Introduction to Red Hat OpenShift Service on AWS (ROSA)
Connect applications to the EBS volume types that match their cost and performance requirements.
Developers request storage for their applications by creating Kubernetes persistent volume claim (PVC) resources. The main parameters of a PVC are the size and the access mode.
As a developer, you do not know the exact details of the storage infrastructure. The cluster administrators manage that infrastructure, which might be composed of several technologies, such as different types of Amazon Elastic Block Store (EBS) volumes. Administrators expose these different storage solutions through storage classes so that developers can select the suitable storage class in their PVCs.
The Red Hat OpenShift on AWS (ROSA) cluster creation process automatically creates storage classes for some EBS volume types.
You can list the available storage classes on your cluster by running the oc get StorageClass or oc get sc commands.
$ oc get sc
NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ...
gp2 kubernetes.io/aws-ebs Delete WaitForFirstConsumer ...
gp2-csi ebs.csi.aws.com Delete WaitForFirstConsumer ...
gp3 (default) ebs.csi.aws.com Delete WaitForFirstConsumer ...
gp3-csi ebs.csi.aws.com Delete WaitForFirstConsumer ...The following storage classes are available in a ROSA cluster:
- gp2 and gp2-csi
These storage classes provision volumes from the
gp2General Purpose version 2 EBS volume type. Thegp2EBS type uses SSD volumes.- gp3 and gp3-csi
These storage classes provision volumes from the
gp3latest generation of General Purpose EBS volume type. Thegp3EBS type uses SSD volumes. It provides better throughput thangp2volumes, and it is less expensive. OpenShift uses thegp3storage class by default, when the developer's PVC resource does not explicitly specify a storage class.
Note
ROSA exposes the gp2 EBS volume types as two storage classes: gp2 and gp2-csi.
The *-csi storage classes use Container Storage Interface (CSI) plug-ins to provision storage.
With the CSI open standard, storage vendors can provide plug-ins for their storage solutions.
In future ROSA releases, the storage classes that use CSI plug-in will replace the legacy non-CSI classes.
For the gp3 EBS volumes, the gp3 storage class already uses the CSI plug-in.
Thus, the gp3 and gp3-csi classes are the same.
OpenShift defines both classes for compatibility with earlier versions.
Some workloads require more specialized storage from EBS than the general-purpose types.
For example, I/O-intensive workloads, such as database systems, might benefit from the io2 EBS volume type.
Batch workloads that compute large cold data sets might use the cheaper sc1 EBS volume type, which uses slower hard disk drives (HDDs).
Note
Some EBS volume types might not be available in your AWS Region. Review the Amazon documentation to verify that the type you plan to use is available in your region.
Or try to create a volume in dry mode to verify that you can use the volume type in your availability zone.
The following command shows that the io2 EBS volume type is available in the us-east-1a availability zone.
$aws ec2 create-volume --dry-run --volume-type io2 --size 20 --iops 1000--availability-zone us-east-1aAn error occurred (DryRunOperation) when calling the CreateVolume operation:Request would have succeeded, but DryRun flag is set.
The following command shows that the io2 EBS volume type is not available in the sa-east-1a availability zone.
$aws ec2 create-volume --dry-run --volume-type io2 --size 20 --iops 1000--availability-zone sa-east-1aAn error occurred (UnknownVolumeType) when calling the CreateVolume operation:Unsupported volume type 'io2' for volume creation.
To use the EBS volume types with your workloads, you must expose them as storage classes in your cluster.
The EBS CSI plug-in supports all the EBS volume types.
The following file declares a storage class resource that developers can use to provision io2 EBS volumes:
apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: name: io2-csi provisioner: ebs.csi.aws.comvolumeBindingMode: WaitForFirstConsumer
allowVolumeExpansion: true parameters: csi.storage.k8s.io/fstype: ext4
type: io2
iops: "32000"
encrypted: "true"
| Name of the CSI plug-in.
For EBS volumes, always set the name to |
| OpenShift provisions the volume with EBS only after it creates the pod that declares the PVC. With this configuration, OpenShift creates the EBS volume in the same availability zone as the pod. |
| File system that the CSI plug-in uses to format the volume. |
| Name of the EBS volume type. |
| The maximum number of I/O operations per second (IOPS) that the volume must provide.
That option is valid only for |
| EBS encrypts the data in the volume. |
You must set the volumeBindingMode parameter to WaitForFirstConsumer.
An EBS volume is bound to an availability zone, and is only accessible from nodes in that zone.
If OpenShift were to provision the volume before creating the pod, then it would not know on which availability zone the pod will run.
When you create a ROSA cluster, you can configure it to span multiple availability zones. Red Hat recommends this configuration for production clusters. However, EBS volumes are bound to a single availability zone, and Amazon does not replicate them to the other availability zones. In case of the failure of an entire availability zone, OpenShift cannot move the pods that use EBS volumes from the failing zone.
The iops parameter is valid only for io1, io2 and gp3 EBS volume types.
Instead of the iops parameter, you can use the iopsPerGB parameter, which specifies the maximum number of I/O operations per second per GiB.
For EBS volumes, storage size and IOPS scale together. In other words, larger volumes get better IOPS performances.
For example, Amazon sets the maximum performance for the io1 volume type to 50 IOPS per GiB.
A 4 GiB io1 volume has a limit of 200 IOPS (50 x 4), whereas a 1 TiB volume has a limit of 51,200 IOPS (50 x 1024).
In some case, to achieve your required IOPS performance, you might have to assign more space than you need.
Creating storage classes requires cluster administrator permissions. The dedicated administrator permissions are not enough.
Note
To optimize volume performances, Amazon recommends that you use an Amazon Elastic Compute Cloud (Amazon EC2) instance type that is optimized for EBS. The Storage Optimized EC2 instance types, such as the i3 instance family, improve I/O and sequential read throughput performances.
Creating a machine pool to select an EC2 instance type for a group of compute nodes is covered in a later section of this course.
The following example declares a PVC that uses the preceding storage class to request a 128 GiB io2 EBS volume:
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: dbdata
spec:
storageClassName: io2-csi
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 128GiYou can use the AWS Management Console or the aws command to inspect the resulting EBS volume that OpenShift creates from this claim.
In the volume in EBS, the kubernetes.io/created-for/pvc/name tag is set to the name of the PVC.
Add the --filter option to the aws command to filter the EBS volumes by this tag.
The following command displays the parameters of the EBS volume that OpenShift creates from the dbdata PVC:
$aws ec2 describe-volumes--filters "Name=tag:kubernetes.io/created-for/pvc/name,Values=dbdata"{ "Volumes": [ { ...output omitted..."Size": 128, "SnapshotId": "", "State": "in-use", "VolumeId": "vol-0b0102de7640bb98a","Iops": 32000, "Tags": [ { "Key": "CSIVolumeName", "Value": "pvc-fd7869ad-8d12-4683-8bd4-87217b306e59" }, { "Key": "kubernetes.io/created-for/pvc/name", "Value": "dbdata" }, ...output omitted... ],"VolumeType": "io2", "MultiAttachEnabled": false } ] }
EBS volumes are used not only as persistent volume resources for OpenShift, but also as disks for the OpenShift nodes.
All the nodes in a ROSA cluster use the gp3 EBS volume types for their disks.
ROSA does not allow you to choose a different volume type, even for compute nodes that you create through ROSA machine pools.
In contrast to ROSA clusters, you can select the volume types for your nodes when you deploy a self-managed OpenShift cluster on AWS.
On those cluster, you specify the EBS volume type in the install-config.yaml installation configuration file.
For large self-managed OpenShift clusters, a common need is to use the io2 EBS volume type for the I/O-intensive etcd store that runs on the control plane nodes.
References
For more information about EBS volumes in ROSA clusters, refer to the Configuring Persistent Storage chapter in the Red Hat OpenShift Service on AWS 4 Storage documentation at https://access.redhat.com/documentation/en-us/red_hat_openshift_service_on_aws/4/html-single/storage/index#configuring-persistent-storage
For more information about creating storage classes, refer to the Post-installation Storage Configuration chapter in the Red Hat OpenShift Container Platform 4.12 Post-installation Configuration documentation at https://access.redhat.com/documentation/en-us/openshift_container_platform/4.12/html-single/post-installation_configuration/index#post-install-storage-configuration
For more information about installing a self-manager OpenShift cluster on AWS, refer to the Installing a Cluster on AWS with Customizations section in the Installing on AWS chapter in the Red Hat OpenShift Container Platform 4.12 Installing documentation at https://access.redhat.com/documentation/en-us/openshift_container_platform/4.12/html-single/installing/index#installing-aws-customizations