How to Deploy a Cinder Storage Backend for your Kubernetes Cluster using CSI

This tutorial will walk you through the steps required to install and configure the Cinder CSI driver on your Kubernetes cluster. Please note, Cinder CSI may also be installed on Kubernetes using helm charts.

Cinder is the open source block storage service that is part of open source OpenStack project - an open source platform to run your virtual machines. Cinder has drivers to interface with various open source and commercial enterprise storage solutions. Running Kubernetes alongside an OpenStack deployment can advantageous. If you have Cinder configured for block storage then you could also use it to provision block storage for your Kubernetes cluster.

To use Cinder with Kubernetes, the required Cinder CSI driver needs to be installed within the Kubernetes Cluster along with an encrypted OpenStack RC configuration for accessing the OpenStack Cloud.

Prerequisites

A valid Kubernetes cluster. You can create one quickly for free using Platform9 Managed Kubernetes. Signup for a Free PMK Account Here and create your Kubernetes cluster using PMK. You can also use this guide on any other Kubernetes cluster you may have.
A Kubectl installation with your Kubernetes cluster from the step above configured as the primary cluster.
Git and Kubectl installed on the host that will be used to access your Kubernetes cluster.
Credentials to your OpenStack cloud or a valid OpenStack RC file that can be used to access your OpenStack cloud

Step 1 - Clone Cinder CSI Repository & Create Secret

The first step is to clone the cinder repository from GitHub to a host that that has Kubectl installed and can access your Kubernetes cluster.

 Bash 
    
xxxxxxxxxx
 
git clone https://github.com/kubernetes/cloud-provider-openstack.git
Copy

Once the repository has been cloned a new Kubernetes Secret must be created that contains the OpenStack RC for connecting to the OpenStack cloud.

Within the cloned directory navigate to the manifest files for the CSI driver cloud-provider-openstack/manifestscinder-csi-plugin/``. In the the CSI driver folder you will need to create the secret which contains the RC file of our OpenStack cloud. Once the file has been created it needs to be converted to base64.

If you have a properly configured OpenStack RC file for your OpenStack cloud, copy it to this directory. Make sure it has all the parameters below properly configured.

Otherwise, create the OpenStack RC file by running the command below:

 Bash 
    
xxxxxxxxxx
 
[root@master00 cinder-csi-plugin]# cat cloud.conf[Global]username = YOUR_USERpassword = YOUR_PASSWORDdomain-name = defaultauth-url = https://YOUR_DU_URL/keystone/v3tenant-id = YOUR_TENANT_IDregion = YOUR_REGION
Copy

Save and close the file.

Use the command below to encrypt your file with base64 so it can be use as a secret.

 Bash 
    
xxxxxxxxxx
 
cat cloud.conf | base64 |tr -d '\n'W0dsb2JhbF0KdXNlcm5hbWUgPSBZT1VSX1VTRVIKcGFzc3dvcmQgPSBZT1VSX1BBU1NXT1JECmRvbWFpbi1uYW1lID0gZGVmYXVsdAphdXRoLXVybCA9IGh0dHBzOi8vWU9VUl9EVV9VUkwva2V5c3RvbmUvdjMKdGVuYW50LWlkID0gWU9VUl9URU5BTlRfSUQKcmVnaW9uID0gWU9VUl9SRUdJT04K
Copy

Use VI or VIM to copy the contents of the encoded OpenStack RC configuration and add the string into the data field of the csi-secret-cinderplugin.yamlfile.

 YAML 
    
​x
 
[root@master00 cinder-csi-plugin]# cat csi-secret-cinderplugin.yaml# This YAML file contains secret objects,# which are necessary to run csi cinder plugin.​kind: SecretapiVersion: v1metadata:  name: cloud-config  namespace: kube-systemdata:  cloud.conf: W0dsb2JhbF0KdXNlcm5hbWUgPSBZT1VSX1VTRVIKcGFzc3dvcmQgPSBZT1VSX1BBU1NXT1JECmRvbWFpbi1uYW1lID0gZGVmYXVsdAphdXRoLXVybCA9IGh0dHBzOi8vWU9VUl9EVV9VUkwva2V5c3RvbmUvdjMKdGVuYW50LWlkID0gWU9VUl9URU5BTlRfSUQKcmVnaW9uID0gWU9VUl9SRUdJT04K
Copy

The secret can now be added to the Kubernetes Cluster. To do this apply the cs-secret-cinderplugin.yaml file using Kubectl , this will create a secret name cloud-config in kube-system namespace.

 Bash 
    
xxxxxxxxxx
 
kubectl create -f manifests/cinder-csi-plugin/csi-secret-cinderplugin.yaml
Copy

Step 2 - Deploy the CSI-Cinder Controller and Plugins

The next step is to apply the remaining manifest files to deploy the csi-cinder controller and related plugins.

The manifests will create a set of cluster roles, cluster role bindings, and StatefulSets to communicate with OpenStack and the Cinder service.

Apply all of the manifests using Kubectl Apply at the parent directory of the cloned Cinder repository.

 Bash 
    
xxxxxxxxxx
 
$ kubectl -f manifests/cinder-csi-plugin/ apply
Copy

To validate the CSI driver is installed and running, run the following and look for the cinder pods in the output.

 Bash 
    
xxxxxxxxxx
 
$ kubectl get pods -n kube-systemcsi-cinder-controllerplugin-0             6/6     Running     6          8dcsi-cinder-nodeplugin-4w6w6               3/3     Running     3          8dcsi-cinder-nodeplugin-gk5nf               3/3     Running     3          8d
Copy

To get information about CSI Drivers running in a cluster

 Bash 
    
xxxxxxxxxx
 
$ kubectl get csidrivers.storage.k8s.ioNAME                       CREATED ATcinder.csi.openstack.org   2019-07-29T09:02:40Z
Copy

Step 3 - Create Cinder Storage Class

Once the the Cinder CSI driver is installed a Storage Class needs to be setup to enable consumption of the driver. We will be using the following Cinder Storage Class yaml file for this. Save the file as storage-class.yaml.

 storage-class.yaml 
    
xxxxxxxxxx
 
apiVersion: storage.k8s.io/v1kind: StorageClassmetadata:  name: cinder-example  annotations:    storageclass.kubernetes.io/is-default-class: "true"provisioner: cinder.csi.openstack.org
Copy

Create the storage class using Kubectl

 Bash 
    
xxxxxxxxxx
 
kubectl create -f storage-class.yaml
Copy

Last updated on Jan 26, 2022

Was this page helpful?