Mount a dynamically provisioned NAS volume

The Alibaba Cloud Container Compute Service (ACS) CSI plug-in allows you to mount dynamically provisioned NAS volumes in filesystem mode. You can use the ACS console or kubectl to mount dynamically provisioned NAS volumes. This topic describes how to mount dynamically provisioned NAS volumes. This topic also describes how to verify that a dynamically provisioned NAS volume can be used to persist data and the data in a dynamically provisioned NAS volume can be shared across pods.

Prerequisites

The CSI plug-in of the ACS cluster is updated to the latest version. For more information, see Manage components.

Use scenarios

NAS volumes are suitable for applications that require high disk I/O throughput.
NAS volumes can be used to persist data. The read and write performance of NAS is hither than Object Storage Service (OSS).
NAS volumes can be used to share files among hosts.

Precautions

If a NAS file system is mounted to multiple pods, the data in the file system is shared by the pods. In this case, the application must be able to synchronize data across the pods if the data in the NAS file system is modified by multiple pods.
Note
You cannot grant permissions to access the / directory (root directory) of the NAS file system. The user account and user group to which the directory belongs cannot be modified.
You cannot specify the securityContext.fsgroup parameter in the application YAML template. This may cause mount failures.
You can mount a dynamically provisioned NAS volume in filesystem mode to share the root directory (/) of the NAS file system.
You cannot use the Container Storage Interface (CSI) plug-in to mount Server Message Block (SMB) file systems.
We recommend that you use the NFSv3 file sharing protocol.
You can mount a NAS volume only to ECS instances in the same virtual private cloud (VPC) as the NAS file system.
General-purpose and Extreme NAS file systems have different limits such as the limits on mounting connectivity, the number of file systems, and file sharing protocols. For more information, see Limits.
Before you use NAS volumes, we recommend that you update the CSI plug-in to the latest version.
After a mount target is created, wait until the mount target changes to the Available state.
Do not delete the mount target of a NAS file system before you unmount the NAS file system. Otherwise, an operating system hang issue may occur.

You can use the CSI plug-in to mount dynamically provisioned NAS volumes in filesystem mode. You can use the ACS console or kubectl to mount dynamically provisioned NAS volumes.

In filesystem mode, you can only use kubectl to mount dynamically provisioned NAS volumes.

If your Kubernetes application needs to dynamically create and delete NAS file systems and mount targets, you can choose the filesystem mode.

Mount a dynamically provisioned NAS volume in filesystem mode by using kubectl

Important

By default, if you delete a PV that is mounted in filesystem mode, the system retains the related NAS file system and mount target. To delete the NAS file system and mount target together with the PV, set reclaimPolicy to Delete and set deleteVolume to true in the StorageClass configurations.

When you mount a NAS volume to a pod in filesystem mode, you can create only one NAS file system and one mount target. The following procedure shows how to mount a dynamically provisioned NAS volume in filesystem mode.

Create a StorageClass.

Create a file named alicloud-nas-fs.yaml and add the following content to the file:

apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: alicloud-nas-fs
mountOptions:
- nolock,tcp,noresvport
- vers=3
parameters:
  volumeAs: filesystem
  fileSystemType: standard
  storageType: Performance
  regionId: cn-beijing
  zoneId: cn-beijing-e
  vpcId: "vpc-2ze2fxn6popm8c2mzm****"
  vSwitchId: "vsw-2zwdg25a2b4y5juy****"
  accessGroupName: DEFAULT_VPC_GROUP_NAME
  deleteVolume: "false"
provisioner: nasplugin.csi.alibabacloud.com
reclaimPolicy: Retain

Parameter	Description
volumeAs	The type of volume to be created. Set the value to filesystem. filesystem: The provisioner automatically creates a NAS file system. Each PV corresponds to a NAS file system.
fileSystemType	The type of the NAS file system. Valid values: standard: General-purpose NAS file system. extreme: Extreme NAS file system. Default value: standard.
storageType	The storage type of the NAS file system. If the fileSystemType parameter is set to standard, the valid values are Performance and Capacity. Default value: Performance. If the fileSystemType parameter is set to extreme, the valid values are standard and advance. Default value: standard.
regionId	The ID of the region to which the NAS file system belongs.
zoneId	The ID of the zone to which the NAS file system belongs.
vpcId	The ID of the VPC to which the mount target of the NAS file system belongs.
vSwitchId	The ID of the vSwitch to which the mount target of the NAS file system belongs.
accessGroupName	The permission group to which the mount target of the NAS file system belongs. Default value: DEFAULT_VPC_GROUP_NAME.
deleteVolume	The reclaim policy of the NAS file system when the related PV is deleted. NAS is a shared storage service. Therefore, you must specify both deleteVolume and reclaimPolicy parameters to ensure data security.
provisioner	The type of the driver. In this example, the parameter is set to `nasplugin.csi.alibabacloud.com`. This indicates that the CSI plug-in provided by Alibaba Cloud is used.
reclaimPolicy	The reclaim policy of the PV When you delete a PVC, the related NAS file system is automatically deleted only if you set the deleteVolume parameter to true and the reclaimPolicy parameter to Delete.

Run the following command to create a StorageClass:
```
kubectl create -f alicloud-nas-fs.yaml
```

Create a PVC and pods to mount a NAS volume.

Create a file named pvc.yaml and add the following content to the file:

kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: nas-csi-pvc-fs
spec:
  accessModes:
    - ReadWriteMany
  storageClassName: alicloud-nas-fs
  resources:
    requests:
      storage: 20Gi

Create a file named nginx.yaml and add the following content to the file:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: deployment-nas-fs
  labels:
    app: nginx
spec:
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:1.7.9
        ports:
        - containerPort: 80
        volumeMounts:
          - name: nas-pvc
            mountPath: "/data"
      volumes:
        - name: nas-pvc
          persistentVolumeClaim:
            claimName: nas-csi-pvc-fs

Run the following command to create the PVC and pods:
```
kubectl create -f pvc.yaml -f nginx.yaml
```

In filesystem mode, the CSI driver automatically creates a NAS file system and a mount target when you create the PVC. When the PVC is deleted, the file system and the mount target are retained or deleted based on the settings of the deleteVolume and reclaimPolicy parameters.

Verify that the NAS file system can be used to persist data

NAS provides persistent storage. When a pod is deleted, the recreated pod automatically synchronizes the data of the deleted pod.

Perform the following steps to verify that NAS file system can be used to persist data:

Query the pods that are created for the application and the files in the mounted NAS file system.
1. Run the following command to query the pods that are created for the application:
```
kubectl get pod 
```
  Expected output:
```
NAME                                READY   STATUS    RESTARTS   AGE
deployment-nas-1-5b5cdb85f6-n****   1/1     Running   0          32s
deployment-nas-2-c5bb4746c-4****    1/1     Running   0          32s
```
2. Run the following command to query files in the /data path of a pod. In this example, the pod deployment-nas-1-5b5cdb85f6-n**** is used.
```
kubectl exec deployment-nas-1-5b5cdb85f6-n**** -- ls /data
```
  If no output is displayed, no file exists in the /data path.
Run the following command to create a file named nas in the /data path of the pod deployment-nas-1-5b5cdb85f6-n****:
```
kubectl exec deployment-nas-1-5b5cdb85f6-n**** -- touch /data/nas
```
Run the following command to query files in the /data path of the pod deployment-nas-1-5b5cdb85f6-n****:
```
kubectl exec deployment-nas-1-5b5cdb85f6-n**** -- ls /data
```
Expected output:
```
nas
```

Run the following command to delete the pod:

kubectl delete pod deployment-nas-1-5b5cdb85f6-n****

Open another CLI and run the following command to view how the pod is deleted and recreated:
```
kubectl get pod -w -l app=nginx
```
Verify that the file still exists after the pod is deleted.
1. Run the following command to query the name of the recreated pod:
```
kubectl get pod
```
  Expected output:
```
NAME                                READY   STATUS    RESTARTS   AGE
deployment-nas-1-5b5cdm2g5-m****    1/1     Running   0          32s
deployment-nas-2-c5bb4746c-4****    1/1     Running   0          32s
```
2. Run the following command to query files in the /data path of the pod deployment-nas-1-5b5cdm2g5-m****:
```
kubectl exec deployment-nas-1-5b5cdm2g5-m**** -- ls /data
```
  Expected output:
```
nas
```
  The nas file still exists in the /data path. This indicates that data is persisted in the NAS file system.

Verify that data in the NAS file system can be shared across pods

You can mount a NAS volume to multiple pods. If the data is modified in one pod, the modifications are automatically synchronized to other pods.

Perform the following steps to verify that data in the NAS file system can be shared across pods:

Query the pods that are created for the application and the files in the mounted NAS file system.

Run the following command to query the pods that are created for the application:

kubectl get pod

Expected output:

NAME                                READY   STATUS    RESTARTS   AGE
deployment-nas-1-5b5cdb85f6-n****   1/1     Running   0          32s
deployment-nas-2-c5bb4746c-4****    1/1     Running   0          32s

Run the following command to query files in the /data path of each pod:

kubectl exec deployment-nas-1-5b5cdb85f6-n**** -- ls /data
kubectl exec deployment-nas-2-c5bb4746c-4**** -- ls /data

Run the following command to create a file named nas in the /data path of a pod:
```
 kubectl exec deployment-nas-1-5b5cdb85f6-n**** -- touch /data/nas
```
Run the following command to query files in the /data path of each pod:
1. Run the following command to query files in the /data path of the pod deployment-nas-1-5b5cdb85f6-n****:
```
kubectl exec deployment-nas-1-5b5cdb85f6-n**** -- ls /data
```
  Expected output:
```
nas
```
2. Run the following command to query files in the /data path of the pod deployment-nas-2-c5bb4746c-4****:
```
kubectl exec deployment-nas-2-c5bb4746c-4**** -- ls /data
```
  Expected output:
```
nas
```
  After you create a file in the /data path of one pod, you can also find the file in the /data path of the other pod. This indicates that data in the NAS file system is shared by the two pods.

References

For more information about how to use CNFS to manage NAS file systems, see Use CNFS to manage NAS file systems (recommended) and Use CNFS to manage NAS file systems (recommended).
For more information about how to dynamically expand a NAS volume, see Use CNFS to automatically expand NAS volumes.
For more information about how to use the directory quota feature of NAS to manage the storage space of volumes, see Expand a NAS volume.