Do you care about storage? Sure you do! Who doesn’t? It’s the hottest thing hitting the container scene right now. We’ve been talking about it for years now but the greatest question to answer is if you don’t have the flexibility to move the apps you want to containers, then what’s the point? Storage is one of the last elements needed to having a ubiquitous cloud-native experience. The focus in this release is on adding depth to existing features versus adding new features so let’s see what’s new in Kubernetes 1.8.

Alpha Features

Have you ever created a persistent volume (PV) and realized the app is going to outgrow it sooner than anticipated? Now there is added support for resizing PVs. As an alpha feature, Admins must set the feature gate ExpandPersistentVolumes to true to enable resizing. Enabling the PersistentVolumeClaimResize admission plug-in is recommended to prevent resizing of all claims by default unless a claims StorageClass explicitly enables resizing by setting allowVolumeExpansion to true. Once both feature gate and admission plug-ins are turned on, a user can request larger volumes for their PersistentVolumeClaim by simply editing the claim and requesting bigger size. This will trigger the expansion of the volume that is backing the underlying PersistentVolume.

yaml
 kind: StorageClass
 apiVersion: storage.k8s.io/v1
 metadata:
   name: standard
 provisioner: kubernetes.io/scaleio
 parameters:
   gateway: https://192.168.50.11:8443/api
   system: cluster1
   protectionDomain: pdomain
   storagePool: pool1
   secretRef: scaleio-secret
 allowVolumeExpansion: true

Having the ability to snapshot your storage allows capabilities such as back up, disaster recovery, cloning volumes to mount to other hosts, etc. This feature adds code for the volume snapshot support. It exposes the ability in the Kubernetes API to create, list, delete, and restore snapshots from underlying storage systems that support it. This feature is something that many administrators ask for and it will take time for the respective storage platforms to update their code to take advantage of this new feature.

Back in Kubernetes 1.7 we talked about support for local storage and #362 adds storage as allocatable resource. Of course, local storage has plenty of drawbacks that you don’t get from centralized but having this resource be allocated and viewable helps those in need of it.

Daemon Sets ensure a pod runs on every node (or specified set of nodes) in a cluster. Feature #377 improves Flexvolume deployment by using DaemonSets and allows drivers to be discovered automatically rather than only at kubelet or controller manager initialization. However, as we’ve mentioned before on the blog, Flexvolumes have limited capabilities in regard to full volume lifecycle.

Volume plugins are currently embedded into the native Kubernetes code or use the FlexVolume interface. Docker has a concept of managed volume plugins that requires running the plugin in a container. #432 enables a container to mount a volume rshared so it allows sharing of volumes mounted by a container in a Pod to other containers in the Pod or even to other Pods on the same node. This will enable the containerization of volume plugins.

Beta Features

Reclaim policies are typically set on PVs to either clean up the volume after the object has been deleted in Kubernetes or keep it on the back end storage system. Until #352 this wasn’t available as a part of dynamically provisioned PVs and now they can be configured. The administrator should configure the StorageClass according to user’s expectations, otherwise the PV must be edited or patched after it is created.

yaml
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
 name: standard
provisioner: kubernetes.io/scaleio
parameters:
 gateway: https://192.168.50.11:8443/api
 system: cluster1
 protectionDomain: pdomain
 storagePool: pool1
 secretRef: scaleio-secret
reclaimPolicy: Retain
mountOptions:
 - debug

Metrics can make or break how easy it is to troubleshoot in an extreme situation. Pod volume stats tracked by kubelet do not currently include any information about the PVC if the pod volume was referenced via a PVC. This prevents exposing volume metrics labeled by PVC name. With #363 and #349 (now in Stable) storage operation metrics are exposed to end users within PVCs.

Stable

Mount options have now been added as a stable feature. Examples are NFS’s TCP mode, versions, lock mode, caching mode; SMB’s version, locking, id mapping; and more if the platform is supported. Checkout the docs to learn more.

ScaleIO Updates

{code} is responsible for contributing the ScaleIO storage driver to Kubernetes and here are some of the newest implementations for anyone wanting to run on-premises.

The followings are updates for 1.8 (also backported to 1.7):

  • Enforce fsGroup ownership. The fsGroup volume attribute created a bug that made it impossible to set the proper group ownership of mounted volume path
  • Enabled multimap support. A volume can be mapped to multiple hosts using the ReadOnlyMany attribute. Although not a common requirement, ReadOnlyMany support allows multiple pods on multiple hosts to share the same data source. Although ScaleIO supports multiple hosts to write to volumes, the file system utilized must be capable of such functionality. If using standard filesystems like XFS or ext4, multi-mapping with read-write access enabled can and will most likely lead to corrupted data.
  • Tighter validation of StorageClass ScaleIO parameters by removing default values for storagePool and protectionDomain.
  • Default volume size has been set to sensible default. An 8GB volume will be created if a non-zero value provided that is less than 8GB. ScaleIO volumes support a multiple of 8GB, therefore 8GB is the minimum volume size.
  • Naming enhancement of PersistentVolumes when using dynamic provisioning for easier identification of volumes on a ScaleIO system

Updates for 1.8 only

  • Ability to specify ScaleIO SDC GUID using node labels, making the plugin easier to containerize. This avoids reliance on the drv_cfg binary and only uses binary if the node was not labeled.