Configuring Persistent Volume for Storing Configuration, Logs, Settings and License Policies

A Persistent Volume (PV) is a piece of storage in the cluster that is provisioned by administrators or is dynamically provisioned using Storage Classes.

Creating a Persistent Volume on the Kubernetes Cluster

The best practice is to use the following commands to create a Persistent Volume (PV):
  • kubectl apply -f storage-class.yaml
  • kubectl apply -f pv.yaml
  • kubectl apply -f pvc.yaml
It is recommended to use Filestore as the Persistent Volume.
To check whether the Persistent Volume (PV) is created successfully, use the following command for Kubernetes:
kubectl get pv
A Persistent Volume of type GCP Filestore for SPE GCP Connector.
The following storage-class.yaml and pv.yaml structure should be used to create the Persistent Volume:
  • Replace VOLUME-HANDLE :- "modeInstance/<zone>/>filestore-name>/<fileshre-name>" FILESHARE-IP : 10.xx.xxx.xx FILESHARE-NAME : spegcpfileshare </codeblock> </li>
  • storage-class-filestore.yaml apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: name: spe-storage provisioner: filestore.csi.storage.gke.io volumeBindingMode: Immediate allowVolumeExpansion: true parameters: tier: standard network: default
  • pv.yaml apiVersion: v1 kind: PersistentVolume metadata: name: spe-volume spec: storageClassName: "spe-storage" capacity: storage: 10G accessModes: - ReadWriteMany persistentVolumeReclaimPolicy: Retain volumeMode: Filesystem csi: driver: filestore.csi.storage.gke.io volumeHandle: VOLUME-HANDLE volumeAttributes: ip: FILESHARE-IP volume: FILESHARE-NAME
  • pvc.yaml kind: PersistentVolumeClaim apiVersion: v1 metadata: name: spe-volume spec: accessModes: - ReadWriteMany storageClassName: "spe-storage" volumeName: spe-volume resources: requests: storage: 10G

Configuring Persistent Volume

GCP Blob Connector requires the following input to be configured inside the Persistent Volume as a prerequisite:
  • spe-data
    • license
    • policy
  • agent-data
    • gcp-blob/config
      • gcpconfig.json
      • assets.csv
      • roleArns.csv
Mount PV to create below structure inside Persistent Volume
  • /<mount_point>/spe-data
  • /<mount_point>/agent-data
Sample for the above folder can be found under the Helm Package that is shipped with the GCP SPE Connector. Use a local directory with 777 permissions or appropriate permissions for container.
How do I configure
/<mount_point>/spe-data
?
To configure
/<mount_point>/spe-data
  1. Place the license file inside below path
    /<mount_point>/spe-data/license/
In case you want to modify the policy file, place the scanner policy inside the following path
/<mount_point>/spe-data/policy/
  • You can copy the file from the Helm Package.
How do I configure
/<mount_point>/agent-data
?
Sample files can be found under Helm Package/agent-data. To configure
/<mount_point>/agent-data
  1. Place the
    assets.csv
    file
    inside the below path
    • /<mount_point>/agent-data/gcp-blob/config/
    • You can find more information here - gcp-blob/config/assets.csv.
  2. Place the
    gcpconfig.json
    file
    inside the below path
    • /<mount_point>/agent-data/gcp-blob/config/
    • You can find more information here - gcp-blob/config/gcbconfig.json