All Products
Search
Document Center

Elastic Container Instance:Mount an OSS volume to an elastic container instance

Last Updated:Aug 16, 2024

Object Storage Service (OSS) is a secure, cost-effective, and highly reliable Alibaba Cloud storage service that allows you to store large volumes of unstructured data, such as images and audio and video data. This topic describes how to mount an OSS bucket to an elastic container instance as a volume.

Precautions

  • OSS is billed based on usage and supports the pay-as-you-go, resource plan, and storage capacity unit (SCU) billing methods. For more information about billing of OSS, see Billing overview.

  • OSS is a shared storage service. An OSS bucket can be mounted to multiple instances.

  • We recommend that you store no more than 1,000 files in a mount directory.

    If you store excess files in a mount directory, the OSS client consumes a large amount of memory, which may cause an out of memory (OOM) event on the instance.

Make preparations

  1. Create an OSS bucket.

    1. Log on to the OSS console.

    2. Create an OSS bucket.

      For more information, see Create buckets.

  2. Use one of the following methods to grant the permissions to access OSS:

    • Use a RAM role to grant permissions.

      Create a RAM role and grant the RAM role the permissions to access OSS buckets. For more information, see Create a RAM role for a trusted Alibaba Cloud service and Grant permissions to a RAM role.

      When you create a RAM role, select Alibaba Cloud Service for the Select Trusted Entity parameter, Normal Service Role for the Role Type parameter, and Elastic Compute Service for the Select Trusted Service parameter. When you grant permissions to the RAM role, attach the AliyunOSSFullAccess policy to the RAM role.

    • (Not recommended) Use an AccessKey pair to grant permissions.

      Obtain the AccessKey ID and AccessKey secret. For more information, see Obtain an AccessKey pair.

Configuration description (API mode)

When you call the CreateContainerGroup API operation to create an elastic container instance, you can use Volume-related parameters to specify volumes, and then use Container.VolumeMount-related parameters to mount the volumes to containers. The following part describes the relevant parameters. For more information, see CreateContainerGroup.

Specify the volume to be mounted

When you use Volume-related parameters to specify volumes, you must first specify the types and names of the volumes. Then, you must configure other Volume-related parameters based on the value of the Volume.N.Type parameter.

Parameter

Type

Example

Description

Volume.N.Name

String

oss-demo

The name of volume N.

Volume.N.Type

String

FlexVolume

Set the value to FlexVolume. The value specifies a volume that is mounted by using the FlexVolume plug-in.

Volume.N.FlexVolume.Driver

String

alicloud/oss

The driver type when you use the FlexVolume plug-in to mount a volume. The value of alicloud/oss indicates that an Alibaba Cloud OSS bucket is mounted.

Volume.N.FlexVolume.Options

String

{"bucket":"test-***","url":"oss-cn-hangzhou.aliyuncs.com","ramRole":"ram-***"}

The options when you set the Volume.N.Type parameter to FlexVolume. Each option is a key-value pair in the JSON string.

When you use the FlexVolume plug-in to mount an OSS bucket, Options represents the configuration parameters of OSS volumes. The following parameters can be configured:

  • bucket: the name of the OSS bucket.

  • url: the endpoint of the OSS bucket. You can log on to the OSS console and obtain the endpoint on the Overview page of the bucket. For more information, see Regions and endpoints.

  • path: The path relative to the root directory of the OSS bucket. Default value: /.

  • The custom options that are specified to mount the OSS bucket. Format: -o *** -o ***. Example: -o max_stat_cache_size=0 -o allow_other.

  • akId: the AccessKey ID that is used if you use AccessKey pairs to grant permissions to access OSS.

  • akSecret: the AccessKey secret used if you use AccessKey pairs to grant permissions to access OSS.

  • ramRole: the RAM role that is used to grant permissions. Specify this parameter if you use a RAM role to grant permissions.

Mount volumes

After you specify volumes, you can use VolumeMount-related parameters to mount the volumes to containers.

Parameter

Type

Example

Description

Container.N.VolumeMount.N.Name

String

test-volume

The name of volume N to be mounted to container N. This value is the value of Volume.N.Name.

Container.N.VolumeMount.N.MountPath

String

/usr/share

The directory to which volume N is mounted.

Data under this directory is overwritten by the data on the volume. Make sure that this value is correct.

Container.N.VolumeMount.N.SubPath

String

/usr/sub

The subdirectory of the volume. This parameter specifies different subdirectories of the same volume that the instance can mount to different subdirectories of containers.

Container.N.VolumeMount.N.ReadOnly

Boolean

false

Specifies whether the mount directory is read-only. Default value: false.

Container.N.VolumeMount.N.MountPropagation

String

None

The mount propagation setting of volume N. Mount propagation allows you to share volumes that are mounted to one container to other containers in the same elastic container instance, or even to other elastic container instances on the same host. Valid values:

  • None: The volume mount does not receive subsequent mounts that are mounted to this volume or its subdirectories.

  • HostToContainer: The volume mount receives all subsequent mounts that are mounted to this volume or its subdirectories.

  • Bidirectional: This value has a similar effect as HostToContainer. The volume mount receives all subsequent mounts that are mounted to this volume or its subdirectories. In addition, all volume mounts created by container N are propagated back to the host and to all containers of all elastic container instances that use the same volume.

Default value: None.

Note

Volumes can also be mounted to init containers. The required parameters are similar to the parameters in the preceding table. You only need to change Container to InitContainer.

Configuration description (console mode)

When you create an elastic container instance on the Elastic Container Instance buy page, you can specify volumes in the Container Group Configurations section and then mount the volumes to containers in the Container Configurations section.

Specify the volume to be mounted

  1. In the Container Group Configurations section of the Basic Settings step of the Create Container Group wizard, click Advanced Settings.

  2. In the Storage section, click the OSS Persistence tab and click Add.

  3. Configure the parameters for the OSS volume.

    • Name: the name of the OSS volume.

    • Bucket: the name of the OSS bucket.

    • RAM Role: the RAM role that has permissions to access OSS.

    oss

Mount the volume

  1. In the Container Configurations section of the Basic Settings step of the Create Container Group wizard, select a container and click Advanced Settings of the container.

  2. Turn on Storage and click Add.

    You can only add the volumes that you specified in the Container Group Configurations section.

    oss2

Note

If you want to mount volumes to multiple containers, select more containers and repeat the preceding operations.

Configuration example

  1. Create Elastic Container Instance A (Instance A) and mount an OSS volume to Instance A.

    The following example shows the parameters used to create Instance A by calling the CreateContainerGroup API operation. For more information, see CreateContainerGroup.

    ContainerGroupName=test-oss-a
    # Specify the volume to be mounted.
    Volume.1.Name=oss-demo
    Volume.1.Type=FlexVolume
    Volume.1.FlexVolume.Driver=alicloud/oss
    Volume.1.FlexVolume.Options={"bucket":"test-***","url":"oss-cn-hangzhou-internal.aliyuncs.com","ramRole":"ram-***"}
    # Mount the volume to a container.
    Container.1.Name=nginx
    Container.1.Image=registry-vpc.cn-hangzhou.aliyuncs.com/eci_open/nginx:1.14.2
    Container.1.VolumeMount.1.Name=oss-demo
    Container.1.VolumeMount.1.MountPath=/data-a
  2. Connect to Instance A and add a file to the mount directory.

    For more information, see Connect to an elastic container instance.

    oss3

  3. Delete Instance A.

  4. Create Elastic Container Instance B (Instance B) and mount the same OSS volume to Instance B.

    ContainerGroupName=test-oss-b
    # Specify the volume to be mounted.
    Volume.1.Name=oss-demo
    Volume.1.Type=FlexVolume
    Volume.1.FlexVolume.Driver=alicloud/oss
    Volume.1.FlexVolume.Options={"bucket":"test-***","url":"oss-cn-hangzhou-internal.aliyuncs.com","ramRole":"ram-***"}
    # Mount the volume to a container.
    Container.1.Name=nginx
    Container.1.Image=registry-vpc.cn-hangzhou.aliyuncs.com/eci_open/nginx:1.14.2
    Container.1.VolumeMount.1.Name=oss-demo
    Container.1.VolumeMount.1.MountPath=/data-b
  5. Connect to Instance B and check whether the files in the mount directory are the same as the files in the mount directory of the OSS volume on Instance A.

    Instance A and Instance B share the same OSS volume, and OSS volumes are persistent storage. After Instance A is deleted, you can still use Instance B to obtain the file in the OSS bucket that you added to Instance A.

    oss4