OpenShift Origin supports Azure File volumes. You can provision your OpenShift Origin cluster with persistent storage using Azure. Some familiarity with Kubernetes and Azure is assumed.

High availability of storage in the infrastructure is left to the underlying storage provider.

Creating the Persistent Volume

Azure File does not support the Recycle recycling policy.

Creating the Azure Storage Account Secret

Define the Azure Storage Account name and key in a secret configuration, which is then converted to base64 for use by OpenShift Origin.

  1. Obtain an Azure Storage Account name and key and encode to base64:

    apiVersion: v1
    kind: Secret
      name: azure-secret
    type: Opaque
      azurestorageaccountname: azhzdGVzdA==
      azurestorageaccountkey: eElGMXpKYm5ub2pGTE1Ta0JwNTBteDAyckhzTUsyc2pVN21GdDRMMTNob0I3ZHJBYUo4akQ2K0E0NDNqSm9nVjd5MkZVT2hRQ1dQbU02WWFOSHk3cWc9PQ==
  2. Save the secret definition to a file, for example azure-secret.yaml, then create the secret:

    $ oc create -f azure-secret.yaml
  3. Verify that the secret was created:

    # oc get secret azure-secret
    NAME          TYPE      DATA      AGE
    azure-secret   Opaque    1         23d

You must define your persistent volume in an object definition before creating it in OpenShift Origin:

Persistent Volume Object Definition Using Azure File
apiVersion: "v1"
kind: "PersistentVolume"
  name: "pv0001" (1)
    storage: "5120Gi" (2)
    - "ReadWriteMany"
  azureFile: (3)
    secretName: azure-secret (4)
    shareName: example (5)
    readOnly: false  (6)
1 The name of the volume. This will be how it is identified via persistent volume claims or from pods.
2 The amount of storage allocated to this volume.
3 This defines the volume type being used: azureFile plug-in.
4 The name of the secret used.
5 The name of the file share.
6 Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

Now you can request storage using persistent volume claims, which can now use your new persistent volume.

Persistent volume claims only exist in the user’s namespace and can only be referenced by a pod within that same namespace. Any attempt to access a persistent volume from a different namespace causes the pod to fail.