All Products
Search

This Product

    Elastic Container Instance:Mount a NAS file system

    Document Center

    Elastic Container Instance:Mount a NAS file system

    Last Updated:Jun 14, 2023

    Apsara File Storage NAS (NAS) is a distributed file system provided by Alibaba Cloud. NAS supports shared access and auto scaling. NAS features high reliability and high performance. You can use FlexVolume to mount NAS file systems as volumes on a self-managed Kubernetes cluster. NAS file systems can serve as statically or dynamically provisioned volumes. This topic describes how to use a PersistentVolumeClaim (PVC) to mount a NAS file system to multiple elastic container instance-based pods.

    Prerequisites

    • A virtual node (VNode) is deployed on a self-managed Kubernetes cluster.

    • If the self-managed Kubernetes cluster is deployed in a data center, the data center is connected to Alibaba Cloud.

    Precautions

    • NAS is a shared storage service. You can mount a NAS file system to multiple pods. If a NAS file system is mounted to multiple pods, the data in the file system is shared by the pods. In this case, an application must be able to synchronize data across these pods when data modifications are made to multiple pods.

    • Do not delete the mount target before you unmount the NAS file system. Otherwise, an operating system hang may occur.

    Mount a NAS file system as a statically provisioned volume

    1. Create a NAS file system and add a mount target.

      1. Log on to the NAS console.

      2. Create a NAS file system and add a mount target.

        The NAS file system and mount target must reside in the same VPC as the VNode. For more information, see Create a NAS file system and Manage mount targets.

    2. Create a PersistentVolume (PV).

      1. Create a file named static-pv-nas.yaml and copy the following template into the file. Modify the parameters in the template as required. 

        apiVersion: v1
kind: PersistentVolume
metadata:
  name: static-pv-nas
spec:
  capacity:
    storage: 20Gi
  storageClassName: nas
  persistentVolumeReclaimPolicy: Recycle
  accessModes:
    - ReadWriteMany
  flexVolume:
    driver: "alicloud/nas"
    options:
      server: "1a93e496ef-****.cn-beijing.nas.aliyuncs.com"
      path: "/"
      vers: "3"

        The following table describes the parameters in the template.

        Parameter

        Description

        driver

        The type of the driver used. In this example, the parameter is set to alicloud/nas. This indicates that the FlexVolume plug-in provided by Alibaba Cloud for NAS is used.

        server

        The mount target of the NAS file system.

        path

        The subdirectory of the NAS file system that you want to mount. If you want to mount an Extreme NAS file system, set this parameter to a subdirectory of the /share directory. Example: /share/path1.

        vers

        The version number of the Network File System (NFS) protocol that is used to mount the NAS file system. We recommend that you use NFS v3. Extreme NAS supports only NFS v3.

      2. Run the following command to create a PV: 

        kubectl create -f static-pv-nas.yaml

    3. Create a PVC.

      1. Create a file named static-pvc-nas.yaml and copy the following template into the file: 

        apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: static-pvc-nas
spec:
  accessModes:
    - ReadWriteMany
  storageClassName: nas
  resources:
    requests:
      storage: 20Gi

      2. Run the following command to create a PVC: 

        kubectl create -f static-pvc-nas.yaml

    4. Mount the NAS file system to two elastic container instance-based pods.

      1. Create a file named static-test-nas.yaml and copy the following template into the file: 

        apiVersion: apps/v1
kind: Deployment
metadata:
  name: static-test-nas
  labels:
    app: nginx
spec:
  replicas: 2
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      nodeSelector:    
        k8s.aliyun.com/vnode: "true"
      tolerations:     
      - key: k8s.aliyun.com/vnode
        operator: "Equal"
        value: "true"
        effect: "NoSchedule"
      containers:
      - name: nginx
        image: registry-vpc.cn-beijing.aliyuncs.com/eci_open/nginx:1.14.2
        ports:
        - containerPort: 80
        volumeMounts:
          - name: pvc-nas
            mountPath: /data
      volumes:
        - name: pvc-nas
          persistentVolumeClaim:
            claimName: static-pvc-nas

      2. Run the following command to create a Deployment: 

        kubectl create -f static-test-nas.yaml

      3. View the results. 

        kubectl get pods -o wide

        The following command output is expected to return:

        NAME                               READY   STATUS    RESTARTS   AGE     IP              NODE                                  NOMINATED NODE   READINESS GATES

static-test-nas-79df5959d4-lvr4m   1/1     Running   0          26s     172.16.XX.XX    cn-beijing.vnd-2ze8nd8xcl33t4pa****   <none>           <none>
static-test-nas-79df5959d4-xdbwz   1/1     Running   0          26s     172.16.XX.XX    cn-beijing.vnd-2ze8nd8xcl33t4pa****   <none>           <none>

        Check the file directories in the pods and verify that the /data mount directory is generated for the NAS file system. In addition, verify that the files written to the first pod can be viewed in the second pod. This indicates that the two pods share the NAS file system.

        Mount a NAS file system as a statically provisioned volume by using FlexVolume

    Mount a NAS file system as a dynamically provisioned volume

    Deploy the NAS-Controller component

    Before you mount a NAS file system as a dynamically provisioned volume, you must deploy the NAS-Controller component. NAS-Controller is used to automatically create a PV of the NAS type.

    Important

    You must deploy NAS-Controller on a regular node instead of a VNode.

    1. Create a YAML file that is used to deploy NAS-Controller.

      Create a file named nas-controller.yaml and copy the following template into the file: 

      apiVersion: v1
kind: ServiceAccount
metadata:
  name: alicloud-nas-controller
  namespace: kube-system
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: alicloud-nas-controller
rules:
  - apiGroups: [""]
    resources: ["persistentvolumes"]
    verbs: ["get", "list", "watch", "create", "delete"]
  - apiGroups: [""]
    resources: ["persistentvolumeclaims"]
    verbs: ["get", "list", "watch", "update"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["storageclasses"]
    verbs: ["get", "list", "watch"]
  - apiGroups: [""]
    resources: ["events"]
    verbs: ["list", "watch", "create", "update", "patch"]
  - apiGroups: [""]
    resources: ["endpoints"]
    verbs: ["get", "watch", "list", "delete", "update", "create"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: alicloud-nas-controller
subjects:
  - kind: ServiceAccount
    name: alicloud-nas-controller
    namespace: kube-system
roleRef:
  kind: ClusterRole
  name: alicloud-nas-controller
  apiGroup: rbac.authorization.k8s.io
---
kind: Deployment
apiVersion: apps/v1
metadata:
  name: alicloud-nas-controller
  namespace: kube-system
spec:
  selector:
    matchLabels:
      app: alicloud-nas-controller
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: alicloud-nas-controller
    spec:
      tolerations:
      - operator: Exists
      affinity:
        nodeAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
          - weight: 1
            preference:
              matchExpressions:
              - key: node-role.kubernetes.io/master
                operator: Exists
          requiredDuringSchedulingIgnoredDuringExecution:
             nodeSelectorTerms:
             - matchExpressions:
               - key: type
                 operator: NotIn
                 values:
                 - virtual-kubelet
      priorityClassName: system-node-critical
      serviceAccount: alicloud-nas-controller
      hostNetwork: true
      containers:
        - name: nfs-provisioner
          image: registry.cn-hangzhou.aliyuncs.com/acs/alicloud-nas-controller:v1.14.8.17-7b898e5-aliyun
          env:
          - name: PROVISIONER_NAME
            value: alicloud/nas
          securityContext:
            privileged: true
          volumeMounts:
          - mountPath: /var/log
            name: log
      volumes:
      - hostPath:
          path: /var/log
        name: log

    2. Deploy NAS-Controller. 

      kubectl create -f nas-controller.yaml

    3. View the deployment result. 

      kubectl -n kube-system get pods

      The following command output is expected to return:

      NAME                                        READY   STATUS           RESTARTS   AGE
alicloud-nas-controller-6dccf695d5-zxkwg    1/1     Running          0          3m7s

    Mount a NAS file system

    1. Create a NAS file system and add a mount target.

      1. Log on to the NAS console.

      2. Create a NAS file system and add a mount target.

        The NAS file system and mount target must reside in the same VPC as the VNode. For more information, see Create a NAS file system and Manage mount targets.

    2. Run the following command to create a StorageClass:

      1. Create a file named sc-nas.yaml and copy the following template into the file. Modify the parameters in the template as required. 

        apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: alicloud-nas-test
mountOptions:
- nolock,tcp,noresvport
- vers=3
parameters:
  volumeAs: subpath
  server: "1e9064****-gk***.cn-beijing.nas.aliyuncs.com"
provisioner: alicloud/nas
reclaimPolicy: Retain

        The following table describes the parameters in the template.

        Parameter

        Description

        mountOptions

        The mount options, such as the NFS version.

        volumeAs

        The PV type. A value of subpath indicates a subdirectory. In this case, NAS-Controller automatically creates a subdirectory of the NAS file system.

        server

        The mount target of the NAS file system if you set the volumeAs parameter to subpath.

        provisioner

        The type of the driver used. In this example, the parameter is set to alicloud/nas. This indicates that the FlexVolume plug-in provided by Alibaba Cloud for NAS is used.

        reclaimPolicy

        The reclaim policy of the PV. Default value: Delete. You can also set this parameter to Retain.

        • Delete: When a PVC is deleted, the related PV and NAS file system are also deleted.

        • Retain: When a PVC is deleted, the related PV and NAS file system are retained and can only be manually deleted.

        If you require higher data security, we recommend that you use the Retain mode to prevent data loss caused by user errors.

      2. Run the following command to create a StorageClass: 

        kubectl create -f sc-nas.yaml

    3. Create a PVC of the NAS type.

      1. Create a file named pvc-nas.yaml and copy the following template into the file: 

        kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: pvc-nas
spec:
  accessModes:
  - ReadWriteMany
  storageClassName: alicloud-nas-test
  resources:
    requests:
      storage: 20Gi

      2. Run the following command to create a PVC: 

        kubectl create -f pvc-nas.yaml

    4. Mount the NAS file system to two elastic container instance-based pods.

      1. Create a file named test-nas.yaml and copy the following template into the file: 

        apiVersion: apps/v1
kind: Deployment
metadata:
  name: test-nas
spec:
  replicas: 2
  selector:
    matchLabels:
      app: uid
  template:
    metadata:
      labels:
        app: uid
    spec:
      nodeSelector:
        k8s.aliyun.com/vnode: "true"
      tolerations:
      - key: k8s.aliyun.com/vnode
        operator: "Equal"
        value: "true"
        effect: "NoSchedule"
      containers:
      - name: nginx
        image: registry-vpc.cn-beijing.aliyuncs.com/eci_open/nginx:1.14.2
        volumeMounts:
        - mountPath: /data
          name: data
      volumes:
      - name: data
        persistentVolumeClaim:
          claimName: pvc-nas

      2. Run the following command to create a Deployment: 

        kubectl create -f test-nas.yaml

      3. View the results. 

        kubectl get pods -o wide

        The following command output is expected to return:

        NAME                               READY   STATUS    RESTARTS   AGE     IP              NODE                                  NOMINATED NODE   READINESS GATES

test-nas-7cf4d9f796-4h2kj          1/1     Running   0          50s     172.16.XX.XX    cn-beijing.vnd-2ze8nd8xcl33t4pa****   <none>           <none>
test-nas-7cf4d9f796-dv5q2          1/1     Running   0          50s     172.16.XX.XX    cn-beijing.vnd-2ze8nd8xcl33t4pa****   <none>           <none>

        Check the file directories in the pods and verify that the /data mount directory is generated for the NAS file system. In addition, verify that the files written to the first pod can be viewed in the second pod. This indicates that the two pods share the NAS file system.

        Mount a NAS file system as a dynamically provisioned volume by using FlexVolume