🚀 DevOps & SRE Certification Program 📅 Starting: 1st of Every Month 🤝 +91 8409492687 🔍 Contact@DevOpsSchool.com

Upgrade & Secure Your Future with DevOps, SRE, DevSecOps, MLOps!

We spend hours on Instagram and YouTube and waste money on coffee and fast food, but won’t spend 30 minutes a day learning skills to boost our careers.
Master in DevOps, SRE, DevSecOps & MLOps!

Learn from Guru Rajesh Kumar and double your salary in just one year.


Get Started Now!

Uncategorised

How to Configure StorageClass with EBS for EKS cluster for Gitlab

February 22, 2023 Leave a Comment

Table of Contents

Method – 1

to create a volume in an availability zone where you don’t have any volumes on. You can try restricting your StorageClass to the availability zones where you have nodes.

A StorageClass is a way to describe a class of storage that can be used by Kubernetes Persistent Volumes (PVs). The kind: StorageClass and apiVersion: storage.k8s.io/v1 fields indicate that this is a Kubernetes StorageClass object using the version 1 of the Kubernetes storage API.

The metadata field contains information about the StorageClass, including its name gp2 and an annotation that specifies it as the default class for PVs, with storageclass.kubernetes.io/is-default-class: "true".

The provisioner field specifies the provisioner to be used to create PVs of this StorageClass, in this case, kubernetes.io/aws-ebs, indicating that the storage will be provided by Amazon Elastic Block Store (EBS) volumes.

The parameters field specifies parameters to be passed to the provisioner, in this case, specifying the type of storage to be created as gp2, which is a type of EBS volume optimized for general-purpose workloads.

The reclaimPolicy field specifies what happens to the PVs created from this StorageClass when they are no longer in use. Here, the policy is set to Retain, which means the PVs will not be automatically deleted when a claim is released, and their data will be preserved.

The mountOptions field specifies additional mount options to be used when the volume is mounted by a pod. Here, it’s set to debug.

The allowedTopologies field specifies where the PVs created from this StorageClass can be provisioned. Here, it specifies that the PVs can be provisioned in any of the availability zones (ap-southeast-1a, ap-southeast-1b, ap-southeast-1c) in the ap-southeast-1 region. This is done by using the matchLabelExpressions field to specify a label key (failure-domain.beta.kubernetes.io/zone) and the corresponding values.

kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: gp2
  annotations:
    storageclass.kubernetes.io/is-default-class: "true"
provisioner: kubernetes.io/aws-ebs
parameters:
  type: gp2
reclaimPolicy: Retain
mountOptions:
  - debug
allowedTopologies:
- matchLabelExpressions:
  - key: failure-domain.beta.kubernetes.io/zone
    values:
    - ap-southeast-1a
    - ap-southeast-1b
    - ap-southeast-1c

Method – 2

** This notes is only for fixing the PV/PVC issues and not for Production ready setup of EKS.

Step 1 - Deploy StorageClass for EKS setup

** Please make sure that you modify the AWS_ZONE & CUSTOM_STORAGE_CLASS_NAME as per the requirement

  • CUSTOM_STORAGE_CLASS_NAME - Need to change
  • AWS_ZONE - Need to change
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: CUSTOM_STORAGE_CLASS_NAME
provisioner: kubernetes.io/aws-ebs
reclaimPolicy: Retain
parameters:
  type: gp2
  zone: '*AWS_ZONE*'

Step 2 - Set the custom storage class to the cluster default and it will be used for all dynamic provisioning.

  • CUSTOM_STORAGE_CLASS_NAME - Need to change
$ kubectl patch storageclass CUSTOM_STORAGE_CLASS_NAME -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'

Step 3 - Download an example IAM policy with permissions that allow your worker nodes to create and modify Amazon EBS volumes:

$ curl -o example-iam-policy.json https://raw.githubusercontent.com/kubernetes-sigs/aws-ebs-csi-driver/release-1.3/docs/example-iam-policy.json

Step 4 - Create an IAM policy named Amazon_EBS_CSI_Driver

$ aws iam create-policy --policy-name AmazonEKS_EBS_CSI_Driver_Policy --policy-document file://example-iam-policy.json

Step 5 - Attach the "AmazonEKS_EBS_CSI_Driver_Policy" policy to Worker Node Group of AWS.

Step 5 - I used this combination to deploy Gitlab in EKS 1.24 cluster

helm upgrade --install gitlab gitlab/gitlab \
  --timeout 600s \
  --set global.hosts.domain=gitlab.digitaldevops.in \
  --set certmanager-issuer.email=devops@rajeshkumar.xyz \
  --set postgresql.image.tag=13.6.0
view raw README.md hosted with ❤ by GitHub
Subscribe
Notify of
guest


0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments

Certification Courses

DevOpsSchool has introduced a series of professional certification courses designed to enhance your skills and expertise in cutting-edge technologies and methodologies. Whether you are aiming to excel in development, security, or operations, these certifications provide a comprehensive learning experience. Explore the following programs:

DevOps Certification, SRE Certification, and DevSecOps Certification by DevOpsSchool

Explore our DevOps Certification, SRE Certification, and DevSecOps Certification programs at DevOpsSchool. Gain the expertise needed to excel in your career with hands-on training and globally recognized certifications.

0
Would love your thoughts, please comment.x
()
x