Add Persistent Volume Support Using DigitalOcean Block Storage - Part II

Add Persistent Volume Support Using DigitalOcean Block Storage - Part II

This is the 2nd part in our $65 Kubernetes Cluster on DigitalOcean series, you can goto Part I to read on how to setup your cluster if you haven't done so yet.

There's also a video tutorial here for those who prefer to watch instead of read.


By default, when you setup a kubernetes cluster on digitalocean manually, there isn't any persistent volume support even though digitalocean has block storage.

Our aim is to enable persistent volume support backed by digitalocean's block storage using a storage provisioner plugin.

This tutorial assumes you have a running kubernetes cluster setup on digitalocean using CoreOS (setup might vary for other operating systems) with RBAC enabled (usually enabled by default with versions 1.9 and above).

You'll need a digitalocean access token, get one from your account here.

Step 1: Configure Access Token

Base64 encode your digitalocean access token, you can use You should get an encoded string like this:


Insert the encoded string into the following yaml file and save it your system as  digitalocean-secret.yml

And finally create the secret using the command:

kubectl create -f digitalocean-secret.yml

Step 2: Update kubelet service with volume plugin directory

We'll need to create the volume plugin directory and tell the kubelet service where the directory lives, this has to be done on the kubenetes master & all worker nodes. Save this script as

And run the following command:

ssh core@[kubernetes-master-ip-goes-here] "bash -s" < ./
ssh core@[repeat-for-each-worker-node-ip-goes-here] "bash -s" < ./

If everything goes well, it should exit with out any errors.

Step 3: Update kube-controller-manager

Next we'll need to update the kube-controller manager with the right path to ssl certs, as the defaults don't exist, we'll need point it to the default volume plugin directory. Ssh into your kubernetes master with ssh core@[kubernetes-master-ip-goes-here] and update the following file /etc/kubernetes/manifests/kube-controller-manager.yaml using the root user:

Under spec.containers.command add the following:

- --flex-volume-plugin-dir=/etc/kubernetes/kubelet-plugins/volume

Under spec.containers.volumeMounts add the following:

    - mountPath: /etc/kubernetes/kubelet-plugins/volume
      name: flexvolume-mount
      readOnly: true

Under spec.volumes update the following:

  - hostPath:
      path: /etc/ssl/certs
      type: DirectoryOrCreate
    name: ca-certs

with this yaml (this will update the ssl certs to the right path):

  - hostPath:
      path: /usr/share/ca-certificates
      type: DirectoryOrCreate
    name: ca-certs

And then add the flex volume-mount:

  - hostPath:
      path: /etc/kubernetes/kubelet-plugins/volume
      type: DirectoryOrCreate
    name: flexvolume-mount

Save the file and finally restart the sublet service with systemctl restart kubelet

Step 4: Deploy the digitalocean storage provisioner plugin

Deploy RBAC rules

Save the rbac rules as digitalocean-flexplugin-rbac.yml and create the rules using the following:

kubectl create -f digitalocean-flexplugin-rbac.yml

Deploy digitalocean provisioner

Save the provisioner as digitalocean-provisioner.yml and deploy using the following:

kubectl create -f digitalocean-provisioner.yml

Deploy the digitalocean flexplugin

Save the flexplugin as digitalocean-flexplugin-deploy.yml and deploy using the following:

kubectl create -f digitalocean-flexplugin-deploy.yml

Deploy the storage class

Important!: Change the zone on Line 8 above to the same region as your cluster & also the name on Line 4.

Save the storage class as ditigalocean-sc.yml and deploy using the following:

kubectl create -f ditigalocean-sc.yml

Step 5

Let's deploy a sample application which will utilise a persistent volume to make sure our deployment is working.

Important!: Change the storageClassName on Line 11 above to the same name you gave your storage class.

Save the deployment as ditigalocean-pv-example.yml and deploy using the following:

kubectl create -f ditigalocean-pv-example.yml

To check If your deployment succeeds, goto your digitalocean account under Droplets > Volumes, you should see a 1Gb volume provisioned and attached to one of your nodes. If this is the case, you have successfully added persistent volume support to your kubernetes cluster. Yay!!!


Next in our series, we'll install and enable our kubernetes dashboard! But still to come, installing helm & automatic ssl certificates backed by letsencrypt. Stay tuned.

I hope this helps.