Container Network File System (CNFS) supports the recycle bin feature, which is used to restore accidentally deleted NAS files. This topic describes how to restore deleted NAS files by using the recycle bin feature of CNFS. An NGINX application that has Internet access is used as an example.
Background Information
In this example, use the CNFS StorageClass to claim a volume, mount the volume to the pod of the NGINX application, and then delete the index.html file stored in the volume. After the index.html file is deleted, the NGINX welcome page cannot be accessed. To recover the NGINX welcome page, use the recycle bin feature of CNFS to restore the index.html file.
Usage notes
Billing
You are not charged for enabling the recycle bin feature. However, you are charged for the storage space occupied by files that are temporarily stored in the recycle bin. The storage fees are calculated based on the storage type of the files before the files are deleted. To reduce storage costs, we recommend that you specify a retention period for files. For more information, see Billing of General-purpose NAS file systems and Billing of the IA storage class.
Permissions
Only the owner of a file system or authorized Resource Access Management (RAM) users can use the recycle bin feature. For more information, see Perform access control based on RAM policies.
Prerequisites
An ACK cluster is created. The Container Storage Interface (CSI) plug-in is used as the volume plug-in. For more information, see Create an ACK managed cluster.
If you want to use a new cluster, select the CSI volume plug-in and Dynamically Provision Volumes by Using the Default NAS File Systems and CNFS when you create the cluster.
If you do not select Dynamically Provision Volumes by Using the Default NAS File Systems and CNFS when you create the cluster, you can use CNFS to manage NAS file systems. For more information, see Use CNFS to manage NAS file systems.
The cluster can be accessed over the Internet.
For more information about how to enable Internet access when you create a cluster, see Associate an EIP with the API server when you create a cluster.
For more information about how to enable Internet access for an existing cluster, see Associate an EIP with the API server after a cluster is created.
The versions of csi-plugin and csi-provisioner are 1.20.5-ff6490f-aliyun or later. For more information, see Install and upgrade the CSI plug-in.
The version of storage-operator is 1.18.8.56-2aa33ba-aliyun or later. For more information, see Manage components.
Step 1: Create a persistent volume claim (PVC) and associate it with the NGINX application
View the status of the CNFS object.
Make sure that the CNFS object is in the Available state.
Run the following command to query the CNFS object:
kubectl get cnfsExpected output:
NAME AGE default-cnfs-nas-7938cef-20210907193713 21hRun the following command to view the status of the CNFS object:
kubectl get cnfs default-cnfs-nas-7938cef-20210907193713 -o yaml | grep AvailableExpected output:
status: Available
Use the following YAML template to create a PVC.
ImportantThe CNFS StorageClass is referenced in the storageClassName field of the PVC. In this example, the name of the PVC is cnfs-nas-pvc and the StorageClass referenced in the storageClassName field is alibabacloud-cnfs-nas.
cat << EOF | kubectl apply -f - kind: PersistentVolumeClaim apiVersion: v1 metadata: name: cnfs-nas-pvc spec: accessModes: - ReadWriteMany storageClassName: alibabacloud-cnfs-nas resources: requests: storage: 30Gi EOFUse the following YAML template to create a Deployment.
ImportantThe Deployment is used to reference the PVC created in the preceding step. In this example, the name of the Deployment is cnfs-nas-deployment and the name of the referenced PVC is cnfs-nas-pvc. The PVC is mounted to the /app path in the container and the
httpcontainer port 8080 is opened.cat << EOF | kubectl apply -f - apiVersion: apps/v1 kind: Deployment metadata: name: cnfs-nas-deployment labels: app: nginx spec: selector: matchLabels: app: nginx template: metadata: labels: app: nginx spec: securityContext: runAsUser: 0 containers: - name: nginx image: docker.io/bitnami/nginx:1.16.1-debian-9-r56 volumeMounts: - mountPath: "/app" name: cnfs-nas-pvc ports: - containerPort: 8080 name: http volumes: - name: cnfs-nas-pvc persistentVolumeClaim: claimName: cnfs-nas-pvc EOFUse the following YAML template to create a Service for the Deployment.
NoteThe following YAML template is used to create a LoadBalancer Service. A Server Load Balancer (SLB) instance is used to expose the Service through a public IP address, which can be used to access the Deployment. In this example, a LoadBalancer Service named nginx-default is created. The Service is used to forward HTTP requests from the Internet to the pod that is added with the app:nginx label.
cat << EOF | kubectl apply -f - apiVersion: v1 kind: Service metadata: name: nginx-default labels: app: nginx spec: type: LoadBalancer externalTrafficPolicy: "Cluster" ports: - name: http port: 80 targetPort: http selector: app: nginx EOFWrite the NGINX welcome page file to the /app path of the pod that is in the Running state.
Run the following command to query the pod:
kubectl get podExpected output:
NAME READY STATUS RESTARTS AGE cnfs-nas-deployment-597bc9fb45-cmkss 1/1 Running 0 3h23mRun the following command to switch to the /app path of the
cnfs-nas-deployment-597bc9fb45-cmksspod:kubectl exec cnfs-nas-deployment-597bc9fb45-cmkss -ti sh cd /appRun the following command to write the index.html file to the /app path:
cat << EOF >> index.html <!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> <style> html { color-scheme: light dark; } body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; } </style> </head> <body> <h1>Welcome to nginx!</h1> <p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p> <p>For online documentation and support please refer to <a href="http://nginx.org/">nginx.org</a>.<br/> Commercial support is available at <a href="http://nginx.com/">nginx.com</a>.</p> <p><em>Thank you for using nginx.</em></p> </body> </html> EOFRun the following command to exit the pod:
exit
Run the following command to query the public IP address of the SLB instance:
kubectl get svcExpected output:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE nginx-default LoadBalancer 192.168.XX.XX 47.115.XX.XX 80:30989/TCP 20hEnter the public IP address into the address bar of a browser. The NGINX welcome page appears.
In this example, the public IP address is
47.115.XX.XX.
Step 2: Verify the recycle bin feature of CNFS
The following example describes how to restore a deleted file from the recycle bin of the NAS volume managed by CNFS.
Run the following command to delete the index.html file:
kubectl exec cnfs-nas-deployment-597bc9fb45-cmkss -- rm -rf /app/index.htmlRefresh the NGINX welcome page in the browser. The 403 Forbidden error appears.
Log on to the ACK console. In the left-side navigation pane, click Clusters.
On the Clusters page, click the name of the cluster that you want to manage and choose in the left-side navigation pane.
On the Persistent Volumes page, find the persistent volume (PV) and click Recycle Bin in the Actions column.
By default, the recycle bin feature of NAS file systems that are managed by CNFS is enabled. You can restore the index.html file in the NAS console.
In this example, the name of the PV is nas-ecaf6018-5250-4e19-b570-5d9e657d23bc.
On the Recycle Bin tab of the NAS file system, click the Deleted Files and Directories tab, and then click Restore in the Actions column.
Click Restore to the original path and click OK.
Refresh the NGINX welcome page in the browser. The NGINX welcome page appears.
This indicates that the index.html file of the NGINX application has been restored.
References
For information about how to disable and empty a recycle bin, see Recycle bin.