AWS Elastic Block Store CSI Driver Operator
Overview
OKD is capable of provisioning persistent volumes (PVs) using the AWS EBS CSI driver.
Familiarity with persistent storage and configuring CSI volumes is recommended when working with a Container Storage Interface (CSI) Operator and driver.
To create CSI-provisioned PVs that mount to AWS EBS storage assets, OKD installs the AWS EBS CSI Driver Operator (a Red Hat operator) and the AWS EBS CSI driver by default in the openshift-cluster-csi-drivers
namespace.
The AWS EBS CSI Driver Operator provides a StorageClass by default that you can use to create PVCs. You can disable this default storage class if desired (see Managing the default storage class). You also have the option to create the AWS EBS StorageClass as described in Persistent storage using Amazon Elastic Block Store.
The AWS EBS CSI driver enables you to create and mount AWS EBS PVs.
If you installed the AWS EBS CSI Operator and driver on an OKD 4.5 cluster, you must uninstall the 4.5 Operator and driver before you update to OKD 4. |
About CSI
Storage vendors have traditionally provided storage drivers as part of Kubernetes. With the implementation of the Container Storage Interface (CSI), third-party providers can instead deliver storage plugins using a standard interface without ever having to change the core Kubernetes code.
CSI Operators give OKD users storage options, such as volume snapshots, that are not possible with in-tree volume plugins.
OKD defaults to using the CSI plugin to provision Amazon Elastic Block Store (Amazon EBS) storage. |
For information about dynamically provisioning AWS EBS persistent volumes in OKD, see Persistent storage using Amazon Elastic Block Store.
User-managed encryption
The user-managed encryption feature allows you to provide keys during installation that encrypt OKD node root volumes, and enables all managed storage classes to use these keys to encrypt provisioned storage volumes. You must specify the custom key in the platform.<cloud_type>.defaultMachinePlatform
field in the install-config YAML file.
This features supports the following storage types:
Amazon Web Services (AWS) Elastic Block storage (EBS)
Microsoft Azure Disk storage
Google Cloud Platform (GCP) persistent disk (PD) storage
IBM Virtual Private Cloud (VPC) Block storage
If there is no encrypted key defined in the storage class, only set |
For information about installing with user-managed encryption for Amazon EBS, see Installation configuration parameters.
Additional resources