Use NAS volumes
For applications that require shared data and high I/O performance, you can use Apsara File Storage NAS for persistent volumes (PVs). This topic shows you how to mount a NAS volume to an application and verify its shared access and data persistence.
Background
NAS is a distributed file system that provides shared access, elastic scalability, high reliability, and high performance. It is suitable for applications that require shared data and high I/O performance. For more information, see Storage overview.
-
For more information about the storage specifications, performance, billing, and supported regions and zones, see General-purpose NAS and Extreme NAS.
-
General-purpose NAS and Extreme NAS have different limitations on mount connectivity, the number of file systems, and protocol types. For more information, see Limitations.
You can mount and use NAS volumes in one of the following ways:
-
If you have an existing NAS file system, you can mount and share it directly. For more information, see Use an existing NAS file system as a volume.
-
If you do not have a NAS file system, you can automatically create and mount one using a StorageClass. For more information, see Create a new NAS file system as a volume.
Prerequisites
The managed-csiprovisioner component is installed in the ACS cluster.
Go to the ACS cluster management page in the ACS console. In the left-side navigation pane of the cluster management page, choose . On the Storage tab, you can check whether managed-csiprovisioner is installed.
Limitations
-
NAS file systems cannot be mounted using the SMB protocol.
-
NAS file systems can only be mounted to pods in the same VPC.
NoteNAS file systems can be mounted across zones within the same VPC.
-
NAS file systems can only be mounted using the NFSv3 protocol.
Considerations
-
NAS provides shared storage. A single NAS volume can be mounted to multiple Pods. If multiple Pods concurrently modify the same data, your application must handle data synchronization.
-
When you mount a NAS volume, do not configure
securityContext.fsgroupin the application's YAML file. Otherwise, the volume may fail to mount.NoteYou cannot modify the permissions, owner, or group for the
/root directory of a NAS file system. -
After you mount a NAS volume, do not delete its mount target. Otherwise, the operating system may stop responding.
Use an existing NAS file system
Step 1: Get NAS file system information
-
Get the VPC ID and vSwitch ID used by the ACS pods.
NoteYou can get this information from the console. Alternatively, run the
kubectl get cm -n kube-system acs-profile -o yamlcommand to view the YAML file of the acs-profile ConfigMap. The VPC ID and vSwitch ID are specified in thevpcIdandvSwitchIdsfields.Log on to the ACS console.
On the Clusters, click the name of the cluster to go to the cluster management page.
-
In the left-side navigation pane, choose .
-
At the top of the ConfigMap page, change the namespace to kube-system. Then, find acs-profile and click Edit YAML.
-
Get the VPC ID and vSwitch ID from the
vpcIdandvSwitchIdsfields.
-
Verify that the existing NAS file system meets the requirements and get the mount target address.
-
Log on to the NAS console. In the left-side navigation pane, click File System List.
-
Find the target NAS file system and verify that its region, zone, and protocol type meet the requirements.
-
NAS does not support cross-VPC mounting and therefore cannot be used across regions. Make sure the NAS file system is in the same region as your ACS cluster.
-
Within the same VPC, a NAS file system can be mounted across zones. However, for optimal performance, we recommend that the NAS file system and the pods in the ACS cluster be in the same zone.
-
Verify that the protocol type of the NAS file system is NFS. You cannot mount NAS file systems that use the SMB protocol.
-
-
Verify that the mount target meets the requirements and get its address.
-
Click the file system ID.
-
On the file system details page, click Mount Targets in the left-side navigation pane.
-
In the Mount Target area, verify that an existing mount target meets the requirements, and then get the mount target address.
Note-
A mount target is automatically created when you create a General-purpose NAS file system. For an Extreme NAS file system, you must manually create a mount target.
-
If an existing mount target does not meet the requirements, you can create a new one. For more information, see Manage mount targets.
-
The mount target's VPC must be the same as the ACS cluster's VPC. Otherwise, the mount fails.
-
For optimal performance, we recommend that the mount target and the pods in the ACS cluster use the same vSwitch.
-
The status of the mount target must be Available.
-
-
-
Step 2: Create a StorageClass
-
Modify the following YAML content based on the parameter descriptions, and then save it as nas-sc.yaml.
apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: name: alicloud-nas-subpath mountOptions: - nolock,tcp,noresvport - vers=3 parameters: volumeAs: subpath server: "*******-mw***.cn-shanghai.nas.aliyuncs.com:/csi" provisioner: nasplugin.csi.alibabacloud.com reclaimPolicy: RetainParameter descriptions:
Parameter
Description
volumeAsThe provisioning mode. Set this to
subpathto create each persistent volume (PV) as a subdirectory. Each PV corresponds to a subdirectory of the NAS file system.serverThe mount target address of the NAS file system, in the format of
mount-target-address:path, wherepathis the NAS subdirectory that you want to mount.-
If you do not specify a path, the root directory is mounted by default.
-
If the directory does not exist in the NAS file system, it is automatically created and then mounted.
The root directory is
/for General-purpose NAS file systems and/sharefor Extreme NAS file systems.provisionerSpecifies the provisioner type. It must be set to
nasplugin.csi.alibabacloud.comto use the Alibaba Cloud NAS CSI plug-in.reclaimPolicyThe reclaim policy of the PV. Only
Retainis supported, which means that the corresponding NAS file system and mount target are retained when you delete the PV. -
Step 3: Create a PVC
kubectl
-
Save the following content as nas-pvc.yaml.
kind: PersistentVolumeClaim apiVersion: v1 metadata: name: nas-pvc annotations: spec: accessModes: - ReadWriteMany resources: requests: storage: 20Gi storageClassName: alicloud-nas-subpathParameter descriptions:
Parameter
Description
accessModesThe access mode.
storageThe capacity of the persistent volume to be created.
storageClassNameThe name of the StorageClass to use.
-
Create the PVC.
kubectl create -f nas-pvc.yaml -
View the PV.
kubectl get pvThe output shows that the CSI plug-in automatically created a PV based on the StorageClass and bound it to the PVC.
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE nas-ea7a0b6a-bec2-4e56-b767-47222d3a**** 20Gi RWX Retain Bound default/nas-pvc alicloud-nas-subpath 1m58s
Console
Log on to the ACS console.
On the Clusters, click the name of the cluster to go to the cluster management page.
In the left-side navigation pane of the cluster management page, choose .
On the Persistent Volume Claims page, click Create.
-
In the dialog box, set the parameters and then click Create.
Parameter
Description
Example
PVC Type
Select NAS.
NAS
Volume Name:
The name of the PVC. Enter a custom name. For formatting requirements, see the on-screen prompt.
nas-pvc
Allocation Mode
Select Use StorageClass.
Dynamic Provisioning Using StorageClass
Capacity
The capacity of the persistent volume to be created.
20Gi
Access Mode
ReadWriteMany and ReadWriteOnce are supported.
ReadWriteMany
After the PVC is created, it is listed on the Persistent Volume Claims page. The PVC is bound to an automatically created PV, which is a NAS persistent volume. You can view the details of the PV on the Persistent Volumes page.
Step 4: Create an application and mount the volume
kubectl
-
Create a file named nas-test.yaml that contains the following content.
The following YAML file creates a Deployment with two pods. Both pods use the PVC named
nas-pvcand mount the volume to the/datapath.apiVersion: apps/v1 kind: Deployment metadata: name: nas-test labels: app: nginx spec: replicas: 2 selector: matchLabels: app: nginx template: metadata: labels: app: nginx spec: containers: - name: nginx image: registry.cn-hangzhou.aliyuncs.com/acs-sample/nginx:latest ports: - containerPort: 80 volumeMounts: - name: pvc-nas mountPath: /data volumes: - name: pvc-nas persistentVolumeClaim: claimName: nas-pvc -
Create the Deployment and mount the NAS persistent volume.
kubectl create -f nas-test.yaml -
Check the deployment status of the pods in the Deployment.
kubectl get pod | grep nas-testThe following output shows that two pods are created.
nas-test-****-***a 1/1 Running 0 40s nas-test-****-***b 1/1 Running 0 40s -
Check the mount path.
kubectl exec nas-test-****-***a -- df -h /dataExpected output:
Filesystem Size Used Avail Use% Mounted on 350514*****-mw***.cn-shanghai.nas.aliyuncs.com:/ 10P 0 10P 0% /dataThis output confirms that the file system is successfully mounted.
Console
In the left-side navigation pane of the cluster management page, choose .
-
On the Deployments page, click Create from Image.
-
Set the Deployment parameters and then click Create.
The following table describes the key parameters. You can keep the default values for other parameters. For more information, see Create a stateless Deployment.
Configuration page
Parameter
Description
Example
Basic Information
Name:
The name of the Deployment. Enter a custom name. For formatting requirements, see the on-screen prompt.
nas-test
Replicas:
The number of replicas for the Deployment.
2
Container
Image Name
Enter the address of the image used to deploy the application.
registry.cn-hangzhou.aliyuncs.com/acs-sample/nginx:latest
Required Resources
Set the required vCPU and memory resources.
0.25 vCPU, 0.5 GiB
Volume
Click Add PVC, and then set the parameters.
-
Mount Source: Select the PVC that you created.
-
Container Path: Enter the path in the container to which you want to mount the NAS file system.
-
Mount Source: nas-pvc
-
Container Path: /data
-
-
Check the application deployment status.
-
On the Deployments page, click the name of the application.
-
On the Pods tab, verify that the pods are in the Running state.
-
Create a NAS file system as a volume
Step 1: Create a StorageClass
-
Modify the following YAML content based on the parameter descriptions and save the file as nas-sc.yaml.
apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: name: alicloud-nas-fs mountOptions: - nolock,tcp,noresvport - vers=3 parameters: volumeAs: filesystem fileSystemType: standard storageType: Performance regionId: cn-shanghai zoneId: cn-shanghai-e vpcId: "vpc-2ze2fxn6popm8c2mzm****" vSwitchId: "vsw-2zwdg25a2b4y5juy****" accessGroupName: DEFAULT_VPC_GROUP_NAME deleteVolume: "false" provisioner: nasplugin.csi.alibabacloud.com reclaimPolicy: RetainThe following table describes the parameters.
ImportantSupport for NAS file system types and storage classes varies by region and availability zone. Ensure the region, availability zone, VPC, and vSwitch you select for the NAS file system and its mount target are compatible with your ACS cluster and the VPC and vSwitch used by your pods. For more information, see the following topics:
-
For information about the storage classes, performance, billing, and supported regions and availability zones for different types of NAS file systems, see General-purpose NAS and Extreme NAS.
-
General-purpose NAS and Extreme NAS have different limitations on mount connectivity, the number of file systems, and protocol types. For more information, see Limitations.
-
You can run the
kubectl get cm -n kube-system acs-profile -o yamlcommand to view theacs-profileYAML and obtain the VPC ID and vSwitch IDs used by Pods from thevpcIdandvSwitchIdsfields.
Parameter
Description
volumeAsSpecifies how the volume is provisioned. Set to
filesystemto automatically create a new NAS file system for each volume.fileSystemTypeThe type of the NAS file system.
-
standard(default): General-purpose NAS. For more information, see General-purpose NAS. -
extreme: Extreme NAS. For more information, see Extreme NAS.
storageTypeThe storage class of the NAS file system.
-
For General-purpose NAS, valid values are:
-
Performance(default): Performance -
Capacity: Capacity
-
-
For Extreme NAS, valid values are:
-
standard(default): Standard -
advanced: Advanced
-
regionIdThe region where the NAS file system is located. This must be the same as the region of your ACS cluster.
zoneIdThe availability zone where the NAS file system is located. Select an availability zone based on the vSwitch used by the pods in your ACS cluster.
NoteWithin the same VPC, a NAS file system can be mounted across availability zones. For optimal performance, we recommend that you select the same availability zone.
vpcId,vSwitchIdThe IDs of the VPC and vSwitch for the mount target of the NAS file system. These must be the IDs of the VPC and vSwitch used by the pods in your ACS cluster.
accessGroupNameThe permission group of the mount target for the NAS file system. The default value is
DEFAULT_VPC_GROUP_NAME.provisionerThe provisioner. This must be set to
nasplugin.csi.alibabacloud.com, which specifies that the Alibaba Cloud NAS CSI plugin is used.reclaimPolicyThe reclaim policy for the PV. The only supported policy is
Retain, which means that the corresponding NAS file system and mount target are retained when the PV is deleted. -
-
Create the StorageClass.
kubectl create -f nas-sc.yaml -
Check the StorageClass.
kubectl get scExpected output:
NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE alicloud-nas-fs nasplugin.csi.alibabacloud.com Retain Immediate false 13m ......
Step 2: Create a PersistentVolumeClaim
-
Save the following content to a file named nas-pvc-fs.yaml.
kind: PersistentVolumeClaim apiVersion: v1 metadata: name: nas-pvc-fs spec: accessModes: - ReadWriteMany storageClassName: alicloud-nas-fs resources: requests: storage: 20GiThe following table describes the parameters.
Parameter
Description
accessModesThe access mode.
storageThe capacity of the NAS volume to be created.
NoteExtreme NAS has a minimum capacity of 100 GiB. If the NAS file system type defined in the StorageClass is Extreme NAS, the value of
storagemust be 100 GiB or greater. Otherwise, the corresponding PersistentVolume cannot be created.storageClassNameThe name of the StorageClass to use.
-
Create the PersistentVolumeClaim.
kubectl create -f nas-pvc-fs.yaml -
Check the PersistentVolumeClaim.
kubectl get pvcThe output shows that the PersistentVolumeClaim is bound to the automatically created PersistentVolume. You can also view the corresponding NAS file system in the NAS console.
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS VOLUMEATTRIBUTESCLASS AGE nas-pvc-fs Bound nas-04a730ba-010d-4fb1-9043-476d8c38**** 20Gi RWX alicloud-nas-fs <unset> 14s
Step 3: Create an application and mount the NAS volume
-
Create a file named nas-test-fs.yaml with the following content.
The following YAML creates a Deployment with two pods. Both pods request storage from the PersistentVolumeClaim named
nas-pvc-fsand mount the volume to the/datamount path.apiVersion: apps/v1 kind: Deployment metadata: name: nas-test labels: app: nginx spec: replicas: 2 selector: matchLabels: app: nginx template: metadata: labels: app: nginx spec: containers: - name: nginx image: registry.cn-hangzhou.aliyuncs.com/acs-sample/nginx:latest ports: - containerPort: 80 volumeMounts: - name: pvc-nas mountPath: /data volumes: - name: pvc-nas persistentVolumeClaim: claimName: nas-pvc-fs -
Create the Deployment and mount the NAS volume.
kubectl create -f nas-test-fs.yaml -
Check the deployment status of the pods in the Deployment.
kubectl get pod | grep nas-testThe following output shows that two pods are created.
nas-test-****-***a 1/1 Running 0 40s nas-test-****-***b 1/1 Running 0 40s -
Check the mount path.
kubectl exec nas-test-****-***a -- df -h /dataExpected output:
Filesystem Size Used Avail Use% Mounted on 350514*****-mw***.cn-shanghai.nas.aliyuncs.com:/ 10P 0 10P 0% /dataThis output confirms that the file system is successfully mounted.
Mount an existing NAS file system via NFS volume
Step 1: Obtain NAS file system information
For more information about obtaining the NAS mount target address, see Obtain NAS file system information.
Step 2: Create an application and mount NAS
-
Create a file named
nas-test-nfs.yamlwith the following content.This YAML defines a deployment with two pods. Each pod mounts the NAS file system to the
/datapath by using a volume namednfs-nas.apiVersion: apps/v1 kind: Deployment metadata: name: nas-test labels: app: nginx spec: replicas: 2 selector: matchLabels: app: nginx template: metadata: labels: app: nginx spec: containers: - name: nginx image: registry.cn-hangzhou.aliyuncs.com/acs-sample/nginx:latest ports: - containerPort: 80 volumeMounts: - name: nfs-nas mountPath: /data volumes: - name: nfs-nas nfs: server: file-system-id.region.nas.aliyuncs.com # The mount target address of the Alibaba Cloud NAS file system. Replace this with your actual value. Example: 7bexxxxxx-xxxx.ap-southeast-1.nas.aliyuncs.com. path: / # The directory path in the NAS file system. The directory must be an existing directory or the root directory. The root directory of a General-purpose NAS file system is "/", and the root directory of an Extreme NAS file system is "/share". -
Create the deployment and mount the NAS volume.
kubectl create -f nas-test-nfs.yaml -
Check the deployment status of the pods in the Deployment.
kubectl get pod | grep nas-testThe following output shows that two pods are created.
nas-test-****-***a 1/1 Running 0 40s nas-test-****-***b 1/1 Running 0 40s -
Check the mount path.
kubectl exec nas-test-****-***a -- df -h /dataExpected output:
Filesystem Size Used Avail Use% Mounted on 350514*****-mw***.cn-shanghai.nas.aliyuncs.com:/ 10P 0 10P 0% /dataThis output confirms that the file system is successfully mounted.
Verify shared and persistent storage
The deployment created in the previous example contains two pods that mount the same NAS file system. Verify this setup as follows:
-
Create a file in one pod and view it in the other pod to verify shared storage.
-
Restart the deployment and check whether the data persists in a new pod to verify persistent storage.
-
Check the pod information.
kubectl get pod | grep nas-testSample output:
nas-test-****-***a 1/1 Running 0 40s nas-test-****-***b 1/1 Running 0 40s -
Verify the shared storage.
-
Create a file in one pod.
This example uses the pod named
nas-test-****-***a:kubectl exec nas-test-****-***a -- touch /data/test.txt -
View the file in the other pod.
This example uses the pod named
nas-test-****-***b:kubectl exec nas-test-****-***b -- ls /dataThe expected output shows the new file
test.txt, which confirms the file is shared between pods.test.txt
-
-
Verify the persistent storage.
-
Restart the deployment.
kubectl rollout restart deploy nas-test -
Check the pods and wait for the new pods to start.
kubectl get pod | grep nas-testSample output:
nas-test-****-***c 1/1 Running 0 67s nas-test-****-***d 1/1 Running 0 49s -
In one of the new pods, verify that the data persists in the file system.
This example uses the pod named
nas-test-****-***c:kubectl exec nas-test-****-***c -- ls /dataThe output confirms that the data on the NAS file system persists and is accessible in the new pod's mount directory.
test.txt
-