Deploying the Platform UI with RWO storage

By default, the PlatformNavigator custom resource (IBM Cloud Pak Platform UI) only supports RWX storage classes. However, you can configure a custom storage class in your cluster that supports RWX access mode and is backed up by an RWO storage class.

You must be a cluster administrator to perform this task. See Roles and permissions if you need more information.

Follow all of these procedures, in the order given:

Troubleshooting: For a list of possible errors and solutions when performing the steps in this section, see Troubleshooting Platform UI deployment.

Deploying Rook NFS

  1. Clone the NFS Git repository at version 1.7.3:

    git clone --single-branch --branch v1.7.3 https://github.com/rook/nfs.git

  2. Navigate to this directory:

    cd nfs/cluster/examples/kubernetes/nfs

  3. Open the operator.yaml file and change the Deployment image field from rook/nfs:v1.7.3 to icr.io/cpopen/cpd/rook-nfs:kz-220512.

  4. Log into your cluster using the oc login command and your user credentials. For example:

    oc login <openshift_url> -u <username> -p <password> -n <namespace>

  5. Apply the CustomResourceDefinitions to the cluster:

    oc apply -f crds.yaml

  6. Create the operator deployment:

    oc apply -f operator.yaml

  7. Verify that the operator is running:

    oc get pod -n rook-nfs-system

    You should get a message similar to the following:

    NAME                                 READY   STATUS    RESTARTS   AGE
rook-nfs-operator-6d4b6db545-l8k7d   1/1     Running   0          102s

  8. Grant the Rook NFS service account access to the privileged SecurityContextConstraints (SCC) resources:

    oc adm policy add-scc-to-user privileged system:serviceaccount:rook-nfs:rook-nfs-server

Deploying the Rook NFS server

  1. Create RBAC objects for the NFS server by applying the YAML to the cluster. You can either:

    • Save the YAML into a file (for example, server.yaml) and apply:

      oc apply -f server.yaml

    • Copy the following YAML and apply it using the OpenShift web console.

      ---
apiVersion: v1
kind: Namespace
metadata:
  name:  rook-nfs
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: rook-nfs-server
  namespace: rook-nfs
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rook-nfs-provisioner-runner
rules:
  - apiGroups: [""]
    resources: ["persistentvolumes"]
    verbs: ["get", "list", "watch", "create", "delete"]
  - apiGroups: [""]
    resources: ["persistentvolumeclaims"]
    verbs: ["get", "list", "watch", "update"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["storageclasses"]
    verbs: ["get", "list", "watch"]
  - apiGroups: [""]
    resources: ["events"]
    verbs: ["create", "update", "patch"]
  - apiGroups: [""]
    resources: ["services", "endpoints"]
    verbs: ["get"]
  - apiGroups: ["policy"]
    resources: ["podsecuritypolicies"]
    resourceNames: ["rook-nfs-policy"]
    verbs: ["use"]
  - apiGroups: [""]
    resources: ["endpoints"]
    verbs: ["get", "list", "watch", "create", "update", "patch"]
  - apiGroups:
    - nfs.rook.io
    resources:
    - "*"
    verbs:
    - "*"
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: rook-nfs-provisioner-runner
subjects:
  - kind: ServiceAccount
    name: rook-nfs-server
    namespace: rook-nfs
roleRef:
  kind: ClusterRole
  name: rook-nfs-provisioner-runner
  apiGroup: rbac.authorization.k8s.io

  2. Apply this YAML to create a PersistentVolumeClaim (PVC) for the NFS server. Make sure the PVC size is large enough to support all future volumes requested from this server; a size of 200Gi is recommended. You must replace the value of <rwo-storage-class> with the RWO storage class you intend to use.

    apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: nfs-pwx-claim
  namespace: rook-nfs
spec:
  storageClassName: <rwo-storage-class>
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 200Gi

  3. Apply this YAML to deploy the NFS server:

    apiVersion: nfs.rook.io/v1alpha1
kind: NFSServer
metadata:
  name: rook-nfs
  namespace: rook-nfs
spec:
  replicas: 1
  exports:
  - name: share1
    server:
      accessMode: ReadWrite
      squash: "none"
    # A Persistent Volume Claim must be created before creating NFS CRD instance.
    persistentVolumeClaim:
      claimName: nfs-pwx-claim
  # A key/value list of annotations
  annotations:
    rook: nfs

  4. Verify that the server pod is running:

    oc get pods -n rook-nfs

    You should get a message similar to the following:

    NAME         READY   STATUS    RESTARTS   AGE
rook-nfs-0   2/2     Running   0          55s

Creating the storage class

Create a storage class for the Platform UI to use by applying this YAML:

apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  labels:
    app: rook-nfs
  name: integration-storage
parameters:
  exportName: share1
  nfsServerName: rook-nfs
  nfsServerNamespace: rook-nfs
provisioner: nfs.rook.io/rook-nfs-provisioner
reclaimPolicy: Delete
volumeBindingMode: Immediate