Yet Another Containerized Mounter for Kubernetes

Not all OSes that run Kubernetes have filesystem mount binaries installed. This gives a reason to come with a solution to package these mount binaries somewhere so Kubernetes to find and run these binaries to mount the filesystems on the host.

Previously I tried to containerize mount binaries and dynamically create a Pod inside kubelet (i.e. so called sidcar container). This works fine but it creates another problem: how to manage the mount Pod’s lifecycle if the mount is a long running process (i.e. FUSE).

Inspired by a recent Kubernetes Storage SIG meeting, I experimented DaemonSet-initiated containerized mount. The flow can be found here.

The experimental code can be found at my repo. The components are:

  • Use Docker 1.10+ to get the mount namespace propagation feature.
  • Update docker systemd unit file so MountFlags is rshared or use a hack
  • Make sure kubelet support privileged containers.
  • A DaemonSet that provides a RESTful server and execute mount command.  I have a simple container for that job. The container is used in the DaemonSet.
  • A ConfigMap that provides information about how to access the DaemonSet. It is defined here
  • A DaemonSet mounter that implements the mount interface.
  • Making the volume plugin use DaemonSet mounter when no filesystem mount binaries are available.

To use DaemonSet mounter, the DaemonSet and ConfigMap must be created first. I provide a script to illustrate how to use this feature to mount Glusterfs.

Advertisements