Open in app

Sign in

Write

Sign in

Managing Storage with Amazon EBS CSI Driver on Amazon EKS

Tolgahan Demirbaş
3 min readApr 2, 2024

--

In the every landscape of cloud computing, Kubernetes has emerged as a pivotal force in orchestrating containerized applications. Amazon Elastic Kubernetes Service (EKS) simplifies the process of running Kubernetes on AWS, offering scalability and reliability. A critical component in leveraging the full potential of EKS is integrating storage solutions such as Amazon Elastic Block Store (EBS). This guide focuses on the Amazon EBS CSI (Container Storage Interface) Driver, detailing its installation and utilization on Amazon EKS.

Understanding the EBS CSI Driver

The EBS CSI Driver facilitates the use of Amazon EBS as persistent storage in Kubernetes environments, enhancing storage capabilities with minimal effort. Key features include:

  • Dynamic Volume Provisioning: Automatically creates EBS volumes to meet PersistentVolumeClaim demands.
  • Volume Snapshotting: Supports taking snapshots of EBS volumes, allowing for data backup and restoration.
  • Volume Resizing: Enables the resizing of EBS volumes without disrupting service.

Prerequisites

  • Active AWS account and a configured AWS CLI.
  • Existing EKS cluster with kubectl and Helm installed.
  • Basic familiarity with Kubernetes concepts and YAML syntax.

Installation Process

Step 1: Setting Up IAM Permissions

Before deploying the EBS CSI Driver, ensure your EKS nodes have the necessary permissions to interact with EBS.

Create an IAM Policy: This policy allows the EBS CSI driver to call AWS services on your behalf.

ebs_csi_policy.json:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "ec2:CreateVolume",
        "ec2:AttachVolume",
        "ec2:DetachVolume",
        "ec2:DeleteVolume",
        "ec2:CreateSnapshot",
        "ec2:DeleteSnapshot",
        "ec2:DescribeVolumes",
        "ec2:DescribeSnapshots",
        "ec2:DescribeInstances",
        "ec2:DescribeAvailabilityZones",
        "ec2:DescribeVolumeStatus",
        "ec2:DescribeVolumeAttribute",
        "ec2:DescribeSnapshotAttribute",
        "ec2:DescribeInstanceAttribute",
        "ec2:DescribeInstanceCreditSpecifications",
        "ec2:DescribeVolumeTypes",
        "ec2:DescribeVpcAttribute",
        "ec2:DescribeVpcEndpoints",
        "ec2:DescribeVpcs",
        "ec2:ModifyVolume",
        "ec2:ModifyVolumeAttribute",
        "ec2:ModifyInstanceAttribute"
      ],
      "Resource": "*"
    }
  ]
}
aws iam create-policy \
    --policy-name AmazonEKS_EBS_CSI_Driver_Policy \
    --policy-document file://ebs_csi_policy.json

Attach the Policy to the EKS Node Role: Identify your EKS node role and attach the policy.

aws iam attach-role-policy \
    --policy-arn arn:aws:iam::<AWS_ACCOUNT_ID>:policy/AmazonEKS_EBS_CSI_Driver_Policy \
    --role-name <EKS_NODE_ROLE_NAME>

Step 2: Installing the EBS CSI Driver with Helm

Helm simplifies the deployment of the EBS CSI Driver to your EKS cluster.

Add the Amazon EBS CSI Driver Helm Repository:

helm repo add aws-ebs-csi-driver https://kubernetes-sigs.github.io/aws-ebs-csi-driver/
helm repo update

Install the EBS CSI Driver:

Deploy the driver using Helm. This command installs the EBS CSI Driver into the kube-system namespace.

helm install aws-ebs-csi-driver aws-ebs-csi-driver/aws-ebs-csi-driver \
    --namespace kube-system \
    --set enableVolumeScheduling=true \
    --set enableVolumeResizing=true \
    --set enableVolumeSnapshot=true

Step 3: Verifying the Installation

Ensure that the EBS CSI Driver components are deployed successfully.

kubectl get pods -n kube-system | grep ebs-csi

You should see the driver’s pods running smoothly.

Utilizing the EBS CSI Driver

Create a StorageClass and a PersistentVolumeClaim to provision EBS volumes dynamically.

StorageClass:

Deploy a StorageClass to specify the type of EBS volume.

apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: ebs-gp3
provisioner: ebs.csi.aws.com
parameters:
  type: gp3
reclaimPolicy: Delete
volumeBindingMode: WaitForFirstConsumer

PersistentVolumeClaim (PVC):

Create a PVC to request storage from your StorageClass.

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: demo-ebs-volume-claim
spec:
  accessModes:
    - ReadWriteOnce
  storageClassName: ebs-gp3
  resources:
    requests:
      storage: 10Gi

Pod Specification to Use the Volume

Example Pod configuration using the EBS volume.

apiVersion: v1
kind: Pod
metadata:
  name: demo-pod
spec:
  containers:
  - name: nginx
    image: nginx
    volumeMounts:
    - mountPath: "/var/www/html"
      name: demo-storage
  volumes:
  - name: demo-storage
    persistentVolumeClaim:
      claimName: demo-ebs-volume-claim

Conclusion

Integrating the EBS CSI Driver with Amazon EKS enhances your Kubernetes applications by providing reliable and scalable persistent storage. By following the steps outlined in this guide, you can seamlessly deploy and manage EBS-backed volumes within your EKS cluster, ensuring your applications have the storage they require to operate effectively.

Remember to monitor your deployments and adjust your configurations as needed. With the EBS CSI Driver, your Kubernetes applications can fully leverage the power and flexibility of AWS cloud storage solutions.

--

--

Tolgahan Demirbaş

Written by Tolgahan Demirbaş

28 Followers

Engineering Manager @bestcloudforme

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams