Warning

This content has been generated by machine translation. The translations are automated and have not undergone human review or validation.

1.6.1 Using Block Volumes

The container’s internal storage is basically destroyed when the container is deleted or terminated. A separate Persistent Volume is used to protect data from disappearing and to store data that needs to be preserved.

Check the StorageClass for the default installed Persistent Volume

OKE provides Persistent Volume to use OCI Block Volume service as a service provided based on OCI IaaS. As of the current version, we are using two types: the FlexVolume volume plugin and the Container Storage Interface (CSI) volume plugin.

Check the default StorageClass

oci: Use FlexVolume plugin for OCI Block Volume service
oci-bv: Use CSI plugin for OCI Block Volume service

oke_admin@cloudshell:~ (ap-seoul-1)$ kubectl get storageclass
NAME            PROVISIONER                       RECLAIMPOLICY   VOLUMEBINDINGMODE      ALLOWVOLUMEEXPANSION   AGE
oci (default)   oracle.com/oci                    Delete          Immediate              false                  2d
oci-bv          blockvolume.csi.oraclecloud.com   Delete          WaitForFirstConsumer   false                  2d

CSI Volume Plugin
- The FlexVolume plugin method is older since the open source Kubernetes version 1.2, but it is a flow that uses the CSI plugin method in upstream Kubernetes.
- Also in OKE Release Note [August 1, 2020, Support for the Container Storage Interface (CSI) volume plug-in](https://docs.oracle.com/en-us/iaas/releasenotes/changes/99628398- As shown in 0926-4fd6-9bfa-06e448278c14/), in OKE, new features will be added to the CSI plugin, and the FlexVolume will be maintenance only. So, in the description below, we will use the oci-bv storageclass that uses the CSI plugin.
- For the oci storageclass using the Flex plugin, refer to the [official document] (https://docs.oracle.com/en-us/iaas/Content/ContEng/Tasks/contengcreatingpersistentvolumeclaim.htm).

Create and use Persistent Volume using CSI Plugin for OCI Block Volume

Persistent Volume Test

Make a request using PV request yaml as below.

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: csi-bvs-pvc
spec:
  storageClassName: "oci-bv"
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 50Gi

Deploy the test app

A test app that mounts the requested Persistent Volume on the container

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: nginx-bvs-pvc
  name: nginx-bvs-pvc
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx-bvs-pvc
  template:
    metadata:
      labels:
        app: nginx-bvs-pvc
    spec:
      containers:
      - name: nginx
        image: nginx:latest
        volumeMounts:
        - name: data
          mountPath: /usr/share/nginx/html
      volumes:
      - name: data
        persistentVolumeClaim:
          claimName: csi-bvs-pvc

Generate result

As shown below, you can see that the PV is normally created according to the PV request and operated as a test app.

oke_admin@cloudshell:persistent-volume (ap-seoul-1)$ kubectl apply -f csi-bvs-pvc.yaml 
persistentvolumeclaim/csi-bvs-pvc created
oke_admin@cloudshell:persistent-volume (ap-seoul-1)$ kubectl apply -f nginx-deployment-bvs-pvc.yaml 
deployment.apps/nginx-bvs-pvc created
oke_admin@cloudshell:persistent-volume (ap-seoul-1)$ kubectl get pv
NAME                                       CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM                 STORAGECLASS   REASON   AGE
csi-14f32977-eaf6-4eaa-87bd-7c736ec43a52   50Gi       RWO            Delete           Bound    default/csi-bvs-pvc   oci-bv                  101s
oke_admin@cloudshell:persistent-volume (ap-seoul-1)$ kubectl get pod
NAME                             READY   STATUS    RESTARTS   AGE
nginx-bvs-pvc-7b574c9c5c-vdp7c   1/1     Running   0          118s

Block Volume If you look at the Storage > Block Volumes screen in the OCI service console, you can see that a Block Volume for PV has been created and attached to a specific Worker Node as shown below.

Test

Write to Persistent Volume

Go inside the container and write a file in the mounted PV as shown below.

oke_admin@cloudshell:persistent-volume (ap-seoul-1)$ kubectl exec -it nginx-bvs-pvc-7b574c9c5c-vdp7c -- bash
root@nginx-bvs-pvc-7b574c9c5c-vdp7c:/# echo "Hello PV" >> /usr/share/nginx/html/hello_world.txt
root@nginx-bvs-pvc-7b574c9c5c-vdp7c:/# cat /usr/share/nginx/html/hello_world.txt
Hello PV
root@nginx-bvs-pvc-7b574c9c5c-vdp7c:/#

Rebuild after deletion of POD

To ensure that the Persistent Volume is preserved, delete the existing POD and allow it to be recreated. At this time, in RWO mode, if a POD is created in another node, a multi-attach error occurs temporarily. It will take some time to realize that the old POD has been deleted, and after a while the POD will be recreated.

oke_admin@cloudshell:persistent-volume (ap-seoul-1)$ kubectl get pod
NAME                             READY   STATUS    RESTARTS   AGE
nginx-bvs-pvc-7b574c9c5c-vdp7c   1/1     Running   0          6m53s
oke_admin@cloudshell:persistent-volume (ap-seoul-1)$ kubectl delete pod nginx-bvs-pvc-7b574c9c5c-vdp7c
pod "nginx-bvs-pvc-7b574c9c5c-vdp7c" deleted
oke_admin@cloudshell:persistent-volume (ap-seoul-1)$ kubectl get pod
NAME                             READY   STATUS              RESTARTS   AGE
nginx-bvs-pvc-7b574c9c5c-vrptl   0/1     ContainerCreating   0          17s
oke_admin@cloudshell:persistent-volume (ap-seoul-1)$ kubectl get pod
NAME                             READY   STATUS    RESTARTS   AGE
nginx-bvs-pvc-7b574c9c5c-vrptl   1/1     Running   0          75s

Check Persistent Volume in new POD

If you check the previously changed file in the new POD again, you can see that the existing contents remain.

oke_admin@cloudshell:persistent-volume (ap-seoul-1)$ kubectl exec -it nginx-bvs-pvc-7b574c9c5c-vrptl -- cat /usr/share/nginx/html/hello_world.txt
Hello PV

Notes
- As in the previous test, in ReadWriteOnce access mode, only PODs in a single Kubernetes Node can be attached and used. If you try to use the same PV in a POD in another node, a Multi-Attach error occurs when starting the container, and the container does not start.
- Also, when restarting the POD with Self-Healing, a Multi-Attach error occurs because the existing POD thinks that the volume is being used, and it takes some time to recognize that there is no POD in use.

ReadWriteMany support

Based on the current version, the CSI Driver for OCI Block Volume Service only supports ReadWriteOnce. So, only multiple Pods are supported on a single Kuberenetes Node. Also, if you change the accessMode above to ReadWriteMany and do the same, the pod will not be created and an error will appear as shown below.

oke_admin@cloudshell:~ (ap-seoul-1)$ kubectl get events
LAST SEEN   TYPE      REASON                   OBJECT                               MESSAGE
...
80s         Warning   ProvisioningFailed       persistentvolumeclaim/mynginxclaim   failed to provision volume with StorageClass "oci-bv": rpc error: code = InvalidArgument desc = invalid volume capabilities requested. Only SINGLE_NODE_WRITER is supported ('accessModes.ReadWriteOnce' on Kubernetes)

As an individual, this article was written with my personal time. There may be errors in the content of the article, and the opinions in the article are personal opinions.

Last updated on 13 Nov 2021