Kube-Linstor
Containerized Linstor Storage easy to run in your Kubernetes cluster.
Images
Image | Latest Tag |
---|---|
linstor-controller | |
linstor-satellite | |
linstor-csi | |
linstor-stork |
Requirements
- Working Kubernetes cluster (
v1.17
or higher). - DRBD9 kernel module installed on each satellite node.
- PostgeSQL database / etcd or any other backing store for redundancy.
QuckStart
Kube-Linstor consists of several components:
- Linstor-controller - Controller is main control point for Linstor, it provides API for clients and communicates with satellites for creating and monitor DRBD-devices.
- Linstor-satellite - Satellites run on every node, they listen and perform controller tasks. They operates directly with LVM and ZFS subsystems.
- Linstor-csi - CSI driver provides compatibility level for adding Linstor support for Kubernetes.
- Linstor-stork - Stork is a scheduler extender plugin for Kubernetes which allows a storage driver to give the Kubernetes scheduler hints about where to place a new pod so that it is optimally located for storage performance.
Preparation
NOTE: Commands below provided for Helm v3 but Helm v2 is also supported.
You can usehelm template
instead ofhelm install
, this is also working as well.
Create linstor
namespace.
kubectl create ns linstor
Install Helm repository:
helm repo add kvaps https://kvaps.github.io/charts
Database
-
Install stolon chart:
# download example values curl -LO https://github.com/kvaps/kube-linstor/raw/v1.9.0/examples/linstor-db.yaml # install release helm install linstor-db kvaps/stolon \ --namespace linstor \ -f linstor-db.yaml
NOTE: The current example will deploy stolon cluster on your Kubernetes-master nodes
NOTE: In case of update your stolon add
--set job.autoCreateCluster=false
flag to not reinitialisate your cluster. -
Create Persistent Volumes:
helm install data-linstor-db-stolon-keeper-0 kvaps/pv-hostpath \ --namespace linstor \ --set path=/var/lib/linstor-db \ --set node=node1 helm install data-linstor-db-stolon-keeper-1 kvaps/pv-hostpath \ --namespace linstor \ --set path=/var/lib/linstor-db \ --set node=node2 helm install data-linstor-db-stolon-keeper-2 kvaps/pv-hostpath \ --namespace linstor \ --set path=/var/lib/linstor-db \ --set node=node3
Parameters
name
andnamespace
must match the PVC's name and namespace of your database,node
should match exact node name.Check your PVC/PV list after creation, if everything right, they should obtain Bound status.
-
Connect to database:
kubectl exec -ti -n linstor sts/linstor-db-stolon-keeper -- bash PGPASSWORD=$(cat $STKEEPER_PG_SU_PASSWORDFILE) psql -h linstor-db-stolon-proxy -U stolon postgres
-
Create user and database for linstor:
CREATE DATABASE linstor; CREATE USER linstor WITH PASSWORD 'hackme'; GRANT ALL PRIVILEGES ON DATABASE linstor TO linstor;
Linstor
-
Install kube-linstor chart:
# download example values curl -LO https://github.com/kvaps/kube-linstor/raw/v1.9.0/examples/linstor.yaml # install release helm install linstor kvaps/linstor --version 1.9.0 \ --namespace linstor \ -f linstor.yaml
NOTE: The current example will deploy linstor- and csi-controllers on your Kubernetes-master nodes and satellites on all nodes in the cluster.
Usage
You can get interactive linstor shell by simple exec into linstor-controller container:
kubectl exec -ti -n linstor sts/linstor-controller -- linstor
Refer to official linstor documentation for define nodes and create new resources.
SSL notes
This chart enables SSL encryption for control-plane by default. It does not affect the DRBD performance but makes your LINSTOR setup more secure.
Any way, do not forget to specify --communicates-type SSL
option during node creation, example:
linstor node create alpha 1.2.3.4 --communication-type SSL
If you want to have external access, you need to download certificates for linstor client:
kubectl get secrets --namespace linstor linstor-client-tls \
-o go-template='{{ range $k, $v := .data }}{{ $v | base64decode }}{{ end }}'
Then follow official linstor documentation to configure the client.
NOTE: v1.9.0 release also introduce shorter release name:
linstor-
instead oflinstor-linstor-
, this change shouldn't break anything, however it will regenerate SSL certificates. If you are using LINSTOR API externally, you might need to update the client certificates or keep the old release name prefix by specifying--set fullnameOverride=linstor-linstor
option.See #18 for more details.
Additional Information
Licenses
- This project under Apache License
- linstor-server, drbd and drbd-utils is GPL licensed by LINBIT
- linstor-csi under Apache License by LINBIT
- stork under Apache License