This topic describes how to use static OSS volumes.

Directly as volumes

  1. Create an oss-deploy.yaml file with the following content.
    apiVersion: extensions/v1beta1
    kind: Deployment
    metadata:
      name: nginx-oss-deploy
    spec:
      replicas: 1
      template:
        metadata:
          labels:
            app: nginx
        spec:
          containers:
          - name: nginx-flexvolume-oss
            image: nginx
            volumeMounts:
              - name: "oss1"
                mountPath: "/data"
            livenessProbe:
              exec:
                command:
                - sh
                - -c
                - cd /data
              initialDelaySeconds: 30
              periodSeconds: 30
          volumes:
            - name: "oss1"
              flexVolume:
                driver: "alicloud/oss"
                options:
                  bucket: "docker"
                  url: "oss-cn-hangzhou.aliyuncs.com"
                  akId: ***
                  akSecret: ***
                  otherOpts: "-o max_stat_cache_size=0 -o allow_other"
  2. Run the following command to create a Pod:
    kubectl apply -f oss-deploy.yaml

Through PVs and PVCs

  1. Create a PV.
    You can create a PV through the console or by using a YAML file.
    • Create a PV by using a YAML file
      Use the following oss-pv.yaml file to create a PV.
      apiVersion: v1
      kind: PersistentVolume
      metadata:
        name: pv-oss
      spec:
        capacity:
          storage: 5Gi
        accessModes:
          - ReadWriteMany
        storageClassName: oss
        flexVolume:
          driver: "alicloud/oss"
          options:
            bucket: "docker"
            url: "oss-cn-hangzhou.aliyuncs.com"
            akId: ***
            akSecret: ***
            otherOpts: "-o max_stat_cache_size=0 -o allow_other"
    • Create a PV through the console
      1. Log on to the Container Service console.
      2. In the left-side navigation pane, choose Clusters > Persistent Volumes to go to the PVs and PVCs page.
      3. On the Persistent Volumes tab, select a cluster and click Create in the upper-right corner.
      4. Set the parameters in the Create PV dialog box.
        • PV Type: In this example, set the PV type to OSS.
        • Volume Name: The name of the PV. The name must be unique in the cluster. In this example, enter pv-oss.
        • Capacity: The capacity of the PV.
        • Access Mode: Default is ReadWriteMany.
        • AccessKey ID and AccessKey Secret: The AccessKey pair that is used to access Alibaba Cloud OSS.
        • Optional Parameters: You can enter custom parameters in the following format: -o *** -o ***.
        • Bucket ID: The OSS bucket that you want to use. Click Select Bucket. In the dialog box that appears, select the target bucket and click Select.
        • Endpoint. Select Public Endpoint if the selected bucket and ECS instances are located in the same region. Otherwise, select VPC Endpoint if the cluster is deployed in a VPC network or select Internal Endpoint if the cluster is deployed in the classic network.
        • Label: Add labels for the PV.
      5. After the configuration is complete, click Create.
  2. Create a PVC.
    Use the following oss-pvc.yaml file to create a PVC.
    kind: PersistentVolumeClaim
    apiVersion: v1
    metadata:
      name: pvc-oss
    spec:
      storageClassName: oss
      accessModes:
        - ReadWriteMany
      resources:
        requests:
          storage: 5Gi
  3. Create a Pod.
    Use the following oss-deploy.yaml file to create a Pod.
    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: oss-static
      labels:
        app: nginx
    spec:
      replicas: 1
      selector:
        matchLabels:
          app: nginx
      template:
        metadata:
          labels:
            app: nginx
        spec:
          containers:
          - name: nginx
            image: nginx
            ports:
            - containerPort: 80
            volumeMounts:
              - name: pvc-oss
                mountPath: "/data"
            livenessProbe:
              exec:
                command:
                - sh
                - -c
                - cd /data
              initialDelaySeconds: 30
              periodSeconds: 30
            volumes:
            - name: pvc-oss
              persistentVolumeClaim:
                claimName: pvc-oss           

Use your AccessKey through a Secret

  1. Run the following command to create a Secret.
    # kubectl create secret generic osssecret --from-literal=akId='111111' --from-literal=akSecret='2222222' --type=alicloud/oss -n default
    
    akId: Your AccessKey ID;
    akSecret:Your AccessKey secret;
    secret type: Enter alicloud/oss;
    namespace: Specify the namespace where the Pod belongs to.
    osssecret: The name of the secret.
  2. Use the Secret in a PV.
    Use the secretRef field to specify the Secret.
    apiVersion: v1
    kind: PersistentVolume
    metadata:
      name: pv-oss
    spec:
      capacity:
        storage: 5Gi
      accessModes:
        - ReadWriteMany
      storageClassName: oss
      flexVolume:
        driver: "alicloud/oss"
        secretRef:
          name: "osssecret"
        options:
          bucket: "docker"
          url: "oss-cn-hangzhou.aliyuncs.com"
          otherOpts: "-o max_stat_cache_size=0 -o allow_other"
  3. Use the Secret in a Volume.
    Use the secretRef field to specify the Secret.
    apiVersion: extensions/v1beta1
    kind: Deployment
    metadata:
      name: nginx-oss-deploy1
    spec:
      replicas: 3
      template:
        metadata:
          labels:
            app: nginx
        spec:
          containers:
          - name: nginx-flexvolume-oss
            image: nginx
            volumeMounts:
              - name: "oss1"
                mountPath: "/data"
                subPath: "hello"
          volumes:
            - name: "oss1"
              flexVolume:
                driver: "alicloud/oss"
                secretRef:
                  name: "osssecret"
                options:
                  bucket: "aliyun-docker"
                  url: "oss-cn-hangzhou.aliyuncs.com"
                  otherOpts: "-o max_stat_cache_size=0 -o allow_other"
    Note When you use a Secret to configure your AccessKey, the Secret and the corresponding Pod must be in the same namespace.