Skip to content

Commit e2d2538

Browse files
mickeyshmickeysh
committed
FSxN module - update lab doc with the new pod identity changes
1 parent b421eea commit e2d2538

File tree

2 files changed

+5
-26
lines changed
  • manifests/modules/fundamentals/storage/fsxn/.workshop/terraform
  • website/docs/fundamentals/storage/fsx-for-netapp-ontap

2 files changed

+5
-26
lines changed

manifests/modules/fundamentals/storage/fsxn/.workshop/terraform/main.tf

Lines changed: 0 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,3 @@
1-
2-
data "aws_caller_identity" "current" {}
3-
data "aws_region" "current" {}
4-
51
resource "aws_iam_policy" "fsxn-csi-policy" {
62
name = "${var.addon_context.eks_cluster_id}-fsxn-csi-${random_string.suffix.result}"
73
description = "FSxN CSI Driver Policy"
@@ -38,25 +34,6 @@ data "aws_secretsmanager_secret" "fsxn_password_secret" {
3834
name = "${var.addon_context.eks_cluster_id}-fsxn-secret"
3935
depends_on = [ module.preprovision ]
4036
}
41-
# module "iam_iam-role-for-service-accounts-eks" {
42-
# source = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks"
43-
# version = "5.37.1"
44-
45-
# role_name = "${var.addon_context.eks_cluster_id}-fsxn-csi-${random_string.suffix.result}"
46-
# allow_self_assume_role = true
47-
48-
# oidc_providers = {
49-
# eks = {
50-
# provider_arn = var.addon_context.eks_oidc_provider_arn
51-
# namespace_service_accounts = ["${local.k8s_service_account_namespace}:${local.k8s_service_account_name}"]
52-
# }
53-
# }
54-
55-
# role_policy_arns = {
56-
# additional = aws_iam_policy.fsxn-csi-policy.arn
57-
# }
58-
59-
# }
6037

6138
resource "aws_eks_addon" "eks-pod-identity-agent" {
6239
cluster_name = var.eks_cluster_id

website/docs/fundamentals/storage/fsx-for-netapp-ontap/fsxn-csi-driver.md

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ In order to utilize Amazon FSx for NetApp ONTAP file system with dynamic provisi
1212
We can install the Amazon FSxN for NetApp ONTAP Trident CSI driver using helm. We will need to provide a required IAM role that has already been created for us as part fo the preperation for the workshop.
1313
```bash
1414
$ helm repo add netapp-trident https://netapp.github.io/trident-helm-chart
15-
$ helm install trident-operator netapp-trident/trident-operator --version 100.2410.0 --namespace trident --create-namespace --set cloudProvider=$CLOUD_PROVIDER --set cloudIdentity="$CLOUD_IDENTITY"
15+
$ helm install trident-operator netapp-trident/trident-operator --version 100.2410.0 --namespace trident --create-namespace
1616
```
1717

1818

@@ -30,7 +30,8 @@ trident-operator-588c7c854d-t4c4x 1/1 Running 0 102s
3030

3131
The FSx for NetApp ONTAP CSI driver supports dynamic and static provisioning. Currently dynamic provisioning creates an access point for each PersistentVolume. This mean an AWS EFS file system has to be created manually on AWS first and should be provided as an input to the StorageClass parameter. For static provisioning, AWS EFS file system needs to be created manually on AWS first. After that it can be mounted inside a container as a volume using the driver.
3232

33-
The workshop environment also has an FSx for NetApp ONTAP file system, Storage Virtual Machine (SVM) and the required security group pre-provisioned with an inbound rule that allows inbound NFS traffic for your Pods. You can retrieve information about the FSx for NetApp ONTAP file system by running the following AWS CLI command:
33+
The workshop environment also has an FSx for NetApp ONTAP file system, Storage Virtual Machine (SVM) and the required security group pre-provisioned with an inbound rule that allows inbound NFS traffic for your Pods.
34+
Retrieve the information about the FSx for NetApp ONTAP file system by running the following AWS CLI command:
3435

3536
```bash
3637
$ export FSXN_ID=$(aws fsx describe-file-systems --query 'FileSystems[?not_null(Tags[?Key==`Name` && Value==`eks-workshop-fsxn`])].FileSystemId' --output text)
@@ -39,7 +40,8 @@ $ export FSXN_ID=$(aws fsx describe-file-systems --query 'FileSystems[?not_null(
3940
Now, we'll need to create a TridentBackendConfig object configured to use the pre-provisioned FSx for NetApp ONTAP file system as part of this workshop infrastructure.
4041

4142
We'll be using Kustomize to create the backend and to ingest the following environment variables values in the configuration of the trident backend config object:
42-
- `FSXN_ID` in the parameter`fsxFilesystemID`
43+
- `FSXN_ID` in the parameter`fsxFilesystemID` - This the FSxN filesystem we're going to connect our CSI driver too.
44+
- `FSXN_SECRET_ARN` in the parameter `credentials.name` - This is the secret ARN with the credentials to connect to the ONTAP API interface.
4345

4446
```file
4547
manifests/modules/fundamentals/storage/fsxn/backend/fsxn-backend-nas.yaml

0 commit comments

Comments
 (0)