| title | description |
|---|---|
AWS EKS EFS Dynamic Provisioning with Terraform |
Learn to Automate AWS EKS Kubernetes EFS Dynamic Provisioning with Terraform |
- Implement and Test EFS Dynamic Provisioning Usecase
- Project Folder: 03-efs-dynamic-prov-terraform-manifests
- c1-versions.tf
- c2-remote-state-datasource.tf
- c3-providers.tf
- c4-01-efs-resource.tf
- Project Folder: 03-efs-dynamic-prov-terraform-manifests
# Resource: Kubernetes Storage Class
resource "kubernetes_storage_class_v1" "efs_sc" {
metadata {
name = "efs-sc"
}
storage_provisioner = "efs.csi.aws.com"
parameters = {
provisioningMode = "efs-ap"
fileSystemId = aws_efs_file_system.efs_file_system.id
directoryPerms = "700"
gidRangeStart = "1000" # optional
gidRangeEnd = "2000" # optional
basePath = "/dynamic_provisioning" # optional
}
}- Project Folder: 03-efs-dynamic-prov-terraform-manifests
- c4-03-persistent-volume-claim.tf
- c5-write-to-efs-pod.tf
- c6-01-myapp1-deployment.tf
- c6-02-myapp1-loadbalancer-service.tf
- c6-03-myapp1-network-loadbalancer-service.tf
# Change Directory
cd 03-efs-dynamic-prov-terraform-manifests
# Terraform Initialize
terraform init
# Terraform Validate
terraform validate
# Terraform Plan
terraform plan
# Terraform Apply
terraform apply -auto-approve# Verify Storage Class
kubectl get sc
# Verify PVC (Persistent Volume Claim)
kubectl get pvc
# Verify PV (Persistent Volume)
kubectl get pv# Verify EFS File System
Go to Services -> EFS -> File Systems -> efs-demo
# Verify Mount Targets
Go to Services -> EFS -> File Systems -> efs-demo -> Network Tab
# Verify Network Interfaces
Go to Services -> EC2 -> Network & Security -> Network Interfaces -> GET THE ENI ID from Mount Targets
# Security Groups
Go to Services -> EC2 -> Network & Security -> Security Groups -> hr-dev-efs-allow-nfs-from-eks-vpc# efs-write-app - Connect to Kubernetes Pod
kubectl exec --stdin --tty <POD-NAME> -- /bin/sh
kubectl exec --stdin --tty efs-write-app -- /bin/sh
cd /data
ls
tail -f efs-dynamic.txt# List Pods
kubectl get pods
# myapp1 POD1 - Connect to Kubernetes Pod
kubectl exec --stdin --tty <POD-NAME> -- /bin/sh
kubectl exec --stdin --tty myapp1-667d8656cc-2x824 -- /bin/sh
cd /usr/share/nginx/html/efs
ls
tail -f efs-dynamic.txt
# myapp1 POD2 - Connect to Kubernetes Pod
kubectl exec --stdin --tty <POD-NAME> -- /bin/sh
kubectl exec --stdin --tty myapp1-667d8656cc-bg8bg -- /bin/sh
cd /usr/share/nginx/html/efs
ls
tail -f efs-dynamic.txt# Access Application
http://<CLB-DNS-URL>/efs/efs-dynamic.txt
http://<NLB-DNS-URL>/efs/efs-dynamic.txt# Change Directory
cd 03-efs-dynamic-prov-terraform-manifests
# Destroy Resources
terraform apply -destroy -auto-approve
rm -rf .terraform*- Destroy the Terraform Projects in below two folders
- Terraform Project Folder: 01-ekscluster-terraform-manifests
- Terraform Project Folder: 02-efs-install-terraform-manifests
- We are going to use them for all upcoming Usecases.
- Destroy Resorces Order
- 02-efs-install-terraform-manifests
- 01-ekscluster-terraform-manifests
##############################################################
## Delete EFS CSI Driver
# Change Directory
cd 02-efs-install-terraform-manifests
# Terraform Destroy
terraform init
terraform apply -destroy -auto-approve
##############################################################
## Destroy EKS Cluster
# Change Directroy
cd 01-ekscluster-terraform-manifests
# Terraform Destroy
terraform init
terraform apply -destroy -auto-approve
##############################################################