Kubernetes comes loaded with all sorts of volumes, but in some cases the right one is just not there: for example, CIFS (SMB) shares are not natively supported. Fortunately, there’s a convenient extension system called flexvolume that one can use to plug those holes.
https://github.com/sigma/cifs_k8s_plugin is an example of how to bundle such
a plugin into a container that can be used to populate the
directory. It contains:
- a script that speaks the
mount.cifsbinary to handle the mounting (because
hyperkubeimage doesn’t contain it)
- a static
jqbinary to unmarshal the data containing whatever is needed to implement the
$ docker run -v /etc/kubernetes/volumeplugins/hodique.info~cifs:/target \ sigma/cifs_k8s_plugin /target
Once this is in place (this is compatible with the CoreOS model of running
kubelet in a
rkt container by the way) this can be used to make volumes out
of CIFS shares.
For example, a basic job making use of this possibility could look like this:
--- apiVersion: v1 kind: Secret metadata: name: cifs-secret type: Opaque data: password: username: Z3Vlc3Q= # guest --- apiVersion: batch/v1 kind: Job metadata: name: plop spec: template: metadata: name: plop spec: containers: - name: plop image: "alpine:latest" command: ["/bin/ls", "-lah", "/mnt"] volumeMounts: - mountPath: /mnt name: video restartPolicy: Never volumes: - name: video flexVolume: driver: "hodique.info/cifs" secretRef: name: "cifs-secret" options: source: "//10.0.0.1/Share" mountOptions: "dir_mode=0755,file_mode=0644,noperm"
Note that the volume will not be unmounted until the job is deleted, even if the pod itself has long completed.
All in all, yet another example of
Kubernetes being extremely