- Create the IAM role for EFS and attach to control plane and worker nodes (can just be worker nodes)
- Deploy the EFS Operator from Operator Hub
- Install the EFS CSI Driver with efs-cluster-csi-driver.yaml
- create the EFS Storage Class with efs-sc.yaml example (Need to change fields here for your EFS)
Last active
September 19, 2024 00:18
-
-
Save dmc5179/dadc9916d3947d6da0e6c908dad9775b to your computer and use it in GitHub Desktop.
OpenShift AWS EFS Deployment
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: operator.openshift.io/v1 | |
| kind: ClusterCSIDriver | |
| metadata: | |
| name: efs.csi.aws.com | |
| spec: | |
| managementState: Managed |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: storage.k8s.io/v1 | |
| kind: StorageClass | |
| metadata: | |
| name: efs-sc | |
| parameters: | |
| fileSystemId: fs-xyz123 # Comes from your AWS EFS deployment in the AWS console | |
| provisioningMode: efs-ap | |
| basePath: "/dynamic_provisioning" | |
| directoryPerms: "755" | |
| # UID/GID can be set but then you'll need to use SCCs to allow a pod to run as a user/gid and write files as a uid/gid | |
| # uid: "2001" | |
| # gid: "2001" | |
| # gidRangeStart: "2001" | |
| # gidRangeEnd: "2002" | |
| provisioner: efs.csi.aws.com | |
| reclaimPolicy: Delete | |
| volumeBindingMode: Immediate | |
| allowVolumeExpansion: false |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "elasticfilesystem:DescribeAccessPoints", | |
| "elasticfilesystem:DescribeFileSystems" | |
| ], | |
| "Resource": "*" | |
| }, | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "elasticfilesystem:CreateAccessPoint" | |
| ], | |
| "Resource": "*", | |
| "Condition": { | |
| "StringLike": { | |
| "aws:RequestTag/efs.csi.aws.com/cluster": "true" | |
| } | |
| } | |
| }, | |
| { | |
| "Effect": "Allow", | |
| "Action": "elasticfilesystem:DeleteAccessPoint", | |
| "Resource": "*", | |
| "Condition": { | |
| "StringEquals": { | |
| "aws:ResourceTag/efs.csi.aws.com/cluster": "true" | |
| } | |
| } | |
| } | |
| ] | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| apiVersion: v1 | |
| kind: PersistentVolumeClaim | |
| metadata: | |
| name: httpd-pv-claim | |
| labels: | |
| app: httpd-frontend | |
| spec: | |
| accessModes: | |
| - ReadWriteMany | |
| storageClassName: efs-sc | |
| resources: | |
| requests: | |
| storage: 10Gi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment