Storage Flashcards
(26 cards)
Why use storage for applications in AKS?
Applications running in Azure Kubernetes Service (AKS) might need to store and retrieve data. Pods might need to share the same data volumes or reattach data volumes if the pod is rescheduled on a different node.
What are the core concepts for AKS storage?
Volumes
Persistent volumes
Storage classes
Persistent volume claims
What is the definition of ephemeral?
Lasting for a very short time.
What is a volume in AKS?
A volume represents a way to store, retrieve, and persist data across pods and through the application lifecycle.
Kubernetes typically treats individual pods as ephemeral, disposable resources. Applications have different approaches available to them for using and persisting data.
What are the different Data Volumes in Azure?
Azure Disk
Azure Files
Azure NetApp Files
Azure Blobs
What are the different types of DataDisk resources available for Azure Disk?
Premium SSDs (recommended for most workloads)
Ultra disks
Standard SSDs
Standard HDDs
Can Azure Disk be accessible to all Nodes in a cluster?
No. Because an Azure Disk is mounted as ReadWriteOnce, it’s only available to a single node. For storage volumes accessible by pods on multiple nodes simultaneously, use Azure Files.
What are the common kubernetes volume types?
emptyDir
secret
configMap
What is a emptyDir volume type in AKS?
This volume is commonly used as temporary space for a pod. All containers within a pod can access the data on the volume. Data written to this volume type persists only for the lifespan of the pod - when the pod is deleted, the volume is deleted.
What is a secret volume type in AKS?
This volume is used to include sensitive data, such as passwords, into pods. Secrets are only provided to nodes with a scheduled pod that requires it, and the secret is stored in tmpfs, not written to disk. Secrets are stored within a given namespace and can only be accessed by pods within the same namespace.
What is a configMap volume type in AKS?
This volume type is used to inject key-value pair properties into pods, such as application configuration information. This ConfigMap can then be requested when you define a pod or deployment. ConfigMaps are stored within a given namespace and can only be accessed by pods within the same namespace.
What is a Persistent volume in AKS?
A persistent volume is a storage resource created and managed by the Kubernetes API that can exist beyond the lifetime of an individual pod.
What is StatefulSets in Kubernetes?
A StatefulSet runs a group of Pods, and maintains a sticky identity for each of those Pods. This is useful for managing applications that need persistent storage or a stable, unique network identity.
What is the best choice for ReadWriteOnce persistent volume?
You can use AKS disk volumes backed by VHDX that are mounted as ReadWriteOnce and are accessible to a single node at a time.
What is the best choice for ReadWriteMany persistent volume?
You can use AKS file volumes backed by SMB or NFS file shares. These are mounted as ReadWriteMany and are available to multiple nodes concurrently.
How does Kubernetes API know, what needs to be created when a pod request storage and its not available?
If a pod is scheduled and requests storage that is not currently available, Kubernetes can create the underlying VHDX file and then attach it to the pod. Dynamic provisioning uses a StorageClass to identify what type of storage needs to be created.
What are Storage Classes in AKS?
To define different tiers (and location) of storage you can create a StorageClass. The StorageClass also defines the reclaimPolicy.
What is reclaimPolicy in AKS Storage classes?
reclaimPolicy controls the behavior of the underlying storage resource when the pod is deleted and the persistent volume might no longer be required.
In AKS for Azure Local, what is the default storage class?
In AKS Arc, the default storage class is automatically created and uses CSV to create VHDX-backed volumes. The reclaim policy ensures that the underlying VHDX is deleted when the persistent volume that used it is deleted
What is a PersistentVolumeClaim in AKS?
A PersistentVolumeClaim (PVC) is a request for storage by a user. They can requests either ReadWriteOnce or ReadWriteMany storage of a particular StorageClass and size.
A PersistentVolume is bound to a PersistentVolumeClaim once an available storage resource is assigned to the pod requesting it. There is a 1:1 mapping of persistent volumes to claims.
How to secure pod access to mounted volumes?
For your applications to run correctly, pods should run as a defined user or group and not as root. The securityContext for a pod or container lets you define settings such as fsGroup to assume the appropriate permissions on the mounted volumes.
What is fsGroup within the securityContext?
It defines a supplemental group ID that Kubernetes assigns to all processes in the pod, and recursively to the files in mounted volumes. This ensures that the pod has the correct group-level access to shared storage volumes.
What is Container Storage Interface (CSI) in AKS?
The Container Storage Interface (CSI) is a standard for exposing arbitrary block and file storage systems to containerized workloads on Kubernetes. By using CSI, AKS enabled by Arc can write, deploy, and iterate plug-ins to expose new storage systems.
AKS Arc support what two CSI storage drivers?
AKS Arc disks and AKS Arc files
