CSI-S3
CSI-S3 is a Container Storage Interface driver that mounts an S3-compatible bucket as a Kubernetes persistent volume. Pods read and write the bucket as if it were a regular volume.
Install via Helm
helm repo add yandex-cloud https://yandex-cloud.github.io/k8s-csi-s3/charts/
helm install csi-s3 yandex-cloud/csi-s3 \
--namespace kube-system \
--set secret.endpoint=https://s3.filebase.io \
--set secret.accessKey=YOUR_FILEBASE_KEY \
--set secret.secretKey=YOUR_FILEBASE_SECRET \
--set storageClass.region=auto
Define a StorageClass
storage-class.yaml
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: csi-s3
provisioner: ru.yandex.s3.csi
parameters:
mounter: geesefs
bucket: my-csi-bucket
endpoint: https://s3.filebase.io
region: auto
csi.storage.k8s.io/provisioner-secret-name: csi-s3-secret
csi.storage.k8s.io/provisioner-secret-namespace: kube-system
csi.storage.k8s.io/node-publish-secret-name: csi-s3-secret
csi.storage.k8s.io/node-publish-secret-namespace: kube-system
kubectl apply -f storage-class.yaml
PersistentVolumeClaim
pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: csi-s3-pvc
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 10Gi
storageClassName: csi-s3
Use in a pod
apiVersion: apps/v1
kind: Deployment
metadata:
name: example
spec:
replicas: 1
selector:
matchLabels:
app: example
template:
metadata:
labels:
app: example
spec:
containers:
- name: app
image: my-app:latest
volumeMounts:
- name: filebase
mountPath: /data
volumes:
- name: filebase
persistentVolumeClaim:
claimName: csi-s3-pvc
The /data directory inside the container is now backed by Filebase.
Performance notes
CSI-S3 (via geesefs) is convenient but slower than block storage. Use for:
- Sharing files between pods (
ReadWriteMany). - Workloads with small / occasional I/O.
Avoid for:
- Database persistence (use a real PV).
- Hot-path read workloads (use object storage directly via the S3 API).
What's next
- Velero — Kubernetes backup
- Kasten K10 — Kubernetes data management