Mounting Azure File Storage in Docker container via Kubernetes

Question

I am attempting to mount my Azure File Storage to a container using the method found here: https://github.com/kubernetes/kubernetes/tree/master/examples/volumes/azure_file

Upon pod creation I am getting the error: "Output: mount error: could not resolve address for [encoded name of my file storage].file.core.windows.net: Unknown error"

I have confirmed that my File Storage resource and the VM hosting the pod are in the same Azure location (East US). I am able to mount this share manually on the VM hosting the pod using the same address in the error above. Is it possible I am missing some sort of configuration in my container that is not explained in the Git Hub tutorial?

I have tried creating my container without specifying the volume and was able to ping the address for the file storage from within the container so I am not sure where the cannot resolve address error is coming from.

Answer 1

I can't reproduce your error, but we can follow those steps to mount Azure file share to k8s container.
1.create k8s via Azure new portal.
2.SSH k8s master, create secret , create secret by k8s file:

In this yaml file, we should write storage account and key in it, and we should base64 encoded Azure storage account and key, like this:

root@k8s-master-3CC6E803-0:~# echo -n jasonshare321 | base64
amFzb25zaGFyZTMyMQ==
root@k8s-master-3CC6E803-0:~# echo -n Bnbh0fjykD+b/EveNoR/elOp118+0vmLsbQqVGC3H0W23mSfbH9WfV1A60Qw3CAZ70Tm4Wgpse1LEtgSJF27cQ== | base64
Qm5iaDBmanlrRCtiL0V2ZU5vUi9lbE9wMTE4KzB2bUxzYlFxVkdDM0gwVzIzbVNmYkg5V2ZWMUE2MFF3M0NBWjcwVG00V2dwc2UxTEV0Z1NKRjI3Y1E9PQ==

Then create azure-secret :

root@k8s-master-3CC6E803-0:~# mkdir /azure_file
root@k8s-master-3CC6E803-0:~# cd /azure_file/
root@k8s-master-3CC6E803-0:/azure_file# touch azure-secret.yaml
root@k8s-master-3CC6E803-0:/azure_file# vi azure-secret.yaml 

Here is the azure-secret:

root@k8s-master-3CC6E803-0:/azure_file# cat azure-secret.yaml

apiVersion: v1
kind: Secret
metadata:
  name: azure-secret
type: Opaque
data:
  azurestorageaccountname: amFzb25zaGFyZTMyMQ== 
  azurestorageaccountkey: Qm5iaDBmanlrRCtiL0V2ZU5vUi9lbE9wMTE4KzB2bUxzYlFxVkdDM0gwVzIzbVNmYkg5V2ZWMUE2MFF3M0NBWjcwVG00V2dwc2UxTEV0Z1NKRjI3Y1E9PQ==

Then use kubectl to create secret,like this:

root@k8s-master-3CC6E803-0:/azure_file# kubectl create -f /azure_file/azure-secret.yaml 
secret "azure-secret" created
root@k8s-master-3CC6E803-0:/azure_file# kubectl get secret
NAME                  TYPE                                  DATA      AGE
azure-secret          Opaque                                2         11s
default-token-07cd5   kubernetes.io/service-account-token   3         35m

3.Create pod: create azure.yaml:

root@k8s-master-3CC6E803-0:/azure_file# touch azure.yaml
root@k8s-master-3CC6E803-0:/azure_file# vi azure.yaml 
apiVersion: v1
kind: Pod
metadata:
 name: nginx
spec:
 containers:
  - image: nginx
    name: nginx
    volumeMounts:
      - name: azure
        mountPath: /mnt/azure
 volumes:
      - name: azure
        azureFile:
          secretName: azure-secret
          shareName: testfileshare
          readOnly: false

Use this file to create pod:

root@k8s-master-3CC6E803-0:/azure_file# kubectl create -f /azure_file/azure.yaml 
pod "nginx" created
root@k8s-master-3CC6E803-0:/azure_file# kubectl get pods
NAME      READY     STATUS    RESTARTS   AGE
nginx     1/1       Running   0          17s

Now, pod create is completed, we can use this script to check file,like this:

root@k8s-master-3CC6E803-0:/azure_file# kubectl exec -it nginx bash
root@nginx:/# ls                                                                                                         
bin  boot  dev  etc  home  lib  lib32  lib64  libx32  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var
root@nginx:/# cd /mnt
root@nginx:/mnt# ls
azure
root@nginx:/mnt# cd azure
root@nginx:/mnt/azure# ls
root@nginx:/mnt/azure# df -Th
Filesystem                                          Type     Size  Used Avail Use% Mounted on
overlay                                             overlay   30G  3.3G   26G  12% /
tmpfs                                               tmpfs    1.7G     0  1.7G   0% /dev
tmpfs                                               tmpfs    1.7G     0  1.7G   0% /sys/fs/cgroup
/dev/sda1                                           ext4      30G  3.3G   26G  12% /etc/hosts
//jasonshare321.file.core.windows.net/testfileshare cifs      50G     0   50G   0% /mnt/azure
shm                                                 tmpfs     64M     0   64M   0% /dev/shm
tmpfs                                               tmpfs    1.7G   12K  1.7G   1% /run/secrets/kubernetes.io/serviceaccount

Note :
1.We should base64 encoded Azure storage account and key.
2.write the right file share name to azure.yaml:

Answer 2

Remember to use flag -n to avoid echoing trailing characters: echo -n foobarbaz | base64 echo -n foobarbaz | base64

Answer 3

还提供了针对天蓝色文件安装功能的动态配置，您可以在此处找到完整的示例： https : //github.com/andyzhangx/demo/tree/master/linux/azurefile