Using Amazon EBS snapshots for persistent storage with your Amazon EKS cluster by leveraging add-ons

{"value":"Originally, containers were a great fit for stateless applications. However, for many use cases there is a need for persistent storage, without which stateful workloads aren’t possible. Kubernetes first introduced support for stateful workloads with in-tree volume plugins, meaning that the plugin code was part of the core Kubernetes code and shipped with the Kubernetes binaries. That proved quite challenging for vendors who wanted to add Kubernetes support to their storage platform, as these features needed to wait for the standard Kubernetes release cycle.\n\nThat led to the development of [Container Storage Interface](https://github.com/container-storage-interface/spec) (CSI), which is a standard for exposing arbitrary block and file storage systems to containerized workloads on container orchestration systems like Kubernetes.\n\nAmazon Elastic Block Stock ([Amazon EBS](https://docs.aws.amazon.com/ebs/?id=docs_gateway)) is a cloud block storage service that provides direct access from an [Amazon EC2](https://docs.aws.amazon.com/ec2/?id=docs_gateway) instance to a dedicated storage volume. Amazon [EBS Snapshots](https://aws.amazon.com/ebs/snapshots/) provide a simple and secure data protection solution designed to protect your block storage data, such as [Amazon EBS](https://aws.amazon.com/cn/ebs/?trk=cndc-detail) volumes.\n\nSupport for [Amazon EBS](https://aws.amazon.com/cn/ebs/?trk=cndc-detail) initially launched, as mentioned above, as an in-tree volume plugin in Kubernetes.\n\nWhen the CSI specification was published, we started developing a compatible driver for [Amazon EBS](https://aws.amazon.com/cn/ebs/?trk=cndc-detail). In 2018, we released the [EBS CSI driver](https://github.com/kubernetes-sigs/aws-ebs-csi-driver) on GitHub. Since its initial release, it’s gone through various releases and you can find the latest release and its features [here](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/releases).\n\nMoreover, the [Amazon EBS](https://aws.amazon.com/cn/ebs/?trk=cndc-detail) CSI driver is now generally available in [Amazon EKS](https://aws.amazon.com/cn/eks/?trk=cndc-detail) add-ons. An [Amazon EKS](https://aws.amazon.com/cn/eks/?trk=cndc-detail) Managed Add-on is software that provides supporting operational capabilities to Kubernetes applications, but isn’t specific to the application. For more details on [Amazon EKS](https://aws.amazon.com/cn/eks/?trk=cndc-detail) Managed Add-ons and the [Amazon EBS](https://aws.amazon.com/cn/ebs/?trk=cndc-detail) CSI driver refer to this [post](https://aws.amazon.com/blogs/containers/amazon-ebs-csi-driver-is-now-generally-available-in-amazon-eks-add-ons/).\n\n### **Solution overview**\nIn this post, we focus on a specific [Amazon EBS](https://aws.amazon.com/cn/ebs/?trk=cndc-detail) CSI driver feature: Kubernetes Volume Snapshots. Kubernetes Volume Snapshots lets you create a copy of your [Amazon EBS](https://aws.amazon.com/cn/ebs/?trk=cndc-detail) volume at a specific point in time. You can use this copy to bring a volume back to a prior state or to provision a new volume.\n\nFrom Kubernetes version 1.17 and newer, you can provision and attach [Amazon EBS](https://aws.amazon.com/cn/ebs/?trk=cndc-detail) volume snapshots to your pods with the following components:\n\n- [VolumeSnapshotClass](https://kubernetes.io/docs/concepts/storage/volume-snapshot-classes/)\n- [VolumeSnapshot](https://kubernetes.io/docs/concepts/storage/volume-snapshots/)\n\n\n### **Prerequisites**\n1.A prerequisite to complete this tutorial is to have an existing [Amazon EKS](https://aws.amazon.com/cn/eks/?trk=cndc-detail) cluster running Kubernetes version 1.20 or newer. If you need instructions on how to launch an [Amazon EKS](https://aws.amazon.com/cn/eks/?trk=cndc-detail) cluster, see the [Amazon EKS documentation](https://docs.aws.amazon.com/eks/latest/userguide/create-cluster.html).\n2.To use the snapshot functionality of the [Amazon EBS](https://aws.amazon.com/cn/ebs/?trk=cndc-detail) CSI driver, you must install the external snapshotter before the installation of the [Amazon EKS](https://aws.amazon.com/cn/eks/?trk=cndc-detail) Managed Add-on. The external snapshotter components must be installed in the following order:\n\n\n- [CustomResourceDefinition](https://github.com/kubernetes-csi/external-snapshotter/tree/master/client/config/crd): ```volumesnapshotclasses```, ```volumesnapshots``` and ```volumesnapshotcontents```\n- [RBAC](https://github.com/kubernetes-csi/external-snapshotter/blob/master/deploy/kubernetes/snapshot-controller/rbac-snapshot-controller.yaml): ```ClusterRole```, ```ClusterRoleBinding```, etc.\n- [Controller deployment](https://github.com/kubernetes-csi/external-snapshotter/blob/master/deploy/kubernetes/snapshot-controller/setup-snapshot-controller.yaml)\n\nA Custom Resource Definition (CRD) is an extension of the Kubernetes application programming interface (API) that is not necessarily available in a default Kubernetes installation. It represents a customization of a particular Kubernetes installation. However, many core Kubernetes functions are now built using custom resources, which makes Kubernetes more modular.\n\nThe volume snapshot controller watches Kubernetes Volume Snapshot CRD objects and triggers CreateSnapshot/DeleteSnapshot against a CSI endpoint. For more information, see [CSI Snapshotter](https://github.com/kubernetes-csi/external-snapshotter) on GitHub.\n\n3.The process of installing the CSI driver includes creating an Identity and Access Management (IAM) policy and a role that to use as part of the creation of a service account. [AWS](https://aws.amazon.com/) provides a managed policy for this called ```AmazonEBSCSIDriverPolicy```. Details on how to create an IAM role, service account, and attach the required AWS managed policy can be found [here](https://docs.aws.amazon.com/eks/latest/userguide/csi-iam-role.html).\n4.Once the IAM Role and Service Accounts have been created, you can continue the installation [Amazon EKS add-on support for the Amazon EBS CSI](https://docs.aws.amazon.com/eks/latest/userguide/managing-ebs-csi.html) following the [documentation](https://docs.aws.amazon.com/eks/latest/userguide/managing-ebs-csi.html).\n\nTo verify that everything has been installed correctly run the following command:\n\n```\\neksctl get addon —name aws-ebs-csi-driver —cluster my-cluster\\n```\n\nAn example output is similar to the following:\n\n```\\nNAME VERSION STATUS ISSUES \\naws-ebs-csi-driver v1.5.1-eksbuild.1 ACTIVE 0 \\n```\n\n### **Walkthrough**\n#### **Create a Storage Class and a Persistent Volume Claim**\nManaging storage is a distinct problem from managing compute instances. The Persistent Volume (PV), [PersistentVolume](https://kubernetes.io/docs/concepts/storage/persistent-volumes/), subsystem in Kubernetes provides an API for users and administrators that abstracts details of how storage is provided from how it is consumed. To do this, we introduce two new API resources: ```PersistentVolume``` and ```PersistentVolumeClaim```. A PV is a piece of storage in the cluster that has been provisioned by an administrator or has been dynamically provisioned using [Storage Classes](https://kubernetes.io/docs/concepts/storage/storage-classes/).\n\n1.Create the StorageClass and VolumeSnapshotClass:\n\n```\\nkubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/aws-ebs-csi-driver/master/examples/kubernetes/snapshot/manifests/classes/snapshotclass.yaml\\n\\nkubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/aws-ebs-csi-driver/master/examples/kubernetes/snapshot/manifests/classes/storageclass.yaml\\n```\n\n2.Deploy the demo pod on your cluster along with the The demo pod is used just as an example and is writing the current date and time in five-second intervals to a file called out.txt.\n\n```\\nkubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/aws-ebs-csi-driver/master/examples/kubernetes/snapshot/manifests/app/claim.yaml\\n\\nkubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/aws-ebs-csi-driver/master/examples/kubernetes/snapshot/manifests/app/pod.yaml\\n```\n\nRun the ```kubectl get pods``` command to verify that your pod is running. You should see something similar to the following diagram:\n\n\n\nAfter you verify that your pod is running, run the command below and you can see what is being written on the persistent volume.\n\n```\\nkubectl exec -it app cat /data/out.txt | tail -n 3\\n```\n\nYou should see something like the following diagram:\n\n\n\n**Test: Create a test Volume Snapshot Class and Snapshot**\n\n3.Create a ```VolumeSnapshot``` referencing the ```PersistentVolumeClaim``` name:\n\nYAML\n```\\ncat <<EOF | kubectl apply -f -\\napiVersion: snapshot.storage.k8s.io/v1\\nkind: VolumeSnapshot\\nmetadata:\\n name: ebs-volume-snapshot\\nspec:\\n volumeSnapshotClassName: csi-aws-vsc\\n source:\\n persistentVolumeClaimName: ebs-claim\\nEOF\\n```\n\n\nVerify the creation of a new [Amazon EBS](https://aws.amazon.com/cn/ebs/?trk=cndc-detail) Snapshot by navigating to the [Amazon EC2 ](https://aws.amazon.com/cn/ec2/?trk=cndc-detail)and then Volumes tab in the AWS Management console. You should see something to what is presented in the following diagram:\n\n\n\nYou can also verify the Volume Snapshot creation by running the following command:\n\n```\\nkubectl get volumesnapshot\\n```\n\nYou should see something similar to what is presented in the following diagram:\n\n\n\n**Validate:**\n\nTo test this, we delete the application we created in the Setup phase:\n\nYAML\n```\\nkubectl delete -f https://raw.githubusercontent.com/kubernetes-sigs/aws-ebs-csi-driver/master/examples/kubernetes/snapshot/manifests/app/pod.yaml\\n\\nkubectl delete -f https://raw.githubusercontent.com/kubernetes-sigs/aws-ebs-csi-driver/master/examples/kubernetes/snapshot/manifests/app/claim.yaml\\nWe restore a volume from the snapshot with a PersistentVolumeClaim referencing the VolumeSnapshot in its dataSource:\\n\\ncat <<EOF | kubectl apply -f -\\napiVersion: v1\\nkind: PersistentVolumeClaim\\nmetadata:\\n name: ebs-snapshot-restored-claim\\nspec:\\n accessModes:\\n - ReadWriteOnce\\n storageClassName: ebs-sc\\n resources:\\n requests:\\n storage: 10Gi\\n dataSource:\\n name: ebs-volume-snapshot\\n kind: VolumeSnapshot\\n apiGroup: snapshot.storage.k8s.io\\nEOF\\n```\n\n\nWe can now go ahead and re-create the application:\n\n```\\nkubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/aws-ebs-csi-driver/master/examples/kubernetes/snapshot/manifests/snapshot-restore/pod.yaml\\n```\n\nA new [Amazon EBS](https://aws.amazon.com/cn/ebs/?trk=cndc-detail) volume should have been created automatically from the snapshot you created in previous steps. You can verify this by navigating to [Amazon EC2 ](https://aws.amazon.com/cn/ec2/?trk=cndc-detail)and then **Volumes** tab in the AWS Management Console, as presented in the following diagram.\n\n\n\nVerify that the persistent volume attached to your pod has the data from the snapshot by running the command below:\n\n```\\nkubectl exec app -- cat /data/out.txt | head -n 10\\n```\n\nThe command should return information similar to that presented in the following diagram:\n\n\n\nThe [Amazon EBS](https://aws.amazon.com/cn/ebs/?trk=cndc-detail) volume created from the snapshot can have a different size from the original volume as shown in the screenshot below:\n\n\n\nIf you would like to review the examples that we have outlined throughout this post, please also refer to this [Github link](https://github.com/kubernetes-sigs/aws-ebs-csi-driver/blob/master/examples/kubernetes/snapshot/README.md).\n\n### **Conclusion**\n\nSnapshot operations is seen as a critical function for stateful workloads. By providing the means to run snapshot operations within the Kubernetes API, administrators can now handle snapshot use cases without having to go around the Kubernetes API. In this post, we showed you how to successfully leverage the [Amazon EBS](https://aws.amazon.com/cn/ebs/?trk=cndc-detail) CSI driver to add persistent storage to your pods by leveraging [Amazon EBS](https://aws.amazon.com/cn/ebs/?trk=cndc-detail) snapshots and EBS volumes. We hope this post helps with your Kubernetes projects.\n\n\n\n**Leo Drakopoulos**\n\nLeo is a Senior Solutions Architect working within the Financial Services Industry and he is focusing on AWS Serverless and Container based architectures. He cares about helping customers to adopt a culture of Innovation and to leverage Cloud native architectures.\n\n\n\n**Marco Ballerini**\n\nMarco is a Senior DevOps Consultant at Amazon Web Services.","render":"<p>Originally, containers were a great fit for stateless applications. However, for many use cases there is a need for persistent storage, without which stateful workloads aren’t possible. Kubernetes first introduced support for stateful workloads with in-tree volume plugins, meaning that the plugin code was part of the core Kubernetes code and shipped with the Kubernetes binaries. That proved quite challenging for vendors who wanted to add Kubernetes support to their storage platform, as these features needed to wait for the standard Kubernetes release cycle.</p>\n<p>That led to the development of <a href=\\"https://github.com/container-storage-interface/spec\\" target=\\"_blank\\">Container Storage Interface</a> (CSI), which is a standard for exposing arbitrary block and file storage systems to containerized workloads on container orchestration systems like Kubernetes.</p>\\n<p>Amazon Elastic Block Stock (<a href=\\"https://docs.aws.amazon.com/ebs/?id=docs_gateway\\" target=\\"_blank\\">Amazon EBS</a>) is a cloud block storage service that provides direct access from an <a href=\\"https://docs.aws.amazon.com/ec2/?id=docs_gateway\\" target=\\"_blank\\">Amazon EC2</a> instance to a dedicated storage volume. Amazon <a href=\\"https://aws.amazon.com/ebs/snapshots/\\" target=\\"_blank\\">EBS Snapshots</a> provide a simple and secure data protection solution designed to protect your block storage data, such as [Amazon EBS](https://aws.amazon.com/cn/ebs/?trk=cndc-detail) volumes.</p>\\n<p>Support for Amazon EBS initially launched, as mentioned above, as an in-tree volume plugin in Kubernetes.</p>\n<p>When the CSI specification was published, we started developing a compatible driver for Amazon EBS. In 2018, we released the <a href=\\"https://github.com/kubernetes-sigs/aws-ebs-csi-driver\\" target=\\"_blank\\">EBS CSI driver</a> on GitHub. Since its initial release, it’s gone through various releases and you can find the latest release and its features <a href=\\"https://github.com/kubernetes-sigs/aws-ebs-csi-driver/releases\\" target=\\"_blank\\">here</a>.</p>\\n<p>Moreover, the Amazon EBS CSI driver is now generally available in Amazon EKS add-ons. An Amazon EKS Managed Add-on is software that provides supporting operational capabilities to Kubernetes applications, but isn’t specific to the application. For more details on Amazon EKS Managed Add-ons and the Amazon EBS CSI driver refer to this <a href=\\"https://aws.amazon.com/blogs/containers/amazon-ebs-csi-driver-is-now-generally-available-in-amazon-eks-add-ons/\\" target=\\"_blank\\">post</a>.</p>\\n<h3><a id=\\"Solution_overview_12\\"></a><strong>Solution overview</strong></h3>\\n<p>In this post, we focus on a specific Amazon EBS CSI driver feature: Kubernetes Volume Snapshots. Kubernetes Volume Snapshots lets you create a copy of your Amazon EBS volume at a specific point in time. You can use this copy to bring a volume back to a prior state or to provision a new volume.</p>\n<p>From Kubernetes version 1.17 and newer, you can provision and attach Amazon EBS volume snapshots to your pods with the following components:</p>\n<ul>\\n<li><a href=\\"https://kubernetes.io/docs/concepts/storage/volume-snapshot-classes/\\" target=\\"_blank\\">VolumeSnapshotClass</a></li>\\n<li><a href=\\"https://kubernetes.io/docs/concepts/storage/volume-snapshots/\\" target=\\"_blank\\">VolumeSnapshot</a></li>\\n</ul>\n<h3><a id=\\"Prerequisites_21\\"></a><strong>Prerequisites</strong></h3>\\n<p>1.A prerequisite to complete this tutorial is to have an existing Amazon EKS cluster running Kubernetes version 1.20 or newer. If you need instructions on how to launch an Amazon EKS cluster, see the <a href=\\"https://docs.aws.amazon.com/eks/latest/userguide/create-cluster.html\\" target=\\"_blank\\">Amazon EKS documentation</a>.<br />\\n2.To use the snapshot functionality of the Amazon EBS CSI driver, you must install the external snapshotter before the installation of the Amazon EKS Managed Add-on. The external snapshotter components must be installed in the following order:</p>\n<ul>\\n<li><a href=\\"https://github.com/kubernetes-csi/external-snapshotter/tree/master/client/config/crd\\" target=\\"_blank\\">CustomResourceDefinition</a>: <code>volumesnapshotclasses</code>, <code>volumesnapshots</code> and <code>volumesnapshotcontents</code></li>\\n<li><a href=\\"https://github.com/kubernetes-csi/external-snapshotter/blob/master/deploy/kubernetes/snapshot-controller/rbac-snapshot-controller.yaml\\" target=\\"_blank\\">RBAC</a>: <code>ClusterRole</code>, <code>ClusterRoleBinding</code>, etc.</li>\\n<li><a href=\\"https://github.com/kubernetes-csi/external-snapshotter/blob/master/deploy/kubernetes/snapshot-controller/setup-snapshot-controller.yaml\\" target=\\"_blank\\">Controller deployment</a></li>\\n</ul>\n<p>A Custom Resource Definition (CRD) is an extension of the Kubernetes application programming interface (API) that is not necessarily available in a default Kubernetes installation. It represents a customization of a particular Kubernetes installation. However, many core Kubernetes functions are now built using custom resources, which makes Kubernetes more modular.</p>\n<p>The volume snapshot controller watches Kubernetes Volume Snapshot CRD objects and triggers CreateSnapshot/DeleteSnapshot against a CSI endpoint. For more information, see <a href=\\"https://github.com/kubernetes-csi/external-snapshotter\\" target=\\"_blank\\">CSI Snapshotter</a> on GitHub.</p>\\n<p>3.The process of installing the CSI driver includes creating an Identity and Access Management (IAM) policy and a role that to use as part of the creation of a service account. <a href=\\"https://aws.amazon.com/\\" target=\\"_blank\\">AWS</a> provides a managed policy for this called <code>AmazonEBSCSIDriverPolicy</code>. Details on how to create an IAM role, service account, and attach the required AWS managed policy can be found <a href=\\"https://docs.aws.amazon.com/eks/latest/userguide/csi-iam-role.html\\" target=\\"_blank\\">here</a>.<br />\\n4.Once the IAM Role and Service Accounts have been created, you can continue the installation <a href=\\"https://docs.aws.amazon.com/eks/latest/userguide/managing-ebs-csi.html\\" target=\\"_blank\\">Amazon EKS add-on support for the Amazon EBS CSI</a> following the <a href=\\"https://docs.aws.amazon.com/eks/latest/userguide/managing-ebs-csi.html\\" target=\\"_blank\\">documentation</a>.</p>\\n<p>To verify that everything has been installed correctly run the following command:</p>\n<pre><code class=\\"lang-\\">eksctl get addon —name aws-ebs-csi-driver —cluster my-cluster\\n</code></pre>\\n<p>An example output is similar to the following:</p>\n<pre><code class=\\"lang-\\">NAME VERSION STATUS ISSUES \\naws-ebs-csi-driver v1.5.1-eksbuild.1 ACTIVE 0 \\n</code></pre>\\n<h3><a id=\\"Walkthrough_50\\"></a><strong>Walkthrough</strong></h3>\\n<h4><a id=\\"Create_a_Storage_Class_and_a_Persistent_Volume_Claim_51\\"></a><strong>Create a Storage Class and a Persistent Volume Claim</strong></h4>\\n<p>Managing storage is a distinct problem from managing compute instances. The Persistent Volume (PV), <a href=\\"https://kubernetes.io/docs/concepts/storage/persistent-volumes/\\" target=\\"_blank\\">PersistentVolume</a>, subsystem in Kubernetes provides an API for users and administrators that abstracts details of how storage is provided from how it is consumed. To do this, we introduce two new API resources: <code>PersistentVolume</code> and <code>PersistentVolumeClaim</code>. A PV is a piece of storage in the cluster that has been provisioned by an administrator or has been dynamically provisioned using <a href=\\"https://kubernetes.io/docs/concepts/storage/storage-classes/\\" target=\\"_blank\\">Storage Classes</a>.</p>\\n<p>1.Create the StorageClass and VolumeSnapshotClass:</p>\n<pre><code class=\\"lang-\\">kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/aws-ebs-csi-driver/master/examples/kubernetes/snapshot/manifests/classes/snapshotclass.yaml\\n\\nkubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/aws-ebs-csi-driver/master/examples/kubernetes/snapshot/manifests/classes/storageclass.yaml\\n</code></pre>\\n<p>2.Deploy the demo pod on your cluster along with the The demo pod is used just as an example and is writing the current date and time in five-second intervals to a file called out.txt.</p>\n<pre><code class=\\"lang-\\">kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/aws-ebs-csi-driver/master/examples/kubernetes/snapshot/manifests/app/claim.yaml\\n\\nkubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/aws-ebs-csi-driver/master/examples/kubernetes/snapshot/manifests/app/pod.yaml\\n</code></pre>\\n<p>Run the <code>kubectl get pods</code> command to verify that your pod is running. You should see something similar to the following diagram:</p>\\n<p><img src=\\"https://dev-media.amazoncloud.cn/b02cdb77033e4cc195c414c6f7ffbbdb_image.png\\" alt=\\"image.png\\" /></p>\n<p>After you verify that your pod is running, run the command below and you can see what is being written on the persistent volume.</p>\n<pre><code class=\\"lang-\\">kubectl exec -it app cat /data/out.txt | tail -n 3\\n</code></pre>\\n<p>You should see something like the following diagram:</p>\n<p><img src=\\"https://dev-media.amazoncloud.cn/9f2fc7874fbb4ea29aff5782ae4c5173_image.png\\" alt=\\"image.png\\" /></p>\n<p><strong>Test: Create a test Volume Snapshot Class and Snapshot</strong></p>\\n<p>3.Create a <code>VolumeSnapshot</code> referencing the <code>PersistentVolumeClaim</code> name:</p>\\n<p>YAML</p>\n<pre><code class=\\"lang-\\">cat &lt;&lt;EOF | kubectl apply -f -\\napiVersion: snapshot.storage.k8s.io/v1\\nkind: VolumeSnapshot\\nmetadata:\\n name: ebs-volume-snapshot\\nspec:\\n volumeSnapshotClassName: csi-aws-vsc\\n source:\\n persistentVolumeClaimName: ebs-claim\\nEOF\\n</code></pre>\\n<p>Verify the creation of a new Amazon EBS Snapshot by navigating to the Amazon EC2 and then Volumes tab in the AWS Management console. You should see something to what is presented in the following diagram:</p>\n<p><img src=\\"https://dev-media.amazoncloud.cn/dd7440dacec44ca081bfc8e509c45e0a_image.png\\" alt=\\"image.png\\" /></p>\n<p>You can also verify the Volume Snapshot creation by running the following command:</p>\n<pre><code class=\\"lang-\\">kubectl get volumesnapshot\\n</code></pre>\\n<p>You should see something similar to what is presented in the following diagram:</p>\n<p><img src=\\"https://dev-media.amazoncloud.cn/aa819abea6fa4a22b6a420bac305da86_image.png\\" alt=\\"image.png\\" /></p>\n<p><strong>Validate:</strong></p>\\n<p>To test this, we delete the application we created in the Setup phase:</p>\n<p>YAML</p>\n<pre><code class=\\"lang-\\">kubectl delete -f https://raw.githubusercontent.com/kubernetes-sigs/aws-ebs-csi-driver/master/examples/kubernetes/snapshot/manifests/app/pod.yaml\\n\\nkubectl delete -f https://raw.githubusercontent.com/kubernetes-sigs/aws-ebs-csi-driver/master/examples/kubernetes/snapshot/manifests/app/claim.yaml\\nWe restore a volume from the snapshot with a PersistentVolumeClaim referencing the VolumeSnapshot in its dataSource:\\n\\ncat &lt;&lt;EOF | kubectl apply -f -\\napiVersion: v1\\nkind: PersistentVolumeClaim\\nmetadata:\\n name: ebs-snapshot-restored-claim\\nspec:\\n accessModes:\\n - ReadWriteOnce\\n storageClassName: ebs-sc\\n resources:\\n requests:\\n storage: 10Gi\\n dataSource:\\n name: ebs-volume-snapshot\\n kind: VolumeSnapshot\\n apiGroup: snapshot.storage.k8s.io\\nEOF\\n</code></pre>\\n<p>We can now go ahead and re-create the application:</p>\n<pre><code class=\\"lang-\\">kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/aws-ebs-csi-driver/master/examples/kubernetes/snapshot/manifests/snapshot-restore/pod.yaml\\n</code></pre>\\n<p>A new Amazon EBS volume should have been created automatically from the snapshot you created in previous steps. You can verify this by navigating to Amazon EC2 and then <strong>Volumes</strong> tab in the AWS Management Console, as presented in the following diagram.</p>\\n<p><img src=\\"https://dev-media.amazoncloud.cn/7585324303b1471e826255721fc80157_image.png\\" alt=\\"image.png\\" /></p>\n<p>Verify that the persistent volume attached to your pod has the data from the snapshot by running the command below:</p>\n<pre><code class=\\"lang-\\">kubectl exec app -- cat /data/out.txt | head -n 10\\n</code></pre>\\n<p>The command should return information similar to that presented in the following diagram:</p>\n<p><img src=\\"https://dev-media.amazoncloud.cn/175bbb79abbc4105974076e6776e93e1_image.png\\" alt=\\"image.png\\" /></p>\n<p>The Amazon EBS volume created from the snapshot can have a different size from the original volume as shown in the screenshot below:</p>\n<p><img src=\\"https://dev-media.amazoncloud.cn/c637fb10e54c49a4937e04c767a02e24_image.png\\" alt=\\"image.png\\" /></p>\n<p>If you would like to review the examples that we have outlined throughout this post, please also refer to this <a href=\\"https://github.com/kubernetes-sigs/aws-ebs-csi-driver/blob/master/examples/kubernetes/snapshot/README.md\\" target=\\"_blank\\">Github link</a>.</p>\\n<h3><a id=\\"Conclusion_174\\"></a><strong>Conclusion</strong></h3>\\n<p>Snapshot operations is seen as a critical function for stateful workloads. By providing the means to run snapshot operations within the Kubernetes API, administrators can now handle snapshot use cases without having to go around the Kubernetes API. In this post, we showed you how to successfully leverage the Amazon EBS CSI driver to add persistent storage to your pods by leveraging Amazon EBS snapshots and EBS volumes. We hope this post helps with your Kubernetes projects.</p>\n<p><img src=\\"https://dev-media.amazoncloud.cn/161e861aa84d4607918ce7508466c050_image.png\\" alt=\\"image.png\\" /></p>\n<p><strong>Leo Drakopoulos</strong></p>\\n<p>Leo is a Senior Solutions Architect working within the Financial Services Industry and he is focusing on AWS Serverless and Container based architectures. He cares about helping customers to adopt a culture of Innovation and to leverage Cloud native architectures.</p>\n<p><img src=\\"https://dev-media.amazoncloud.cn/ce07d7c4cefd41d2895edb74fab25465_image.png\\" alt=\\"image.png\\" /></p>\n<p><strong>Marco Ballerini</strong></p>\\n<p>Marco is a Senior DevOps Consultant at Amazon Web Services.</p>\n"}