Persistent Storage

RAIL provide persistent file storage that you can mount into your containers.

The volumes are represented by PersistenVolumeClaim (shortname pvc) that you can create with manifests like this:

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: vol1c
spec:
  storageClassName: rook-ceph-block
  accessModes:
   - ReadWriteOncePod
  resources:
    requests:
      storage: 150Mi

and then you mount it into your container with:

kind: Pod
spec:
  securityContext:
    fsGroup: 100
  volumes:
  - name: vol1
    persistentVolumeClaim:
      claimName: vol1c
  containers:
  - name: ...
    image: ...
    volumeMounts:
    - name: vol1
      mountPath: /mnt/vol1

The manifests above will create a volume that can only be mounted in a single Pod. This was requested by the specified ReadWriteOncePod access mode.

Alternatively you can specify access mode ReadWriteOnce which will allow multiple Pods running on the same Node to access the volume. This is a bit hard to use since you would then have to figure out how to influence the pod affinity to ensure that the pods are scheduled together.

This is an example that tries to make the given Pod run on the same node where the http-deamon runs:

kind: Pod
spec:
  affinity:
    podAffinity:
      # In order to be able to mount the RWO volume we need to make sure
      # the Pod runs on the same node where the http-deamon pod runs.
      requiredDuringSchedulingIgnoredDuringExecution:
      - labelSelector:
          matchExpressions:
          - key: app.kubernetes.io/component
            operator: In
            values:
            - http-deamon
        topologyKey: kubernetes.io/hostname

Attention

Access mode ReadWriteMany is currently not available on RAIL. This would allow Pods scheduled on different Nodes to all mount the volume at the same time.

File ownership

When the root directory of the volume is created, it is owned by root and this ownership cannot be changed. However, it will also be associated with the group specified by securityContext.fsGroup and will have g+rxs permissions. Additionally, your container processes will belong to the specified group.

If you don’t specify securityContext.fsGroup, the default is 1 which should work fine for most use cases.

Resizing volumes

You specify the requested size of the volume with resources.request.storage.

If you run out of space, RAIL allow you to increase this size on a live volume.

You are not able to decrease the size of a live volume. In this case you need to create a new smaller volume and copy the files over.

Backup

To be answered…

  • How can you recover if you loose your pvc?

  • How can you restore a pvc to the state it had some time ago?

  • When will access mode ReadWriteMany become available?