Provision a dual-protocol volume in Azure Kubernetes Service
This section describes how to expose an Azure NetApp Files dual-protocol volume statically to Kubernetes. Instructions are provided for both SMB and NFS protocols. You can expose the same volume via SMB to Windows worker nodes and via NFS to Linux worker nodes.
Create a file named pv-nfs.yaml and copy in the following YAML. Make sure the server matches the output IP address from the previous step, and the path matches the output from creationToken above. The capacity must also match the volume size from Step 2.
Create the persistent volume using the kubectl apply command:
kubectl apply -f pv-nfs.yaml
Verify the status of the persistent volume is Available by using the kubectl describe command:
kubectl describe pv pv-nfs
Create a persistent volume claim for NFS
Create a file named pvc-nfs.yaml and copy in the following YAML. This manifest creates a PVC named pvc-nfs for 100Gi storage and ReadWriteMany access mode, matching the PV you created.
Verify the pod is Running by using the kubectl apply command:
kubectl describe pod nginx-nfs
Verify your volume has been mounted on the pod by using kubectl exec to connect to the pod, and then use df -h to check if the volume is mounted.
kubectl exec -it nginx-nfs -- sh
/ # df -h
Filesystem Size Used Avail Use% Mounted on
...
10.0.0.4:/myfilepath2 100T 384K 100T 1% /mnt/azure
...
Create a secret with the domain credentials
Create a secret on your AKS cluster to access the AD server using the kubectl create secret command. This secret will be used by the Kubernetes persistent volume to access the Azure NetApp Files SMB volume. Use the following command to create the secret, replacing USERNAME with your username, PASSWORD with your password, and DOMAIN_NAME with your Active Directory domain name.
Create a file named pv-smb.yaml and copy in the following YAML. If necessary, replace myvolname with the creationToken and replace ANF-1be3.contoso.com\myvolname with the value of smbServerFqdn from the previous step. Be sure to include your AD credentials secret along with the namespace where it's located that you created in a prior step.
apiVersion: v1
kind: PersistentVolume
metadata:
name: anf-pv-smb
spec:
storageClassName: ""
capacity:
storage: 100Gi
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Retain
mountOptions:
- dir_mode=0777
- file_mode=0777
- vers=3.0
csi:
driver: smb.csi.k8s.io
readOnly: false
volumeHandle: myvolname # make sure it's a unique name in the cluster
volumeAttributes:
source: \\ANF-1be3.contoso.com\myvolname
nodeStageSecretRef:
name: smbcreds
namespace: default
Create the persistent volume using the kubectl apply command:
kubectl apply -f pv-smb.yaml
Verify the status of the persistent volume is Available using the kubectl describe command:
kubectl describe pv anf-pv-smb
Create a persistent volume claim for SMB
Create a file name pvc-smb.yaml and copy in the following YAML.
Create the persistent volume claim using the kubectl apply command:
kubectl apply -f pvc-smb.yaml
Verify the status of the persistent volume claim is Bound by using the kubectl describe command:
kubectl describe pvc anf-pvc-smb
Mount within a pod using SMB
Create a file named iis-smb.yaml and copy in the following YAML. This file will be used to create an Internet Information Services pod to mount the volume to path /inetpub/wwwroot.
Verify your volume has been mounted on the pod by using the kubectl exec command to connect to the pod. Then use the dir command in the correct directory to check if the volume is mounted and the size matches the size of the volume you provisioned.
kubectl exec -it iis-pod –- cmd.exe
The output of the command resembles the following example:
Microsoft Windows [Version 10.0.20348.1668]
(c) Microsoft Corporation. All rights reserved.
C:\>cd /inetpub/wwwroot
C:\inetpub\wwwroot>dir
Volume in drive C has no label.
Volume Serial Number is 86BB-AA55
Directory of C:\inetpub\wwwroot
05/04/2023 08:15 PM <DIR> .
05/04/2023 08:15 PM <DIR> ..
0 File(s) 0 bytes
2 Dir(s) 107,373,838,336 bytes free
Next steps
Astra Trident supports many features with Azure NetApp Files. For more information, see: