All Products
Search

This Product

    Container Compute Service:Use NAS volumes

    Document Center

    Container Compute Service:Use NAS volumes

    Last Updated:Nov 18, 2025

    For applications that require shared data and high I/O performance, you can use Apsara File Storage NAS (NAS) file systems as persistent volumes (PVs). This topic describes how to mount a NAS volume to an application and verify the shared storage and data persistence features of NAS.

    Background information

    NAS is a distributed file system that provides shared access, scalability, high reliability, and high performance. It is suitable for applications that require shared data and high I/O performance. For more information, see Storage overview.

    Note

    • For more information about the storage specifications, performance, billing, and supported regions and zones of different types of NAS file systems, see General-purpose NAS file systems and Extreme NAS file systems.

    • General-purpose NAS file systems and Extreme NAS file systems have different limits on mount connectivity, the number of file systems, and protocol types. For more information, see Limits.

    You can mount and use NAS volumes in one of the following ways, depending on whether you have a NAS file system:

    Prerequisites

    The managed-csiprovisioner component is installed in the ACS cluster.

    Note

    Go to the ACS cluster management page in the ACS console. In the left-side navigation pane of the cluster management page, choose Operations > Add-ons. On the Storage tab, you can check whether managed-csiprovisioner is installed.

    Limits

    • Mounting NAS file systems that use the SMB protocol is not supported.

    • A NAS file system can be mounted only to pods in the same VPC. Cross-VPC mounting is not supported.

      Note

      In the same VPC, a NAS file system can be mounted across zones.

    • Only the NFSv3 protocol is supported for mounting NAS file systems.

    Considerations

    • NAS provides shared storage. A single NAS volume can be mounted to multiple pods. If multiple pods modify the same data at the same time, your application must handle data synchronization.

    • When you mount a NAS volume, do not configure securityContext.fsgroup in the application's YAML file. Otherwise, the mount may fail.

      Note

      You cannot modify the permissions, owner, or group of the / root directory of a NAS file system.

    • After you mount a NAS volume, do not delete its mount target. If you delete the mount target, the operating system may stop responding.

    Use an existing NAS file system as a persistent volume

    Step 1: Get NAS file system information

    1. Obtain the VPC ID and vSwitch ID used by the ACS pods.

      Note

      The following steps describe how to obtain the information from the console. You can also run the kubectl get cm -n kube-system acs-profile -o yaml command to view the YAML file of acs-profile. Obtain the VPC ID and vSwitch ID from the vpcId and vSwitchIds fields.

      1. Log on to the ACS console.

      2. On the Clusters, click the name of the cluster to go to the cluster management page.

      3. In the navigation pane on the left, choose Configurations > ConfigMaps.

      4. At the top of the ConfigMaps page, set the namespace to kube-system. Then, find acs-profile and click Edit YAML.

      5. Obtain the VPC ID and vSwitch ID from the vpcId and vSwitchIds fields.

    2. Confirm that the existing NAS file system meets the requirements and obtain the mount target address.

      1. Log on to the NAS console. In the navigation pane on the left, click File System List.

      2. Find the target NAS file system. Confirm that its region, zone, and protocol type meet the requirements.

        • NAS file systems cannot be mounted across VPCs and therefore cannot be used across regions. Make sure the region of the NAS file system is the same as that of the ACS cluster.

        • In the same VPC, a NAS file system can be mounted across zones. However, for better performance, use a NAS file system in the same zone as the pods in the ACS cluster.

        • Confirm that the NAS file system uses the NFS protocol. You cannot mount NAS file systems that use the SMB protocol.

        nas

      3. Confirm that the mount target meets the requirements and obtain its address.

        1. Click the file system ID.

        2. In the navigation pane on the left of the file system details page, click Mount Targets.

        3. In the Mount Target area, confirm that the existing mount target meets your requirements and obtain the mount target address.

          Note

          • A mount target is automatically created for a General-purpose NAS file system. You must manually create mount targets for Extreme NAS file systems.

          • If the existing mount target does not meet the requirements, create a new one. For more information, see Manage mount targets.

          • The VPC of the mount target must be the same as the VPC used by the pods in the ACS cluster. Otherwise, the mount fails.

          • For better performance, the vSwitch of the mount target should be the same as the vSwitch used by the pods in the ACS cluster.

          • The status of the mount target is Available.

          NAS挂载点.png

    Step 2: Create a PVC

    kubectl

    1. Save the following content as a file named nas-pvc.yaml.

      kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: nas-pvc
  annotations:
    csi.alibabacloud.com/mountpoint: *******-mw***.cn-shanghai.nas.aliyuncs.com
    csi.alibabacloud.com/mount-options: nolock,tcp,noresvport
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 20Gi
  storageClassName: alibaba-cloud-nas

      The following table describes the parameters.

      Important

      When you create a persistent volume claim (PVC) from the preceding YAML file, the system first creates a static PV based on the NAS configuration in the annotations. Then, the system creates a PVC and associates it with the PV.

      Parameter

      Description

      csi.alibabacloud.com/mountpoint

      The directory of the NAS file system to mount. This associates the volume with the NAS file system you created.

      • If you enter a mount target address, such as ****-****.<region>.nas.aliyuncs.com, the root directory (/) of the NAS file system is mounted.

      • If you enter a mount target address and a subdirectory, such as ****-****.<region>.nas.aliyuncs.com:/dir, the /dir directory of the NAS file system is mounted. If the /dir directory does not exist, it is automatically created.

      csi.alibabacloud.com/mount-options

      The mount parameters. Use nolock,tcp,noresvport.

      accessModes

      The access mode.

      storage

      The storage capacity to allocate to the pod. This is the capacity of the NAS volume to create.

    2. Create the PVC.

      kubectl create -f nas-pvc.yaml

    3. You can view the PV.

      kubectl get pv

      The output shows that a PV was automatically created based on the NAS file system information, such as the mount target, from the PVC.

      NAME                                       CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM             STORAGECLASS        REASON   AGE
nas-ea7a0b6a-bec2-4e56-b767-47222d3a****   20Gi       RWX            Retain           Bound    default/nas-pvc   alibaba-cloud-nas            1m58s

    4. View the PVC.

      kubectl get pvc

      The output shows that the PVC is associated with the automatically created PV.

      NAME      STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS        VOLUMEATTRIBUTESCLASS  AGE
nas-pvc   Bound    nas-ea7a0b6a-bec2-4e56-b767-47222d3a****   20Gi       RWX            alibaba-cloud-nas   <unset>                2m14s

    Console

    1. Log on to the ACS console.

    2. On the Clusters, click the name of the cluster to go to the cluster management page.

    3. In the left-side navigation pane of the cluster management page, choose Volumes > Persistent Volume Claims.

    4. On the Persistent Volume Claims page, click Create.

    5. In the dialog box, configure the parameters and click Create.

      Parameter

      Description

      Example

      PVC Type

      Select NAS.

      NAS

      Name

      Enter a name for the PVC. For the format requirements, see the prompt on the page.

      nas-pvc

      Allocation Mode

      Select Use Mount Target Domain Name.

      Create with Mount Target Domain Name

      Volume Plug-in

      CSI is selected by default.

      CSI

      Capacity

      The storage capacity to allocate to the pod. This is the capacity of the NAS volume.

      20 GiB

      Access Mode

      ReadWriteMany and ReadWriteOnce are supported.

      ReadWriteMany

      Mount Target Domain Name:

      Configure the directory of the NAS file system to mount.

      • If you enter a mount target address, such as ****-****.<region>.nas.aliyuncs.com, the root directory (/) of the NAS file system is mounted.

      • If you enter a mount target address and a subdirectory, such as ****-****.<region>.nas.aliyuncs.com:/dir, the /dir directory of the NAS file system is mounted. If the /dir directory does not exist, it is automatically created.

      350514****-mw***.cn-shanghai.nas.aliyuncs.com

      After the PVC is created, it appears on the Persistent Volume Claims page. The PVC is bound to an automatically created PV, which is a NAS volume. You can view the details of this PV on the Persistent Volumes page.

      nas-pvc.png

      nas-pv.png

    Step 3: Create an application and mount the NAS volume

    kubectll

    1. Create a file named nas-test.yaml that contains the following content.

      The following YAML file creates a deployment with two pods. Both pods request storage resources from a PVC named nas-pvc and mount the volume to the /data path.

      apiVersion: apps/v1
kind: Deployment
metadata:
  name: nas-test
  labels:
    app: nginx
spec:
  replicas: 2
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: registry.cn-hangzhou.aliyuncs.com/acs-sample/nginx:latest
        ports:
        - containerPort: 80
        volumeMounts:
          - name: pvc-nas
            mountPath: /data
      volumes:
        - name: pvc-nas
          persistentVolumeClaim:
            claimName: nas-pvc

    2. Create the deployment and mount the NAS volume.

      kubectl create -f nas-test.yaml

    3. Check the status of the pods in the deployment.

      kubectl get pod | grep nas-test

      The following output shows that two pods are created.

      nas-test-****-***a   1/1     Running   0          40s
nas-test-****-***b   1/1     Running   0          40s

    4. Check the mount path.

      kubectl exec nas-test-****-***a -- df -h /data

      Expected output:

      Filesystem                                        Size  Used Avail Use% Mounted on
350514*****-mw***.cn-shanghai.nas.aliyuncs.com:/   10P     0   10P   0% /data

      If a similar output is returned, the file system is mounted.

    Console

    1. In the left-side navigation pane of the cluster management page, choose Workloads > Deployments.

    2. On the Deployments page, click Create from Image.

    3. Configure the deployment parameters and click Create.

      The following table describes the key parameters. You can keep the default values for other parameters. For more information, see Create a stateless application using a deployment.

      Configuration page

      Parameter

      Description

      Example

      Basic Information

      Name

      Enter a name for the deployment. For the format requirements, see the prompt on the page.

      nas-test

      Replicas

      Configure the number of replicas for the deployment.

      2

      Container

      Image Name

      Enter the address of the image to deploy the application.

      registry.cn-hangzhou.aliyuncs.com/acs-sample/nginx:latest

      Required Resources

      Set the required vCPU and memory resources.

      0.25 vCPU, 0.5 GiB

      Volume

      Click Add PVC and configure the parameters.

      • Mount Source: Select the PVC that you created.

      • Container Path: Enter the path in the container where you want to mount the NAS file system.

      • Mount Source: nas-pvc

      • Container Path: /data

    4. Check the application deployment status.

      1. On the Deployments page, click the application name.

      2. On the Pods tab, confirm that the status of the pods is Running.

    Create a new NAS file system as a persistent volume

    Step 1: Create a StorageClass

    1. Modify the following YAML content based on the parameter descriptions and save it as a file named nas-sc.yaml.

      apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: alicloud-nas-fs
mountOptions:
- nolock,tcp,noresvport
- vers=3
parameters:
  volumeAs: filesystem
  fileSystemType: standard
  storageType: Performance
  regionId: cn-shanghai
  zoneId: cn-shanghai-e
  vpcId: "vpc-2ze2fxn6popm8c2mzm****"
  vSwitchId: "vsw-2zwdg25a2b4y5juy****"
  accessGroupName: DEFAULT_VPC_GROUP_NAME
  deleteVolume: "false"
provisioner: nasplugin.csi.alibabacloud.com
reclaimPolicy: Retain

      The following table describes the parameters.

      Important

      Different types and storage classes of NAS file systems are supported in different regions and zones. You must select an appropriate region, zone, VPC, and vSwitch for the NAS file system and mount target. The selection must be compatible with the region of your ACS cluster and the VPC and vSwitch information of the pods in the cluster. For more information, see the following topics:

      • For information about the storage specifications, performance, billing, and supported regions and zones of different types of NAS file systems, see General-purpose NAS file systems and Extreme NAS file systems.

      • General-purpose NAS file systems and Extreme NAS file systems have different limits on mount connectivity, the number of file systems, and protocol types. For more information, see Limits.

      • You can run the kubectl get cm -n kube-system acs-profile -o yaml command to view the YAML file of acs-profile. Retrieve the VPC ID and vSwitch ID from the vpcId and vSwitchIds fields.

      Parameter

      Description

      volumeAs

      Only filesystem is supported. This value indicates that a NAS file system is automatically created. Each NAS volume corresponds to a NAS file system.

      fileSystemType

      The type of the NAS file system.

      storageType

      The storage class of the NAS file system.

      • For General-purpose NAS file systems, the following values are supported:

        • Performance (default): compute-optimized instance

        • Capacity: storage-optimized

      • For Extreme NAS file systems, the following values are supported:

        • standard (default): medium

        • advanced: advanced

      regionId

      The ID of the region where the NAS file system resides. The region ID must be the same as that of the ACS cluster.

      zoneId

      The ID of the zone where the NAS file system resides. Select a zone based on the vSwitch used by the pod in the ACS cluster.

      Note

      In the same VPC, a NAS file system can be mounted across zones. For better performance, we recommend that you select the same zone.

      vpcId, vSwitchId

      The IDs of the VPC and vSwitch where the mount target of the NAS file system resides. Set these to the IDs of the VPC and vSwitch used by the pods in the ACS cluster.

      accessGroupName

      The permission group of the mount target of the NAS file system. The default value is DEFAULT_VPC_GROUP_NAME.

      provisioner

      The driver type. This must be set to nasplugin.csi.alibabacloud.com, which indicates that the Alibaba Cloud NAS Container Storage Interface (CSI) plug-in is used.

      reclaimPolicy

      The reclaim policy of the PV. Currently, only Retain is supported. This means that when the PV is deleted, the corresponding NAS file system and mount target are retained.

    2. Create the StorageClass.

      kubectl create -f nas-sc.yaml

    3. View the StorageClass.

      kubectl get sc

      Expected output:

      NAME                             PROVISIONER                       RECLAIMPOLICY   VOLUMEBINDINGMODE      ALLOWVOLUMEEXPANSION   AGE
alicloud-nas-fs                  nasplugin.csi.alibabacloud.com    Retain          Immediate              false                  13m
......

    Step 2: Create a PVC

    1. Save the following content as a file named nas-pvc-fs.yaml.

      kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: nas-pvc-fs
spec:
  accessModes:
    - ReadWriteMany
  storageClassName: alicloud-nas-fs
  resources:
    requests:
      storage: 20Gi

      The following table describes the parameters.

      Parameter

      Description

      accessModes

      The access mode.

      storage

      The storage capacity to allocate to the pod. This is the capacity of the NAS volume to create.

      Note

      Extreme NAS file systems have a minimum capacity of 100 GiB. If the NAS file system type defined in the StorageClass is Extreme NAS, the value of storage must be 100 GiB or greater. Otherwise, the corresponding PV cannot be created.

      storageClassName

      The name of the StorageClass to bind.

    2. Create the PVC.

      kubectl create -f nas-pvc-fs.yaml

    3. View the PVC.

      kubectl get pvc

      The output shows that the PVC is associated with the automatically created PersistentVolume (PV). You can go to the NAS console to view the corresponding NAS file system.

      NAME         STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS      VOLUMEATTRIBUTESCLASS  AGE
nas-pvc-fs   Bound    nas-04a730ba-010d-4fb1-9043-476d8c38****   20Gi       RWX            alicloud-nas-fs   <unset>                14s

    Step 3: Create an application and mount the NAS volume

    1. Create a file named nas-test-fs.yaml with the following content.

      The following YAML file creates a deployment that contains two pods. Both pods request storage from the PVC named nas-pvc-fs and mount the volume to the /data path.

      apiVersion: apps/v1
kind: Deployment
metadata:
  name: nas-test
  labels:
    app: nginx
spec:
  replicas: 2
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: registry.cn-hangzhou.aliyuncs.com/acs-sample/nginx:latest
        ports:
        - containerPort: 80
        volumeMounts:
          - name: pvc-nas
            mountPath: /data
      volumes:
        - name: pvc-nas
          persistentVolumeClaim:
            claimName: nas-pvc-fs

    2. Create the deployment and mount the NAS volume.

      kubectl create -f nas-test-fs.yaml

    3. Check the status of the pods in the deployment.

      kubectl get pod | grep nas-test

      The following output shows that two pods are created.

      nas-test-****-***a   1/1     Running   0          40s
nas-test-****-***b   1/1     Running   0          40s

    4. Check the mount path.

      kubectl exec nas-test-****-***a -- df -h /data

      Expected output:

      Filesystem                                        Size  Used Avail Use% Mounted on
350514*****-mw***.cn-shanghai.nas.aliyuncs.com:/   10P     0   10P   0% /data

      If a similar output is returned, the file system is mounted.

    Mount an existing NAS file system using an NFS volume

    Step 1: Get NAS file system information

    For more information about how to obtain the NAS mount target address, see Obtain NAS file system information.

    Step 2: Create an application and mount the NAS volume

    1. Create a file named nas-test-nfs.yaml with the following content.

      The following YAML creates a deployment with two pods. Both pods mount the NAS file system to the /data path using a volume named nfs-nas.

      apiVersion: apps/v1
kind: Deployment
metadata:
  name: nas-test
  labels:
    app: nginx
spec:
  replicas: 2
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: registry.cn-hangzhou.aliyuncs.com/acs-sample/nginx:latest
        ports:
        - containerPort: 80
        volumeMounts:
          - name: nfs-nas
            mountPath: /data
      volumes:
      - name: nfs-nas
        nfs:
          server: file-system-id.region.nas.aliyuncs.com    # The mount target address of the Alibaba Cloud NAS file system. Replace this with your actual value. Example: 7bexxxxxx-xxxx.ap-southeast-1.nas.aliyuncs.com.
          path: /    # The path of the directory in the NAS file system. The directory must be an existing directory or the root directory. The root directory for a General-purpose NAS file system is "/". The root directory for an Extreme NAS file system is "/share".

    2. Create the deployment and mount the NAS volume.

      kubectl create -f nas-test-nfs.yaml

    3. Check the status of the pods in the deployment.

      kubectl get pod | grep nas-test

      The following output shows that two pods are created.

      nas-test-****-***a   1/1     Running   0          40s
nas-test-****-***b   1/1     Running   0          40s

    4. Check the mount path.

      kubectl exec nas-test-****-***a -- df -h /data

      Expected output:

      Filesystem                                        Size  Used Avail Use% Mounted on
350514*****-mw***.cn-shanghai.nas.aliyuncs.com:/   10P     0   10P   0% /data

      If a similar output is returned, the file system is mounted.

    Verify the shared storage and data persistence of NAS

    The deployment created in the previous examples contains two pods that mount the same NAS file system. You can perform the following steps to verify the deployment:

    • Create a file in one pod and then view the file from the other pod to verify shared storage.

    • Recreate the deployment. Then, from a new pod, check whether the data in the file system still exists to verify persistent storage.

    1. View the pod information.

      kubectl get pod | grep nas-test

      The following is a sample output:

      nas-test-****-***a   1/1     Running   0          40s
nas-test-****-***b   1/1     Running   0          40s

    2. Verify shared storage.

      1. Create a file in one pod.

        This example uses the pod named nas-test-****-***a:

        kubectl exec nas-test-****-***a -- touch /data/test.txt

      2. View the file from the other pod.

        This example uses the pod named nas-test-****-***b:

        kubectl exec nas-test-****-***b -- ls /data

        The output shows that the new file test.txt is shared.

        test.txt

    3. Verify persistent storage.

      1. Recreate the deployment.

        kubectl rollout restart deploy nas-test

      2. View the pods and wait for the new pods to be created.

        kubectl get pod | grep nas-test

        The following is a sample output:

        nas-test-****-***c   1/1     Running   0          67s
nas-test-****-***d   1/1     Running   0          49s

      3. From a new pod, check whether the data in the file system still exists.

        This example uses the pod named nas-test-c***:

        kubectl exec nas-test-****-***c -- ls /data

        The output shows that the data in the NAS file system persists and can be retrieved from the mount directory of the new pod.

        test.txt