Mount Azure Blob containers with NFS in AKS Cluster

3 min readNov 26, 2022

Objective

Azure Blob containers could be mounted on AKS cluster through the CSI Blob drivers provided as part of AKS Addon. You can find Microsoft Learn documentation at the following link:

Prerequisites

AKS Cluster in supported version with CSI Blob drivers enabled. If your cluster doesn’t have these drivers enabled, you can update your deployment with the following command:

az aks update --enable-blob-driver -n myAKSCluster -g myResourceGroupaz aks update --enable-blob-driver -n myAKSCluster -g myResourceGroup

After enabling these drivers, we will have these Pods available in the kube-system namespace.

Storage Account implementation

We will choose the Premium Tier of Storage Account with Block blobs account type.

In advanced panel, we will select Enable hierarchical namespace and Enable network file system v3

We create a Container from Azure Portal/Containers panel, in our case, it will be named nginx-blob

AKS Manifests

Storage Class

apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: azureblob-nfs-premium
provisioner: blob.csi.azure.com
parameters:
  protocol: nfs
  tags: environment=Development
volumeBindingMode: Immediate

Persistent Volume

apiVersion: v1
kind: PersistentVolume
metadata:
  name: pv-blob
spec:
  capacity:
    storage: 10Gi
  accessModes:
    - ReadWriteMany
  persistentVolumeReclaimPolicy: Retain  # If set as "Delete" container would be removed after pvc deletion
  storageClassName: azureblob-nfs-premium
  csi:
    driver: blob.csi.azure.com
    readOnly: false
    # make sure this volumeid is unique in the cluster
    # `#` is not allowed in self defined volumeHandle
    volumeHandle: MC_aks_aks_westeurope#azstorageblobtest#nginx-blob
    volumeAttributes:
      resourceGroup: MC_aks_aks_westeurope
      storageAccount: azstorageblobtest
      containerName: nginx-blob
      protocol: nfs

volumeHandle format is: ResourceGroup#StorageAccount_Name#Container_name

Persisten Volume Claim

kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: pvc-blob
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 10Gi
  volumeName: pv-blob
  storageClassName: azureblob-nfs-premium

Pod resource that will consume the PVC

kind: Pod
apiVersion: v1
metadata:
  name: nginx-blob
spec:
  nodeSelector:
    "kubernetes.io/os": linux
  containers:
    - image: mcr.microsoft.com/oss/nginx/nginx:1.17.3-alpine
      name: nginx-blob
      volumeMounts:
        - name: blob01
          mountPath: "/mnt/blob"
  volumes:
    - name: blob01
      persistentVolumeClaim:
        claimName: pvc-blob

Testing

If for some reason, the mount operation on Pods is failing, you can check at the Node level with the following commands

mkdir /mnt/nfs
mount -o sec=sys,vers=3,nolock,proto=tcp azstorageblobtest.blob.core.windows.net:/azstorageblobtest/aks /mnt/nfs

GitHub Repro: https://github.com/OvidiuBorlean/Azure/tree/main/aks_blob_nfs

Written by Ovidiu Borlean

10 Followers

More from Ovidiu Borlean

Connecting to Azure AD Integrated — AKS Cluster through User Managed Identity (non-interactive)

Ovidiu Borlean

Connecting to Azure AD Integrated — AKS Cluster through User Managed Identity (non-interactive)

By leveraging Azure AD integration with AKS cluster we could simplify the process of authentication across our organization and increase…

3 min readSep 24

AKS Traffic Analytics with NSG Flow Logs

Ovidiu Borlean

AKS Traffic Analytics with NSG Flow Logs

Network traffic analysis in context of Azure Kubernetes Services managed cluster could be a complex task as it could involve installation…

4 min readJan 6

Testing Azure SQL Server connection with Python

Ovidiu Borlean

Testing Azure SQL Server connection with Python

Testing connectivity from AKS clusters to Azure Micrsoft SQL Server Endpoint can be a cumbersome task as we need to download and install…

3 min readNov 23, 2022

Azure AKS — Export Container Logs to Storage Account

Ovidiu Borlean

Azure AKS — Export Container Logs to Storage Account

HowTo — Export Container Logs to Storage Account

2 min readFeb 7, 2022

See all from Ovidiu Borlean

Recommended from Medium

Nitin Singh

Mount Azure Blob Storage to AKS Pod

Recently, I came across a requirement to have the Azure Blob storage available as a mount in AKS cluster. In another scenario different…

3 min readJun 8

Maryam Tavakkoli
in
Cloud Native Daily

Utilize Azure Kubernetes Service (AKS) Spot Node Pool for Non-Critical Workloads

Optimize your cloud budget and efficiently run non-critical workloads by incorporating Spot VMs into your AKS cluster.

4 min readJul 31

Lists

Natural Language Processing

924 stories437 saves

Bicep Deployment Pane: Validate, What-If and Deploy at your fingertips!

Freek Berson

Bicep Deployment Pane: Validate, What-If and Deploy at your fingertips!

Introduction

6 min readJul 30

Persistent Storage in Helm Charts Using Azure Files

Shivam kushwah

Persistent Storage in Helm Charts Using Azure Files

In the dynamic world of cloud-native applications and Kubernetes orchestration, ensuring data persistence can be a critical challenge. One…

7 min readSep 23

Explore the exciting world of Azure AI Platform and its dynamic services!

Jiadong Chen

Explore the exciting world of Azure AI Platform and its dynamic services!

Azure AI is a game-changer for businesses worldwide. With a suite of advanced tools and integrations, it empowers developers, data…

2 min readNov 22

Gerasimos Alexiou

What is Azure Workload Identity

Before explaining what is Azure Workload Identity we should first understand what is a workload Identity.

3 min readJun 12

See more recommendations

Help
Status
About
Careers
Blog
Privacy
Terms
Text to speech
Teams