Use statically provisioned NAS volumes to enable persistent storage - Container Compute Service

If your applications require high IOPS and data sharing, you can mount File Storage NAS file systems as persistent volumes (PVs) to your applications. This topic describes how to mount a statically provisioned NAS volume to an application and check whether the NAS volume can be used to share and persist data.

Background information

NAS is a distributed file system service that features shared access, scalability, high reliability, and high performance. NAS is suitable for scenarios where data sharing and high IOPS are required. For more information, see Storage overview.

Note

Alibaba Cloud Container Compute Service (ACS) supports statically and dynamically provisioned NAS volumes. This topic describes how to mount a statically provisioned NAS volume. For more information about how to mount a dynamically provisioned NAS volume, see Mount a dynamically provisioned NAS volume.

Prerequisites

The latest version of managed-csiprovisioner is installed in your Alibaba Cloud Container Compute Service (ACS) cluster.

Note

Go to the ACS cluster management page in the ACS console. In the left-side navigation pane of the cluster management page, choose Operations > Add-ons. On the Storage tab, you can check whether managed-csiprovisioner is installed.

Limits

You cannot mount NAS file systems that use the Server Message Block (SMB) protocol.
When you mount a NAS file system to multiple pods, the pods must be deployed in the same virtual private cloud (VPC). You cannot mount a NAS file system to pods in different VPCs.
You can use only the NFSv3 protocol to mount a NAS file system.

Usage notes

NAS is a shared storage service. You can mount a NAS file system to multiple pods. If a NAS file system is mounted to multiple pods, the data in the file system is shared by the pods. In this case, the application must be able to synchronize data across the pods if the data in the NAS file system is modified by multiple pods.
When you mount a NAS file system to an application, do not add the securityContext.fsgroup parameter to the YAML file of the application. Otherwise, the NAS file system may fail to be mounted.
Note
You cannot grant the permissions to access the / directory of the NAS file system. The user account and user group to which the directory belongs cannot be modified.
After you mount a NAS file system, do not delete the mount target of the NAS file system. Otherwise, an operating system hang issue may occur.

Create a NAS file system and a mount target

The mount target of a NAS file system and the pod to which you want to mount the file system must belong to the same VPC. Otherwise, you cannot mount the file system to the pod. You can skip this step if a NAS file system and a mount target of the file system already exist in the VPC and vSwitch used by your pod.

Obtain the IDs of the VPC and vSwitch used by your pod.
Note
This section describes the operations that you need to perform in the ACS console. You can also run the kubectl get cm -n kube-system acs-profile -o yaml command to query the YAML file of the acs-profile ConfigMap. In the YAML file, you can obtain the VPC ID from the vpcId parameter and the vSwitch ID from the vSwitchIds parameter.
1. Log on to the ACS console.
2. On the Clusters, click the ID of the cluster to go to the cluster management page.
3. In the left-side navigation pane, choose Configurations > ConfigMaps.
4. In the upper part of the ConfigMap page, select kube-system from the Namespace drop-down list. Find the acs-profile ConfigMap that is displayed and click Edit YAML in the Actions column.
5. In the View in YAML panel, obtain the VPC ID from the vpcId parameter and the vSwitch ID from the vSwitchIds parameter.

Create a NAS file system and a mount target.

Log on to the NAS console.

Create a file system.

On the File System List page, click Create File System. Then, select Create General-purpose NAS File System or Create Extreme NAS File System.
Important
- For more information about the specifications, performance, billing rules, and supported regions and zones of different types of NAS file systems, see General-purpose NAS file systems and Extreme NAS file systems.
- General-purpose NAS file systems and Extreme NAS file systems have different limits on mounting connectivity, the number of file systems, and file sharing protocols. For more information, see Limits.

In the panel that appears, configure the file system parameters and click Buy Now.

In this example, a General-purpose NAS file system is created. The following table describes some of the file system parameters. For more information, see Create a file system.

Parameter	Description
Region	Select the region where your ACS cluster resides.
Zone	Select the zone based on the zone ID you obtained in Step 1. This way, the file system will be created in the same zone as the pod to which you want to mount the file system.
ProtocolType	Select NFS. You cannot mount NAS file systems that use the SMB protocol.
VPC and VswitchId	Select the VPC and vSwitch used by the pod to which you want to mount the file system. You can search for the VPC and vSwitch in the VPC console based on the VPC ID and vSwitch ID you obtained in Step 1.

Obtain the domain name of the mount target of the file system.
Note
The system automatically creates a mount target for a General-purpose NAS file system. However, you need to manually create mount targets for Extreme NAS file systems. For more information, see Manage mount targets.
1. On the File System List page, click the ID of the file system you created.
2. In the left-side navigation pane of the file system details page, click Mount Targets.
3. In the Mount Target section, check whether a mount target in the Available state exists.

Mount a statically provisioned NAS volume

kubectl

Step 1: Create a PVC

Connect to your ACS cluster. For more information, see Obtain the kubeconfig file of a cluster and use kubectl to connect to the cluster and Use kubectl on Cloud Shell to manage ACS clusters.

Create a file named nas-pvc.yaml and copy the following content to the file:

kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: nas-pvc
  annotations:
    csi.alibabacloud.com/mountpoint: *******-mw***.cn-shanghai.nas.aliyuncs.com
    csi.alibabacloud.com/mount-options: nolock,tcp,noresvport
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 20Gi
  storageClassName: alibaba-cloud-nas

The following table describes the parameters in the preceding code block.

Parameter	Description
`csi.alibabacloud.com/mountpoint`	The directory of the NAS file system that you want to mount. If you set the value to the domain name of a mount target, such as `**-.<region>.nas.aliyuncs.com`, it indicates that the root directory (`/`) of the NAS file system is mounted. If you specify a value that includes the domain name of a mount target and a subdirectory, such as `-**.<region>.nas.aliyuncs.com:/dir`, it indicates that the `/dir` directory of the NAS file system is mounted. In this case, if the `/dir` directory does not exist in the NAS file system, the system automatically creates the directory in the file system.
`csi.alibabacloud.com/mount-options`	The parameters that are required to mount the NAS file system. We recommend that you set the value to `nolock,tcp,noresvport`.
`accessModes`	The access mode of the PVC.
`storage`	The storage capacity allocated to the pod. This is also the capacity of the NAS volume.

Create a PVC.
```
kubectl create -f nas-pvc.yaml
```

Check the PV.

kubectl get pv

The following output shows that a PV is automatically created based on the information about the NAS file system specified in the configuration of the PVC you created. The information includes the mount target of the file system.

NAME                                       CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM             STORAGECLASS        REASON   AGE
nas-ea7a0b6a-bec2-4e56-b767-47222d3a****   20Gi       RWX            Retain           Bound    default/nas-pvc   alibaba-cloud-nas            1m58s

Check the PVC.

kubectl get pvc

The following output shows that a PV is automatically bound to the PVC.

NAME      STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS        VOLUMEATTRIBUTESCLASS  AGE
nas-pvc   Bound    nas-ea7a0b6a-bec2-4e56-b767-47222d3a****   20Gi       RWX            alibaba-cloud-nas   <unset>                2m14s

Step 3: Create an application and mount the NAS file system to the application

Create a file named nas-test.yaml and copy the following content to the file.

The following code block specifies the configuration of a Deployment that provisions two pods. The pods apply for storage resources by using the nas-pvc PVC, which is mounted to the /data path of the pod.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nas-test
  labels:
    app: nginx
spec:
  replicas: 2
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: registry.cn-hangzhou.aliyuncs.com/acs-sample/nginx:latest
        ports:
        - containerPort: 80
        volumeMounts:
          - name: pvc-nas
            mountPath: /data
      volumes:
        - name: pvc-nas
          persistentVolumeClaim:
            claimName: nas-pvc

Create a Deployment and mount the NAS file system to the Deployment.
```
kubectl create -f nas-test.yaml
```

Check whether the pods provisioned by the Deployment are deployed.

kubectl get pod | grep nas-test

The following output shows that two pods are created:

nas-test-****-***a   1/1     Running   0          40s
nas-test-****-***b   1/1     Running   0          40s

View files in the mount path.
Run the following command to view files in the mount path. The data in the mount directory of the NAS file system is expected to be returned. By default, no data is returned.
```
kubectl exec nas-test-****-***a -- ls /data
```

Console

Step 1: Create a PVC

Log on to the ACS console.
On the Clusters, click the ID of the cluster to go to the cluster management page.
In the left-side navigation pane of the cluster management page, choose Volumes > Persistent Volume Claims.
On the Persistent Volume Claims page, click Create.

In the Create PVC dialog box, configure the parameters and click Create.

Parameter	Description	Example
PVC Type	Select NAS.	NAS
Name	Enter a custom name for the PVC. The name must meet the format requirements displayed in the console.	nas-pvc
Allocation Mode	Select Use Mount Target Domain Name.	Use Mount Target Domain Name
Volume Plug-in	By default, CSI is selected.	CSI
Capacity	The storage capacity allocated to the pod. This is also the capacity of the NAS volume.	20Gi
Access Mode	You can select ReadWriteMany or ReadWriteOnce.	ReadWriteMany
Mount Target Domain Name	The directory of the NAS file system that you want to mount. If you set the value to the domain name of a mount target, such as `**-.<region>.nas.aliyuncs.com`, it indicates that the root directory (`/`) of the NAS file system is mounted. If you specify a value that includes the domain name of a mount target and a subdirectory, such as `-**.<region>.nas.aliyuncs.com:/dir`, it indicates that the `/dir` directory of the NAS file system is mounted. In this case, if the `/dir` directory does not exist in the NAS file system, the system automatically creates the directory in the file system.	350514**-mw*.cn-shanghai.nas.aliyuncs.com

After you create the PVC, you can view the PVC on the Persistent Volume Claims page. A PV is mounted to the PVC. You can view information about the PV on the Persistent Volumes page.

Step 2: Create an application and mount the NAS file system to the application

In the left-side navigation pane of the cluster management page, choose Workloads > Deployments.
On the Deployments tab, click Create from Image.

Configure the parameters and click Create.

The following table describes some of the parameters. Use the default values for other parameters. For more information, see Create a stateless application by using a Deployment.

Wizard page	Parameter	Description	Example
Basic Information	Name	Enter a custom name for the Deployment. The name must meet the format requirements displayed in the console.	nas-test
Basic Information	Replicas	The number of pod replicas provisioned by the Deployment.	2
Container	Image Name	The address of the image used to deploy the application.	registry.cn-hangzhou.aliyuncs.com/acs-sample/nginx:latest
	Required Resources	Specify the number of vCores and the amount of memory required by the application.	0.25 vCores and 0.5 GiB of memory
	Volume	Click Add PVC and configure the parameters. Mount Source: Select the PVC you created. Container Path: Specify the container path to which you want to mount the NAS file system.	Mount Source: nas-pvc. Container Path: /data.

Check whether the application is deployed.
1. On the Deployments page, click the name of the application that you want to manage.
2. On the Pods tab, check whether the pod is in the Running state.

Check whether data sharing and persistence are enabled based on the NAS file system

The Deployment created in the preceding example provisions two pods and a NAS file system is mounted to the pod. Perform the following steps to test whether data sharing and persistence are enabled:

Create a file in one pod and access the file from the other pod. If the access succeeds, data sharing is enabled.
Recreate the Deployment. Access the NAS volume from a recreated pod to check whether the original data still exists in the NAS file system. If the data still exists, data persistence is enabled.

View the pod information.

kubectl get pod | grep nas-test

Expected output:

nas-test-****-***a   1/1     Running   0          40s
nas-test-****-***b   1/1     Running   0          40s

Check whether data sharing is enabled.
1. Create a file in a pod.
  In this example, the nas-test-****-***a pod is used.
```
kubectl exec nas-test-****-***a -- touch /data/test.txt
```
2. Access the file you created from the other pod.
  In this example, the nas-test-****-***b pod is used.
```
kubectl exec nas-test-****-***b -- ls /data
```
  The following output shows that the test.txt file you created in the nas-test-****-***a pod can be accessed from the nas-test-****-***b pod.
```
test.txt
```
Check whether data persistence is enabled.
1. Recreate the Deployment.
```
kubectl rollout restart deploy nas-test
```
2. After the pods are recreated, check the recreated pods.
```
kubectl get pod | grep nas-test
```
  Expected output:
```
nas-test-****-***c   1/1     Running   0          67s
nas-test-****-***d   1/1     Running   0          49s
```
3. Log on to a recreated pod and check whether the file still exists in the file system.
  In this example, the nas-test-c*** pod is used.
```
kubectl exec nas-test-****-***c -- ls /data
```
  The following output shows that the file still exists in the NAS volume and can be accessed from the mount directory in the recreated pod.
```
test.txt
```