Define the Azure Storage Account name and key in a secret configuration, which
is then converted to base64 for use by OpenShift Origin.
-
Obtain an Azure Storage Account name and key and encode to base64:
apiVersion: v1
kind: Secret
metadata:
name: azure-secret
type: Opaque
data:
azurestorageaccountname: azhzdGVzdA==
azurestorageaccountkey: eElGMXpKYm5ub2pGTE1Ta0JwNTBteDAyckhzTUsyc2pVN21GdDRMMTNob0I3ZHJBYUo4akQ2K0E0NDNqSm9nVjd5MkZVT2hRQ1dQbU02WWFOSHk3cWc9PQ==
-
Save the secret definition to a file, for example azure-secret.yaml, then
create the secret:
$ oc create -f azure-secret.yaml
-
Verify that the secret was created:
# oc get secret azure-secret
NAME TYPE DATA AGE
azure-secret Opaque 1 23d
You must define your persistent volume in an object definition before creating
it in OpenShift Origin:
Persistent Volume Object Definition Using Azure File
apiVersion: "v1"
kind: "PersistentVolume"
metadata:
name: "pv0001" (1)
spec:
capacity:
storage: "5120Gi" (2)
accessModes:
- "ReadWriteMany"
azureFile: (3)
secretName: azure-secret (4)
shareName: example (5)
readOnly: false (6)
1 |
The name of the volume. This will be how it is identified via
persistent volume
claims or from pods. |
2 |
The amount of storage allocated to this volume. |
3 |
This defines the volume type being used: azureFile plug-in. |
4 |
The name of the secret used. |
5 |
The name of the file share. |
6 |
Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts . |
|
Persistent volume claims only exist in the user’s namespace and can only be
referenced by a pod within that same namespace. Any attempt to access a
persistent volume from a different namespace causes the pod to fail.
|