Use NAS volumes

Updated at:
Copy as MD

For applications that require shared data and high I/O performance, you can use Apsara File Storage NAS for persistent volumes (PVs). This topic shows you how to mount a NAS volume to an application and verify its shared access and data persistence.

Background

NAS is a distributed file system that provides shared access, elastic scalability, high reliability, and high performance. It is suitable for applications that require shared data and high I/O performance. For more information, see Storage overview.

Note
  • For more information about the storage specifications, performance, billing, and supported regions and zones, see General-purpose NAS and Extreme NAS.

  • General-purpose NAS and Extreme NAS have different limitations on mount connectivity, the number of file systems, and protocol types. For more information, see Limitations.

You can mount and use NAS volumes in one of the following ways:

Prerequisites

The managed-csiprovisioner component is installed in the ACS cluster.

Note

Go to the ACS cluster management page in the ACS console. In the left-side navigation pane of the cluster management page, choose Operations > Add-ons. On the Storage tab, you can check whether managed-csiprovisioner is installed.

Limitations

  • NAS file systems cannot be mounted using the SMB protocol.

  • NAS file systems can only be mounted to pods in the same VPC.

    Note

    NAS file systems can be mounted across zones within the same VPC.

  • NAS file systems can only be mounted using the NFSv3 protocol.

Considerations

  • NAS provides shared storage. A single NAS volume can be mounted to multiple Pods. If multiple Pods concurrently modify the same data, your application must handle data synchronization.

  • When you mount a NAS volume, do not configure securityContext.fsgroup in the application's YAML file. Otherwise, the volume may fail to mount.

    Note

    You cannot modify the permissions, owner, or group for the / root directory of a NAS file system.

  • After you mount a NAS volume, do not delete its mount target. Otherwise, the operating system may stop responding.

Use an existing NAS file system

Step 1: Get NAS file system information

  1. Get the VPC ID and vSwitch ID used by the ACS pods.

    Note

    You can get this information from the console. Alternatively, run the kubectl get cm -n kube-system acs-profile -o yaml command to view the YAML file of the acs-profile ConfigMap. The VPC ID and vSwitch ID are specified in the vpcId and vSwitchIds fields.

    1. Log on to the ACS console.

    2. On the Clusters, click the name of the cluster to go to the cluster management page.

    3. In the left-side navigation pane, choose Configuration > ConfigMaps.

    4. At the top of the ConfigMap page, change the namespace to kube-system. Then, find acs-profile and click Edit YAML.

    5. Get the VPC ID and vSwitch ID from the vpcId and vSwitchIds fields.

  2. Verify that the existing NAS file system meets the requirements and get the mount target address.

    1. Log on to the NAS console. In the left-side navigation pane, click File System List.

    2. Find the target NAS file system and verify that its region, zone, and protocol type meet the requirements.

      • NAS does not support cross-VPC mounting and therefore cannot be used across regions. Make sure the NAS file system is in the same region as your ACS cluster.

      • Within the same VPC, a NAS file system can be mounted across zones. However, for optimal performance, we recommend that the NAS file system and the pods in the ACS cluster be in the same zone.

      • Verify that the protocol type of the NAS file system is NFS. You cannot mount NAS file systems that use the SMB protocol.

    3. Verify that the mount target meets the requirements and get its address.

      1. Click the file system ID.

      2. On the file system details page, click Mount Targets in the left-side navigation pane.

      3. In the Mount Target area, verify that an existing mount target meets the requirements, and then get the mount target address.

        Note
        • A mount target is automatically created when you create a General-purpose NAS file system. For an Extreme NAS file system, you must manually create a mount target.

        • If an existing mount target does not meet the requirements, you can create a new one. For more information, see Manage mount targets.

        • The mount target's VPC must be the same as the ACS cluster's VPC. Otherwise, the mount fails.

        • For optimal performance, we recommend that the mount target and the pods in the ACS cluster use the same vSwitch.

        • The status of the mount target must be Available.

Step 2: Create a StorageClass

  1. Modify the following YAML content based on the parameter descriptions, and then save it as nas-sc.yaml.

    apiVersion: storage.k8s.io/v1
    kind: StorageClass
    metadata:
      name: alicloud-nas-subpath
    mountOptions:
    - nolock,tcp,noresvport
    - vers=3
    parameters:
      volumeAs: subpath
      server: "*******-mw***.cn-shanghai.nas.aliyuncs.com:/csi"
    provisioner: nasplugin.csi.alibabacloud.com
    reclaimPolicy: Retain

    Parameter descriptions:

    Parameter

    Description

    volumeAs

    The provisioning mode. Set this to subpath to create each persistent volume (PV) as a subdirectory. Each PV corresponds to a subdirectory of the NAS file system.

    server

    The mount target address of the NAS file system, in the format of mount-target-address:path, where path is the NAS subdirectory that you want to mount.

    • If you do not specify a path, the root directory is mounted by default.

    • If the directory does not exist in the NAS file system, it is automatically created and then mounted.

    The root directory is / for General-purpose NAS file systems and /share for Extreme NAS file systems.

    provisioner

    Specifies the provisioner type. It must be set to nasplugin.csi.alibabacloud.com to use the Alibaba Cloud NAS CSI plug-in.

    reclaimPolicy

    The reclaim policy of the PV. Only Retain is supported, which means that the corresponding NAS file system and mount target are retained when you delete the PV.

Step 3: Create a PVC

kubectl

  1. Save the following content as nas-pvc.yaml.

    kind: PersistentVolumeClaim
    apiVersion: v1
    metadata:
      name: nas-pvc
      annotations:
    spec:
      accessModes:
        - ReadWriteMany
      resources:
        requests:
          storage: 20Gi
      storageClassName: alicloud-nas-subpath

    Parameter descriptions:

    Parameter

    Description

    accessModes

    The access mode.

    storage

    The capacity of the persistent volume to be created.

    storageClassName

    The name of the StorageClass to use.

  2. Create the PVC.

    kubectl create -f nas-pvc.yaml
  3. View the PV.

    kubectl get pv

    The output shows that the CSI plug-in automatically created a PV based on the StorageClass and bound it to the PVC.

    NAME                                       CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM             STORAGECLASS           REASON   AGE
    nas-ea7a0b6a-bec2-4e56-b767-47222d3a****   20Gi       RWX            Retain           Bound    default/nas-pvc   alicloud-nas-subpath            1m58s

Console

  1. Log on to the ACS console.

  2. On the Clusters, click the name of the cluster to go to the cluster management page.

  3. In the left-side navigation pane of the cluster management page, choose Volumes > Persistent Volume Claims.

  4. On the Persistent Volume Claims page, click Create.

  5. In the dialog box, set the parameters and then click Create.

    Parameter

    Description

    Example

    PVC Type

    Select NAS.

    NAS

    Volume Name:

    The name of the PVC. Enter a custom name. For formatting requirements, see the on-screen prompt.

    nas-pvc

    Allocation Mode

    Select Use StorageClass.

    Dynamic Provisioning Using StorageClass

    Capacity

    The capacity of the persistent volume to be created.

    20Gi

    Access Mode

    ReadWriteMany and ReadWriteOnce are supported.

    ReadWriteMany

    After the PVC is created, it is listed on the Persistent Volume Claims page. The PVC is bound to an automatically created PV, which is a NAS persistent volume. You can view the details of the PV on the Persistent Volumes page.

Step 4: Create an application and mount the volume

kubectl

  1. Create a file named nas-test.yaml that contains the following content.

    The following YAML file creates a Deployment with two pods. Both pods use the PVC named nas-pvc and mount the volume to the /data path.

    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: nas-test
      labels:
        app: nginx
    spec:
      replicas: 2
      selector:
        matchLabels:
          app: nginx
      template:
        metadata:
          labels:
            app: nginx
        spec:
          containers:
          - name: nginx
            image: registry.cn-hangzhou.aliyuncs.com/acs-sample/nginx:latest
            ports:
            - containerPort: 80
            volumeMounts:
              - name: pvc-nas
                mountPath: /data
          volumes:
            - name: pvc-nas
              persistentVolumeClaim:
                claimName: nas-pvc
  2. Create the Deployment and mount the NAS persistent volume.

    kubectl create -f nas-test.yaml
  3. Check the deployment status of the pods in the Deployment.

    kubectl get pod | grep nas-test

    The following output shows that two pods are created.

    nas-test-****-***a   1/1     Running   0          40s
    nas-test-****-***b   1/1     Running   0          40s
  4. Check the mount path.

    kubectl exec nas-test-****-***a -- df -h /data

    Expected output:

    Filesystem                                        Size  Used Avail Use% Mounted on
    350514*****-mw***.cn-shanghai.nas.aliyuncs.com:/   10P     0   10P   0% /data

    This output confirms that the file system is successfully mounted.

Console

  1. In the left-side navigation pane of the cluster management page, choose Workloads > Deployments.

  2. On the Deployments page, click Create from Image.

  3. Set the Deployment parameters and then click Create.

    The following table describes the key parameters. You can keep the default values for other parameters. For more information, see Create a stateless Deployment.

    Configuration page

    Parameter

    Description

    Example

    Basic Information

    Name:

    The name of the Deployment. Enter a custom name. For formatting requirements, see the on-screen prompt.

    nas-test

    Replicas:

    The number of replicas for the Deployment.

    2

    Container

    Image Name

    Enter the address of the image used to deploy the application.

    registry.cn-hangzhou.aliyuncs.com/acs-sample/nginx:latest

    Required Resources

    Set the required vCPU and memory resources.

    0.25 vCPU, 0.5 GiB

    Volume

    Click Add PVC, and then set the parameters.

    • Mount Source: Select the PVC that you created.

    • Container Path: Enter the path in the container to which you want to mount the NAS file system.

    • Mount Source: nas-pvc

    • Container Path: /data

  4. Check the application deployment status.

    1. On the Deployments page, click the name of the application.

    2. On the Pods tab, verify that the pods are in the Running state.

Create a NAS file system as a volume

Step 1: Create a StorageClass

  1. Modify the following YAML content based on the parameter descriptions and save the file as nas-sc.yaml.

    apiVersion: storage.k8s.io/v1
    kind: StorageClass
    metadata:
      name: alicloud-nas-fs
    mountOptions:
    - nolock,tcp,noresvport
    - vers=3
    parameters:
      volumeAs: filesystem
      fileSystemType: standard
      storageType: Performance
      regionId: cn-shanghai
      zoneId: cn-shanghai-e
      vpcId: "vpc-2ze2fxn6popm8c2mzm****"
      vSwitchId: "vsw-2zwdg25a2b4y5juy****"
      accessGroupName: DEFAULT_VPC_GROUP_NAME
      deleteVolume: "false"
    provisioner: nasplugin.csi.alibabacloud.com
    reclaimPolicy: Retain

    The following table describes the parameters.

    Important

    Support for NAS file system types and storage classes varies by region and availability zone. Ensure the region, availability zone, VPC, and vSwitch you select for the NAS file system and its mount target are compatible with your ACS cluster and the VPC and vSwitch used by your pods. For more information, see the following topics:

    • For information about the storage classes, performance, billing, and supported regions and availability zones for different types of NAS file systems, see General-purpose NAS and Extreme NAS.

    • General-purpose NAS and Extreme NAS have different limitations on mount connectivity, the number of file systems, and protocol types. For more information, see Limitations.

    • You can run the kubectl get cm -n kube-system acs-profile -o yaml command to view the acs-profile YAML and obtain the VPC ID and vSwitch IDs used by Pods from the vpcId and vSwitchIds fields.

    Parameter

    Description

    volumeAs

    Specifies how the volume is provisioned. Set to filesystem to automatically create a new NAS file system for each volume.

    fileSystemType

    The type of the NAS file system.

    • standard (default): General-purpose NAS. For more information, see General-purpose NAS.

    • extreme: Extreme NAS. For more information, see Extreme NAS.

    storageType

    The storage class of the NAS file system.

    • For General-purpose NAS, valid values are:

      • Performance (default): Performance

      • Capacity: Capacity

    • For Extreme NAS, valid values are:

      • standard (default): Standard

      • advanced: Advanced

    regionId

    The region where the NAS file system is located. This must be the same as the region of your ACS cluster.

    zoneId

    The availability zone where the NAS file system is located. Select an availability zone based on the vSwitch used by the pods in your ACS cluster.

    Note

    Within the same VPC, a NAS file system can be mounted across availability zones. For optimal performance, we recommend that you select the same availability zone.

    vpcId, vSwitchId

    The IDs of the VPC and vSwitch for the mount target of the NAS file system. These must be the IDs of the VPC and vSwitch used by the pods in your ACS cluster.

    accessGroupName

    The permission group of the mount target for the NAS file system. The default value is DEFAULT_VPC_GROUP_NAME.

    provisioner

    The provisioner. This must be set to nasplugin.csi.alibabacloud.com, which specifies that the Alibaba Cloud NAS CSI plugin is used.

    reclaimPolicy

    The reclaim policy for the PV. The only supported policy is Retain, which means that the corresponding NAS file system and mount target are retained when the PV is deleted.

  2. Create the StorageClass.

    kubectl create -f nas-sc.yaml
  3. Check the StorageClass.

    kubectl get sc

    Expected output:

    NAME                             PROVISIONER                       RECLAIMPOLICY   VOLUMEBINDINGMODE      ALLOWVOLUMEEXPANSION   AGE
    alicloud-nas-fs                  nasplugin.csi.alibabacloud.com    Retain          Immediate              false                  13m
    ......

Step 2: Create a PersistentVolumeClaim

  1. Save the following content to a file named nas-pvc-fs.yaml.

    kind: PersistentVolumeClaim
    apiVersion: v1
    metadata:
      name: nas-pvc-fs
    spec:
      accessModes:
        - ReadWriteMany
      storageClassName: alicloud-nas-fs
      resources:
        requests:
          storage: 20Gi

    The following table describes the parameters.

    Parameter

    Description

    accessModes

    The access mode.

    storage

    The capacity of the NAS volume to be created.

    Note

    Extreme NAS has a minimum capacity of 100 GiB. If the NAS file system type defined in the StorageClass is Extreme NAS, the value of storage must be 100 GiB or greater. Otherwise, the corresponding PersistentVolume cannot be created.

    storageClassName

    The name of the StorageClass to use.

  2. Create the PersistentVolumeClaim.

    kubectl create -f nas-pvc-fs.yaml
  3. Check the PersistentVolumeClaim.

    kubectl get pvc

    The output shows that the PersistentVolumeClaim is bound to the automatically created PersistentVolume. You can also view the corresponding NAS file system in the NAS console.

    NAME         STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS      VOLUMEATTRIBUTESCLASS  AGE
    nas-pvc-fs   Bound    nas-04a730ba-010d-4fb1-9043-476d8c38****   20Gi       RWX            alicloud-nas-fs   <unset>                14s

Step 3: Create an application and mount the NAS volume

  1. Create a file named nas-test-fs.yaml with the following content.

    The following YAML creates a Deployment with two pods. Both pods request storage from the PersistentVolumeClaim named nas-pvc-fs and mount the volume to the /data mount path.

    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: nas-test
      labels:
        app: nginx
    spec:
      replicas: 2
      selector:
        matchLabels:
          app: nginx
      template:
        metadata:
          labels:
            app: nginx
        spec:
          containers:
          - name: nginx
            image: registry.cn-hangzhou.aliyuncs.com/acs-sample/nginx:latest
            ports:
            - containerPort: 80
            volumeMounts:
              - name: pvc-nas
                mountPath: /data
          volumes:
            - name: pvc-nas
              persistentVolumeClaim:
                claimName: nas-pvc-fs
  2. Create the Deployment and mount the NAS volume.

    kubectl create -f nas-test-fs.yaml
  3. Check the deployment status of the pods in the Deployment.

    kubectl get pod | grep nas-test

    The following output shows that two pods are created.

    nas-test-****-***a   1/1     Running   0          40s
    nas-test-****-***b   1/1     Running   0          40s
  4. Check the mount path.

    kubectl exec nas-test-****-***a -- df -h /data

    Expected output:

    Filesystem                                        Size  Used Avail Use% Mounted on
    350514*****-mw***.cn-shanghai.nas.aliyuncs.com:/   10P     0   10P   0% /data

    This output confirms that the file system is successfully mounted.

Mount an existing NAS file system via NFS volume

Step 1: Obtain NAS file system information

For more information about obtaining the NAS mount target address, see Obtain NAS file system information.

Step 2: Create an application and mount NAS

  1. Create a file named nas-test-nfs.yaml with the following content.

    This YAML defines a deployment with two pods. Each pod mounts the NAS file system to the /data path by using a volume named nfs-nas.

    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: nas-test
      labels:
        app: nginx
    spec:
      replicas: 2
      selector:
        matchLabels:
          app: nginx
      template:
        metadata:
          labels:
            app: nginx
        spec:
          containers:
          - name: nginx
            image: registry.cn-hangzhou.aliyuncs.com/acs-sample/nginx:latest
            ports:
            - containerPort: 80
            volumeMounts:
              - name: nfs-nas
                mountPath: /data
          volumes:
          - name: nfs-nas
            nfs:
              server: file-system-id.region.nas.aliyuncs.com    # The mount target address of the Alibaba Cloud NAS file system. Replace this with your actual value. Example: 7bexxxxxx-xxxx.ap-southeast-1.nas.aliyuncs.com.
              path: /    # The directory path in the NAS file system. The directory must be an existing directory or the root directory. The root directory of a General-purpose NAS file system is "/", and the root directory of an Extreme NAS file system is "/share".
  2. Create the deployment and mount the NAS volume.

    kubectl create -f nas-test-nfs.yaml
  3. Check the deployment status of the pods in the Deployment.

    kubectl get pod | grep nas-test

    The following output shows that two pods are created.

    nas-test-****-***a   1/1     Running   0          40s
    nas-test-****-***b   1/1     Running   0          40s
  4. Check the mount path.

    kubectl exec nas-test-****-***a -- df -h /data

    Expected output:

    Filesystem                                        Size  Used Avail Use% Mounted on
    350514*****-mw***.cn-shanghai.nas.aliyuncs.com:/   10P     0   10P   0% /data

    This output confirms that the file system is successfully mounted.

Verify shared and persistent storage

The deployment created in the previous example contains two pods that mount the same NAS file system. Verify this setup as follows:

  • Create a file in one pod and view it in the other pod to verify shared storage.

  • Restart the deployment and check whether the data persists in a new pod to verify persistent storage.

  1. Check the pod information.

    kubectl get pod | grep nas-test

    Sample output:

    nas-test-****-***a   1/1     Running   0          40s
    nas-test-****-***b   1/1     Running   0          40s
  2. Verify the shared storage.

    1. Create a file in one pod.

      This example uses the pod named nas-test-****-***a:

      kubectl exec nas-test-****-***a -- touch /data/test.txt
    2. View the file in the other pod.

      This example uses the pod named nas-test-****-***b:

      kubectl exec nas-test-****-***b -- ls /data

      The expected output shows the new file test.txt, which confirms the file is shared between pods.

      test.txt
  3. Verify the persistent storage.

    1. Restart the deployment.

      kubectl rollout restart deploy nas-test
    2. Check the pods and wait for the new pods to start.

      kubectl get pod | grep nas-test

      Sample output:

      nas-test-****-***c   1/1     Running   0          67s
      nas-test-****-***d   1/1     Running   0          49s
    3. In one of the new pods, verify that the data persists in the file system.

      This example uses the pod named nas-test-****-***c:

      kubectl exec nas-test-****-***c -- ls /data

      The output confirms that the data on the NAS file system persists and is accessible in the new pod's mount directory.

      test.txt