To improve the performance of Apsara File Storage NAS (NAS) file systems, Container Service for Kubernetes (ACK) uses Container Network File System (CNFS) to achieve independent management of NAS file systems. This topic describes how to use CNFS to manage NAS file systems and how to use CNFS to mount volumes to workloads.
Prerequisites
- An ACK cluster is created. The Container Storage Interface (CSI) plug-in is used as the volume plug-in. For more information, see Create an ACK managed cluster.
- The versions of csi-plugin and csi-provisioner are 1.20.5-ff6490f-aliyun or later. For more information about how to upgrade csi-plugin and csi-provisioner, see Upgrade CSI-Plugin and CSI-Provisioner.
- The version of storage-operator is 1.18.8.56-2aa33ba-aliyun or later. For more information about how to upgrade storage-operator, see Manage system components.
- A kubectl client is connected to the cluster. For more information, see Connect to ACK clusters by using kubectl.
- To use Key Management Service (KMS) to encrypt NAS file systems, activate KMS first. For more information, see Activate KMS.
Features
You can use CNFS to manage NAS file systems by using one of the following methods:
- Method 1: Use CNFS to create a default NAS file system
Create a default CNFS file system and use a dynamically provisioned NAS volume to mount the automatically created NAS file system. Then, mount the dynamically provisioned NAS volume to a Deployment and a StatefulSet at the same time.
- Method 2: Use CNFS to create a custom NAS file system
Use CNFS to create a custom NAS file system and use a statically or dynamically provisioned NAS volume to mount the created custom NAS file system. Then, mount the statically or dynamically provisioned NAS volume to a Deployment.
- Method 3: Create a CNFS file system by using an existing NAS file system
Use CNFS to configure an existing NAS file system and use a statically or dynamically provisioned NAS volume to mount the existing NAS file system. Then, you can mount the statically or dynamically provisioned NAS volume to a Deployment.
Method 1: Use CNFS to create a default NAS file system
# Create the following objects: a CNFS, a StorageClass, a Deployment, and a StatefulSet.
cat << EOF | kubectl apply -f -
apiVersion: storage.alibabacloud.com/v1beta1
kind: ContainerNetworkFileSystem
metadata:
name: cnfs-nas-filesystem
spec:
description: "cnfs"
type: nas
reclaimPolicy: Retain # Only the Retain policy is supported. If the CNFS file system is deleted, the related NAS file system is retained.
parameters:
encryptType: SSE-KMS # This parameter is optional. If you leave this parameter empty, the created NAS file system is not encrypted. A value of SSE-KMS indicates that the created NAS file system is encrypted by KMS.
enableTrashCan: "true" # This parameter is optional. If you leave this parameter empty, the recycle bin feature is disabled. A value of true indicates that the recycle bin feature is enabled.
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: alibabacloud-cnfs-nas
mountOptions:
- nolock,tcp,noresvport
- vers=3
parameters:
volumeAs: subpath
containerNetworkFileSystem: cnfs-nas-filesystem
path: "/"
provisioner: nasplugin.csi.alibabacloud.com
reclaimPolicy: Retain
allowVolumeExpansion: true # This parameter is optional. A value of true indicates that the NAS file system can be expanded.
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: cnfs-nas-pvc
spec:
accessModes:
- ReadWriteMany
storageClassName: alibabacloud-cnfs-nas
resources:
requests:
storage: 70Gi # If you enable the directory quota feature, the storage field takes effect. A value of 70Gi indicates that the maximum size of data that can be written into a dynamically created directory is 70 GiB.
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: cnfs-nas-deployment
labels:
app: nginx
spec:
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.14.2
volumeMounts:
- mountPath: "/data"
name: cnfs-nas-pvc
volumes:
- name: cnfs-nas-pvc
persistentVolumeClaim:
claimName: cnfs-nas-pvc
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: cnfs-nas-sts
labels:
app: nginx
spec:
serviceName: "nginx"
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.14.2
volumeMounts:
- mountPath: "/data"
name: www
volumeClaimTemplates:
- metadata:
name: www
spec:
accessModes: [ "ReadWriteOnce" ]
storageClassName: "alibabacloud-cnfs-nas"
resources:
requests:
storage: 50Gi # If you enable the directory quota feature, the storage field takes effect. A value of 50Gi indicates that the maximum size of data that can be written into a dynamically created directory is 50 GiB.
EOF
Method 2: Use CNFS to create a custom NAS file system
Use CNFS to create a custom NAS file system and use a statically or dynamically provisioned NAS volume to mount the created custom NAS file system. Then, mount the statically or dynamically provisioned NAS volume to a Deployment.
Method 3: Create a CNFS file system by using an existing NAS file system
Use CNFS to configure an existing NAS file system and use a statically or dynamically provisioned NAS volume to mount the existing NAS file system. Then, you can mount the statically or dynamically provisioned NAS volume to a Deployment.
- Create a CNFS file system by using an existing NAS file system.
- Use the CNFS file system in NAS volumes. For more information, see Step 2 to Step 4 in Method 2: Use CNFS to create a custom NAS file system.
What to do next
For more information about how to monitor NAS resources at the node side, see Examples of monitoring NAS file systems.