AWS EBS CSI Driver
This module provides the CSI driver for provisioning AWS EBS volumes as PVs for pods in the cluster via aws-ebs-csi-driver.
Additionally, this creates two base Storage Classes:
-
ebs-standard
: Uses EBS gp3 volumes. Is the default Storage Class if none is indicated. -
ebs-standard-retained
: Uses EBS gp3 volumes. Must be manually deleted which is useful for databases where you do not want to accidentally lose data.
Usage
Extra Storage Classes
You can create additional EBS-backed storage classes by providing the extra_storage_classes
input.
See this reference document for descriptions of the various parameters.
All storage classes created by this module have the following properties:
- Creates volumes that use the ext4 filesystem
- Uses encrypted volumes
- Allows volume expansions and creates volumes that are eligible for autoresizing by the PVC autoresizer
- Have a volume binding mode of
WaitForFirstConsumer
- Creates volumes that are named
{{ .PVCNamespace }}/{{ .PVCName }}
in AWS (via theName
tag)
Providers
The following providers are needed by this module:
Required Inputs
The following input variables are required:
extra_storage_classes
Description: Extra EBS-backed storage classes to add to the cluster. Keys are the name of the storage class and values are their configuration.
Type:
map(object({
type = optional(string, "gp3")
reclaim_policy = optional(string, "Delete")
iops_per_gb = optional(number, null)
iops = optional(number, null)
throughput = optional(number, 125)
block_express = optional(bool, false)
block_size = optional(number, null)
inode_size = optional(number, null)
bytes_per_inode = optional(number, null)
number_of_inodes = optional(number, null)
big_alloc = optional(bool, false)
cluster_size = optional(number, null)
}))
Optional Inputs
The following input variables are optional (have default values):
aws_ebs_csi_driver_helm_version
Description: The version of the aws-ebs-csi-driver helm chart to deploy
Type: string
Default: "2.37.0"
aws_iam_ip_allow_list
Description: A list of IPs that can use the service account token to authenticate with AWS API
Type: list(string)
Default: []
enhanced_ha_enabled
Description: Whether to add extra high-availability scheduling constraints at the trade-off of increased cost
Type: bool
Default: true
monitoring_enabled
Description: Whether to add active monitoring to the deployed systems
Type: bool
Default: false
node_image_cached_enabled
Description: Whether to add the container images to the node image cache for faster startup times
Type: bool
Default: true
panfactum_scheduler_enabled
Description: Whether to use the Panfactum pod scheduler with enhanced bin-packing
Type: bool
Default: false
pull_through_cache_enabled
Description: Whether to use the ECR pull through cache for the deployed images
Type: bool
Default: true
vpa_enabled
Description: Whether the VPA resources should be enabled
Type: bool
Default: false
Outputs
No outputs.
Maintainer Notes
No notes.