What is StorageClass?
StorageClass Definition
- Describes the "classes" of storage offered by the admin
- An abstraction on top of an external storage resource
- No need to set a capacity in the StorageClass
- Eliminates the need for the admin to pre-provision Persistent Volumes
- Enables dynamic provisioning of storage
Key Benefits
Resource Efficiency
No wasted storage - volumes are created with exact requested size
Automation
Automatic PV creation when PVC is created
Flexibility
Multiple storage classes for different performance needs
How Dynamic Provisioning Works
- User creates a PVC referencing a StorageClass
- StorageClass triggers the provisioner to create storage
- Provisioner creates a PV with the requested specifications
- PVC automatically binds to the newly created PV
- Pod uses the PVC and gets access to the storage
StorageClass Configuration
Basic StorageClass Definition
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: fast
provisioner: kubernetes.io/aws-ebs
parameters:
type: gp2
fsType: ext4
reclaimPolicy: Delete
volumeBindingMode: Immediate
allowVolumeExpansion: trueConfiguration Parameters
Provisioner
Determines which volume plugin is used for provisioning PVs
kubernetes.io/gce-pd
kubernetes.io/azure-disk
Parameters
Storage backend specific configuration
replication-type: regional-pd (GCP)
storageaccounttype: Premium_LRS (Azure)
Advanced StorageClass Examples
# AWS EBS with encryption
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: encrypted-fast
provisioner: kubernetes.io/aws-ebs
parameters:
type: gp3
fsType: ext4
encrypted: "true"
reclaimPolicy: Delete
volumeBindingMode: WaitForFirstConsumer# NFS StorageClass
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: nfs-shared
provisioner: example.com/nfs
parameters:
server: nfs-server.example.com
path: /exports
reclaimPolicy: Retain
volumeBindingMode: ImmediateAccess Modes
ReadWriteMany (RWX)
The volume can be mounted as read-write by many pods
ReadOnlyMany (ROX)
The volume can be mounted read-only by many pods
ReadWriteOnce (RWO)
The volume can be mounted as read-write by a single pod
Note: With ReadWriteOnce, the pod that mounts the volume first will be able to write to it. Other pods can mount it in read-only mode if the storage backend supports it.
Access Mode Support by Storage Backend
| Storage Type | RWO | ROX | RWX |
|---|---|---|---|
| AWS EBS | |||
| AWS EFS | |||
| NFS | |||
| Azure Disk |
Reclaim Policies
Delete Policy
Delete the data upon PVC deletion
This is the default policy for dynamically provisioned volumes
Retain Policy
Keeps the data upon PVC deletion
Manual cleanup required. Keeps data safe from accidental deletion.
Delete Policy Behavior
- Automatically deletes both PV and underlying storage
- Ideal for temporary or reproducible data
- Prevents storage resource leaks
- Default for most cloud providers
Retain Policy Behavior
- PV enters "Released" state when PVC is deleted
- Underlying storage and data are preserved
- Manual intervention required to reclaim
- Ideal for critical or irreplaceable data
kubectl StorageClass Commands
Deploy StorageClass or PVC
Create StorageClass and PVC resources from YAML files
Get StorageClass and PVC Lists
kubectl get pvc
List all StorageClasses and PersistentVolumeClaims
Describe StorageClass
Get detailed information about a StorageClass
Delete StorageClass and PVC
kubectl delete sc [className]
kubectl delete pvc [pvcName]
Delete using YAML file or resource names
Complete Dynamic Provisioning Example
StorageClass Definition
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: fast-ssd
annotations:
storageclass.kubernetes.io/is-default-class: "true"
provisioner: kubernetes.io/aws-ebs
parameters:
type: gp3
iops: "3000"
throughput: "125"
encrypted: "true"
reclaimPolicy: Delete
volumeBindingMode: WaitForFirstConsumer
allowVolumeExpansion: truePersistentVolumeClaim
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: app-data-pvc
namespace: production
spec:
accessModes:
- ReadWriteOnce
storageClassName: fast-ssd
resources:
requests:
storage: 100GiDeployment Using the PVC
apiVersion: apps/v1
kind: Deployment
metadata:
name: database-app
namespace: production
spec:
replicas: 1
selector:
matchLabels:
app: database
template:
metadata:
labels:
app: database
spec:
containers:
- name: database
image: postgres:14
volumeMounts:
- name: data-storage
mountPath: /var/lib/postgresql/data
env:
- name: POSTGRES_DB
value: "mydatabase"
- name: POSTGRES_USER
value: "admin"
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: db-secret
key: password
volumes:
- name: data-storage
persistentVolumeClaim:
claimName: app-data-pvcDynamic Provisioning Benefits
- No pre-provisioning: PV created automatically
- Exact sizing: 100GB allocated as requested
- Encryption: Data encrypted at rest
- Performance: GP3 with specified IOPS
- Expansion: Volume can be expanded later
Deployment Steps
- Create the StorageClass (cluster admin)
- Create the PersistentVolumeClaim
- Kubernetes automatically provisions PV
- Create the Deployment using the PVC
- Verify pod has access to storage
Dynamic Provisioning Best Practices
StorageClass Design
- Create multiple StorageClasses for different performance tiers
- Set appropriate default StorageClass for the cluster
- Use descriptive names (fast-ssd, slow-hdd, shared-nfs)
- Enable volume expansion when supported by the provisioner
- Configure encryption for sensitive data
PVC Management
- Use Retain policy for critical production data
- Set appropriate storage requests (not too large, not too small)
- Use WaitForFirstConsumer for topology-aware provisioning
- Monitor PVC usage and set up alerts for near-capacity
- Implement backup strategies for important data
Volume Binding Modes
Immediate
- PV provisioned immediately when PVC is created
- Good for storage that's available cluster-wide
- May provision in wrong topology zone
WaitForFirstConsumer
- PV provisioned when pod using PVC is created
- Ensures optimal topology placement
- Recommended for most use cases