Skip to main content
Loading
Version: Operator 3.2.2

Use All-Flash for Aerospike on Kubernetes

danger

For versions prior to Database 6.3, all flash requires the Aerospike pod to be run in elevated privileged mode. In privileged mode when using index on flash, Aerospike Server tweaks the Kubernetes worker node's sysctls for Virtual Memory.

See privileged: true in the podSpec below.

For Aerospike Database 6.3 and later, all flash can run in unprivileged mode if all the required flash kernel parameters are set on all the Kubernetes nodes. Refer Linux best practices for All-Flash deployment

This example creates a cluster where Aerospike data and index both use flash storage. For more information on all-flash and other storage configurations, see the Aerospike documentation for namespace storage configuration.

caution

There is an issue with Kubernetes versions 1.21 and 1.22 where volumeDevices mapping is ignored when containers run in privileged mode.

This bug does not affect Kubernetes v1.23+ and containerd v1.15.10+ in our testing. We recommend the same or higher versions of Kubernetes and containerd for running All-Flash Aerospike clusters.

To set this up, see the example Aerospike CR below:

apiVersion: asdb.aerospike.com/v1
kind: AerospikeCluster
metadata:
name: aerocluster
namespace: aerospike

spec:
size: 2
image: aerospike/aerospike-server-enterprise:7.0.0.0

storage:
filesystemVolumePolicy:
initMethod: deleteFiles
cascadeDelete: true
blockVolumePolicy:
cascadeDelete: true
volumes:
- name: workdir
aerospike:
path: /opt/aerospike
source:
persistentVolume:
storageClass: ssd
volumeMode: Filesystem
size: 1Gi
- name: ns
aerospike:
path: /test/dev/xvdf
source:
persistentVolume:
storageClass: ssd
volumeMode: Block
size: 5Gi
- name: ns-index
aerospike:
path: /test/dev/xvdf-index
source:
persistentVolume:
storageClass: ssd
volumeMode: Filesystem
size: 5Gi
- name: aerospike-config-secret
source:
secret:
secretName: aerospike-secret
aerospike:
path: /etc/aerospike/secret

podSpec:
multiPodPerHost: true
aerospikeContainer:
securityContext:
privileged: true

aerospikeAccessControl:
users:
- name: admin
secretName: auth-secret
roles:
- sys-admin
- user-admin
- data-admin
- read
- write

aerospikeConfig:
service:
feature-key-file: /etc/aerospike/secret/features.conf
security: {}
network:
service:
port: 3000
fabric:
port: 3001
heartbeat:
port: 3002
namespaces:
- name: test
replication-factor: 2
index-type:
type: flash
mounts:
- /test/dev/xvdf-index
mounts-budget: 4294967296
storage-engine:
type: device
devices:
- /test/dev/xvdf

For the full CR file, see the example all-flash cluster CR.

This and other example CRs are stored in the main Aerospike Kubernetes Operator repository.

Save and exit the CR file, then use kubectl to apply the change.

kubectl apply -f aerospike-cluster.yaml