Configure an Azure File StorageClass (preview)

In this article, learn how to configure an Azure File StorageClass.

The Azure File Container Storage Interface (CSI) driver has a dependency on shared access keys. The default Azure File StorageClass is disabled in clusters with managed identity enabled by default and is optional to turn on for your cluster. If you want to use Azure File in Azure Red Hat OpenShift, you need to create your own storageclass that uses shared keys to access the backing storage.

To use the Azure File in Azure Red Hat OpenShift, create a storage class with parameters tag and matchTags. The driver creates a new storage account for use with shared key access enabled. These parameters are required. If the operator attempts to use the existing cluster storage accounts for backing storage, it fails because the shared key access isn't enabled.

For more information, see Create an Azure Files StorageClass on Azure Red Hat OpenShift.

Create a file for the Azure File StorageClass manifest containing the following:

kind: StorageClass 
apiVersion: storage.k8s.io/v1 
metadata: 
  name: azure-file 
provisioner: file.csi.azure.com 
mountOptions: 
  - dir_mode=0777 
  - file_mode=0777 
  - uid=0 
  - gid=0 
  - mfsymlinks 
  - cache=strict 
  - actimeo=30 
  - noperm 
parameters: 
  location: $LOCATION 
  secretNamespace: kube-system 
  skuName: Standard_LRS 
  resourceGroup: $AZURE_FILES_RESOURCE_GROUP 
  tags: $TAG # must match key=value format
  matchTags: "true"
reclaimPolicy: Delete 
volumeBindingMode: Immediate

Create the storage class. Run:

oc create -f azure-storageclass-azure-file.yaml

Next steps

• Learn more about managed identities.
• Create an Azure Red Had OpenShift cluster with managed identities.