All Projects → kubernetes-sigs → Aws Efs Csi Driver

kubernetes-sigs / Aws Efs Csi Driver

Licence: apache-2.0
CSI Driver for Amazon EFS https://aws.amazon.com/efs/

Programming Languages

go
31211 projects - #10 most used programming language

Projects that are alternatives of or similar to Aws Efs Csi Driver

Strongbox
A secret manager for AWS
Stars: ✭ 243 (-2.02%)
Mutual labels:  aws
Laravel Aws Eb
Ready-to-deploy configuration to run Laravel on AWS Elastic Beanstalk.
Stars: ✭ 247 (-0.4%)
Mutual labels:  aws
S3auth
Amazon S3 HTTP Basic Auth Gateway
Stars: ✭ 249 (+0.4%)
Mutual labels:  aws
Empire
A PaaS built on top of Amazon EC2 Container Service (ECS)
Stars: ✭ 2,660 (+972.58%)
Mutual labels:  aws
Terraform Aws Atlantis
Terraform configurations for running Atlantis on AWS Fargate. Github, Gitlab and BitBucket are supported
Stars: ✭ 246 (-0.81%)
Mutual labels:  aws
Terraform Aws Cognito Auth
Serverless Authentication as a Service (AaaS) provider built on top of AWS Cognito
Stars: ✭ 248 (+0%)
Mutual labels:  aws
Image Super Resolution
🔎 Super-scale your images and run experiments with Residual Dense and Adversarial Networks.
Stars: ✭ 3,293 (+1227.82%)
Mutual labels:  aws
Aws Toolkit Eclipse
AWS Toolkit for Eclipse – an open-source plugin for developing, deploying, and managing AWS applications.
Stars: ✭ 252 (+1.61%)
Mutual labels:  aws
Ec2 Plugin
Jenkins ec2 plugin
Stars: ✭ 246 (-0.81%)
Mutual labels:  aws
Aws Csa 2017
Study Notes for AWS Certified Solutions Architect Associate - 2017
Stars: ✭ 249 (+0.4%)
Mutual labels:  aws
Rdbox
RDBOX is an advanced IT platform for robotics and IoT developers that highly integrates cloud-native and edge computing technologies.
Stars: ✭ 246 (-0.81%)
Mutual labels:  aws
Spacesiren
A honey token manager and alert system for AWS.
Stars: ✭ 247 (-0.4%)
Mutual labels:  aws
Hako
Deploy Docker container
Stars: ✭ 248 (+0%)
Mutual labels:  aws
Glacieruploader
A simple java command line application for Amazon Glacier
Stars: ✭ 245 (-1.21%)
Mutual labels:  aws
Flopnite Ue4
A remake of the popular battle royale game, Fortnite, made in Unreal Engine 4 and integrated with Amazon GameLift
Stars: ✭ 250 (+0.81%)
Mutual labels:  aws
Packer
Packer helpers and templates for Docker, IIS, SQL Server and Visual Studio on Windows and Ubuntu
Stars: ✭ 242 (-2.42%)
Mutual labels:  aws
Aws Elastic Beanstalk Cli Setup
Simplified EB CLI installation mechanism.
Stars: ✭ 244 (-1.61%)
Mutual labels:  aws
Deeplearning Cfn
Distributed Deep Learning on AWS Using CloudFormation (CFN), MXNet and TensorFlow
Stars: ✭ 252 (+1.61%)
Mutual labels:  aws
Infracost
Cloud cost estimates for Terraform in pull requests💰📉 Love your cloud bill!
Stars: ✭ 4,505 (+1716.53%)
Mutual labels:  aws
Engine
Deploy your apps on any Cloud provider in just a few seconds
Stars: ✭ 1,132 (+356.45%)
Mutual labels:  aws

Build Status Coverage Status Go Report Card

Amazon EFS CSI Driver

The Amazon Elastic File System Container Storage Interface (CSI) Driver implements the CSI specification for container orchestrators to manage the lifecycle of Amazon EFS file systems.

CSI Specification Compatibility Matrix

AWS EFS CSI Driver \ CSI Spec Version v0.3.0 v1.1.0 v1.2.0
master branch no no yes
v1.x.x no no yes
v0.3.0 no yes no
v0.2.0 no yes no
v0.1.0 yes no no

Features

Currently only static provisioning is supported. This means an AWS EFS file system needs to be created manually on AWS first. After that it can be mounted inside a container as a volume using the driver.

The following CSI interfaces are implemented:

  • Controller Service: CreateVolume, DeleteVolume, ControllerGetCapabilities, ValidateVolumeCapabilities
  • Node Service: NodePublishVolume, NodeUnpublishVolume, NodeGetCapabilities, NodeGetInfo, NodeGetId, NodeGetVolumeStats
  • Identity Service: GetPluginInfo, GetPluginCapabilities, Probe

CreateVolume Parameters

Parameters Values Default Optional Description
provisioningMode efs-ap false Type of volume provisioned by efs. Currently, Access Points are supported.
fileSystemId false File System under which access points are created.
directoryPerms false Directory permissions for Access Point root directory creation.
gidRangeStart 50000 true Start range of the POSIX group Id to be applied for Access Point root directory creation.
gidRangeEnd 7000000 true End range of the POSIX group Id.
basePath true Path under which access points for dynamic provisioning is created. If this parameter is not specified, access points are created under the root directory of the file system

Notes:

  • Custom Posix group Id range for Access Point root directory must include both gidRangeStart and gidRangeEnd parameters.
  • When using a custom Posix group ID range, there is a possibility for the driver to run out of available POSIX group Ids. We suggest ensuring custom group ID range is large enough or create a new storage class with a new file system to provision additional volumes.

Encryption In Transit

One of the advantages of using EFS is that it provides encryption in transit support using TLS. Using encryption in transit, data will be encrypted during its transition over the network to the EFS service. This provides an extra layer of defence-in-depth for applications that requires strict security compliance.

Encryption in transit is enabled by default in the master branch version of the driver. To disable it and mount volumes using plain NFSv4, set volumeAttributes field encryptInTransit to "false" in your persistent volume manifest. For an example manifest, see Encryption in Transit Example.

Note Kubernetes version 1.13+ is required if you are using this feature in Kubernetes.

EFS CSI Driver on Kubernetes

The following sections are Kubernetes specific. If you are a Kubernetes user, use this for driver features, installation steps and examples.

Kubernetes Version Compability Matrix

AWS EFS CSI Driver \ Kubernetes Version maturity v1.11 v1.12 v1.13 v1.14 v1.15 v1.16 v1.17+
master branch GA no no no no no no yes
v1.1.x GA no no no yes yes yes yes
v1.0.x GA no no no yes yes yes yes
v0.3.0 beta no no no yes yes yes yes
v0.2.0 beta no no no yes yes yes yes
v0.1.0 alpha yes yes yes no no no no

Container Images

EFS CSI Driver Version Image
master branch amazon/aws-efs-csi-driver:master
v1.1.1 amazon/aws-efs-csi-driver:v1.1.1
v1.1.0 amazon/aws-efs-csi-driver:v1.1.0
v1.0.0 amazon/aws-efs-csi-driver:v1.0.0
v0.3.0 amazon/aws-efs-csi-driver:v0.3.0
v0.2.0 amazon/aws-efs-csi-driver:v0.2.0
v0.1.0 amazon/aws-efs-csi-driver:v0.1.0

Features

  • Static provisioning - EFS file system needs to be created manually first, then it could be mounted inside container as a persistent volume (PV) using the driver.
  • Dynamic provisioning - Uses a persistent volume claim (PVC) to dynamically provision a persistent volume (PV). On Creating a PVC, kuberenetes requests EFS to create an Access Point in a file system which will be used to mount the PV.
  • Mount Options - Mount options can be specified in the persistent volume (PV) to define how the volume should be mounted.
  • Encryption of data in transit - EFS file systems are mounted with encryption in transit enabled by default in the master branch version of the driver.

Notes:

  • Since EFS is an elastic file system it doesn't really enforce any file system capacity. The actual storage capacity value in persistent volume and persistent volume claim is not used when creating the file system. However, since the storage capacity is a required field by Kubernetes, you must specify the value and you can use any valid value for the capacity.

Installation

Set up driver permission:

The driver requires IAM permission to talk to Amazon EFS to manage the volume on user's behalf. There are several methods to grant driver IAM permission:

Deploy the driver:

If you want to deploy the stable driver:

kubectl apply -k "github.com/kubernetes-sigs/aws-efs-csi-driver/deploy/kubernetes/overlays/stable/?ref=release-1.1"

If you want to deploy the development driver:

kubectl apply -k "github.com/kubernetes-sigs/aws-efs-csi-driver/deploy/kubernetes/overlays/dev/?ref=master"

Alternatively, you could also install the driver using helm:

helm repo add aws-efs-csi-driver https://kubernetes-sigs.github.io/aws-efs-csi-driver/
helm repo update
helm upgrade --install aws-efs-csi-driver --namespace kube-system aws-efs-csi-driver/aws-efs-csi-driver

Examples

Before the example, you need to:

  • Get yourself familiar with how to setup Kubernetes on AWS and how to create EFS file system.
  • When creating EFS file system, make sure it is accessible from Kubernetes cluster. This can be achieved by creating the file system inside the same VPC as Kubernetes cluster or using VPC peering.
  • Install EFS CSI driver following the Installation steps.

Example links

Development

Please go through CSI Spec and Kubernetes CSI Developer Documentation to get some basic understanding of CSI driver before you start.

Requirements

  • Golang 1.13.4+

Dependency

Dependencies are managed through go module. To build the project, first turn on go mod using export GO111MODULE=on, to build the project run: make

Testing

To execute all unit tests, run: make test

License

This library is licensed under the Apache 2.0 License.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].