0

I developed a web application for our students and i would like to run this now in a kubernetes container environment. Every user (could be seen as tenant) gets its own application environment (1:1 relation). the application environment consists of 2 pods (1x webserver, 1x database), defined by a deployment and a service.

I am using kubernetes v1.17.2 and i would like to use the feature of dynamic PersistentVolumeClaims together with the possibility to keep data of a specific user (tenant) between the deletion and re-creation of a new pod (e.g. case of updating to a new application version or after a hardware reboot).

I thought about using a environment variable at pod-creation (e.g. user-1, user-2, user-x,...) and using this information to allow a reusing of a dynamic created PersistentVolume.

is there any best-practise or concept how this can be achieved?

best regards shane

Shannon
  • 731
  • 3
  • 12
  • 26
  • Can you explain more what you mean about `user`? Is it `user` that is within application or is it a `user` that is Kubernetes one? – Dawid Kruk Jan 30 '20 at 16:55

1 Answers1

0

The outcome that you wish to achieve will be strongly connected to the solution that you are currently using.

It will differ between Kubernetes instances that are provisioned in cloud (for example GKE) and Kubernetes instances on premises (for example: kubeadm, kubespray).

Talking about the possibility to retain user data please refer to official documentation: Kubernetes.io: Persistent volumes reclaiming. It shows a way to retain data inside a pvc.

Be aware of that local static provisioner does not support dynamic provisioning.

The local volume static provisioner manages the PersistentVolume lifecycle for pre-allocated disks by detecting and creating PVs for each local disk on the host, and cleaning up the disks when released. It does not support dynamic provisioning.

Github.com: Storage local static provisioner

Contrary to that VMware Vsphere supports dynamic provisioning. If you are using this solution please refer to this documentation

In your question there is a lack of specific explanation of users in your environment. Are they inside your application or are they outside? Is the application authenticating users? One of solution will be to create users inside of Kubernetes by service accounts and limit their view to namespace specifically created for them.

For service account creation please refer to: Kubernetes.io: Configure service account.

Additionally you could also look on Statefulsets.

Dawid Kruk
  • 8,982
  • 2
  • 22
  • 45