Skip to main content

AWS EBS

AWS Elastic Block Store is an easy to use, high performance block storage at any scale. It helps in the easy deployment, management, and scaling of the most demanding and high-performance tenant workloads. AWS EBS also ensures availability with replication and durability.

Prerequisites

Palette requires the following IAM policies to be attached to the IAM role that is used to create the cluster:

  • The AWS managed policy AmazonEBSCSIDriverPolicy.

  • For AWS Key Management Service (KMS) encryption, refer to the KMS Encryption Policy section.

Versions Supported

  • 1.12.0

KMS Encryption Policy

If you want to use KMS encryption, you must attach the following IAM policy to the Palette IAM role that is used to create the cluster.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "VisualEditor0",
      "Effect": "Allow",
      "Action": ["kms:GenerateDataKeyWithoutPlaintext", "kms:CreateGrant"],
      "Resource": "*"
    }
  ]
}

Notable Parameters

NameSupported ValuesDefault ValueDescription
storageTypegp2, sc1, st1, io1gp2AWS Volume type to be used.
reclaimPolicyDelete, RetainDeleteDefines whether volumes will be retained or deleted.
allowVolumeExpansiontrue, falsetrueFlag to allow resizing a volume.
isDefaultClasstrue, falsetrueFlag to denote if this StorageClass will be the default.
volumeBindingModeWaitForFirstConsumer, ImmediateWaitForFirstConsumerControls when volumeBinding and dynamic provisioning should happen.
encryptedtrue, falsetrueDenotes whether the EBS volume should be encrypted or not.
kmsKeyId (optional)The full Amazon Resource Name of the key to use when encrypting the volume.--If you don't provide the full Amazon Resource Name but encrypted is true, AWS generates a key.

You can view the full parameter list here.

Storage classes that Palette creates are named spectro-storage-class and can be fetched from kubectl using the following CLI command:

kubectl get storageclass --all-namespaces

References