Kubernetes Storage

Posted on November 20, 2022 by Freejack

Overview

This article provides some quick instructions on creating an NFS server for use as Persistent Storage in Kubernetes. A different article will discuss creating Persistent Storage.

Firewall Configuration

For the NFS server, it only will be accessed by Kubernetes so we’ll restrict access to the NFS share to the environments network. To do that and not block access via ssh, we’ll create a new firewall zone called nfs. We’ll add nfs, rpc-bind, and mountd to that zone plus add the network range. Ultimately we’ll have the following configuration.

# firewall-cmd --zone nfs --list-all
nfs (active)
  target: default
  icmp-block-inversion: no
  interfaces:
  sources: 192.168.101.0/24
  services: mountd nfs rpc-bind
  ports:
  protocols:
  forward: no
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:

NFS Configuration

To prepare the storage, we’ll create the three directories. We’re creating a registry directory for OpenShift/OKD4 although it’s not used in Kubernetes. I do have an OKD4 cluster that will use this storage as well.

mkdir -p /srv/nfs4
chmod 755 /srv/nfs4
chown -R root:root /srv

mkdir /srv/nfs4/registry
chmod 755 /srv/nfs4/registry
chown nobody:nobody /srv/nfs4/registry

mkdir /srv/nfs4/storage
chmod 755 /srv/nfs4/storage
chown nobody:nobody /srv/nfs4/storage

NFS Installation

Install the nfs-utils and python3-libselinux packages. Then create the /etc/exports file that creates the shared drives.

/srv/nfs4              192.168.101.0/24(rw,sync,no_subtree_check,crossmnt,fsid=0)
/srv/nfs4/registry     192.168.101.0/24(rw,sync,no_subtree_check,no_root_squash,no_all_squash,insecure,fsid=1)
/srv/nfs4/storage     192.168.101.0/24(rw,sync,no_subtree_check,no_root_squash,no_all_squash,insecure,fsid=2)

Export the file systems.

exportfs -ra

Enable and start the nfs-server.

systemctl enable nfs-server
systemctl start nfs-server

Verification

To make sure the shares are ready, run the following command.

# showmount --exports
Export list for bldr0cuomnfs1.dev.internal.pri:
/srv/nfs4/storage  192.168.101.0/24
/srv/nfs4/registry 192.168.101.0/24
/srv/nfs4          192.168.101.0/24

And finished.

This entry was posted in Computers, Kubernetes and tagged , , . Bookmark the permalink.

One Response to Kubernetes Storage

  1. Pingback: Kubernetes Index | Motorcycle Touring

Leave a Reply

Your email address will not be published. Required fields are marked *