There are several optional parameters that may be passed into CreateVolumeRequest.parameters map, these parameters can be configured in StorageClass, see example. Unless explicitly noted, all parameters are case insensitive (e.g. "kmsKeyId", "kmskeyid" and any other combination of upper/lowercase characters can be used).
The AWS EBS CSI Driver supports tagging through StorageClass.parameters (in v1.6.0 and later).
| Parameters | Values | Default | Description |
|---|---|---|---|
| "csi.storage.k8s.io/fstype" | xfs, ext3, ext4 | ext4 | File system type that will be formatted during volume creation. This parameter is case sensitive! |
| "type" | io1, io2, gp2, gp3, sc1, st1, standard | gp3* | EBS volume type. |
| "iopsPerGB" | I/O operations per second per GiB. Can be specified for IO1, IO2, and GP3. If iopsPerGB * <volume size> exceeds volume limits, the IOPS will be capped at the maximum allowed for that volume type and the call will succeed. |
||
| "allowAutoIOPSPerGBIncrease" | true, false | false | When "true", the CSI driver increases IOPS for a volume when iopsPerGB * <volume size> is too low to fit into IOPS range supported by AWS. This allows dynamic provisioning to always succeed, even when user specifies too small PVC capacity or iopsPerGB value. On the other hand, it may introduce additional costs, as such volumes have higher IOPS than requested in iopsPerGB. |
| "allowAutoIOPSIncreaseOnModify" | true, false | false | When "true", the CSI Driver adjusts IOPS for a volume during resizing if iopsPerGB is set. This ensures that the volume maintains the desired IOPS/GiB ratio. |
| "iops" | I/O operations per second. Can be specified for IO1, IO2, and GP3 volumes. | ||
| "throughput" | 125 | Throughput in MiB/s. Only effective when gp3 volume type is specified. If empty, it will set to 125MiB/s as documented here. | |
| "encrypted" | true, false | false | Whether the volume should be encrypted or not. Valid values are "true" or "false". |
| "kmsKeyId" | The full ARN of the key to use when encrypting the volume. If not specified, AWS will use the default KMS key for the region the volume is in. This will be an auto-generated key called /aws/ebs if not changed. |
||
| "blockSize" | The block size to use when formatting the underlying filesystem. Only supported on linux nodes and with fstype ext3, ext4, or xfs. |
||
| "inodeSize" | The inode size to use when formatting the underlying filesystem. Only supported on linux nodes and with fstype ext3, ext4, or xfs. |
||
| "bytesPerInode" | The bytes-per-inode to use when formatting the underlying filesystem. Only supported on linux nodes and with fstype ext3, ext4. |
||
| "numberOfInodes" | The number-of-inodes to use when formatting the underlying filesystem. Only supported on linux nodes and with fstype ext3, ext4. |
||
| "ext4BigAlloc" | true, false | false | Changes the ext4 filesystem to use clustered block allocation by enabling the bigalloc formatting option. Warning: bigalloc may not be fully supported with your node's Linux kernel. Please see our FAQ. |
| "ext4ClusterSize" | The cluster size to use when formatting an ext4 filesystem when the bigalloc feature is enabled. Note: The ext4BigAlloc parameter must be set to true. See our FAQ. |
||
| "ext4EncryptionSupport" | true, false | false | Enables the ext4 filesystem-level encryption feature. This is for filesystem-level encryption, for EBS-native encryption of the entire volume see the "encrypted" and "kmsKeyId" parameters above. Only supported on linux nodes with fstype ext4 running kernels with CONFIG_FS_ENCRYPTION enabled. NOTE: This parameter only enables the ext4 feature when formatting, it does not actually encrypt files, that must be done by the pod using the volume. |
| "volumeInitializationRate" | integer | When creating a volume from a snapshot, this parameter can be used to request a provisioned initialization rate, in MiB/s. |
- The EBS CSI Driver defaults to
gp3volumes when no volume type is specified. If the outpost does not supportgp3volumes, specify a supported volume type via aStorageClass. - If the requested IOPS (either directly from
iopsor fromiopsPerGBmultiplied by the volume's capacity) produces a value above the maximum IOPS allowed for the volume type, the IOPS will be capped at the maximum value allowed. If the value is lower than the minimal supported IOPS value per volume, either an error is returned (the default behavior), or the value is increased to fit into the supported range whenallowautoiopspergbincreaseis"true". - You may specify either the "iops" or "iopsPerGb" parameters, not both. Specifying both parameters will result in an invalid StorageClass.
- When using
iopsPerGb, the maximum supported IOPS will be automatically detected via a dry-runCreateVolumeAPI call. - To see the performance characteristics of the various volume types go to the Amazon EBS Volume Types documentation.
The EBS CSI Driver supports the WaitForFirstConsumer volume binding mode in Kubernetes. When using WaitForFirstConsumer binding mode the volume will automatically be created in the appropriate Availability Zone and with the appropriate topology. The WaitForFirstConsumer binding mode is recommended whenever possible for dynamic provisioning.
When using static provisioning, or if WaitForFirstConsumer is not suitable for a specific usecase, the Availability Zone can be specified via the standard CSI topology mechanisms. The EBS CSI Driver supports specifying the Availability Zone via either the key topology.kubernetes.io/zone or the key topology.ebs.csi.aws.com/zone. Addtionally you can specify the topology of your volume by Availability Zone ID using topology.k8s.aws/zone-id or by Outpost ARN using topology.ebs.csi.aws.com/outpost-id
On Kubernetes, the Availability Zone of dynamically provisioned volumes can be restricted with the StorageClass's allowedTopologies parameter, for example:
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: ebs-sc
provisioner: ebs.csi.aws.com
allowedTopologies:
- matchLabelExpressions:
- key: topology.kubernetes.io/zone
values:
- us-east-1a
Additionally, statically provisioned volumes can be restricted to pods in the appropriate Availability Zone, see the static provisioning example.