Quickstart for installing and configuring Azure Container Storage Preview with

Learn how to install and configure Azure Container Storage Preview for use with Azure Kubernetes Service. You’ll end up with new storage classes that you can use for your Kubernetes workloads.

Article
05/15/2023

Azure Container Storage is a cloud-based volume management, deployment, and orchestration service built natively for containers. This Quickstart shows you how to configure and use Azure Container Storage for use with Azure Kubernetes Service (AKS). At the end, you’ll have new storage classes that you can use for your Kubernetes workloads, and you can then create a storage pool using one of three block storage options.

Prerequisites

Use the Bash environment in Azure Cloud Shell. For more information, see Quickstart for Bash in Azure Cloud Shell.
If you prefer to run CLI reference commands locally, install the Azure CLI. If you’re running on Windows or macOS, consider running Azure CLI in a Docker container. For more information, see How to run the Azure CLI in a Docker container.
- If you’re using a local installation, sign in to the Azure CLI by using the az login command. To finish the authentication process, follow the steps displayed in your terminal. For other sign-in options, see Sign in with the Azure CLI.
- When you’re prompted, install the Azure CLI extension on first use. For more information about extensions, see Use extensions with the Azure CLI.
- Run az version to find the version and dependent libraries that are installed. To upgrade to the latest version, run az upgrade.

Getting started

If you don’t have an Azure subscription, create a free account before you begin.
Sign up for the public preview by completing the onboarding survey.
Make sure the identity you’re using to create your AKS cluster has the appropriate minimum permissions. For more details, see Access and identity options for Azure Kubernetes Service.
This article requires version 2.0.64 or later of the Azure CLI. See How to install the Azure CLI. If you’re using Azure Cloud Shell, the latest version is already installed. If you plan to run the commands in this quickstart locally instead of in Azure Cloud Shell, be sure to run them with administrative privileges.
If you’re using Azure Cloud Shell, you might be prompted to mount storage. Select the Azure subscription where you want to create the storage account and select Create.
You’ll need the Kubernetes command-line client, kubectl. It’s already installed if you’re using Azure Cloud Shell, or you can install it locally by running the az aks install-cli command.

Create a resource group

An Azure resource group is a logical group that holds your Azure resources that you want to manage as a group. When you create a resource group, you’re prompted to specify a location. This location is:

The storage location of your resource group metadata.
Where your resources will run in Azure if you don’t specify another region during resource creation.

Important

Azure Container Storage Preview is only available in eastus, westus2, westus3, and westeurope regions.

Set your subscription context using the az account set command. You can view the subscription IDs for all the subscriptions you have access to by running the az account list –output table command. Remember to replace with your subscription ID.

az account set –subscription
Create a resource group using the az group create command. Replace with the name of the resource group you want to create, and replace with eastus, westus2, westus3, or westeurope.

az group create –name –location

If the resource group was created successfully, you’ll see output similar to this:

{ “id”: “/subscriptions//resourceGroups/myContainerStorageRG”, “location”: “eastus”, “managedBy”: null, “name”: “myContainerStorageRG”, “properties”: { “provisioningState”: “Succeeded” }, “tags”: null }

Choose a data storage option and virtual machine type

Before you create your cluster, you should understand which back-end storage option you’ll ultimately choose to create your storage pool. This is because different storage services work best with different virtual machine (VM) types as cluster nodes, and you’ll deploy your cluster before you create the storage pool.

Data storage options

Azure Elastic SAN Preview: Azure Elastic SAN preview is a good fit for general purpose databases, streaming and messaging services, CD/CI environments, and other tier 1/tier 2 workloads. Storage is provisioned on demand per created volume and volume snapshot. Multiple clusters can access a single SAN concurrently, however persistent volumes can only be attached by one consumer at a time.
Azure Disks: Azure Disks are a good fit for databases such as MySQL, MongoDB, and PostgreSQL. Storage is provisioned per target container storage pool size and maximum volume size.
Ephemeral Disk: This option uses local NVMe drives on the AKS nodes and is extremely latency sensitive (low sub-ms latency), so it’s best for applications with no data durability requirement or with built-in data replication support such as Cassandra. AKS discovers the available ephemeral storage on AKS nodes and acquires the drives for volume deployment.

VM types

To use Azure Container Storage, you’ll need a node pool of at least three Linux VMs. Each VM should have a minimum of four virtual CPUs (vCPUs). Azure Container Storage will consume one core for I/O processing on every VM the extension is deployed to.

If you intend to use Azure Elastic SAN Preview or Azure Disks with Azure Container Storage, then you should choose a general purpose VM type such as standard_d4s_v5 for the cluster nodes. The VMs must have standard hard disk drives (HDD), not SSD.

If you intend to use Ephemeral Disk, choose a storage optimized VM type with NVMe drives such as standard_l8s_v3. In order to use Ephemeral Disk, the VMs must have NVMe drives.

Create AKS cluster

Run the following command to create a Linux-based AKS cluster and enable a system-assigned managed identity. Replace with the name of the resource group you created, with the name of the cluster you want to create, and with the VM type you selected in the previous step. For this Quickstart, we’ll create a cluster with three nodes. Increase the –node-count if you want a larger cluster.

az aks create -g -n –node-count 3 -s –generate-ssh-keys

The deployment will take a few minutes to complete.

Note

When you create an AKS cluster, AKS automatically creates a second resource group to store the AKS resources. This second resource group follows the naming convention MC_YourResourceGroup_YourAKSClusterName_Region. For more information, see Why are two resource groups created with AKS?.

Connect to the cluster

To connect to the cluster, use the Kubernetes command-line client, kubectl.

Configure kubectl to connect to your cluster using the az aks get-credentials command. The following command:
- Downloads credentials and configures the Kubernetes CLI to use them.
- Uses ~/.kube/config, the default location for the Kubernetes configuration file. You can specify a different location for your Kubernetes configuration file using the –file argument.
az aks get-credentials –resource-group –name
Verify the connection to your cluster using the kubectl get command. This command returns a list of the cluster nodes.

kubectl get nodes
The following output example shows the nodes in your cluster. Make sure the status for all nodes shows Ready:

NAME STATUS ROLES AGE VERSION aks-nodepool1-34832848-vmss000000 Ready agent 80m v1.25.6 aks-nodepool1-34832848-vmss000001 Ready agent 80m v1.25.6 aks-nodepool1-34832848-vmss000002 Ready agent 80m v1.25.6

Take note of the name of your node pool. In this example, it would be nodepool1.

Label the node pool

Next, you must update your node pool label to associate the node pool with the correct IO engine for Azure Container Storage.

Run the following command to update the label. Remember to replace and with your own values, and replace with the name of your node pool from the previous step.

az aks nodepool update –resource-group –cluster-name –name –labels acstor.azure.com/io-engine=acstor

Tip

You can verify that the node pool is correctly labeled by signing into the Azure portal and navigating to your AKS cluster. Go to Settings > Node pools, select your node pool, and under Taints and labels you should see Labels: acstor.azure.com/io-engine:acstor.

Assign Contributor role to AKS managed identity

Azure Container Service is a separate service from AKS, so you’ll need to grant permissions to allow Azure Container Storage to provision storage for your cluster. Specifically, you must assign the Contributor Azure RBAC built-in role to the AKS managed identity. You’ll need an Owner role for your Azure subscription in order to do this. If you don’t have sufficient permissions, ask your admin to perform these steps.

Sign into the Azure portal, and search for and select Kubernetes services.
Locate and select your AKS cluster. Select Settings > Properties from the left navigation.
Under Infrastructure resource group, you should see a link to the resource group that AKS created when you created the cluster. Select it.
Select Access control (IAM) from the left pane.
Select Add > Add role assignment.
Under Assignment type, select Privileged administrator roles and then Contributor. If you don’t have an Owner role on the subscription, you won’t be able to add the Contributor role.
Under Assign access to, select Managed identity.
Under Members, click + Select members. The Select managed identities menu will appear.
Under Managed identity, select User-assigned managed identity.
Under Select, search for and select the managed identity with your cluster name and -agentpool appended.
Select Review + assign.

Install Azure Container Storage

The initial install uses Azure Arc CLI commands to download a new extension. Replace and with your own values. The value can be whatever you want; it’s just a label for the extension you’re installing.

During installation, you might be asked to install the k8s-extension. Select Y.

az k8s-extension create –cluster-type managedClusters –cluster-name –resource-group –name –extension-type microsoft.azurecontainerstorage –scope cluster –release-train prod –release-namespace acstor

Installation takes 10-15 minutes to complete. You can check if the installation completed correctly by running the following command and ensuring that provisioningState says Succeeded:

az k8s-extension list –cluster-name –resource-group –cluster-type managedClusters

Congratulations, you’ve successfully installed Azure Container Storage. You now have new storage classes that you can use for your Kubernetes workloads.

Next steps

Now you can create a storage pool and persistent volume claim, and then deploy a pod and attach a persistent volume. Follow the steps in the appropriate how-to article.

Learn how to install and configure Azure Container Storage Preview for use with Azure Kubernetes Service. You’ll end up with new storage classes that you can use for your Kubernetes workloads.