This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Managing a PVC

Based on service requirements, files in containers need to be persistently stored on disks. When the containers are re-built or re-allocated to new nodes, the persistent data can still be used.

To persistently store data on storage devices, you need to use the PersistentVolume (PV) and PersistentVolumeClaim (PVC) when provisioning containers.

  • PV: a piece of storage in the Kubernetes cluster that has been provisioned by an administrator or dynamically provisioned using a StorageClass.
  • PVC: a request for storage by a user. A PVC consumes PV resources. A PVC can request specific size and access modes. For example, a PV can be mounted in ReadWriteOnce, ReadOnlyMany, or ReadWriteMany mode. For details, see Access Modes.

This section describes how to use Huawei CSI to create, expand the capacity of, and clone a PV/PVC, as well as create a PVC using a snapshot.

1 - Creating a PVC

Huawei CSI allows storage resources (LUNs or file systems) to be created on Huawei storage and provided for containers based on user settings. For details about the supported features, see Table 2 or Table 2.

A PVC can be created in dynamic volume provisioning or static volume provisioning mode.

  • Dynamic volume provisioning does not require a PV to be created in advance. Huawei CSI automatically creates resources required by a PV on storage devices based on a StorageClass. In addition, you can create a PV when creating a PVC.
  • Static volume provisioning requires the administrator to create required resources on a storage device in advance and use existing resources by creating a PV. In addition, you can specify the associated PV when creating a PVC.

1.1 - Dynamic Volume Provisioning

Dynamic volume provisioning allows storage volumes to be created on demand. Dynamic volume provisioning depends on the StorageClass objects. The cluster administrator can define multiple StorageClass objects as required and specify a StorageClass that meets service requirements when declaring a PV or PVC. When applying for resources from Huawei storage devices, Huawei CSI creates storage resources that meet service requirements based on the preset StorageClass.

To implement dynamic volume provisioning, perform the following steps:

  • Configuring a StorageClass
  • Configuring a PVC

Configuring a StorageClass

  1. Create a StorageClass configuration file, for example, mysc.yaml, based on service requirements by referring to StorageClass Configuration Examples in Typical Dynamic Volume Provisioning Scenarios and StorageClass Parameters for Dynamic Volume Provisioning.

  2. Run the following command to create a StorageClass using the configuration file.

    kubectl apply -f mysc.yaml
    
  3. Run the following command to view the information about the created StorageClass.

    kubectl get sc mysc
    

    The following is an example of the command output.

    NAME   PROVISIONER      RECLAIMPOLICY   VOLUMEBINDINGMODE   ALLOWVOLUMEEXPANSION   AGE
    mysc   csi.huawei.com   Delete          Immediate           true                   8s
    

Configuring a PVC

  1. Based on service requirements, modify specific parameters by referring to the description in this section and the PVC configuration file example to generate the PVC configuration file to be created, for example, the mypvc.yaml file in this example.

    kind: PersistentVolumeClaim
    apiVersion: v1
    metadata:
      name: mypvc
    spec:
      accessModes:
        - ReadWriteOnce
      volumeMode: Filesystem
      storageClassName: mysc
      resources:
        requests:
          storage: 100Gi
    
  2. Run the following command to create a PVC using the configuration file.

    kubectl create -f mypvc.yaml
    
  3. After a period of time, run the following command to view the information about the created PVC.

    kubectl get pvc mypvc
    

    The following is an example of the command output. If the PVC status is Bound, the PVC has been created and can be used by a Pod.

    NAME        STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS   AGE
    mypvc       Bound    pvc-840054d3-1d5b-4153-b73f-826f980abf9e   100Gi      RWO            mysc           12s
    

Using a PVC

After a PVC is created, you can use the PVC to create a Pod. The following is a simple example of using a PVC. In this example, the created Pod uses the newly created mypvc.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
spec:
  selector:
    matchLabels:
      app: nginx
  replicas: 2
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers: 
      - image: nginx:alpine
        name: container-0 
        volumeMounts: 
        - mountPath: /tmp
          name: pvc-mypvc 
      restartPolicy: Always 
      volumes: 
      - name: pvc-mypvc 
        persistentVolumeClaim: 
          claimName:  mypvc  # name of PVC

1.1.1 - StorageClass Configuration Examples in Typical Dynamic Volume Provisioning Scenarios

A StorageClass provides administrators with methods to describe a storage “class”. Different types may map to a different group of capability definitions. Kubernetes cluster users can dynamically provision volumes based on a StorageClass.

If SAN storage is used, refer to example file /examples/sc-lun.yaml. If NAS storage is used, refer to example file /examples/sc-fs.yaml.

For details about how to configure a StorageClass in typical scenarios, see the following examples:

Setting the Backend and Storage Pool in a StorageClass

If multiple Huawei backends are configured in a Kubernetes cluster or a Huawei backend provides multiple storage pools, you are advised to configure the specified backend and storage pool information in the StorageClass. This prevents Huawei CSI from randomly selecting backends and storage pools and ensures that the storage device where the volume resides complies with the plan.

For details about how to set the backend and storage pool for SAN storage, see the following configuration example.

kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: mysc
provisioner: csi.huawei.com
allowVolumeExpansion: true
parameters:
  backend: "san-181" # Enter the storage backend name.
  pool: "pool001" # Enter the storage pool name
  volumeType: lun
  allocType: thin

For details about how to set the backend and storage pool for NAS storage, see the following configuration example.

kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: mysc
provisioner: csi.huawei.com
allowVolumeExpansion: true
parameters:
  backend: "san-181" # Enter the storage backend name.
  pool: "pool001" # Enter the storage pool name
  volumeType: fs
  allocType: thin
  authClient: "*"

Setting the NFS Access Mode in a StorageClass

When a container uses an NFS file system as a storage resource, refer to the following configuration example. In this example, NFS version 4.1 is specified for mounting.

kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: mysc
provisioner: csi.huawei.com
parameters:
  backend: nfs-nas-181
  pool: pool001
  volumeType: fs
  allocType: thin
  authClient: "192.168.0.10;192.168.0.0/24;myserver1.test"
mountOptions:
  - nfsvers=4.1 # Specify the version 4.1 for NFS mounting.

Setting a Dtree Type in a StorageClass

When a container uses a Dtree as a storage resource, refer to the following configuration example.

kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: mysc
provisioner: csi.huawei.com
parameters:
  backend: nfs-dtree
  volumeType: dtree # Set the volume type to dtree.
  allocType: thin
  authClient: "*" 
mountOptions:
  - nfsvers=4.1

Setting the Local File System Access Mode in a StorageClass

If a container uses a LUN of enterprise storage or distributed storage as a storage resource and a file system needs to be formatted as a local file system, refer to the following example.

kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: mysc
provisioner: csi.huawei.com
parameters:
  backend: iscsi-lun-181
  pool: pool001
  volumeType: lun
  allocType: thin
  fsType: xfs

Setting the DPC Access Mode in a StorageClass

If a container uses OceanStor Pacific series storage and the storage supports DPC-based access, you can configure mounting parameters for DPC-based access in the StorageClass. In this example, acl is used as the authentication parameter for mounting, and cnflush is used to set the asynchronous disk flushing mode.

kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: mysc
provisioner: csi.huawei.com
parameters:
  backend: nfs-dpc-101
  pool: pool001
  volumeType: fs
  allocType: thin
  authClient: "*"
mountOptions:
  - acl # Set the authentication parameter.
  - cnflush # Set the asynchronous disk flushing mode.

Setting an Application Type in a StorageClass

When a container uses a LUN of OceanStor Dorado as the storage, if the default application type of the storage cannot meet the I/O model requirements of some services (for example, the container provides the database OLAP service), you can configure an application type in the StorageClass to improve storage performance. For details about the application types to be used, see the product documentation of the corresponding storage product.

kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: mysc
provisioner: csi.huawei.com
parameters:
  backend: iscsi-lun-181
  pool: pool001
  volumeType: lun
  allocType: thin
  fsType: xfs
  applicationType: Oracle_OLAP # Set the application type.

Setting a Soft Quota in a StorageClass

If a container uses a file system of OceanStor Pacific series as the storage, you can configure a soft quota in the StorageClass. The following is a configuration example.

kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: mysc
provisioner: csi.huawei.com
parameters:
  backend: nfs-pacific-101
  pool: pool001
  volumeType: fs
  allocType: thin
  authClient: "*"
  storageQuota: '{"spaceQuota": "softQuota", "gracePeriod": 100}' # Configure the soft quota.
mountOptions:
  - nfsvers=3

Setting QoS in a StorageClass

When containers use enterprise storage or distributed storage as storage resources, you can set QoS for the storage resources used by containers to ensure that the storage read and write operations of these containers meet certain service levels.

Storage devices of different models or versions support different QoS settings. For details about how to find the configuration items of the corresponding storage devices, see Table 2. In this example, the backend is OceanStor Dorado. For other storage devices, refer to this example.

kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: mysc
provisioner: csi.huawei.com
parameters:
  backend: iscsi-qos-181
  pool: pool001
  volumeType: lun
  allocType: thin
  fsType: xfs
  qos: '{"IOTYPE": 2, "MINIOPS": 1000}' # Configure QoS.

  • vStore users of OceanStor V5 cannot configure QoS policies.
  • The QoS configuration takes effect only on the newly created PVC. QoS cannot be added automatically for PVCs with the same StorageClass name that have been provisioned.

Setting HyperMetro in a StorageClass

When a container uses an NFS HyperMetro file system as a storage resource, refer to the following configuration example. In this example, the used backend supports HyperMetro, and hyperMetro is set to true.

kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: mysc
provisioner: csi.huawei.com
parameters:
  backend: nfs-hypermetro-dorado-181
  pool: pool001
  volumeType: fs
  hyperMetro: "true" # Provision HyperMetro volumes.
  allocType: thin
  authClient: "*"

  • Before provisioning a NAS HyperMetro volume, you need to configure the HyperMetro relationship between two storage devices, including the remote device, HyperMetro domain, and the like. The HyperMetro domain of the file system can only work in HyperMetro active-active (AA) mode. For details about the configuration operation, see the product documentation of the corresponding storage model.
  • If a storage device is faulty, the logical management port may fail over. In this case, you need to manually clear the corresponding storage resources after deleting the NAS HyperMetro volume.

Setting the Permission on a Mount Directory in a StorageClass

To modify the permission on a mount directory in a container, you can configure the directory permission in a StorageClass. The following is a configuration example.

kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: mysc
provisioner: csi.huawei.com
allowVolumeExpansion: true
parameters:
  volumeType: fs
  allocType: thin
  authClient: "*"
  fsPermission: "777"
  rootSquash: "no_root_squash"  # Only NAS storage supports this parameter.
  allSquash: "no_all_squash"   # Only NAS storage supports this parameter.

After the StorageClass configuration is complete, perform the following steps to create a StorageClass.

  1. Run the following command to create a StorageClass based on the .yaml file.

    kubectl create -f mysc.yaml
    
  2. Run the following command to view the information about the created StorageClass.

    kubectl get sc
    

    The following is an example of the command output.

    NAME   PROVISIONER      RECLAIMPOLICY   VOLUMEBINDINGMODE   ALLOWVOLUMEEXPANSION   AGE
    mysc   csi.huawei.com   Delete          Immediate           false                  34s
    

    After creating a StorageClass, you can use the StorageClass to create a PV or PVC.

Pay attention to the following when using a StorageClass:

  • Modifications to a StorageClass do not take effect on existing PVs. You need to delete these PVs and create them again using the modified StorageClass to apply the modified parameters.

Configuring a StorageClass on the CCE or CCE Agile Platform

Create a StorageClass of the NAS type on the CCE or CCE Agile platform. The following is a configuration example. The value of provisioner must be the same as that of driverName in the values.yaml file.

kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: mysc
  annotations:
    storageclass.kubernetes.io/storageType: file 
provisioner: csi.oceanstor.com  
allowVolumeExpansion: true
parameters:
  volumeType: fs
  allocType: thin
  authClient: "*"

Create a StorageClass of the Block type on the CCE or CCE Agile platform. The following is a configuration example. The value of provisioner must be the same as that of driverName in the values.yaml file.

kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: mysc
  annotations:
    storageclass.kubernetes.io/storageType: block 
provisioner: csi.oceanstor.com
allowVolumeExpansion: true
parameters:
  volumeType: lun
  allocType: thin

1.1.2 - StorageClass Parameters for Dynamic Volume Provisioning

Table 1 StorageClass configuration parameters

Parameter

Description

Mandatory

Default Value

Remarks

metadata.name

User-defined name of a StorageClass object.

Yes

-

Take Kubernetes v1.22.1 as an example. The value can contain digits, lowercase letters, hyphens (-), and periods (.), and must start and end with a letter or digit.

provisioner

Name of the provisioner.

Yes

csi.huawei.com

Set this parameter to the driver name set during Huawei CSI installation.

The value is the same as that of driverName in the values.yaml file.

reclaimPolicy

Reclamation policy. The following types are supported:

  • Delete: Resources are automatically reclaimed.
  • Retain: Resources are manually reclaimed.

No

Delete

  • Delete: When a PV/PVC is deleted, resources on the storage device are also deleted.
  • Retain: When a PV/PVC is deleted, resources on the storage device are not deleted.

allowVolumeExpansion

Whether to allow volume expansion. If this parameter is set to true, the capacity of the PV that uses the StorageClass can be expanded.

No

false

This function can only be used to expand PV capacity but cannot be used to reduce PV capacity.

The PV capacity expansion function is supported in Kubernetes 1.14 (alpha) and later versions.

parameters.backend

Name of the backend where the resource to be created is located.

No

-

If this parameter is not set, Huawei CSI will randomly select a backend that meets the capacity requirements to create resources.

You are advised to specify a backend to ensure that the created resource is located on the expected backend.

parameters.pool

Name of the storage resource pool where the resource to be created is located. If this parameter is set, parameters.backend must also be specified.

No

-

If this parameter is not set, Huawei CSI will randomly select a storage pool that meets the capacity requirements from the selected backend to create resources. You are advised to specify a storage pool to ensure that the created resource is located in the expected storage pool.

parameters.volumeType

Type of the volume to be created. The following types are supported:

  • lun: A LUN is provisioned on the storage side.
  • fs: A file system is provisioned on the storage side.
  • dtree: A volume of the Dtree type is provisioned on the storage side.

Yes

-

  • If NAS storage is used, this parameter must be set to fs.
  • If SAN storage is used, this parameter must be set to lun.
  • If NAS storage of the Dtree type is used, this parameter must be set to dtree.

parameters.allocType

Allocation type of the volume to be created. The following types are supported:

  • thin: Not all required space is allocated during creation. Instead, the space is dynamically allocated based on the usage.
  • thick: All required space is allocated during creation.

No

-

If this parameter is not specified, thin will be used. Not all required space is allocated during creation. Instead, the space is dynamically allocated based on the usage.

OceanStor Dorado/OceanStor Dorado V3 does not support thick.

parameters.fsType

Type of a host file system. The supported types are:

  • ext2
  • ext3
  • ext4
  • xfs

No

ext4

This parameter is valid only when volumeType of a StorageClass is set to lun and volumeMode of a PVC is set to Filesystem.

parameters.authClient

IP address of the NFS client that can access the volume. This parameter is mandatory when volumeType is set to fs.

You can enter the client host name (a full domain name is recommended), client IP address, or client IP address segment.

Conditionally mandatory

-

The asterisk (*) can be used to indicate any client. If you are not sure about the IP address of the access client, you are advised to use the asterisk (*) to prevent the client access from being rejected by the storage system.

If the client host name is used, you are advised to use the full domain name.

The IP addresses can be IPv4 addresses, IPv6 addresses, or a combination of IPv4 and IPv6 addresses.

You can enter multiple host names, IP addresses, or IP address segments and separate them with semicolons (;) or spaces or by pressing Enter. Example: 192.168.0.10;192.168.0.0/24;myserver1.test

parameters.cloneSpeed

Cloning speed. The value ranges from 1 to 4.

No

3

4 indicates the highest speed. This parameter is available when you clone a PVC or create a PVC using a snapshot. For details, see Cloning a PVC or Creating a PVC Using a Snapshot.

parameters.applicationType

Application type name for creating a LUN or NAS when the backend is OceanStor Dorado.

No

-

  • If the value of volumeType is lun, log in to DeviceManager and choose Services > Block Service > LUN Groups > LUNs > Create to obtain the application type name.
  • If the value of volumeType is fs, log in to DeviceManager and choose Services > File Service > File Systems > Create to obtain the application type name.

parameters.qos

LUN/NAS QoS settings of the PV on the storage side.

The value of the parameter is JSON character strings in dictionary format. A character string is enclosed by single quotation marks and the dictionary key by double quotation marks. Example: '{"maxMBPS": 999, "maxIOPS": 999}'

No

-

For details about the supported QoS configurations, see Table 2.

parameters.storageQuota

Quota of a PV on the storage device. This parameter is valid only when NAS is used for connecting to OceanStor Pacific series storage.

The value of the parameter is JSON character strings in dictionary format. A character string is enclosed by single quotation marks and the dictionary key by double quotation marks. Example: '{"spaceQuota": "softQuota", "gracePeriod": 100}'

No

-

For details about the supported quota configurations, see Table 3.

parameters.hyperMetro

Whether a HyperMetro volume is to be created. This parameter needs to be configured when the backend is of the HyperMetro type.

  • "true": The created volume is a HyperMetro volume. If the storage backend is a HyperMetro backend, the value must be true.
  • "false": The created volume is a common volume.

Conditionally mandatory

false

When the used backend is a HyperMetro backend and a HyperMetro volume needs to be provisioned, set this parameter to true. If this parameter is set to false, services may be interrupted if the logical management port connected to the backend fails over.

parameters.metroPairSyncSpeed

Data synchronization speed of a HyperMetro pair. The value ranges from 1 to 4.

The value can be:

  • 1: low
  • 2: medium
  • 3: high
  • 4: highest

No

-

The configuration takes effect when a HyperMetro volume is created.

Note:

  • If this parameter is not configured, the storage speed of the HyperMetro pair is determined by the storage device.
  • The highest synchronization speed may increase the host latency.

parameters.fsPermission

Permission on the directory mounted to a container.

No

-

For details about the configuration format, refer to the Linux permission settings, for example, 777 and 755.

All SAN storage devices are supported. Only the following NAS storage devices are supported: OceanStor Dorado, OceanStor, and OceanStor Pacific 8.1.2 and later versions.

parameters.rootSquash

Controls the root permission of the client.

The value can be:

  • root_squash: The client cannot access the storage system as user root. If a client accesses the storage system as user root, the client will be mapped as an anonymous user.
  • no_root_squash: A client can access the storage system as user root and has the permission of user root.

No

-

Only NAS storage is supported.

parameters.allSquash

Whether to retain the user ID (UID) and group ID (GID) of a shared directory.

The value can be:

  • all_squash: The UID and GID of the shared directory are mapped to anonymous users.
  • no_all_squash: The UID and GID of the shared directory are retained.

No

-

Only NAS storage is supported.

parameters.accesskrb5

Configures the krb5 security protocol.

  • read_only: read-only
  • read_write: read and write
  • none: no permission

No

-

During mounting, you can specify the sec parameter in mountOptions.

parameters.accesskrb5i

Configures the krb5i security protocol.

  • read_only: read-only
  • read_write: read and write
  • none: no permission

No

-

During mounting, you can specify the sec parameter in mountOptions.

parameters.accesskrb5p

Configures the krb5p security protocol.

  • read_only: read-only
  • read_write: read and write
  • none: no permission

No

-

During mounting, you can specify the sec parameter in mountOptions.

parameters.snapshotDirectoryVisibility

Whether the snapshot directory is visible.

The value can be:

  • visible: The snapshot directory is visible.
  • invisible: The snapshot directory is invisible.

No

-

Only NAS storage is supported.

parameters.reservedSnapshotSpaceRatio

Configures reserved snapshot space.

Value type: character string

Value range: 0 to 50

No

-

OceanStor Dorado 6.1.5+ and OceanStor 6.1.5+ NAS storage devices are supported.

parameters.description

Configures the description of the created file system or LUN.

Value type: character string

The value contains 0 to 255 characters.

No

-

Only enterprise storage file systems and LUNs are supported.

mountOptions.nfsvers

NFS mount option on the host. The following mount option is supported:

nfsvers: protocol version for NFS mounting. The value can be 3, 4, 4.0, 4.1, or 4.2.

No

-

This parameter is optional after the -o parameter when the mount command is executed on the host. The value is in list format.

If the NFS version is specified for mounting, NFS 3, 4.0, 4.1, and 4.2 protocols are supported (the protocol must be supported and enabled on storage devices). If nfsvers is set to 4, the latest protocol version NFS 4 may be used for mounting due to different OS configurations, for example, 4.2. If the 4.0 protocol is required, you are advised to set nfsvers to 4.0.

mountOptions.acl

The DPC namespace supports the ACL function. The DPC client supports POSIX ACL, NFSv4 ACL, and NT ACL authentication.

No

-

The descriptions of acl, aclonlyposix, cnflush, and cflush are for reference only. For details about the parameters, see OceanStor Pacific Series Product Documentation and choose Configuration > Basic Service Configuration Guide for File > Configuring Basic Services (DPC Scenario) > Accessing a DPC Share on a Client > Step 2.

mountOptions.aclonlyposix

The DPC namespace supports POSIX ACL, and the DPC client supports POSIX ACL authentication.

The following protocols support POSIX ACL: DPC, NFSv3, and HDFS. If NFSv4 ACL or NT ACL is used, the DPC client cannot identify the ACL of this type. As a result, the ACL of this type does not take effect.

No

-

If aclonlyposix and acl are used together, only acl takes effect. That is, the namespace supports the ACL function.

mountOptions.cnflush

Asynchronous disk flushing mode. That is, data is not flushed to disks immediately when files in the namespace are closed.

No

-

Asynchronous flushing mode: When a file is closed, data in the cache is not flushed to storage media in synchronous mode. Instead, data is written from the cache to the storage media in asynchronous flushing mode. After the write service is complete, data is flushed from the cache to disks periodically based on the flushing period. In a multi-client scenario, if concurrent operations are performed on the same file, the file size update is affected by the disk flushing period. That is, the file size is updated only after the disk flushing is complete. Generally, the update is completed within several seconds. Synchronous I/Os are not affected by the disk flushing period.

mountOptions.cflush

Synchronous disk flushing mode. That is, data is flushed to disks immediately when files in the namespace are closed.

No

-

By default, the synchronous disk flushing mode is used.

mountOptions.sec

Kerberos 5 protocol for mounting NFS file systems.

No

-

  • If Kerberos 5 is used, set this parameter to krb5.
  • If Kerberos 5i is used, set this parameter to krb5i.
  • If Kerberos 5p is used, set this parameter to krb5p.
  • Kerberos supports only NFSv4.0 or NFSv4.1.

mountOptions.proto

Transmission protocol used for NFS mounting.

The value can be rdma.

No

-

  • Ensure that NFS over RDMA is enabled on the storage system.
  • NAS storage of OceanStor Dorado 6.1.7 or later is supported.

mountOptions.port

Protocol port used for NFS mounting.

Conditionally mandatory

-

If the transmission protocol is rdma, set this parameter to 20049.

mountOptions.discard

Automatically triggers the Trim or Discard operation when a file system is mounted. This operation instructs a block device to release unused blocks.

No

-

The xfs and ext4 file systems are supported.

Table 2 Supported QoS configurations

Storage Type

Parameter

Description

Remarks

OceanStor V5

IOTYPE

Read/write type.

This parameter is optional. If it is not specified, the default value of the storage backend is used. For details, see related storage documents.

The value can be:

  • 0: read I/O
  • 1: write I/O
  • 2: read and write I/Os

MAXBANDWIDTH

Maximum bandwidth. This is a restriction policy parameter.

The value is an integer greater than 0, expressed in MB/s.

MINBANDWIDTH

Minimum bandwidth. This is a protection policy parameter.

The value is an integer greater than 0, expressed in MB/s.

MAXIOPS

Maximum IOPS. This is a restriction policy parameter.

The value is an integer greater than 0.

MINIOPS

Minimum IOPS. This is a protection policy parameter.

The value is an integer greater than 0.

LATENCY

Maximum latency. This is a protection policy parameter.

The value is an integer greater than 0, expressed in ms.

OceanStor Dorado V3

IOTYPE

Read/write type.

The value can be:

  • 2: read and write I/Os

MAXBANDWIDTH

Maximum bandwidth. This is a restriction policy parameter.

The value is an integer ranging from 1 to 999999999, expressed in MB/s.

MAXIOPS

Maximum IOPS. This is a restriction policy parameter.

The value is an integer ranging from 100 to 999999999.

OceanStor Dorado/OceanStor

IOTYPE

Read/write type.

The value can be:

  • 2: read and write I/Os

MAXBANDWIDTH

Maximum bandwidth. This is a restriction policy parameter.

The value is an integer ranging from 1 to 999999999, expressed in MB/s.

MINBANDWIDTH

Minimum bandwidth. This is a protection policy parameter.

The value is an integer ranging from 1 to 999999999, expressed in MB/s.

MAXIOPS

Maximum IOPS. This is a restriction policy parameter.

The value is an integer ranging from 100 to 999999999.

MINIOPS

Minimum IOPS. This is a protection policy parameter.

The value is an integer ranging from 100 to 999999999.

LATENCY

Maximum latency. This is a protection policy parameter.

The value can be 0.5 or 1.5, expressed in ms.

FusionStorage/OceanStor Pacific series

maxMBPS

Maximum bandwidth. This is a restriction policy parameter.

This parameter is mandatory. The value is an integer greater than 0, expressed in MB/s. For details about the maximum value, see the actual limit of the storage device. For example, the maximum value of OceanStor Pacific NAS is 1073741824.

maxIOPS

Maximum IOPS. This is a restriction policy parameter.

This parameter is mandatory. The value is an integer greater than 0. For details about the maximum value, see the actual limit of the storage device. For example, the maximum value of OceanStor Pacific NAS is 1073741824000.

Table 3 Supported quota configurations

Parameter

Description

Remarks

spaceQuota

File quota type.

This parameter is mandatory. Only softQuota or hardQuota can be configured.

gracePeriod

Grace period allowed when the soft quota is configured.

This parameter is conditionally optional only when spaceQuota is set to softQuota.

The value is an integer ranging from 0 to 4294967294.

1.1.3 - PVC Parameters for Dynamic Volume Provisioning

After configuring a StorageClass, you can use the StorageClass to configure a PVC. For details about the PVC configuration template, see example file pvc*.yaml in the examples directory in Huawei CSI software package.

Table 1 Parameters in the pvc*.yaml file

Parameter

Description

Mandatory

Default Value

Remarks

metadata.name

User-defined name of a PVC object.

Yes

-

Take Kubernetes v1.22.1 as an example. The value can contain digits, lowercase letters, hyphens (-), and periods (.), and must start and end with a letter or digit.

spec.volumeMode

Volume mode. This parameter is optional. When LUN volumes are used, the following types are supported:

  • Filesystem: local file system.
  • Block: raw device.

No

Filesystem

This parameter takes effect when a PV is mounted. The default value is Filesystem.

  • Filesystem indicates that a container accesses a PV using a local file system. The local file system type is specified by the fsType field in the specified StorageClass. Storage of the Dtree type also uses this parameter.
  • Block indicates that a PV is accessed in raw volume mode.

spec.storageClassName

Name of the StorageClass object.

Yes

-

Name of the StorageClass object required by services.

spec.resources.requests.storage

Size of the volume to be created. The format is ***Gi and the unit is GiB. The size must be an integer multiple of 512 bytes.

Yes

10Gi

The PVC capacity depends on storage specifications and host specifications. For example, OceanStor Dorado 6.1.2 or OceanStor Pacific series 8.1.0 is connected to CentOS 7. If ext4 file systems are used, see Table 2. If XFS file systems are used, see Table 3. If NFS or raw devices are used, the capacity must meet the specifications of the used Huawei storage device model and version.

If the PVC capacity does not meet the specifications, a PVC or Pod may fail to be created due to the limitations of storage specifications or host file system specifications.

spec.accessModes

Access mode of the volume.

  • RWO (ReadWriteOnce): A volume can be mounted to a node in read/write mode. This mode also allows multiple Pods running on the same node to access the volume.
  • ROX (ReadOnlyMany): A volume can be mounted to multiple nodes in read-only mode.
  • RWX (ReadWriteMany): A volume can be mounted to multiple nodes in read/write mode.
  • RWOP (ReadWriteOncePod): A volume can only be mounted to a single Pod in read/write mode. Kubernetes 1.22 and later versions support this feature.

Yes

ReadWriteOnce

  • RWO/ROX/RWOP: supported by all types of volumes. RWOP is supported only by Kubernetes 1.22 and later versions. Check whether this feature is enabled for your Kubernetes cluster by referring to Enabling the ReadWriteOncePod Feature Gate.
  • The support for RWX is as follows:

Table 2 ext4 capacity specifications

Storage Type

Storage Specifications

ext4 Specifications

CSI Specifications

OceanStor Dorado 6.1.2

512 Ki to 256 Ti

50 Ti

512 Ki to 50 Ti

OceanStor Pacific series 8.1.0

64 Mi to 512 Ti

50 Ti

64 Mi to 50 Ti

Table 3 XFS capacity specifications

Storage Type

Storage Specifications

XFS Specifications

CSI Specifications

OceanStor Dorado 6.1.2

512 Ki to 256 Ti

500 Ti

512 Ki to 500 Ti

OceanStor Pacific series 8.1.0

64 Mi to 512 Ti

500 Ti

64 Mi to 500 Ti

1.2 - Manage Volume Provisioning

Manage Volume Provisioning allows administrators to use resources created on storage as PVs and supports features of dynamic volumes, such as capacity expansion, snapshot, and clone. This is a custom capability of Huawei CSI. This feature applies to the following scenarios:

  • In the reconstruction containerized applications, existing storage volumes need to be used.
  • The Kubernetes cluster is rebuilt.
  • Storage data is migrated in disaster recovery (DR) scenarios.

In scenarios where multiple Kubernetes clusters are deployed, when Manage Volume Provisioning is used to manage the same storage resource, management operations performed on the PVC corresponding to the resource in any cluster will not be synchronized to other clusters. For example, when you expand the capacity of a PVC in a cluster, the capacity of the corresponding PVC in other clusters will not be automatically expanded. In this case, you need to manually expand the capacity in other clusters by running the expansion commands in Expanding the Capacity of a PVC.

Prerequisites

  • You have registered the storage where the volume to be managed resides with CSI.
  • You have logged in to the storage device to obtain the name and capacity of the volume to be managed.

Configuring a StorageClass

  1. Create a StorageClass configuration file, for example, mysc.yaml, based on service requirements by referring to StorageClass Configuration Examples in Typical Manage Volume Provisioning Scenarios and StorageClass Parameters for Manage Volume Provisioning.

  2. Run the following command to create a StorageClass using the configuration file.

    kubectl apply -f mysc.yaml
    
  3. Run the following command to view the information about the created StorageClass.

    kubectl get sc mysc
    

    The following is an example of the command output.

    NAME   PROVISIONER      RECLAIMPOLICY   VOLUMEBINDINGMODE   ALLOWVOLUMEEXPANSION   AGE
    mysc   csi.huawei.com   Delete          Immediate           true                   8s
    

Configuring a PVC

  1. Based on service requirements, modify specific parameters by referring to the description in this section and the PVC configuration file example to generate the PVC configuration file to be created, for example, the mypvc.yaml file in this example.

    kind: PersistentVolumeClaim
    apiVersion: v1
    metadata:
      name: mypvc
      annotations:
        csi.huawei.com/manageVolumeName: "*"  # Enter the storage resource name.
        csi.huawei.com/manageBackendName: "*" # Enter the storage backend name.
      labels:
        provisioner: csi.huawei.com
    spec:
      accessModes:
        - ReadWriteOnce
      volumeMode: Filesystem
      storageClassName: mysc
      resources:
        requests:
          storage: 100Gi
    
  2. Run the following command to create a PVC using the configuration file.

    kubectl create -f mypvc.yaml
    
  3. After a period of time, run the following command to view the information about the created PVC.

    kubectl get pvc mypvc
    

    The following is an example of the command output. If the PVC status is Bound, the PVC has been created and can be used by a Pod.

    NAME        STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS   AGE
    mypvc       Bound    pvc-840054d3-1d5b-4153-b73f-826f980abf9e   100Gi      RWO            mysc           12s
    

Using a PVC

The use method is the same as that for dynamic volume provisioning in Using a PVC.

1.2.1 - StorageClass Configuration Examples in Typical Manage Volume Provisioning Scenarios

For details about how to configure a StorageClass in typical Manage Volume Provisioning scenarios, see the following examples:

Setting the Backend and Storage Pool in a StorageClass

If multiple Huawei backends are configured in a Kubernetes cluster or a Huawei backend provides multiple storage pools, you are advised to configure the specified backend and storage pool information in the StorageClass. This prevents Huawei CSI from randomly selecting backends and storage pools and ensures that the storage device where the volume resides complies with the plan.

For details about how to set the backend and storage pool for SAN storage, see the following configuration example.

kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: mysc
provisioner: csi.huawei.com
allowVolumeExpansion: true
parameters:
  backend: "iscsi-san-181"
  pool: "pool001"
  volumeType: lun
  allocType: thin

For details about how to set the backend and storage pool for NAS storage, see the following configuration example.

kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: mysc
provisioner: csi.huawei.com
allowVolumeExpansion: true
parameters:
  backend: "iscsi-nas-181"
  pool: "pool001"
  volumeType: fs
  allocType: thin
  authClient: "*"

Setting the NFS Access Mode in a StorageClass

When a container uses an NFS file system as a storage resource, refer to the following configuration example. In this example, NFS version 4.1 is specified for mounting.

kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: mysc
provisioner: csi.huawei.com
parameters:
  backend: nfs-nas-181
  pool: pool001
  volumeType: fs
  allocType: thin
mountOptions:
  - nfsvers=4.1 # Specify the version 4.1 for NFS mounting.

Setting the Local File System Access Mode in a StorageClass

If a container uses a LUN of enterprise storage or distributed storage as a storage resource and a file system needs to be formatted as a local file system, refer to the following example.

kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: mysc
provisioner: csi.huawei.com
parameters:
  backend: iscsi-lun-181
  pool: pool001
  volumeType: lun
  allocType: thin
  fsType: xfs

Setting the DPC Access Mode in a StorageClass

If a container uses OceanStor Pacific series storage and the storage supports DPC-based access, you can configure mounting parameters for DPC-based access in the StorageClass. In this example, acl is used as the authentication parameter for mounting, and cnflush is used to set the asynchronous disk flushing mode.

kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: mysc
provisioner: csi.huawei.com
parameters:
  backend: nfs-dpc-101
  pool: pool001
  volumeType: fs
  allocType: thin
  authClient: "*"
mountOptions:
  - acl # Set the authentication parameter.
  - cnflush # Set the asynchronous disk flushing mode.

Setting the Permission on a Mount Directory in a StorageClass

To modify the permission on a mount directory in a container, you can configure the directory permission in a StorageClass. The following is a configuration example.

kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: mysc
provisioner: csi.huawei.com
allowVolumeExpansion: true
parameters:
  volumeType: fs
  allocType: thin
  authClient: "*"
  fsPermission: "777" # Set the directory permission.

After the StorageClass configuration is complete, perform the following steps to create a StorageClass.

  1. Run the following command to create a StorageClass based on the .yaml file.

    kubectl create -f mysc.yaml
    
  2. Run the following command to view the information about the created StorageClass.

    kubectl get sc
    

    The following is an example of the command output.

    NAME   PROVISIONER      RECLAIMPOLICY   VOLUMEBINDINGMODE   ALLOWVOLUMEEXPANSION   AGE
    mysc   csi.huawei.com   Delete          Immediate           false                  34s
    

    After creating a StorageClass, you can use the StorageClass to create a PV or PVC.

In the Manage Volume Provisioning mode, pay attention to the following when using a StorageClass:

  • Modifications to a StorageClass do not take effect on existing PVs. You need to delete these PVs and create them again using the modified StorageClass to apply the modified parameters.

1.2.2 - StorageClass Parameters for Manage Volume Provisioning

A StorageClass provides administrators with methods to describe a storage “class”. Different types may map to a different group of capability definitions. Kubernetes cluster users can dynamically provision volumes based on a StorageClass.

A StorageClass supports the following parameters.

If SAN storage is used, refer to example file /examples/sc-lun.yaml. If NAS storage is used, refer to example file /examples/sc-fs.yaml.

Table 1 StorageClass configuration parameters

Parameter

Description

Mandatory

Default Value

Remarks

metadata.name

User-defined name of a StorageClass object.

Yes

-

Take Kubernetes v1.22.1 as an example. The value can contain digits, lowercase letters, hyphens (-), and periods (.), and must start and end with a letter or digit.

provisioner

Name of the provisioner.

Yes

csi.huawei.com

Set this parameter to the driver name set during Huawei CSI installation.

The value is the same as that of driverName in the values.yaml file.

reclaimPolicy

Reclamation policy. The following types are supported:

  • Delete: Resources are automatically reclaimed.
  • Retain: Resources are manually reclaimed.

Yes

-

  • Delete: When a PV/PVC is deleted, resources on the storage device are also deleted.
  • Retain: When a PV/PVC is deleted, resources on the storage device are not deleted.

allowVolumeExpansion

Whether to allow volume expansion. If this parameter is set to true, the capacity of the PV that uses the StorageClass can be expanded.

No

false

This function can only be used to expand PV capacity but cannot be used to reduce PV capacity.

The PV capacity expansion function is supported in Kubernetes 1.14 (alpha) and later versions.

parameters.backend

Name of the backend where the resource to be created is located.

No

-

If this parameter is not set, Huawei CSI will randomly select a backend that meets the capacity requirements to create resources.

You are advised to specify a backend to ensure that the created resource is located on the expected backend.

parameters.volumeType

Type of the volume to be created. The following types are supported:

  • lun: A LUN is provisioned on the storage side.
  • fs: A file system is provisioned on the storage side.

Yes

-

  • If NAS storage is used, this parameter must be set to fs.
  • If SAN storage is used, this parameter must be set to lun.

parameters.fsType

Type of a host file system. The supported types are:

  • ext2
  • ext3
  • ext4
  • xfs

No

ext4

This parameter is valid only when volumeType of a StorageClass is set to lun and volumeMode of a PVC is set to Filesystem.

parameters.applicationType

Application type name for creating a LUN or NAS when the backend is OceanStor Dorado.

NOTE:

If an application type has been configured before a volume is managed, the value of applicationType must be the same as the configured application type.

No

-

  • If the value of volumeType is lun, log in to DeviceManager and choose Services > Block Service > LUN Groups > LUNs > Create to obtain the application type name.
  • If the value of volumeType is fs, log in to DeviceManager and choose Services > File Service > File Systems > Create to obtain the application type name.

parameters.fsPermission

Permission on the directory mounted to a container.

No

-

For details about the configuration format, refer to the Linux permission settings, for example, 777 and 755.

This parameter is available when volumeType is set to lun.

mountOptions.nfsvers

NFS mount option on the host. The following mount option is supported:

nfsvers: protocol version for NFS mounting. The value can be 3, 4, 4.0, 4.1, or 4.2.

No

-

This parameter is optional after the -o parameter when the mount command is executed on the host. The value is in list format.

If the NFS version is specified for mounting, NFS 3, 4.0, 4.1, and 4.2 protocols are supported (the protocol must be supported and enabled on storage devices). If nfsvers is set to 4, the latest protocol version NFS 4 may be used for mounting due to different OS configurations, for example, 4.2. If the 4.0 protocol is required, you are advised to set nfsver:ws to 4.0.

mountOptions.acl

The DPC namespace supports the ACL function. The DPC client supports POSIX ACL, NFSv4 ACL, and NT ACL authentication.

No

-

The descriptions of acl, aclonlyposix, cnflush, and cflush are for reference only. For details about the parameters, see OceanStor Pacific Series Product Documentation and choose Configuration > Basic Service Configuration Guide for File > Configuring Basic Services (DPC Scenario) > Accessing a DPC Share on a Client > Step 2.

mountOptions.aclonlyposix

The DPC namespace supports POSIX ACL, and the DPC client supports POSIX ACL authentication.

The following protocols support POSIX ACL: DPC, NFSv3, and HDFS. If NFSv4 ACL or NT ACL is used, the DPC client cannot identify the ACL of this type. As a result, the ACL of this type does not take effect.

No

-

If aclonlyposix and acl are used together, only acl takes effect. That is, the namespace supports the ACL function.

mountOptions.cnflush

Asynchronous disk flushing mode. That is, data is not flushed to disks immediately when files in the namespace are closed.

No

-

Asynchronous flushing mode: When a file is closed, data in the cache is not flushed to storage media in synchronous mode. Instead, data is written from the cache to the storage media in asynchronous flushing mode. After the write service is complete, data is flushed from the cache to disks periodically based on the flushing period. In a multi-client scenario, if concurrent operations are performed on the same file, the file size update is affected by the disk flushing period. That is, the file size is updated only after the disk flushing is complete. Generally, the update is completed within several seconds. Synchronous I/Os are not affected by the disk flushing period.

mountOptions.cflush

Synchronous disk flushing mode. That is, data is flushed to disks immediately when files in the namespace are closed.

No

-

By default, the synchronous disk flushing mode is used.

mountOptions.sec

Kerberos 5 protocol for mounting NFS file systems.

No

-

  • If Kerberos 5 is used, set this parameter to krb5.
  • If Kerberos 5i is used, set this parameter to krb5i.
  • If Kerberos 5p is used, set this parameter to krb5p.
  • Kerberos supports only NFSv4.0 or NFSv4.1.

mountOptions.proto

Transmission protocol used for NFS mounting.

The value can be rdma.

No

-

  • Ensure that NFS over RDMA is enabled on the storage system.
  • NAS storage of OceanStor Dorado 6.1.7 or later is supported.

mountOptions.port

Protocol port used for NFS mounting.

Conditionally mandatory

-

If the transmission protocol is rdma, set this parameter to 20049.

mountOptions.discard

Automatically triggers the Trim or Discard operation when a file system is mounted. This operation instructs a block device to release unused blocks.

No

-

The xfs and ext4 file systems are supported.

1.2.3 - PVC Parameters for Manage Volume Provisioning

After configuring a StorageClass, you can use the StorageClass to configure a PVC. For details about the PVC configuration template, see example file pvc-manager.yaml in the examples directory in Huawei CSI software package.

Table 1 Parameters in the pvc-manager.yaml file

Parameter

Description

Mandatory

Default Value

Remarks

metadata.annotations

PVC object annotations. Set the following parameters:

  • Driver name/manageVolumeName: volume name on the storage.
  • Driver name/manageBackendName: name of the backend to which the volume belongs.

Yes

csi.huawei.com/manageVolumeName: * csi.huawei.com/manageBackendName: *

  • For details about how to obtain Driver name, see Table 4.
  • Driver name/manageVolumeName: name of an existing volume on the storage. Only English characters are supported.
  • Driver name/manageBackendName: name of the storage backend in CSI.

You can run the oceanctl get backend -n huawei-csi command to obtain the backend name.

metadata.labels

PVC object labels.

No

-

Format: provisioner: Driver name specified during installation

Example: provisioner: csi.huawei.com

This parameter takes effect when a PVC is created. It is used to listen to PVC resources and obtain information about metadata.annotations.

metadata.name

User-defined name of a PVC object.

Yes

-

Take Kubernetes v1.22.1 as an example. The value can contain digits, lowercase letters, hyphens (-), and periods (.), and must start and end with a letter or digit.

spec.volumeMode

Volume mode. This parameter is optional. When LUN volumes are used, the following types are supported:

  • Filesystem: local file system.
  • Block: raw device.
NOTE:

This parameter takes effect when a PV is mounted. The use method of this parameter must be the same as that of the managed volume.

  • If a volume is used as a raw volume before being managed, volumeMode must be set to Block.
  • If a volume is used in ext2, ext3, or ext4 mode before being managed, volumeMode must be set to Filesystem and fsType in the StorageClass must be set to ext2, ext3, or ext4.
  • If a volume is used in XFS mode before being managed, volumeMode must be set to Filesystem and fsType in the StorageClass must be set to xfs.

No

Filesystem

This parameter takes effect when a PV is mounted.

  • Filesystem indicates that a container accesses a PV using a local file system. The local file system type is specified by the fsType field in the specified StorageClass.
  • Block indicates that a PV is accessed in raw volume mode.

spec.storageClassName

Name of the StorageClass object.

Yes

-

The configuration of the StorageClass must be the same as that of the managed volume.

spec.resources.requests.storage

Size of the volume to be created. The format is ***Gi and the unit is GiB. The size must be an integer multiple of 512 bytes.

Yes

-

The PVC capacity depends on storage specifications and host specifications. For example, OceanStor Dorado 6.1.2 or OceanStor Pacific series 8.1.0 is connected to CentOS 7. If ext4 file systems are used, see Table 2. If XFS file systems are used, see Table 3. If NFS or raw devices are used, the capacity must meet the specifications of the used Huawei storage device model and version.

If the PVC capacity does not meet the specifications, a PVC or Pod may fail to be created due to the limitations of storage specifications or host file system specifications.

spec.accessModes

Access mode of the volume.

  • RWO (ReadWriteOnce): A volume can be mounted to a node in read/write mode. This mode also allows multiple Pods running on the same node to access the volume.
  • ROX (ReadOnlyMany): A volume can be mounted to multiple nodes in read-only mode.
  • RWX (ReadWriteMany): A volume can be mounted to multiple nodes in read/write mode.
  • RWOP (ReadWriteOncePod): A volume can only be mounted to a single Pod in read/write mode. Kubernetes 1.22 and later versions support this feature.

Yes

ReadWriteOnce

  • RWO/ROX/RWOP: supported by all types of volumes. RWOP is supported only by Kubernetes 1.22 and later versions. Check whether this feature is enabled for your Kubernetes cluster by referring to Enabling the ReadWriteOncePod Feature Gate.
  • The support for RWX is as follows:

Table 2 ext4 capacity specifications

Storage Type

Storage Specifications

ext4 Specifications

CSI Specifications

OceanStor Dorado 6.1.2

512 Ki to 256 Ti

50 Ti

512 Ki to 50 Ti

OceanStor Pacific series 8.1.0

64 Mi to 512 Ti

50 Ti

64 Mi to 50 Ti

Table 3 XFS capacity specifications

Storage Type

Storage Specifications

XFS Specifications

CSI Specifications

OceanStor Dorado 6.1.2

512 Ki to 256 Ti

500 Ti

512 Ki to 500 Ti

OceanStor Pacific series 8.1.0

64 Mi to 512 Ti

500 Ti

64 Mi to 500 Ti

1.3 - Static Volume Provisioning

Static volume provisioning allows administrators to use a resource created on the storage side as a PV for containers in the cluster.

To implement static volume provisioning, perform the following steps:

  • Configuring a PV
  • Configuring a PVC

Prerequisites

A storage resource, such as a LUN or file system, required by the PV to be created exists on the storage device. If the storage resource is a file system, you also need to create the share and client information of the file system.

Configuring a PV

  1. Prepare the PV configuration file mypv.yaml. The following is an example. For details about other parameters, see PV Parameters for Static Volume Provisioning.

    kind: PersistentVolume
    apiVersion: v1
    metadata:
      name: mypv
    spec:
      volumeMode: Filesystem
      storageClassName: "" # The value must be to "".
      accessModes:
        - ReadWriteOnce
      csi:
        driver: csi.huawei.com # Enter the CSI driver name.
        volumeHandle: iscsi-dorado-181.lun0001 # Enter the volume name.
        fsType: xfs # Set the file system type.
      capacity:
        storage: 100Gi
    

    In the configuration file for static volume provisioning, storageClassName must be set to "". Otherwise, Kubernetes will use the default StorageClass.

  2. Run the following command to create a PV based on the prepared .yaml file.

    kubectl create -f mypv.yaml
    
  3. After a period of time, run the following command to view the information about the created PV.

    kubectl get pv
    

    The following is an example of the command output. If the PV status is Available, the PV is successfully created.

    NAME       CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS      CLAIM               STORAGECLASS   REASON   AGE
    mypv       100Gi      RWO            Retain           Available                                               4s
    

Configuring a PVC

After a PV is created in static volume provisioning mode, you can create a PVC based on the PV for containers.

  1. Prepare the PVC configuration file. The following example is a PVC configuration file for static volume provisioning.

    kind: PersistentVolumeClaim
    apiVersion: v1
    metadata:
      name: mypvc
    spec:
      storageClassName: ""
      accessModes:
        - ReadWriteOnce
      volumeMode: Filesystem
      resources:
        requests:
          storage: 100Gi
      volumeName: mypv # Enter the name of the corresponding PV.
    
  2. Run the following command to create a PVC based on the configured .yaml file.

    kubectl create -f mypvc.yaml
    
  3. After a period of time, run the following command to view the information about the created PVC.

    kubectl get pvc
    

    The following is an example of the command output. If the PVC status is Bound, the PVC is successfully created.

    NAME        STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS   AGE
    mypvc       Bound    pvc-840054d3-1d5b-4153-b73f-826f980abf9e   100Gi      RWO                           12s
    

Using a PVC

The use method is the same as that for dynamic volume provisioning in Using a PVC.

1.3.1 - PV Parameters for Static Volume Provisioning

Table 1 Static volume provisioning parameters

Parameter

Description

Mandatory

Default Value

Remarks

metadata.name

User-defined name of a PV object.

Yes

-

Take Kubernetes v1.22.1 as an example. The value can contain digits, lowercase letters, hyphens (-), and periods (.), and must start and end with a letter or digit.

spec.volumeMode

Volume mode. This parameter is optional. When LUN volumes are used, the following types are supported:

  • Filesystem: local file system.
  • Block: raw device.

No

Filesystem

This parameter takes effect when a PV is mounted. The default value is Filesystem.

  • Filesystem indicates that a container accesses a PV using a local file system. The local file system type is specified by the fsType field in the specified StorageClass.
  • Block indicates that a PV is accessed in raw volume mode.

spec.storageClassName

Name of the StorageClass object. This parameter is mandatory.

Yes

-

Set the parameter to an empty string, that is, enter "".

spec.accessModes

Access mode of the volume.

  • RWO (ReadWriteOnce): A volume can be mounted to a node in read/write mode. This mode also allows multiple Pods running on the same node to access the volume.
  • ROX (ReadOnlyMany): A volume can be mounted to multiple nodes in read-only mode.
  • RWX (ReadWriteMany): A volume can be mounted to multiple nodes in read/write mode.
  • RWOP (ReadWriteOncePod): A volume can only be mounted to a single Pod in read/write mode. Kubernetes 1.22 and later versions support this feature.

Yes

ReadWriteOnce

  • RWO/ROX/RWOP: supported by all types of volumes. RWOP is supported only by Kubernetes 1.22 and later versions. Check whether this feature is enabled for your Kubernetes cluster by referring to Enabling the ReadWriteOncePod Feature Gate.
  • The support for RWX is as follows:

spec.csi.driver

CSI driver name.

Yes

csi.huawei.com

Set this parameter to the driver name set during Huawei CSI installation.

spec.csi.volumeHandle

Unique identifier of a storage resource. This parameter is mandatory.

Format: <backendName>.<volume-name>

Yes

-

The value of this parameter consists of the following parts:

  • <backendName>: indicates the name of the backend where the volume resides. You can run the following command to obtain the configured backend information.

    oceanctl get backend

  • <volume-name>: indicates the name of a resource (LUN/file system) on the storage. You can obtain the value from DeviceManager.

spec.csi.fsType

Type of a host file system. This parameter is optional. The supported types are:

  • ext2
  • ext3
  • ext4
  • xfs

No

-

If this parameter is not set, the default value ext4 is used. This parameter is available only when volumeMode is set to Filesystem.

spec.capacity.storage

Volume size.

Yes

100Gi

Ensure that the size is the same as that of the corresponding resource on the storage. Kubernetes will not invoke CSI to check whether the value of this parameter is correct. Therefore, the PV can be successfully created even if its capacity is inconsistent with that of the corresponding resource on the storage.

spec.mountOptions.nfsvers

NFS mount option on the host. The following mount option is supported:

nfsvers: protocol version for NFS mounting. The value can be 3, 4, 4.0, 4.1, or 4.2.

No

-

This parameter is optional after the -o parameter when the mount command is executed on the host. The value is in list format.

If the NFS version is specified for mounting, NFS 3, 4.0, 4.1, and 4.2 protocols are supported (the protocol must be supported and enabled on storage devices). If nfsvers is set to 4, the latest protocol version NFS 4 may be used for mounting due to different OS configurations, for example, 4.2. If the 4.0 protocol is required, you are advised to set nfsvers to 4.0.

spec.mountOptions.acl

The DPC namespace supports the ACL function. The DPC client supports POSIX ACL, NFSv4 ACL, and NT ACL authentication.

No

-

The descriptions of acl, aclonlyposix, cnflush, and cflush are for reference only. For details about the parameters, see OceanStor Pacific Series Product Documentation and choose Configuration > Basic Service Configuration Guide for File > Configuring Basic Services (DPC Scenario) > Accessing a DPC Share on a Client > Step 2.

spec.mountOptions.aclonlyposix

The DPC namespace supports POSIX ACL, and the DPC client supports POSIX ACL authentication.

The following protocols support POSIX ACL: DPC, NFSv3, and HDFS. If NFSv4 ACL or NT ACL is used, the DPC client cannot identify the ACL of this type. As a result, the ACL of this type does not take effect.

No

-

If aclonlyposix and acl are used together, only acl takes effect. That is, the namespace supports the ACL function.

spec.mountOptions.cnflush

Asynchronous disk flushing mode. That is, data is not flushed to disks immediately when files in the namespace are closed.

No

-

Asynchronous flushing mode: When a file is closed, data in the cache is not flushed to storage media in synchronous mode. Instead, data is written from the cache to the storage media in asynchronous flushing mode. After the write service is complete, data is flushed from the cache to disks periodically based on the flushing period. In a multi-client scenario, if concurrent operations are performed on the same file, the file size update is affected by the disk flushing period. That is, the file size is updated only after the disk flushing is complete. Generally, the update is completed within several seconds. Synchronous I/Os are not affected by the disk flushing period.

spec.mountOptions.cflush

Synchronous disk flushing mode. That is, data is flushed to disks immediately when files in the namespace are closed.

No

-

By default, the synchronous disk flushing mode is used.

1.3.2 - PVC Parameters for Static Volume Provisioning

Table 1 PVC parameters

Parameter

Description

Mandatory

Default Value

Remarks

metadata.name

User-defined name of a PVC object.

Yes

-

Take Kubernetes v1.22.1 as an example. The value can contain digits, lowercase letters, hyphens (-), and periods (.), and must start and end with a letter or digit.

spec.accessModes

Access mode of the volume.

  • RWO (ReadWriteOnce): A volume can be mounted to a node in read/write mode. This mode also allows multiple Pods running on the same node to access the volume.
  • ROX (ReadOnlyMany): A volume can be mounted to multiple nodes in read-only mode.
  • RWX (ReadWriteMany): A volume can be mounted to multiple nodes in read/write mode.
  • RWOP (ReadWriteOncePod): A volume can only be mounted to a single Pod in read/write mode. Kubernetes 1.22 and later versions support this feature.

Yes

ReadWriteOnce

  • RWO/ROX/RWOP: supported by all types of volumes. RWOP is supported only by Kubernetes 1.22 and later versions. Check whether this feature is enabled for your Kubernetes cluster by referring to Enabling the ReadWriteOncePod Feature Gate.
  • The support for RWX is as follows:

spec.volumeMode

Volume mode.

No

Filesystem

This parameter is optional. The value can be Filesystem or Block. The default value is Filesystem. This parameter takes effect when a Pod is created. Filesystem indicates that a file system is created on a PVC to access the storage. Block indicates that a raw volume is used to access the storage.

spec.resources.requests.storage

Size of the volume to be created.

Yes

-

Size of the volume to be created. The format is ***Gi and the unit is GiB.

The PVC capacity depends on storage specifications and host specifications. For example, OceanStor Dorado 6.1.2 or OceanStor Pacific series 8.1.0 is connected to CentOS 7. If ext4 file systems are used, see Table 2. If XFS file systems are used, see Table 3. If NFS or raw devices are used, the capacity must meet the specifications of the used Huawei storage device model and version.

If the PVC capacity does not meet the specifications, a PVC or Pod may fail to be created due to the limitations of storage specifications or host file system specifications.

When a PVC is created using a static PV and the PVC capacity is smaller than the capacity of the bound PV, the PVC capacity is set to the capacity of the bound PV. If the PVC capacity is greater than the capacity of the bound PV, the PVC cannot be created.

spec.volumeName

Name of the PV object.

Yes

-

This parameter is mandatory when a PVC is created statically.

spec.storageClassName

Name of the StorageClass object.

Yes

-

When a PVC is created, an empty character string is transferred. If this parameter is not set, the default StorageClass object name will be used.

2 - Expanding the Capacity of a PVC

When the capacity of a PVC used by a container is insufficient, you need to expand the capacity of the PVC.

Prerequisites

  • A PVC has been created, the backend to which it resides exists and supports capacity expansion.

  • For details about the storage devices that support capacity expansion, see Table 2 and Table 2. For details about the Kubernetes versions that support capacity expansion, see Kubernetes Feature Matrix.

  • The csi-resizer service is enabled for huawei-csi-controller.

    kubectl describe deploy huawei-csi-controller -n huawei-csi | grep csi-resizer
    

    If the following information is displayed, the csi-resizer service is enabled.

       csi-resizer:
        Image:      k8s.gcr.io/sig-storage/csi-resizer:v1.4.0
    

Procedure

  1. Run the following command to check whether the StorageClass supports capacity expansion. In the preceding command, mysc indicates the name of the StorageClass to be queried.

    kubectl get sc mysc
    

    The following is an example of the command output.

    NAME              PROVISIONER      RECLAIMPOLICY   VOLUMEBINDINGMODE   ALLOWVOLUMEEXPANSION   AGE
    mysc              csi.huawei.com   Delete          Immediate           true                  172m
    

    If the value of ALLOWVOLUMEEXPANSION is true, the current StorageClass supports capacity expansion. In this case, go to 3.

  2. Run the following command to change the value of allowVolumeExpansion to true. In the preceding command, mysc indicates the name of the StorageClass to be modified.

    kubectl patch sc mysc --patch '{"allowVolumeExpansion":true}'
    
  3. Run the following command to query the StorageClass name of the PVC. In the preceding command, mypvc indicates the name of the PVC to be expanded.

    kubectl get pvc mypvc
    

    The following is an example of the command output.

    NAME               STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS      AGE
    mypvc              Bound    pvc-3383be36-537c-4cb1-8f32-a415fa6ba384   2Gi        RW0            mysc              145m
    
  4. Run the following command to expand the capacity.

    kubectl patch pvc mypvc -p '{"spec":{"resources":{"requests":{"storage":"120Gi"}}}}'
    

    In the preceding command, mypvc indicates the name of the PVC to be expanded, and 120Gi indicates the capacity after expansion. Change the values based on the site requirements.

    • The PVC capacity depends on storage specifications and host specifications. For example, OceanStor Dorado 6.1.2 or OceanStor Pacific series 8.1.0 is connected to CentOS 7. If ext4 file systems are used, see Table 2. If XFS file systems are used, see Table 3. If NFS or raw devices are used, the capacity must meet the specifications of the used Huawei storage device model and version.
    • If the PVC capacity does not meet the specifications, a PVC or Pod may fail to be created due to the limitations of storage specifications or host file system specifications.
    • If the capacity expansion fails because the target capacity exceeds the storage pool capacity, see Failed to Expand the PVC Capacity Because the Target Capacity Exceeds the Storage Pool Capacity.
  5. Run the following command to check whether the capacity modification takes effect.

    kubectl get pvc
    

    The following is an example of the command output. If the value of CAPACITY is changed to the specified capacity, the capacity expansion is successful.

    NAME        STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS   AGE
    mypvc       Bound    pvc-3383be36-537c-4cb1-8f32-a415fa6ba384   120Gi       RWO            mysc           24s
    

3 - Cloning a PVC

This section describes how to clone a PVC.

When cloning a PVC, you need to specify the data source. The following is a simple example of cloning a PVC. In this example, mypvc is used as the data source and a PVC named myclone is created.

kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: myclone
spec:
  storageClassName: mysc
  dataSource:
    name: mypvc
    kind: PersistentVolumeClaim
  volumeMode: Filesystem
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 2Gi

  • The specified storageClassName must be the same as the StorageClass of the source volume in dataSource.
  • The capacity of the clone volume must be greater than or equal to that of the source volume. Equal capacity is recommended.

Prerequisites

The source PVC already exists in the system, and the backend where the source PVC resides supports cloning. For details about the storage devices that support cloning, see Table 2 and Table 2. For details about the Kubernetes versions that support cloning, see Kubernetes Feature Matrix.

Procedure

  1. Run the following command to create a PVC based on the configuration file of the clone volume.

    kubectl create -f myclone.yaml
    

4 - Creating a PVC Using a Snapshot

This section describes how to create a PVC using a snapshot.

When creating a PVC, you need to specify the data source. The following is a simple example of creating a PVC using a snapshot. In this example, mysnapshot is used as the data source and a PVC named myrestore is created.

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: myrestore
spec:
  storageClassName: mysc
  dataSource:
    name: mysnapshot
    kind: VolumeSnapshot
    apiGroup: snapshot.storage.k8s.io
  volumeMode: Filesystem
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 100Gi

  • The specified storageClassName must be the same as the StorageClass of the snapshot source volume in dataSource.
  • The capacity of the clone volume must be greater than or equal to that of the snapshot. Equal capacity is recommended.

Prerequisites

A snapshot already exists in the system, and the backend where the snapshot resides supports cloning. For details about the storage devices that support PVC creation using a snapshot, see Table 2 and Table 2. For details about the Kubernetes versions that support PVC creation using a snapshot, see Kubernetes Feature Matrix.

Procedure

  1. Run the following command to create a PVC based on the configuration file for creating a volume using a snapshot.

    kubectl create -f myrestore.yaml