Managing Ephemeral Storage on Kubernetes with OpenEBS

Kiran Mova

Kiran Mova

Kiran Mova
Kiran Mova

Kiran Mova

Kiran Mova
Nov 10 7 min read

Managing Ephemeral Storage on Kubernetes with OpenEBS

Kubernetes uses volume abstractions to attach containers and pods as storage for data management. The types of volumes in Kubernetes is usually categorized as - 

  • Persistent volumes that have their lifetimes independent of pods, and enable the provisioning of storage for applications that need data to persist between applications. 
  • Ephemeral volumes are designed for applications that do not require persistent data. 

In this article, we delve into ephemeral storage options, types and managing options while exploring how OpenEBS helps provision ephemeral storage for Kubernetes workloads. 

How Kubernetes handles Ephemeral Storage

Some pods host transient applications - those that require data storage but do not require the data to persist across container restarts. These include applications that extract read-only input data in files such as secret keys and configuration data. Cache services typically move non-crucial data into limited memory storage without impacting performance, meaning the volume attached to their pods only need to last the pod’s lifetime. 

Kubernetes uses ephemeral volumes to handle the storage needs of these transient pods. Ephemeral volumes allow pods to be started and stopped without being limited to the location of persistent volume. Kubernetes nodes have local ephemeral storage which is attached to the RAM or local writable devices. Pods typically use ephemeral volumes for caching, scratch space and logs. 

Let us understand this deeper by learning how Kubernetes manages ephemeral storage. 

Ephemeral Storage Options

Ephemeral storage is hosted in an unstructured volume that is shared between the container runtime, the operating system, and all pods running in the node. The volumes prevent these entities from using the node’s local storage excessively. Ephemeral storage is always hosted on the local storage’s primary partition. There are two ways of creating this partition:

Root

The root storage directory is shared between the OS, user pods and Kubernetes system daemons. The root partition holds the /var/log/ directory and the kubelet root directory, which is /var/lib/kubelet/ by default. Pods can consume this partition using container-writeable layers, container logs, image layers and EmptyDir volumes. The kubelet service administers and manages isolation and shared access of the root partition. As the root partition is ephemeral, it does not guarantee durability, disk IOPS and other performance metrics. 

Runtime

The runtime partition is an optional ephemeral storage that container runtimes can use to implement overlay file systems. When implementing isolation for the partition, runtime then provides shared access. This partition stores container-writable layers and image layers. Once the runtime partition is created, these layers are written onto it by default and not the root partition. 

Types of Ephemeral Volumes in Kubernetes

Kubernetes supports multiple types of ephemeral volumes depending on the intended purpose. These include:

Generic ephemeral volumes

These volumes can be provisioned using any storage driver that supports the dynamic provisioning of persistent volumes. These volumes provide a pod-level directory for scratch data that is discarded after provisioning. Some features of generic ephemeral volumes include: 

  • Supports both local and network-attached storage
  • Supports size restrictions for pods
  • Depending on parameters and the storage driver used, these volumes may contain some initial data
  • Depending on the storage driver used, generic ephemeral volumes may implement snapshotting, cloning, storage capacity tracking and resizing

CSI ephemeral volumes

These volumes are provisioned by third-party Container Storage Interface (CSI) drivers. If the driver is written for ephemeral volumes that support dynamic provisioning, the CSI driver can also provision generic volumes. These third-party volumes offer numerous benefits as they can offer functionality that are not typically supported by Kubernetes. CSI ephemeral volumes are created together with other resources when a pod is scheduled, and is managed locally on the node.

Kubernetes also supports case-specific ephemeral volumes such as those that inject Kubernetes data into a pod. These include configMap, secret and downwardAPI volumes. The emptyDir volume is an ephemeral storage that comes locally within the Kubelet directory, and is always empty when the pod starts up. 

Managing Ephemeral Storage

Once pods have been scheduled, the scheduler ensures that resource requests do not exceed the maximum allocated ephemeral storage for each node. The kubelet service manages local ephemeral storage as a Kubernetes resource, and monitors resource usage. While doing so, kubelet scans for the use of storage in directories holding node logs, writable container layers and emptyDir volumes. If the pod consumes more storage above the resource limits, the kubelet triggers its eviction.

The kubelet also marks a container’s writable layer and log usage if it exceeds the resource limit, then evicts the pod hosting the container. For pod-level isolation, the kubelet compares the total storage resource usage plus emptyDir volumes against the total resource limits. If total consumption exceeds total resource limits, the pod is marked for eviction. 

This allows cluster administrators to manage ephemeral storage for applications by setting resource quotas while limiting the number of requests and storage ranges for active pods.

Provisioning Generic Ephemeral Volumes 

The YAML specification for a pod attached to a generic ephemeral volume with 2Gi storage, with multiple access modes would look similar to:

kind: Pod
apiVersion: v1
metadata:
  name: darwin
spec:
  containers:
    - name: hello-world
      image: busybox
      volumeMounts:
      - mountPath: "/data"
        name: data-volume
  volumes:
    - name: data-volume
      ephemeral:
        volumeClaimTemplate:
          metadata:
            labels:
              type: darwin-volume
          spec:
            accessModes: [ "ReadWriteMany" ]
            storageClassName: "data-storage-class"
            resources:
              requests:
                storage: 2Gi

Provisioning CSI Ephemeral Volumes

When compared to generic provisioning, the pod manifest that uses CSI ephemeral storage would look similar to:

kind:Pod
apiVersion: v1
metadata:
  name:darwin-csi-app
spec:
  containers:
- name:my-frontend
      image: busybox
      volumeMounts:
- mountPath:"/data"
        name:darwin-csi-inline-vol
      command:["sleep","1000000"]
  volumes:(1)
- name:darwin-csi-inline-vol
      csi:
        driver:inline.storage.kubernetes.io
        volumeAttributes:
          foo: bar

The configuration file above includes mountPath and driver specifications that point to the CSI driver used to implement ephemeral storage.

Monitoring ephemeral volumes

It is possible to set up a monitoring tool to monitor storage usage on the volumes where containers store their data. This volume is typically located in /var/lib/docker or /var/lib/origin. The /bin/df tool is one such tool that can be used to check resource usage on these disks. Cluster administrators can use the df -h command to show human-readable values of available and used storage in these locations. For instance, to check resource consumption on /var/lib:

$ df -h /var/lib
 
Which returns a result similar to:
Filesystem  Size  Used Avail Use% Mounted on
/dev/sda1    69G   32G   34G  49% /

 

How OpenEBS helps manage ephemeral storage

OpenEBS sets the ephemeral storage requests from its components against each pod container and sidecar. This feature is enabled by default in Kubernetes 1.13 +, and can be set by enabling the feature-gate flag in earlier versions. This value is added to all components in the OpenEBS control plane in the YAML spec of the OpenEBS operator before it is applied to the cluster. Once administrators specify ephemeral storage with this approach, transient pods will be evicted gracefully by Kubernetes.

An example is the AuxResourceRequests setting that allows administrators to specify minimum ephemeral storage requests for container sidecars. The YAML spec below sets sidecars with an ephemeral storage request limit of 50Mi. 

- name:  AuxResourceRequests
  value: |-
      ephemeral-storage: "50Mi"

Conclusion:

Ephemeral storage is a crucial component for Kubernetes applications that process transient data. Kubernetes enables ephemeral volumes to enable transient pods to stop and restart gracefully regardless of the Persistent Volume’s location. Every Kubernetes node has ephemeral storage that is locally attached to writable devices or RAM. Pods can use this storage for caching, logs and scratch space. 

OpenEBS helps automate the management of ephemeral storage by enabling administrators to set storage requests against sidecars and containers. This setting helps avoid the erroneous eviction of transient pods from the cluster. 

To know more about how OpenEBS can help your organization simplify the provisioning of storage for Kubernetes applications, drop us a message here.
Kiran Mova
Kiran Mova
Kiran evangelizes open culture and open-source execution models and is a lead maintainer and contributor to the OpenEBS project. Passionate about Kubernetes and Storage Orchestration. Contributor and Maintainer OpenEBS projects. Co-founder and Chief Architect at MayaData Inc.

Game changer in Container and Storage Paradigm- MayaData gets acquired  by DataCore Software
Don Williams

Don Williams

Don Williams
Don is the CEO of MayaData and leading the company for last one year. He has an exceptional record of accomplishments leading technology teams for organizations ranging from private equity-backed start-ups to large, global corporations. He has deep experience in engineering, operations, and product development in highly technical and competitive marketplaces. His extensive professional network in several industries, large corporations and government agencies is a significant asset to early stage businesses, often essential to achieve product placement, growth and position for potential exit strategies.
Don Williams

Don Williams

Don Williams
Don is the CEO of MayaData and leading the company for last one year. He has an exceptional record of accomplishments leading technology teams for organizations ranging from private equity-backed start-ups to large, global corporations. He has deep experience in engineering, operations, and product development in highly technical and competitive marketplaces. His extensive professional network in several industries, large corporations and government agencies is a significant asset to early stage businesses, often essential to achieve product placement, growth and position for potential exit strategies.
Nov 18 7 min read

Understanding Persistent Volumes and PVCs in Kubernetes & OpenEBS
Murat Karslioglu

Murat Karslioglu

Murat Karslioglu
VP @OpenEBS & @MayaData_Inc. Murat Karslioglu is a serial entrepreneur, technologist, and startup advisor with over 15 years of experience in storage, distributed systems, and enterprise hardware development. Prior to joining MayaData, Murat worked at Hewlett Packard Enterprise / 3PAR Storage in various advanced development projects including storage file stack performance optimization and the storage management stack for HPE’s Hyper-converged solution. Before joining HPE, Murat led virtualization and OpenStack integration projects within the Nexenta CTO Office. Murat holds a Bachelor’s Degree in Industrial Engineering from the Sakarya University, Turkey, as well as a number of IT certifications. When he is not in his lab, he loves to travel, advise startups, and spend time with his family. Lives to innovate! Opinions my own!
Murat Karslioglu

Murat Karslioglu

Murat Karslioglu
VP @OpenEBS & @MayaData_Inc. Murat Karslioglu is a serial entrepreneur, technologist, and startup advisor with over 15 years of experience in storage, distributed systems, and enterprise hardware development. Prior to joining MayaData, Murat worked at Hewlett Packard Enterprise / 3PAR Storage in various advanced development projects including storage file stack performance optimization and the storage management stack for HPE’s Hyper-converged solution. Before joining HPE, Murat led virtualization and OpenStack integration projects within the Nexenta CTO Office. Murat holds a Bachelor’s Degree in Industrial Engineering from the Sakarya University, Turkey, as well as a number of IT certifications. When he is not in his lab, he loves to travel, advise startups, and spend time with his family. Lives to innovate! Opinions my own!
Oct 22 7 min read

Configuring EKS Observability with Grafana Loki and OpenEBS LVM Local PV
Ashish Jain

Ashish Jain

Ashish Jain
Ashish is a Software Engineer in MayaData has worked on various web as well as cloud technology stack with 4 year of experience. He is passionate about developing and deploying Kubernetes-based applications and always keen to learn things and explore different approaches for solutions to problems. In his free time, love to watch movies, cooking and travelling.
Ashish Jain

Ashish Jain

Ashish Jain
Ashish is a Software Engineer in MayaData has worked on various web as well as cloud technology stack with 4 year of experience. He is passionate about developing and deploying Kubernetes-based applications and always keen to learn things and explore different approaches for solutions to problems. In his free time, love to watch movies, cooking and travelling.
Oct 20 7 min read