I'm trying to mount an azureFile volume on a Windows AKS pod, but I get the error:
kubelet, MountVolume.SetUp failed for volume "fileshare" : New-SmbGlobalMapping failed: fork/exec C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe: The parameter is incorrect., output: ""
My pod.yml looks like:
apiVersion: v1
kind: Pod
metadata:
name: q-pod-sample-03
namespace: mq
spec:
containers:
- image: test.azurecr.io/q/p:01
name: q-ctr-sample-03
imagePullPolicy: "IfNotPresent"
volumeMounts:
- name: azfileshare
mountPath: 'c:/app/app-data'
nodeSelector:
"beta.kubernetes.io/os": windows
volumes:
- name: azfs
azureFile:
secretName: qastapv-share-01-secret
shareName: qastapv-share-01
readOnly: false
My secret.yml looks like:
apiVersion: v1
kind: Secret
metadata:
name: qastapv-share-01-secret
namespace: mq
type: Opaque
data:
azurestorageaccountname: <Base64Str>
azurestorageaccountkey: <Base64Str>
My PV looks like:
apiVersion: v1
kind: PersistentVolume
metadata:
name: pv-azfs-q-01
namespace: mq
spec:
capacity:
storage: 5Gi
accessModes:
- ReadWriteMany
azureFile:
secretName: qastapv-share-01-secret
shareName: qastapv-share-01
readOnly: false
mountOptions:
- dir_mode=0777
- file_mode=0777
- uid=1000
- gid=1000
What I'm missing here? I'm on AKS 1.14.
As I see, there is something wrong in your yaml file. First, in your pod yaml file:
apiVersion: v1
kind: Pod
metadata:
name: q-pod-sample-03
namespace: mq
spec:
containers:
- image: test.azurecr.io/q/p:01
name: q-ctr-sample-03
imagePullPolicy: "IfNotPresent"
volumeMounts:
- name: azfileshare
mountPath: 'c:/app/app-data'
nodeSelector:
"beta.kubernetes.io/os": windows
volumes:
- name: azfileshare # this name should be the same with the name in volumeMounts
azureFile:
secretName: qastapv-share-01-secret
shareName: qastapv-share-01
readOnly: false
And I do not know how do you convert the storage account name and the key into base64. So I also show two ways to create the secret in AKS.
One is to use the command to create as below:
kubectl create secret generic azure-secret --from-literal=azurestorageaccountname=$AKS_PERS_STORAGE_ACCOUNT_NAME --from-literal=azurestorageaccountkey=$STORAGE_KEY
Second is to use the yaml file and convert the storage account name and the key into base64 and input them in the yaml file as below:
echo 'storageAccountName' | base64
echo 'storageAccountKey' | base64
The yaml file as you show and input the output of the above commands.
Follow the above steps, you do not need to create the PV individual.
For more details, see Manually create and use a volume with Azure Files share in Azure Kubernetes Service (AKS). And if you want to use the PV/PVC, take a look at Mount volumes via PV and PVC.
Update:
If you use the yaml file to create the secret, you also need to pay attention to the operating system where convert the string into base64. The different operating system may have different rules for the base64. For you, you use the Windows nodes, so you need to convert the storage account name and the key into base64 on the Windows system. Below is the PowerShell command to convert:
$Name= [System.Text.Encoding]::UTF8.GetBytes("storageAccountName ")
[System.Convert]::ToBase64String($Name )
$Key = [System.Text.Encoding]::UTF8.GetBytes("storageAccountKey")
[System.Convert]::ToBase64String($Key)