Skip to content

StackSimplify

Install AWS EBS CSI Drriver on AWS EKS

EKS Storage with EBS - Elastic Block Store¶

Step-01: Introduction¶

Create IAM Policy for EBS
Associate IAM Policy to Worker Node IAM Role
Install EBS CSI Driver

Step-02: Create IAM policyy¶

Go to Services -> IAM
Create a Policy

Select JSON tab and copy paste the below JSON

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "ec2:AttachVolume",
        "ec2:CreateSnapshot",
        "ec2:CreateTags",
        "ec2:CreateVolume",
        "ec2:DeleteSnapshot",
        "ec2:DeleteTags",
        "ec2:DeleteVolume",
        "ec2:DescribeInstances",
        "ec2:DescribeSnapshots",
        "ec2:DescribeTags",
        "ec2:DescribeVolumes",
        "ec2:DetachVolume"
      ],
      "Resource": "*"
    }
  ]
}

Review the same in Visual Editor
Click on Review Policy
Name: Amazon_EBS_CSI_Driver
Description: Policy for EC2 Instances to access Elastic Block Store
Click on Create Policy

Step-03: Get the IAM role Worker Nodes using and Associate this policy to that role¶

# Get Worker node IAM Role ARN
kubectl -n kube-system describe configmap aws-auth

# from output check rolearn
rolearn: arn:aws:iam::180789647333:role/eksctl-eksdemo1-nodegroup-eksdemo-NodeInstanceRole-IJN07ZKXAWNN

- Go to Services -> IAM -> Roles - Search for role with name eksctl-eksdemo1-nodegroup and open it - Click on Permissions tab - Click on Attach Policies - Search for Amazon_EBS_CSI_Driver and click on Attach Policy

Step-04: Deploy Amazon EBS CSI Driver¶

Verify kubectl version, it should be 1.14 or later
```
kubectl version --client --short
```

Deploy Amazon EBS CSI Driver

# Deploy EBS CSI Driver
kubectl apply -k "github.com/kubernetes-sigs/aws-ebs-csi-driver/deploy/kubernetes/overlays/stable/?ref=master"

# Verify ebs-csi pods running
kubectl get pods -n kube-system

AWS EKS - Elastic Kubernetes Service - Masterclass¶