CSI Configuration¶
This section details how to configure Container Storage Interfaces (CSI) for your Kubernetes cluster that Atmosphere runs on. You will need to follow the steps below to enable specific CSI drivers based on your storage requirements.
Storing secrets securely
When configuring CSI drivers, it is important to store sensitive information securely. You can use Ansible Vault to encrypt your inventory file and store it in a secure location. For more information on how to use Ansible Vault, refer to the Ansible documentation.
Ceph RBD¶
If you are using the Ceph storage solution that Atmosphere deploys out of the box, no additional configuration is required. The necessary settings are automatically applied during the installation process.
External Ceph cluster¶
You can configure the CSI driver to connect to an external Ceph cluster without requiring SSH access to the Ceph monitors.
First, create a pool on your external Ceph cluster for Kubernetes storage:
ceph osd pool create kube
ceph osd pool application enable kube rbd
ceph osd pool set kube pg_autoscale_mode on
Next, create a user with the appropriate capabilities for the CSI driver:
ceph auth get-or-create client.kube \
mon 'profile rbd' \
mgr 'profile rbd pool=kube' \
osd 'profile rbd pool=kube'
Retrieve the cluster ID:
ceph fsid
Retrieve the monitor addresses:
ceph mon dump -f json | jq -r '.mons[].addr | split(":")[0]'
Retrieve the keyring for the user:
ceph auth get-key client.kube
Finally, configure your Ansible inventory with the retrieved values:
ceph_csi_rbd_ceph_fsid: "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
ceph_csi_rbd_monitors:
- "10.0.0.1"
- "10.0.0.2"
- "10.0.0.3"
ceph_csi_rbd_keyring: "AQD...=="
Replace the placeholder values with the actual values from your Ceph cluster. When you define these variables, Atmosphere skips the SSH-based discovery and user creation tasks.
Pool and user names
If you want to use different names for the pool or user, you can set
ceph_csi_rbd_pool and ceph_csi_rbd_id respectively. Make sure the
user capabilities match the pool name you configure.
Dell PowerStore¶
For environments requiring the integration of PowerStore for storage, configure the PowerStore CSI driver by updating your Ansible inventory as follows:
csi_driver: powerstore
powerstore_csi_config:
arrays:
- endpoint: https://<FILL IN>/api/rest
globalID: <FILL IN>
username: <FILL IN>
password: <FILL IN>
skipCertificateValidation: true
isDefault: true
blockProtocol: <FILL IN> # FC or iSCSI
Ensure that you replace <FILL IN> with actual values relevant to your
PowerStore configuration. This includes specifying the block protocol, which
can either be Fibre Channel (FC) or iSCSI, depending on your network
infrastructure.
IBM Block¶
If you’re using a storage array that is compatible with the IBM Block CSI driver, you can configure it by updating your Ansible inventory as follows:
csi_driver: ibm_block
ibm_block_csi_driver_management_address: <FILL IN>
ibm_block_csi_driver_username: <FILL IN>
ibm_block_csi_driver_password: <FILL IN>
ibm_block_csi_driver_pool: <FILL IN>
ibm_block_csi_driver_io_group: <FILL IN>
Optionally, you can control the SpaceEfficiency setting which defaults to
thin to enable thin provisioning. To change it to any other value, you
can set the following variable:
ibm_block_csi_driver_space_efficiency: <FILL IN>
Ensure that you replace <FILL IN> with actual values relevant to your IBM
Block configuration. You can use the Creating a StorageClass
documentation to help you determine the values to use.
Portworx¶
If you are using a Pure Storage array for your block storage, you can use the Portworx CSI driver to integrate it with your Kubernetes cluster. Portworx automatically enables a custom license when integrated with Pure Storage arrays (FA/FB edition).
To configure the Portworx CSI driver, update your Ansible inventory as follows:
csi_driver: portworx
portworx_pure_flasharray_san_type: <FILL IN> # FC or ISCSI
portworx_pure_json:
FlashBlades: []
FlashArrays:
- MgmtEndPoint: <FILL IN>
APIToken: <FILL IN>
For more information about how the portworx_pure_json variable is used,
you can refer to the Pure Storage FlashArray and FlashBlade JSON file reference.
StorPool¶
For environments requiring the integration of StorPool for storage, configure the StorPool CSI driver by updating your Ansible inventory as follows:
csi_driver: storpool
storpool_csi_template: k8s
The storpool_csi_template variable specifies the StorPool template to use
for the deployment which is set to k8s in the example above.