Installing OpenEBS

OpenEBS configuration flow

Summary:

Verify iSCSI client

iSCSI client is a pre-requisite for provisioning cStor and Jiva volumes. However, it is recommended that the iSCSI client is setup and iscsid service is running on worker nodes before proceeding with the OpenEBS installation.

Set cluster-admin user context and RBAC

For installation of OpenEBS, cluster-admin user context is a must.

If there is no cluster-admin user context already present, create one and use it. Use the following command to create the new context.

  1. kubectl config set-context NAME [--cluster=cluster_nickname] [--user=user_nickname] [--namespace=namespace]

Example:

  1. kubectl config set-context admin-ctx --cluster=gke_strong-eon-153112_us-central1-a_rocket-test2 --user=cluster-admin

Set the existing cluster-admin user context or the newly created context by using the following command.

Example:

  1. kubectl config use-context admin-ctx

Installation through helm

Verify helm is installed and helm repo is updated.

For Helm v2

Run helm init for installing tiller pod under kube-system namespace.

See instructions below for setting up RBAC for tiller.

Installed helm version can be obtained by using the following command:

  1. helm version

Example ouptut:

Client: &version.Version{SemVer:”v2.16.8”, GitCommit:”145206680c1d5c28e3fcf30d6f596f0ba84fcb47”, GitTreeState:”clean”} Server: &version.Version{SemVer:”v2.16.8”, GitCommit:”145206680c1d5c28e3fcf30d6f596f0ba84fcb47”, GitTreeState:”clean”}

In the default installation mode, use the following command to install the latest version of OpenEBS in openebs namespace.

  1. helm repo add openebs https://openebs.github.io/charts
  2. helm repo update
  3. helm install --namespace openebs --name openebs openebs/openebs

For Helm v3

See helm docs for setting up helm v3. Installed helm version can be obtained by using the following command:

  1. helm version

Example ouptut:

version.BuildInfo{Version:”v3.0.2”, GitCommit:”19e47ee3283ae98139d98460de796c1be1e3975f”, GitTreeState:”clean”, GoVersion:”go1.13.5”}

OpenEBS instalaltion with helm v3 can be done by 2 ways:

Option 1: Helm v3 takes the current namespace from the local kube config and use that namespace the next time the user executes helm commands. If it is not present, the default namespace is used. Assign the openebs namespace to the current context and run the following commands to install openebs in openebs namespace.

To view current context, run the following:

  1. kubectl config current-context

Assign openebs namespace to the current context:

  1. kubectl config set-context <current_context_name> --namespace=openebs

Create OpenEBS namespace

  1. kubectl create ns openebs

Install openebs with chart name as openebs:

  1. helm repo add openebs https://openebs.github.io/charts
  2. helm repo update
  3. helm install openebs openebs/openebs

To view the chart

  1. helm ls

The above commands will install OpenEBS in openebs namespace and chart name as openebs

Option 2: By mentioning namespace in helm command

Create OpenEBS namespace

  1. kubectl create ns openebs

Install openebs with chart name as openebs:

  1. helm repo add openebs https://openebs.github.io/charts
  2. helm repo update
  3. helm install --namespace openebs openebs openebs/openebs

To view the chart

  1. helm ls -n openebs

The above commans will install OpenEBS in openebs namespace and chart name as openebs

Note:

  1. Since Kubernetes 1.12, if any containers does not set its resource requests & limits values, it results into eviction. It is recommended to set these values appropriately to OpenEBS pod spec in the operator YAML before installing OpenEBS. The example configuration can be obtained from here.

  2. Check the blockdevice mount status on Nodes before installing OpenEBS operator. More details can be obtained here.

As a next step verify your installation and do the post installation steps.

In the custom installation mode, you can achieve the following advanced configurations

  • Choose a set of nodes for OpenEBS control plane pods.
  • Choose a set of nodes for OpenEBS storage pool.
  • You can customize the disk filters that need to be excluded from being used.
  • You can choose custom namespace other than default namespace openebs.

Follow the below instructions to do any of the above configurations and then install OpenEBS through helm and values.yaml

Setup nodeSelectors for OpenEBS control plane

In a large Kubernetes cluster, you may choose to limit the scheduling of the OpenEBS control plane pods to two or three specific nodes. To do this, use nodeSelector field of PodSpec of OpenEBS control plane pods - apiserver, volume provisioner,admission-controller and snapshot operator.

See the example here.

Setup nodeSelectors for Node Disk Manager (NDM)

OpenEBS cStorPool is constructed using the disk custom resources or disk CRs created by Node Disk Manager or NDM. If you want to consider only some nodes in Kubernetes cluster to be used for OpenEBS storage (for hosting cStor Storage Pool instances), then use nodeSelector field of NDM PodSpec and dedicate those nodes to NDM.

See an example here.

Setup disk filters for Node Disk Manager

NDM by default filters out the below disk patterns and converts the rest of the disks discovered on a given node into DISK CRs as long as they are not mounted.

  1. "exclude":"loop,/dev/fd0,/dev/sr0,/dev/ram,/dev/dm-"

If your cluster nodes have different disk types that are to be filtered out (meaning that those should not be created as DISK CRs ), add the additional disk patterns to the exclude list.

See an example configuration here

Other values.yaml parameters

For customized configuration through helm, use values.yaml or command line parameters.

Default values for Helm Chart parameters are provided below.

After doing the custom configuration in the values.yaml file, run the below command to do the custom installation.

  1. helm install --namespace <custom_namespace> --name openebs openebs/openebs -f values.yaml

As a next step verify your installation and do the post installation steps.

Installation through kubectl

In the default installation mode, use the following command to install OpenEBS. OpenEBS is installed in openebs namespace.

  1. kubectl apply -f https://openebs.github.io/charts/openebs-operator.yaml

Note:

  1. Since Kubernetes 1.12, if any pod containers does not set its resource requests & limits values, it results into eviction. It is recommend to set these values appropriately to OpenEBS pod spec in the operator YAML before installing OpenEBS. The example configuration can be get from here.

  2. Check the blockdevice mount status on Nodes before installing OpenEBS operator. More details can be obtained here.

As a next step verify your installation and do the post installation steps.

In the custom installation mode, you can achieve the following advanced configurations.

  • Choose a set of nodes for OpenEBS control plane pods
  • Choose a set of nodes for OpenEBS storage pool
  • You can customize the disk filters that need to be excluded from being used
  • (Optional) Configure with Environment Variables in OpenEBS operator YAML

For custom installation, download the openebs-operator YAML file, update the above configurations using the instructions below and proceed to installation with kubectl command.

Setup nodeSelectors for OpenEBS control plane

In a large Kubernetes cluster, you may choose to limit the scheduling of the OpenEBS control plane pods to two or three specific nodes. To do this, specify a map of key-value pair and then attach the same key-value pair as labels to the required nodes on the cluster.

Example nodeSelector configuration for OpenEBS control plane components is given here.

Setup nodeSelectors for Admission Controller

The Admission controller to intercepts the requests to the Kubernetes API server prior to persistence of the object, but after the request is authenticated and authorized. This openebs admission controller implements additional custom admission policies to validate the incoming request. The following are the admission policies available with the latest main release.

  1. PersistentVolumeClaim delete requests validates if there is clone PersistentVolumeClaim exists.
  2. Clone PersistentVolumeClaim create requests validates requested claim capacity. This has to be equal to snapshot size.

The Admission Controller pod can be scheduled on particular node using nodeSelector method.

Example nodeSelector configuration for OpenEBS control plane components is given here.

Setup nodeSelectors for Node Disk Manager (NDM)

OpenEBS cStorPool is constructed using the block device custom resources or block device created by Node Disk Manager or NDM. If you want to consider only some nodes in Kubernetes cluster to be used for OpenEBS storage (for hosting cStor Storage Pool instances), then specify a map of key-value pair and then attach the same key-value pair as labels to the required nodes on the cluster.

Example nodeSelector configuration for OpenEBS control plane components is given here.

Setup disk filters for Node Disk Manager

NDM by default filters out the below disk patterns and converts the rest of the disks discovered on a given node into DISK CRs as long as they are not mounted.

"exclude":"loop,/dev/fd0,/dev/sr0,/dev/ram,/dev/dm-"

If your cluster nodes have different disk types that are to be filtered out (meaning that those should not be created as DISK CRs ), add the additional disk patterns to the exclude list in the yaml file.

See an example configuration here

Configure with Environment Variables

Some of the configurations related to cStor Target, default cStor sparse pool, default Storage configuration, Local PV Basepath, etc can be configured as variables in the corresponding deployment specification.

Enable core dump

Dumping cores has been disabled by default for cStor pool and NDM daemonset pods. This can be enabled by setting an ENV variable ENABLE_COREDUMP to 1. The ENV setting can be added in cStor pool deployment for dumping core for cStor pool pod and the ENV setting can be added in ndm daemonset spec for dumping core for ndm daemonset pods.

  1. - name: ENABLE_COREDUMP
  2. value: "1"

SparseDir

SparseDir is a hostPath directory where to look for sparse files. The default value is “/var/openebs/sparse”.

The following configuration must added as environment variables in the maya-apiserver deployment specification. This change must be done before applying the OpenEBS operator YAML file.

  1. # environment variable
  2. - name: SparseDir
  3. value: "/var/lib/"

Default cStorSparsePool

The OpenEBS installation will create default cStor sparse pool based on this configuration value. If “true”, default cStor sparse pools will be configured, if “false”, it will not be configure a default cStor sparse pool. The default configured value is “false”. The use of cStor sparse pool is for testing purposes only.

The following configuration must be added as environment variables in the maya-apiserver deployment specification for the installation of cStor pool using sparse disks. This change must be done before applying the OpenEBS operator YAML file.

Example:

  1. # environment variable
  2. - name: OPENEBS_IO_INSTALL_DEFAULT_CSTOR_SPARSE_POOL
  3. value: "false"

TargetDir

Target Dir is a hostPath directory for target pod. The default value is “/var/openebs”. This value can override the existing host path introducing a OPENEBS_IO_CSTOR_TARGET_DIR ENV in maya-apiserver deployment. This configuration might required where underlying host OS does not have write permission on default OpenEBS path(/var/openebs/).

The following configuration must added as environment variables in the maya-apiserver deployment specification. This change must be done before applying the OpenEBS operator YAML file.

Example:

  1. # environment variable
  2. - name: OPENEBS_IO_CSTOR_TARGET_DIR
  3. value: "/var/lib/overlay/openebs"

Basepath for OpenEBS Local PV

By default the hostpath is configured as /var/openebs/local for Local PV based on hostpath, which can be changed during the OpenEBS operator install by passing the OPENEBS_IO_BASE_PATH ENV parameter to the Local PV dynamic provisioner deployment.

  1. # environment variable
  2. - name: OPENEBS_IO_BASE_PATH
  3. value: "/mnt/"

Default Storage Configuration

OpenEBS comes with default storage configuration like Jiva and Local PV storage classes and so forth. Each of the storage engines in OpenEBS is highly configurable and the customization is done via Storage Classes and associated Custom Resources. While the default storage configuration can be modified after installation, it is going to be overwritten by the OpenEBS API Server. The recommended approach for customizing is to have users create their own storage configuration using the default options as examples/guidance. If you would like to use a customized configuration, you can disable the installation of the default storage configuration during the installation. The following configuration must be added as environment variables in the maya-apiserver deployment specification to disable default storage configuration.

  1. # environment variable
  2. - name: OPENEBS_IO_CREATE_DEFAULT_STORAGE_CONFIG
  3. value: "false"

Note: Starting with 0.9, cStor Sparse pool and its Storage Class are not created by default. If you need to enable the cStor Sparse pool for development or test environments, you should have the above Default Storage Configuration enabled as well as cStor sparse pool enabled using the instructions mentioned here.

After doing the custom configuration in the downloaded openebs-operator.yaml file, run the below command to do the custom installation.

  1. kubectl apply -f <modified openebs-operator.yaml>

As a next step verify your installation and do the post installation steps.

Verifying OpenEBS installation

Verify pods:

List the pods in <openebs> name space

  1. kubectl get pods -n openebs

In the successful installation of OpenEBS, you should see an example output like below.

NAME READY STATUS RESTARTS AGE maya-apiserver-d77867956-mv9ls 1/1 Running 3 99s openebs-admission-server-7f565bcbb5-lp5sk 1/1 Running 0 95s openebs-localpv-provisioner-7bb98f549d-ljcc5 1/1 Running 0 94s openebs-ndm-dn422 1/1 Running 0 96s openebs-ndm-operator-84849677b7-rhfbk 1/1 Running 1 95s openebs-ndm-ptxss 1/1 Running 0 96s openebs-ndm-zpr2l 1/1 Running 0 96s openebs-provisioner-657486f6ff-pxdbc 1/1 Running 0 98s openebs-snapshot-operator-5bdcdc9b77-v7n4w 2/2 Running 0 97s

openebs-ndm is a daemon set, it should be running on all nodes or on the nodes that are selected through nodeSelector configuration.

The control plane pods openebs-provisioner, maya-apiserver and openebs-snapshot-operator should be running. If you have configured nodeSelectors , check if they are scheduled on the appropriate nodes by listing the pods through kubectl get pods -n openebs -o wide

The resiliency of the control plane can be verified via litmus using openebs-control-plane-chaos experiment.

Verify StorageClasses:

List the storage classes to check if OpenEBS has installed with default StorageClasses.

  1. kubectl get sc

In the successful installation, you should have the following StorageClasses are created.

NAME PROVISIONER AGE openebs-device openebs.io/local 64s openebs-hostpath openebs.io/local 64s openebs-jiva-default openebs.io/provisioner-iscsi 64s openebs-snapshot-promoter volumesnapshot.external-storage.k8s.io/snapshot-promoter 64s standard (default) kubernetes.io/gce-pd 6m41s

Verify Block Device CRs

NDM daemon set creates a block device CR for each block devices that is discovered on the node with two exceptions

  • The disks that match the exclusions in ‘vendor-filter’ and ‘path-filter’
  • The disks that are already mounted in the node

List the block device CRs to verify the CRs are appearing as expected.

  1. kubectl get blockdevice -n openebs

Following is an example output.

NAME NODENAME SIZE CLAIMSTATE STATUS AGE blockdevice-1c10eb1bb14c94f02a00373f2fa09b93 gke-ranjith-14-default-pool-da9e1336-mbq9 42949672960 Unclaimed Active 14s blockdevice-77f834edba45b03318d9de5b79af0734 gke-ranjith-14-default-pool-da9e1336-d9zq 42949672960 Unclaimed Active 22s blockdevice-936911c5c9b0218ed59e64009cc83c8f gke-ranjith-14-default-pool-da9e1336-9j2w 42949672960 Unclaimed Active 30s

To know which block device CR belongs to which node, check the node label set on the CR by doing the following command.

  1. kubectl describe blockdevice <blockdevice-cr> -n openebs

Verify Jiva default pool - default

  1. kubectl get sp

Following is an example output.

NAME AGE default 2m

Note that listing `sp` lists both `csp` and the `Jiva pool`.

Post-Installation considerations

For a simple testing of OpenEBS, you can use the below default storage classes

  • openebs-jiva-default for provisioning Jiva Volume (this uses default pool which means the data replicas are created in the /mnt/openebs_disk directory of the Jiva replica pod)

  • openebs-hostpath for provisioning Local PV on hostpath.

  • openebs-device for provisioning Local PV on device.

For using real disks, you have to create cStorPools or Jiva pools or OpenEBS Local PV based on the requirement and then create corresponding StorageClasses or use default StorageClasses to use them.

Example configuration- Pod resource requests

All openebs components should have ephemeral storage requests set against each of its pod containers and side cars. Ephemeral storage requests can be used only from Kubernetes 1.13 or in earlier versions if the feature-gate flag is enabled. This value should be added for all the openebs control plane components in the openebs operator YAML file before applying it. This setting is used to specify ephemeral-storage to avoid erroneous eviction by K8s.

The following is one the example configurations for AuxResourceRequests which allow you to set requests on side cars of the container.

AuxResourceRequests

This setting is useful in cases where user has to specify minimum ephemeral-storage requests to avoid erroneous eviction by K8s. The below spec will set the side-cars with 50Mi ephemeral-storage requests.

  1. - name: AuxResourceRequests
  2. value: |-
  3. ephemeral-storage: "50Mi"

Example configurations - helm

Setup RBAC for Tiller before Installing OpenEBS Chart

  1. kubectl -n kube-system create sa tiller
  2. kubectl create clusterrolebinding tiller --clusterrole cluster-admin --serviceaccount=kube-system:tiller
  3. kubectl -n kube-system patch deploy/tiller-deploy -p '{"spec": {"template": {"spec": {"serviceAccountName": "tiller"}}}}'
  4. kubectl -n kube-system patch deployment tiller-deploy -p '{"spec": {"template": {"spec": {"automountServiceAccountToken": true}}}}'

Ensure that helm repo in your master node is updated to get the latest OpenEBS repository using the following command

  1. helm repo update

For nodeSelectors in values.yaml (helm)

First, label the required nodes with an appropriate label. In the following command, the required nodes for storage nodes are labelled as node=openebs

  1. kubectl label nodes <node-name> node=openebs

Find apiServer, provisioner, snapshotOperator, admission-server and ndm sections in values.yamland update nodeSelector key. Example of the updated provisioner section in the following snippet where node:openebs is the nodeSelector label.

  1. provisioner:
  2. image: "quay.io/openebs/openebs-k8s-provisioner"
  3. imageTag: "2.0.0"
  4. replicas: 1
  5. nodeSelector: {}
  6. tolerations: []
  7. affinity: {}
  8. healthCheck:
  9. initialDelaySeconds: 30
  10. periodSeconds: 60

For disk filters in values.yaml (helm)

In the values.yaml, findndm section to update excludeVendors: and excludePaths:

  1. ndm:
  2. image: "quay.io/openebs/node-disk-manager-amd64"
  3. imageTag: "0.8.0"
  4. sparse:
  5. path: "/var/openebs/sparse"
  6. size: "10737418240"
  7. count: "1"
  8. filters:
  9. excludeVendors: "CLOUDBYT,OpenEBS"
  10. includePaths: ""
  11. excludePaths: "loop,fd0,sr0,/dev/ram,/dev/dm-,/dev/md"
  12. probes:
  13. enableSeachest: false
  14. nodeSelector: {}
  15. healthCheck:
  16. initialDelaySeconds: 30
  17. periodSeconds: 60

Default Values for Helm Chart Parameters

Download the values.yaml from here and update them as per your needs.

Example configurations - kubectl

For nodeSelectors in openebs-operator.yaml

First, label the required nodes with an appropriate label. In the following command, the required nodes for storage nodes are labelled as node=openebs.

  1. kubectl label nodes <node-name> node=openebs

Next, in the downloaded openebs-operator.yaml, find the PodSpec for openebs-provisioner, maya-apiserver, openebs-snapshot-operator, openebs-admission-server and openebs-ndm pods and add the following key-value pair under nodeSelector field

  1. nodeSelector:
  2. node: openebs

For disk filters in openebs-operator.yaml

In the downloaded openebs-operator.yaml, find openebs-ndm-config configmap and update the values for keys path-filter and vendor-filter

  1. ---
  2. # This is the node-disk-manager related config.
  3. # It can be used to customize the disks probes and filters
  4. apiVersion: v1
  5. kind: ConfigMap
  6. metadata:
  7. name: openebs-ndm-config
  8. namespace: openebs
  9. data:
  10. # udev-probe is default or primary probe which should be enabled to run ndm
  11. # filterconfigs contails configs of filters - in their form fo include
  12. # and exclude comma separated strings
  13. node-disk-manager.config: |
  14. probeconfigs:
  15. - key: udev-probe
  16. name: udev probe
  17. state: true
  18. - key: seachest-probe
  19. name: seachest probe
  20. state: false
  21. - key: smart-probe
  22. name: smart probe
  23. state: true
  24. filterconfigs:
  25. - key: os-disk-exclude-filter
  26. name: os disk exclude filter
  27. state: true
  28. exclude: "/,/etc/hosts,/boot"
  29. - key: vendor-filter
  30. name: vendor filter
  31. state: true
  32. include: ""
  33. exclude: "CLOUDBYT,OpenEBS"
  34. - key: path-filter
  35. name: path filter
  36. state: true
  37. include: ""
  38. exclude: "loop,/dev/fd0,/dev/sr0,/dev/ram,/dev/dm-,/dev/md"
  39. ---

See Also:

OpenEBS Architecture

Installation troubleshooting

OpenEBS use cases