "fsap-xxxxxxxx"
  efs_accesspoint_id: "fs-xxxxxxxxxx"

The values are base64 encoded, to retrieve the values do the following:

oc get secret communishift-project-name-efs-credentials -o jsonpath="{.data['efs_accesspoint_id']}" | base64 -d
oc get secret communishift-project-name-efs-credentials -o jsonpath="{.data['efs_filesystem_id']}" | base64 -d

Next create a yaml file and populate the values for the accessPointID and the fileSystemID.

apiVersion: aws-efs.managed.openshift.io/v1alpha1
kind: SharedVolume
metadata:
  name: PROJECTNAME-sharedvolume
  namespace: PROJECTNAME
spec:
  accessPointID: fsap-xxxxx
  fileSystemID: fs-xxxxx

Then create the SharedVolume object:

oc apply -f project-name-sharedvolume.yml

Once created, the AWS EFS Operator should automatically create a PersistentVolume, then a PersistentVolumeClaim in the project namespace. Tenants can then mount this volume as normal.

The following Pod defintion maybe used to verify the storage is working correctly.

apiVersion: v1
kind: Pod
metadata:
  name: volume-test
  namespace: communishift-dev-test
spec:
  securityContext:
    runAsUser: 1001
    runAsGroup: 1001
    fsGroup: 1001
    fsGroupChangePolicy: "OnRootMismatch"
  serviceAccount: volume-test
  volumes:
    - name: test-volume
      persistentVolumeClaim:
        claimName: pvc-communishift-dev-test-sharedvolume
  containers:
    - image: quay.io/operator-framework/ansible-operator:v1.23.0
      command:
        - /bin/sh
        - "-c"
        - "sleep 60m"
      imagePullPolicy: IfNotPresent
      name: alpine
      volumeMounts:
        - name: test-volume
          mountPath: /tmp/volume_test
      restartPolicy: Always
      resources:
        requests:
          memory: "2Gi"

Want to help? Learn how to contribute to Fedora Docs ›