/kube-linstor

Containerized LINSTOR SDS for Kubernetes, ready for production use.

Primary LanguageDockerfileApache License 2.0Apache-2.0

Kube-Linstor

Containerized Linstor Storage easy to run in your Kubernetes cluster.

Images

Image Latest Tag
linstor-controller linstor-controller-version
linstor-satellite linstor-satellite-version
linstor-csi linstor-csi-version
linstor-stork linstor-stork-version

Requirements

  • Working Kubernetes cluster (v1.17 or higher).
  • DRBD9 kernel module installed on each satellite node.
  • PostgeSQL database / etcd or any other backing store for redundancy.

QuckStart

Kube-Linstor consists of several components:

  • Linstor-controller - Controller is main control point for Linstor, it provides API for clients and communicates with satellites for creating and monitor DRBD-devices.
  • Linstor-satellite - Satellites run on every node, they listen and perform controller tasks. They operates directly with LVM and ZFS subsystems.
  • Linstor-csi - CSI driver provides compatibility level for adding Linstor support for Kubernetes.
  • Linstor-stork - Stork is a scheduler extender plugin for Kubernetes which allows a storage driver to give the Kubernetes scheduler hints about where to place a new pod so that it is optimally located for storage performance.

Preparation

Install Helm.

NOTE: Commands below provided for Helm v3 but Helm v2 is also supported.
You can use helm template instead of helm install, this is also working as well.

Create linstor namespace.

kubectl create ns linstor

Install Helm repository:

helm repo add kvaps https://kvaps.github.io/charts

Database

  • Install stolon chart:

    # download example values
    curl -LO https://github.com/kvaps/kube-linstor/raw/v1.9.0/examples/linstor-db.yaml
    
    # install release
    helm install linstor-db kvaps/stolon \
      --namespace linstor \
      -f linstor-db.yaml

    NOTE: The current example will deploy stolon cluster on your Kubernetes-master nodes

    NOTE: In case of update your stolon add --set job.autoCreateCluster=false flag to not reinitialisate your cluster.

  • Create Persistent Volumes:

    helm install data-linstor-db-stolon-keeper-0 kvaps/pv-hostpath \
      --namespace linstor \
      --set path=/var/lib/linstor-db \
      --set node=node1
    
    helm install data-linstor-db-stolon-keeper-1 kvaps/pv-hostpath \
      --namespace linstor \
      --set path=/var/lib/linstor-db \
      --set node=node2
    
    helm install data-linstor-db-stolon-keeper-2 kvaps/pv-hostpath \
      --namespace linstor \
      --set path=/var/lib/linstor-db \
      --set node=node3

    Parameters name and namespace must match the PVC's name and namespace of your database, node should match exact node name.

    Check your PVC/PV list after creation, if everything right, they should obtain Bound status.

  • Connect to database:

    kubectl exec -ti -n linstor sts/linstor-db-stolon-keeper -- bash
    PGPASSWORD=$(cat $STKEEPER_PG_SU_PASSWORDFILE) psql -h linstor-db-stolon-proxy -U stolon postgres
  • Create user and database for linstor:

    CREATE DATABASE linstor;
    CREATE USER linstor WITH PASSWORD 'hackme';
    GRANT ALL PRIVILEGES ON DATABASE linstor TO linstor;

Linstor

  • Install kube-linstor chart:

    # download example values
    curl -LO https://github.com/kvaps/kube-linstor/raw/v1.9.0/examples/linstor.yaml
    
    # install release
    helm install linstor kvaps/linstor --version 1.9.0 \
      --namespace linstor \
      -f linstor.yaml

    NOTE: The current example will deploy linstor- and csi-controllers on your Kubernetes-master nodes and satellites on all nodes in the cluster.

Usage

You can get interactive linstor shell by simple exec into linstor-controller container:

kubectl exec -ti -n linstor sts/linstor-controller -- linstor

Refer to official linstor documentation for define nodes and create new resources.

SSL notes

This chart enables SSL encryption for control-plane by default. It does not affect the DRBD performance but makes your LINSTOR setup more secure.

Any way, do not forget to specify --communicates-type SSL option during node creation, example:

linstor node create alpha 1.2.3.4 --communication-type SSL

If you want to have external access, you need to download certificates for linstor client:

kubectl get secrets --namespace linstor linstor-client-tls \
  -o go-template='{{ range $k, $v := .data }}{{ $v | base64decode }}{{ end }}'

Then follow official linstor documentation to configure the client.

NOTE: v1.9.0 release also introduce shorter release name: linstor- instead of linstor-linstor-, this change shouldn't break anything, however it will regenerate SSL certificates. If you are using LINSTOR API externally, you might need to update the client certificates or keep the old release name prefix by specifying --set fullnameOverride=linstor-linstor option.

See #18 for more details.

Additional Information

Licenses