kubectl directpv install

The kubectl directpv install command deploys DirectPV components to your Kubernetes cluster. DirectPV installs as a CSI driver that manages local drives for persistent storage.

For installation prerequisites and post-installation steps, see Installation.

Syntax

Example

Install DirectPV with default settings:

kubectl directpv install

Output:

┌──────────────────────────┬──────────────────────────────────────────┬─────────┐
│ KIND                     │ NAME                                     │ STATUS  │
├──────────────────────────┼──────────────────────────────────────────┼─────────┤
│ Namespace                │ directpv                                 │ Created │
│ CustomResourceDefinition │ directpvdrives.directpv.min.io           │ Created │
│ CustomResourceDefinition │ directpvvolumes.directpv.min.io          │ Created │
│ CustomResourceDefinition │ directpvnodes.directpv.min.io            │ Created │
│ CustomResourceDefinition │ directpvinitrequests.directpv.min.io     │ Created │
│ StorageClass             │ directpv-min-io                          │ Created │
│ ServiceAccount           │ directpv-min-io                          │ Created │
│ ClusterRole              │ directpv-min-io                          │ Created │
│ ClusterRoleBinding       │ directpv-min-io                          │ Created │
│ Role                     │ directpv-min-io                          │ Created │
│ RoleBinding              │ directpv-min-io                          │ Created │
│ DaemonSet                │ node-server                              │ Created │
│ Deployment               │ controller                               │ Created │
│ CSIDriver                │ directpv-min-io                          │ Created │
└──────────────────────────┴──────────────────────────────────────────┴─────────┘

DirectPV installed successfully

Syntax

kubectl directpv install [--apparmor-profile "string"]  \
                         [--dry-run]                    \
                         [--image "string"]             \
                         [--image-pull-secrets "string"]\
                         [--installed-version "string"] \
                         [--legacy]                     \
                         [--node-selector "string"]     \
                         [--openshift]                  \
                         [--org "string"]               \
                         [--registry "string"]          \
                         [--seccomp-profile "string"]   \
                         [--tolerations "string"]

Brackets [] indicate optional parameters.

Parameters

`--apparmor-profile`

Optional

The name of the AppArmor profile to apply to DirectPV pods. The profile must be loaded on all nodes where DirectPV runs.

For the AppArmor profile, see AppArmor profile.

`--dry-run`

Optional

Preview the installation without making changes. Displays what resources would be created or updated.

`--image`

Optional

The DirectPV container image name and tag.

Default: directpv:<version>

`--image-pull-secrets`

Optional

Image pull secrets for accessing private registries. Specify multiple secrets as a comma-separated list.

`--installed-version`

Optional

Specify the currently installed DirectPV version. Use this flag during upgrades to ensure proper migration handling.

`--legacy`

Optional

Enable legacy mode to support volumes created by DirectCSI (the predecessor to DirectPV). When enabled, DirectPV installs additional components (legacy-node-server, legacy-controller) that can manage DirectCSI volumes alongside DirectPV volumes.

`--node-selector`

Optional

Deploy DirectPV DaemonSet pods only on nodes matching the specified labels. Use the format KEY=VALUE. Specify multiple selectors as a comma-separated list.

`--openshift`

Optional

Use OpenShift-specific installation configuration. Set this flag when installing on Red Hat OpenShift clusters.

`--org`

Optional

The organization name in the container registry.

Default: minio

`--registry`

Optional

The container registry to pull DirectPV images from.

Default: quay.io

`--seccomp-profile`

Optional

The path to the seccomp profile JSON file. The profile must exist on all nodes where DirectPV runs.

For the seccomp profile, see Seccomp profile.

`--tolerations`

Optional

Set tolerations for DirectPV DaemonSet pods to allow scheduling on tainted nodes. Use the format KEY[=VALUE]:EFFECT, where EFFECT is one of NoSchedule, PreferNoSchedule, or NoExecute. Specify multiple tolerations as a comma-separated list.

Global flags

This command supports the following global flags:

Flag	Description
`--kubeconfig`	Path to the `kubeconfig` file to use for CLI requests.
`--quiet`	Suppress printing output messages.

Examples

Install with default settings

Install DirectPV using default configuration:

kubectl directpv install

Install from a private registry

Pull DirectPV images from a private registry:

kubectl directpv install --registry private-registry.io --org my-org

Install on specific nodes

Deploy DirectPV only on nodes with a specific label:

kubectl directpv install --node-selector storage-node=true

Install with tolerations

Install DirectPV on tainted nodes:

kubectl directpv install --tolerations dedicated=storage:NoSchedule

Preview installation

View what resources would be created without making changes:

kubectl directpv install --dry-run

Install with AppArmor profile

Install DirectPV with an AppArmor security profile:

kubectl directpv install --apparmor-profile directpv

Install with seccomp profile

Install DirectPV with a seccomp security profile:

kubectl directpv install --seccomp-profile profiles/seccomp.json

Install on OpenShift

Install DirectPV on a Red Hat OpenShift cluster:

kubectl directpv install --openshift

Behavior

Components installed

The install command creates the following Kubernetes resources:

Resource	Name	Description
Namespace	`directpv`	Contains all DirectPV components.
CustomResourceDefinitions	`directpvdrives`, `directpvvolumes`, `directpvnodes`, `directpvinitrequests`	Define DirectPV custom resources.
StorageClass	`directpv-min-io`	Default StorageClass for DirectPV volumes.
DaemonSet	`node-server`	Runs on each node to manage local drives.
Deployment	`controller`	Central controller for volume provisioning.
ServiceAccount, Roles, Bindings	`directpv-min-io`	RBAC configuration for DirectPV.
CSIDriver	`directpv-min-io`	Registers DirectPV as a CSI driver.

Output status

The command displays a table showing each resource and its status:

Created: The resource was newly created.
Updated: An existing resource was modified.

Upgrading DirectPV

To upgrade an existing DirectPV installation, see Upgrade DirectPV.

Security profiles

DirectPV supports both AppArmor and seccomp security profiles for enhanced container security:

AppArmor: Restricts the capabilities of DirectPV pods at the kernel level. Load the profile on each node before installation.
Seccomp: Filters system calls available to DirectPV containers. Place the profile JSON file on each node.

For security profile files, see Support Scripts.