Overview
If you already have an AWS Elastic Block Store (EBS) volume to import into GKE on AWS, you can create a PersistentVolume (PV) object and reserve it for a specific PersistentVolumeClaim (PVC).
This page explains how to create a PV by using an existing EBS volume populated with data, and how to use the PV in a Pod. This page is for Operators and Storage specialists who want to configure and manage storage. To learn more about common roles and example tasks that we reference in Google Cloud content, see Common GKE Enterprise user roles and tasks.
Before you begin
Before completing these steps, you must you must:
- Create a GKE on AWS cluster and
configure access to it with
kubectl
. - Connect and authenticate to your cluster
Using encrypted EBS volumes
If your EBS volume is encrypted with the AWS Key Management Service (KMS), you need to grant the GKE on AWS control plane AWS IAM role access to your KMS key.
To grant the control plane role access to your key:
Find the name of your cluster's control plane role.
Choose the AWS KMS key used to encrypt your EBS volume, and add the control plane role as a key user by following the instructions in Allow key users to use the KMS key.
Creating a PersistentVolume for a pre-existing EBS volume
You can import an existing EBS volume by specifying a new PV and adding it to your cluster.
Copy the following YAML into a file named
existing-volume.yaml
:apiVersion: v1 kind: PersistentVolume metadata: name: VOLUME_NAME annotations: pv.kubernetes.io/provisioned-by: ebs.csi.aws.com spec: capacity: storage: VOLUME_CAPACITY accessModes: - ReadWriteOnce persistentVolumeReclaimPolicy: Retain storageClassName: STORAGE_CLASS_NAME claimRef: name: my-pvc namespace: default csi: driver: ebs.csi.aws.com volumeHandle: EBS_VOLUME_ID fsType: FILE_SYSTEM_TYPE nodeAffinity: required: nodeSelectorTerms: - matchExpressions: - key: topology.ebs.csi.aws.com/zone operator: In values: - ZONE
Replace the following:
VOLUME_NAME
: The name for your volume.VOLUME_CAPACITY
: size of the volume— for example,30G
. For more information on specifying volume capacity in Kubernetes, see the Meaning of memory.STORAGE_CLASS_NAME
: the name of the StorageClass that provisions the volume— for example,standard-rwo
.EBS_VOLUME_ID
: Your EBS volume id. For example,vol-05786ec9ec9526b67
.FS_TYPE
: The file system of the volume— for example,ext4
.ZONE
: The AWS Availability Zone that hosts the EBS volume— for example,us-east-1c
.
Apply the YAML to your cluster
kubectl apply -f existing-volume.yaml
Confirm the creation of your PV
kubectl describe pv volume-name
The output of this command contains the status of the PV.
Using the volume with a PersistentVolumeClaim and Pod
After you have imported your volume, you can create a PVC and a Pod that attaches the PVC.
The YAML below creates a PVC and attaches it to a Pod running the Nginx web server. Copy it into a file named
nginx.yaml
:apiVersion: v1 kind: PersistentVolumeClaim metadata: name: my-pvc spec: storageClassName: STORAGE_CLASS_NAME volumeName: VOLUME_NAME accessModes: - ReadWriteOnce resources: requests: storage: VOLUME_CAPACITY --- apiVersion: v1 kind: Pod metadata: name: web-server spec: containers: - name: web-server image: nginx volumeMounts: - mountPath: /var/lib/www/html name: data volumes: - name: data persistentVolumeClaim: claimName: PVC_NAME
Replace the following:
STORAGE_CLASS
: The name of the StorageClass from the PersistentVolume you created previously— for example,standard-rwo
.VOLUME_NAME
VOLUME_CAPACITY
PVC_NAME
: Name of the PVC— for example,my-pvc
.
Apply the YAML to your cluster
kubectl apply -f nginx.yaml
Check the status of your Nginx instance with
kubectl describe
. The output should have aSTATUS
ofRunning
.kubectl describe pod web-server
What's next
- Use additional storage drivers with GKE on AWS.