Implementing Amazon EBS CSI Driver
  • 18 May 2022
  • 2 Minutes to read
  • Contributors
  • Dark
    Light
  • PDF

Implementing Amazon EBS CSI Driver

  • Dark
    Light
  • PDF

Although it is possible to work with in-tree storage drivers, the optimal solution is to use the EBS Container Storage Interface (CSI) driver. This method requires you to give the Kubernetes nodes permission to modify EBS volumes. With this configuration, the CSI driver will automatically supply the EBS disks Sisense needs, or remove the disks if you decide to delete Sisense.

Note

Migration from an already existing Sisense installation is not supported with this implementation of the EBS CSI driver.
First, you need to create an EBS CSI policy. Then, you can attach the new policy to the Sisense node groups. Finally, you edit the Sisense installer-values.yaml file to enable the EBS CSI driver in Sisense.

To create a EBS CSI policy:

  1. Log in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/.
  2. In the navigation pane on the left, select Policies.
  3. Select Create policy.
  4. Choose the JSONtab and enter the following JSON policy. For details about the IAM policy language, see IAM JSON policy reference.
{  
  "Version": "2012-10-17",  
  "Statement": [  
    {    
      "Effect": "Allow",
      "Action": [
          "ec2:AttachVolume",
          "ec2:CreateSnapshot",
          "ec2:CreateTags",
          "ec2:CreateVolume",
          "ec2:DeleteSnapshot",
          "ec2:DeleteTags",
          "ec2:DeleteVolume",
          "ec2:DescribeAvailabilityZones",
          "ec2:DescribeInstances",
          "ec2:DescribeSnapshots",
          "ec2:DescribeTags",
          "ec2:DescribeVolumes",
          "ec2:DescribeVolumesModifications",
          "ec2:DetachVolume",
          "ec2:ModifyVolume"
       ],
      "Resource": "*"
  }
 ]
}
  1. Choose Review policy and the Policy Validator reports any syntax errors.
  2. On the Review policy page, enter a Name and an (optional) Description for the policy. It is recommended that the policy name include “EBS_CSI” so it can be easily identified in the future.
  3. Review the policy Summary to see the permissions that are granted by this new policy.
  4. Choose Create policy to save the policy.

To attach the EBS CSI policy to a cluster:

  1. After the policy is created, open the Amazon EKS console at https://console.aws.amazon.com/eks/home#/clusters.

  2. Choose Clusters, and select the target cluster from the list.
    AWS-clusters.png

  3. In the cluster information, select the Configuration tab and then the Compute tab.

  4. Select a Node Group from the Group Name list. You will attach the new policy to this node group so it can use the EBS CSI plugin. Eventually, you will attach the new policy to all of the node groups in this cluster.

  5. Select the link under Node IAM role ARN to open the role configuration console.
    Node-group.png

  6. Click Attach policies and in the Attach Permissions Search field enter the EBS policy name that you created .
    IAM-policy.png

  7. Select the policy from the list and click Attach policy.

  8. Repeat steps 4-7 for the remaining Node Groups in your cluster.

To enable the EBS CSI driver in Sisense:

  1. Open the yaml file
vim kubespray/extra_values/installer
  1. Go to the ebs_csi section in the YAML file and set the enabled parameter to true.
enabled: true
  1. Save the changes to the YAML file and continue with the Deploying Sisense on Amazon EKS procedure.

Was this article helpful?