/helm-chart

Helm chart to install StorageOS on a Kubernetes cluster

Primary LanguageSmartyMIT LicenseMIT

StorageOS Helm Chart

StorageOS is a software-based storage platform designed for cloud-native applications. By deploying StorageOS on your Kubernetes cluster, local storage from cluster node is aggregated into a distributed pool, and persistent volumes created from it using the native Kubernetes volume driver are available instantly to pods wherever they move in the cluster.

Features such as replication, encryption and caching help protect data and maximise performance.

NOTE: Refer README-CSI.md for CSI driver installation.

Prerequisites

  • Kubernetes 1.8+ with Beta APIs enabled
  • Kubernetes must be configured to allow:
    • Privileged mode containers (enabled by default)
    • Feature gate: MountPropagation=true. This can be done by appending --feature-gates MountPropagation=true to the kube-apiserver and kubelet services.

Refer to the StorageOS prerequisites docs for more information.

TL;DR

$ git clone https://github.com/storageos/helm-chart.git storageos
$ cd storageos
$ helm install .

# Follow the instructions printed by helm install to update the link between Kubernetes and StorageOS. They look like:
$ ClusterIP=$(kubectl get svc/storageos --namespace storageos -o custom-columns=IP:spec.clusterIP --no-headers=true)
$ ApiAddress=$(echo -n "tcp://$ClusterIP:5705" | base64)
$ kubectl patch secret/storageos-api --namespace storageos --patch "{\"data\":{\"apiAddress\": \"$ApiAddress\"}}"

For more than one node clusters, the cluster.join variable must be set.

Installing the Chart

To install the chart with the release name my-release:

$ helm install --name my-release .

For more than one node clusters, the cluster.join variable must be set.

The command deploys StorageOS on the Kubernetes cluster in the default configuration. The configuration section lists the parameters that can be configured during installation.

Tip: List all releases using helm list

Post-install configuration

Follow the instructions printed by helm install to update the link between Kubernetes and StorageOS.

Example:

$ ClusterIP=$(kubectl get svc/storageos --namespace storageos -o custom-columns=IP:spec.clusterIP --no-headers=true)
$ ApiAddress=$(echo -n "tcp://$ClusterIP:5705" | base64)
$ kubectl patch secret/storageos-api --namespace storageos --patch "{\"data\":{\"apiAddress\": \"$ApiAddress\"}}"

Uninstalling the Chart

To uninstall/delete the my-release deployment:

$ helm delete --purge my-release

The command removes all the Kubernetes components associated with the chart and deletes the release.

Configuration

The cluster.join parameter must be set to a valid join string. The join string helps bootstrap a new cluster and provides instructions to nodes joining an existing cluster. Typically the join string should be composed of a cluster id and/or hostname(s)/IP-address(es) of cluster nodes. For helm options the comma needs to be escaped like this "a,b".

Examples:

$ helm install . --name my-release --set cluster.join=node01
$ storageos cluster create
61e476d0-5905-4be8-af33-d5109784e3d3
$ helm install . --name my-release --set cluster.join=61e476d0-5905-4be8-af33-d5109784e3d3
$ helm install . --name my-release --set cluster.join="61e476d0-5905-4be8-af33-d5109784e3d3\,node01"

The first item in the list can be a cluster id as above, or a hostname or ip address of a single node in the cluster.

A cluster id can be generated by running the storageos cluster create CLI command. The CLI is available to download from the Github repository.

Alternatively, set the first item in the list to be the ip address or hostname of one of the cluster nodes. This node will boostrap the cluster when StorageOS is started for the first time on it. It only serves a special purpose until the cluster has initialised.

The remaining items in the join list should be one or more hostnames or ip addresses for new node to join to.

Tip: Future releases will remove the requirement to specify cluster.join and instead the discovery service will run as part of the deployment.

The following tables lists the configurable parameters of the StorageOS chart and their default values.

Parameter Description Default
cluster.join The cluster join string. See cluster discovery documentation for details.
image.repository StorageOS container image repository storageos/node
image.tag StorageOS container image tag 1.0.0-rc5
image.pullPolicy StorageOS container image pull policy IfNotPresent
initContainer.repository StorageOS init container image repository storageos/init
initContainer.tag StorageOS init container image tag 0.1
initContainer.pullPolicy StorageOS init container image pull policy IfNotPresent
rbacEnabled Use of k8s RBAC features true
storageclass.name StorageOS storage class name fast
storageclass.pool Default storage pool for storage class default
storageclass.fsType Default filesystem type for storage class ext4
api.secretName Name of the secret used for storing api location and credentials storageos-api
api.secretNamespace Namespace of the secret used for storing api location and credentials. Needed in every namespace to use StorageOS. default
api.address StorageOS service in Kubernetes http://storageos:5705
api.username Username to authenticate to the StorageOS api with storageos
api.password Password to authenticate to the StorageOS api with storageos
service.name Name of the StorageOS service storageos
service.externalPort External service port 5705
service.internalPort Internal service port 5705
resources Pod resource requests & limits {}
ingress.enabled Enable ingress controller resource false
ingress.hosts[0].name Hostname to your StorageOS installation storageos.local
ingress.hosts[0].tls Utilize TLS backend in ingress false
ingress.hosts[0].tlsSecret TLS Secret (certificates) storageos.local-tls-secret
ingress.hosts[0].annotations Annotations for this host's ingress record []
ingress.secrets[0].name TLS Secret Name nil
ingress.secrets[0].certificate TLS Secret Certificate nil
ingress.secrets[0].key TLS Secret Key nil

Specify each parameter using the --set key=value[,key=value] argument to helm install. For example,

$ helm install . --name my-release \
    --set cluster.join="74e8b44d-b1df-11e7-b0b3-42010a9a00b2\,node01"

Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example,

$ helm install . --name my-release -f values.yaml

Tip: You can use the default values.yaml

RBAC

Kubernetes implements Role-Based Access Control mode in the stable api (v1) since v1.8. In case your cluster's api server is started with --authorization-mode=RBAC, you should be running the chart with the configuration parameter rbacEnabled: true

The chart will create a Role with permissions to manage secrets. With this functionality, StorageOS will be able to generate its own secrets for cluster discovery or volume encryption.