Container Storage Interface for S3 (CSI) enables you to dynamically reserve buckets of S3-compatible storages and mount them in cluster pods as Kubernetes persistent volumes (PersistentVolume). The connection is made using the FUSE implementation of the GeeseFS file system.
CSI can be used to work with Yandex Object Storage and other S3 object storage providers.
-
Create a service account with the
storage.editor
role. -
Create a static access key for the service account. Save the key ID and secret key, you will need them later.
-
(Optional) To make new volumes fit into a single bucket with different prefixes, create an Object Storage bucket. Save the bucket name, you will need it during the next step. Skip this step if you need to create a separate bucket for each volume.
-
Configure CSI:
- Namespace: Select the
kube-system
namespace. - Application name: Specify the application name, e.g.,
csi-s3
. - Create storage class: Select this option to create a new storage class when deploying the application.
- Create secret: Select this option to create a new secret when installing the application.
- S3 key ID: Copy the service account key ID into this field.
- S3 secret key: Copy the service account secret key into this field.
- General S3 bucket for volumes: Specify the name of the general bucket where dynamically allocated volumes will be created. For CSI to create a new bucket for each volume, leave this field blank.
- S3 service address: The address of the S3 service to be used by the application. The default address is
https://storage.yandexcloud.net
. - GeeseFS mounting options: Mounting options for GeeseFS. For a complete list of options, see the GeeseFS documentation.
- Volume cleanup policy: Select the policy to clean up PersistentVolumes when deleting PersistentVolumeClaims:
- Retain: Retain a volume.
- Delete: Delete a volume.
- Storage class name: If you previously selected the Create storage class option, specify the name of the new storage class.
- Secret name: If you previously selected the Create secret option, specify the name of the new secret to be created for the storage class. Otherwise, specify the name of the existing secret to be used for the storage class.
- Ignore all taints: Select this option for the CSI driver that mounts a file system on nodes to ignore any taint policies set for the cluster nodes.
- Namespace: Select the
-
Click Install.
-
Wait for the application to change its status to
Deployed
.
- Mounting object storage buckets as Kubernetes persistent volumes.
- Automatic bucket creation and connection as persistent volumes.
Yandex Cloud technical support is available to respond to requests 24 hours a day, 7 days a week. The types of requests handled and the relevant response times depend on your pricing plan. You can activate paid support in the management console. Learn more about requesting technical support.
Helm chart | Version | Pull-command | Documentation |
---|---|---|---|
yandex-cloud/csi-s3/csi-s3 | 0.42.1 | Open |
Docker image | Version | Pull-command |
---|---|---|
yandex-cloud/csi-s3/csi-node-driver-registrar1731688358770397682609004996982070545465802304702 | v1.2.0 | |
yandex-cloud/csi-s3/csi-provisioner1731688358770397682609004996982070545465802304702 | v2.1.0 | |
yandex-cloud/csi-s3/csi-s3-driver1731688358770397682609004996982070545465802304702 | 0.42.1 |