Summary

This web page provides a tutorial on how to install an EFS CSI driver into an AWS EKS cluster for Kubernetes.

Abstract

The web page begins with an explanation of the limitations of using gp2 storage class for persistent volumes in Kubernetes. It then introduces the AWS EFS filesystem as a solution for high availability applications that require persistent storage. The tutorial walks users through the process of setting up an EFS filesystem and security group, creating a service account in AWS EKS, and installing the EFS CSI driver with a helm chart. The final step involves replacing the default gp2 storage class with the new EFS storage class. The tutorial includes code snippets and screenshots to guide users through each step.

Bullet points

When starting with Kubernetes, it is common to create persistent volume as a gp2 storage class, but this is not recommended for high availability applications that require persistent storage.
AWS EFS filesystem is a good solution for these types of applications, but it can be expensive if not managed properly.
To use AWS EFS filesystem, a security group must be created that allows access on port 2049 in/out to the EFS filesystem, and an EFS Filesystem must be created with an access point.
A service account must be created in AWS EKS to allow Kubernetes to use the AWS EFS filesystem.
The EFS CSI driver can be installed with a helm chart, and the default gp2 storage class can be replaced with the new EFS storage class.
The tutorial includes code snippets and screenshots to guide users through each step of the process.

Install EFS CSI driver into your AWS EKS cluster — Kubernetes — Infrastructure as Code

When you are starting to use Kubernetes you will create persistent volume as a gp2 storage class, the downside of it will be the data are placed on a single Kubernetes node and it's not recommended for high availability applications there need persistent storage like database services.

So that is why it's a good thing to start using AWS EFS filesystem and mount it to your needed application, remember always to think about whether you need persistent volume or whether it will be okay to store your data for low-cost S3 storage, AWS EFS can be a high cost if you don’t take care.

Setup EFS filesystem and security group

What you need first is creating a security group there allows access on port 2049 into in/out to the EFS file system, then it's important to create the EFS Filesysten and add the access point to it before it is available to use.

When it's created you can go to the web console to look for the AWS EFS Filesystem to confirm it's created as expected.

Create a service account in AWS EKS

Now it's time to create a service account in our AWS EKS cluster to be sure Kubernetes can use the AWS EFS Filesystem, first, let's create a JSON file there contains the right policy information.

Then we can create the service account for our cluster in the Kubernetes kube-system namespace.

After it's created it is ready to be applied to our helm chart install.

Install EFS CSI Driver with helm chart

Now we have created an EFS Filesystem with an access point, then we created a service account in Kubernetes there allowed us to speak to AWS EFS Filesystem so now its time to install the helm chart of the AWS EFS CSI Driver to support AWS EFS to our AWS EKS cluster.

When we have installed this helm chart then we will remove the default from the gp2 storageClass that comes with the cluster and replace it with our EFS storage class.

You are now good to go and your cluster will now support AWS EFS CSI Driver and you can rotate your application between your AWS EKS nodes when needed.