The Container Storage Interface (CSI) plug-in provided by Container Service for Kubernetes (ACK) allows you to set quotas on the subdirectories of Apsara File Storage NAS (NAS) volumes. You can set quotas to manage resource allocation and improve the overall resource utilization. When the quota is reached, you can manually perform a dynamic volume expansion without interrupting the service that has the volume mounted.
Prerequisites
The image version of csi-plugin is 1.18.8.45 or later. For more information about csi-plugin versions, see csi-plugin.
A NAS volume is mounted to a subdirectory.
Limits
Only Capacity NAS file systems support quota limits. For more information about the types of NAS file systems, see NAS file system types.
Statically provisioned NAS volumes cannot be expanded.
Quotas can be set only for volumes that are mounted by using subdirectories.
For each file system, you can create quotas for up to 500 directories.
You can set an enforcement quota on a directory. If the quota is exceeded, you cannot write data to the directory and an IOError error is prompted at the frontend. The write operations include the operations that are used to increase the length of files, create files, create subdirectories, create special files, and move files to another directory.
To prevent potential security risks, we recommend that you evaluate and test restricted quotas before you create the restricted quotas for core business-related directories.
A specific period of time is required before an enforcement quota is enabled or disabled due to asynchronous execution at the backend. In most cases, the time period ranges from 5 to 15 minutes.
Example
Use the following YAML template to create a StorageClass to provision a NAS volume that has the quota feature and the dynamic expansion feature enabled.
apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: name: alicloud-nas-quota-sc mountOptions: - nolock,tcp,noresvport - vers=3 parameters: volumeAs: subpath server: "xxx.cn-hangzhou.nas.aliyuncs.com:/" archiveOnDelete: "false" path: "/abc" volumeCapacity: "true" # The quota feature is enabled for a volume that is dynamically provisioned based on the StorageClass. provisioner: nasplugin.csi.alibabacloud.com reclaimPolicy: Delete allowVolumeExpansion: true # Enable dynamic volume expansion.Parameter
Description
mountOptions
Set the mount options of the NAS file system in the mountOptions field. For example, you can specify the NFS version that you want to use.
volumeAs
You can select subpath or filesystem. subpath indicates that a subdirectory is mounted to the cluster. filesystem indicates that a file system is mounted to the cluster.
server
When you mount a subdirectory of the NAS file system as a persistent volume (PV), this parameter specifies the mount target of the NAS file system.
archiveOnDelete
This parameter specifies the reclaim policy of backend storage when reclaimPolicy is set to Delete. NAS is a shared storage service. You must set both reclaimPolicy and archiveOnDelete to ensure data security. Default value: true.
path
The subdirectory of the NAS file system that is mounted. If you mount an Extreme NAS file system, the path must start with /share.
volumeCapacity
This parameter specifies whether to set a quota. Valid values: true and false.
provisioner
The provisioner of the PV that is provided by ACK.
reclaimPolicy
The policy that is used to reclaim the PV. Valid values:
Retain: retains the backend storage when the PV and PVC are deleted. The backend storage may be cloud disks.Delete: automatically deletes the backend storage and PV when the PVC is deleted.
allowVolumeExpansion
This parameter specifies whether volume expansion is supported.
NoteTo create a StorageClass that sets quotas on the subdirectory of a NAS file system, the volumeCapacity parameter must be set to true.
Use the following YAML template to create a StatefulSet. The StatefulSet uses a PVC that requests 20 GiB of storage.
apiVersion: apps/v1 kind: StatefulSet metadata: name: nas-sts spec: selector: matchLabels: app: busybox serviceName: "busybox" replicas: 1 template: metadata: labels: app: busybox spec: containers: - name: busybox image: busybox command: - sleep - "3600" volumeMounts: - name: nas-pvc mountPath: /data volumeClaimTemplates: - metadata: name: nas-pvc spec: accessModes: [ "ReadWriteMany" ] storageClassName: "alicloud-nas-quota-sc" resources: requests: storage: 20Gi
Verify GPU memory isolation
Run the following command to write 10 GiB of data to the /data directory that is mounted to the StatefulSet created in Step 2.
dd if=/dev/zero of=10G.txt bs=1M count=10000Wait 5 to 15 minutes and then check the quota details of the subdirectory.
Log on to the NAS console.
In the left-side navigation pane, choose .
Find the NAS file system that you use and click the
icon in the Actions column. Then, click Quota Management. On the Quota Management page, click Manage Quotas in the Actions column.
The following figure shows that the subdirectory has a quota limit of 20 GiB. The used storage is 9 GiB.
When the 20-GiB storage is exhausted, the
Disk quota exceedederror is prompted if you attempt to write more data to the subdirectory.
If the quota is reached, you can manually perform a dynamic volume expansion.
Run the following command to dynamically expand the volume:
NoteDynamic volume expansion does not interrupt the service that has the volume mounted.
kubectl patch pvc nas-pvc-0 -p '{"spec":{"resources":{"requests":{"storage":"30Gi"}}}}'Run the following command to query information about the PV:
kubectl get pvExpected output:
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE nas-63c37cc2-b21e-4b56-b26f-**** 30Gi RWX Delete Bound default/nas-pvc-0 alicloud-nas-quota-sc 25m23sRun the following command to query information about the PVC:
kubectl get pvcExpected output:
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE nas-pvc-0 Bound nas-63c37cc2-b21e-4b56-b26f-**** 30Gi RWX alicloud-nas-quota-sc 25m10s