Not all OSes that run Kubernetes have filesystem mount binaries installed. This gives a reason to come with a solution to package these mount binaries somewhere so Kubernetes to find and run these binaries to mount the filesystems on the host.
Previously I tried to containerize mount binaries and dynamically create a Pod inside kubelet (i.e. so called sidcar container). This works fine but it creates another problem: how to manage the mount Pod’s lifecycle if the mount is a long running process (i.e. FUSE).
The experimental code can be found at my repo. The components are:
- Use Docker 1.10+ to get the mount namespace propagation feature.
- Update docker systemd unit file so MountFlags is rshared or use a hack
- Make sure kubelet support privileged containers.
- A DaemonSet that provides a RESTful server and execute mount command. I have a simple container for that job. The container is used in the DaemonSet.
- A ConfigMap that provides information about how to access the DaemonSet. It is defined here
- A DaemonSet mounter that implements the mount interface.
- Making the volume plugin use DaemonSet mounter when no filesystem mount binaries are available.
To use DaemonSet mounter, the DaemonSet and ConfigMap must be created first. I provide a script to illustrate how to use this feature to mount Glusterfs.