Example: Mounting a PersistentVolume for Static Provisioning
About this task
The information on this page is valid for both FUSE POSIX and Loopback NFS plugins.
                Examples or tables that mention the FUSE POSIX driver
                    (com.mapr.csi-kdf) are equally valid for the Loopback NFS
                driver (com.mapr.csi-nfskdf).
- The configuration file can be shared for use by multiple pod specs.
- The configuration file enables the PersistentVolume to be mounted and available even when the pod spec that references it is removed.
For example, suppose a marketing volume exists in the secure file system under the path
                    /Departments/Marketing. An administrator wants to statically
                provision this volume and make it available to multiple users. It is critical that
                data access is as fast as possible. To make this work, the administrator must do the
                following:
Procedure
- 
                Create a PersistentVolume (PV) (if you have already not statically provisioned
                    a volume as described in this example) and set
                    the following volumeAttributes:
                - accessModeof the PV to- ReadWriteOnce
- securityTypeparameter to- securebecause the volume is on a secure cluster
- volumePathin the CSI driver setting to the desired path, and fill in the- cldbHostsand- clusterinformation
- platinumparameter to use the POSIX platinum client or the- licenseparameter to select from three POSIX clients
 apiVersion: v1 kind: PersistentVolume metadata: name: test-simplepv namespace: test-csi labels: name: pv-simplepv-test spec: accessModes: - ReadWriteOnce persistentVolumeReclaimPolicy: Delete capacity: storage: 5Gi csi: nodePublishSecretRef: name: "mapr-ticket-secret" namespace: "test-csi" driver: com.mapr.csi-kdf volumeHandle: test-simplepv volumeAttributes: volumePath: "/" cluster: "clusterA" cldbHosts: "10.10.102.96" securityType: "secure" platinum: "true"The preceding example specifies the high-performance Platinum POSIX license by including platinum: "true"in thevolumeAttributes.If you have a Platinum FUSE POSIX license, Release 1.0.2 and later provide another way to control the POSIX client. Instead of specifyingThe following table shows the properties defined in the sample PersistentVolume:platinum: "true", you can specifylicense: "<license-name>"and select one of three POSIX licenses (Basic, Container, or Platinum). Release 1.0.2 also adds support for astartupConfigline that lets you pass custom startup parameters to the FUSE process. The following example shows these options:apiVersion: v1 kind: PersistentVolume metadata: name: test-simplepv namespace: test-csi labels: name: pv-simplepv-test spec: accessModes: - ReadWriteMany persistentVolumeReclaimPolicy: Delete capacity: storage: 5Gi csi: nodePublishSecretRef: name: "mapr-ticket-secret" namespace: "test-csi" driver: com.mapr.csi-kdf volumeHandle: test-simplepv volumeAttributes: volumePath: "/" cluster: "clusterB" cldbHosts: "10.10.10.210" securityType: "secure" license: "container" startupConfig: "-o allow_other -o big_writes -o auto_unmount -o async_dio -o max_background=24 -o auto_inval_data --disable_writeback"
 See Example: Statically Provisioning a Volume Using the Container Storage Interface (CSI) Storage Plugin for more information.Parameter Notes metadata: nameThe PersistentVolume name. metadata: namespaceThe namespace in which the PersistentVolume is stored. accessModesHow the PersistentVolume is mounted on the host. For more information, see Kubernetes Access Modes and Access Modes.NOTEThe accessMode is not used to set the access mode bit on the volume. The accessMode of the PV and PVC should be the same so that they can bind.persistentVolumeReclaimPolicySpecifies what happens to the volume when it is released by its claim. The Retainvalue keeps the PVC around for manual cleanup.Deletedeletes the PV from Kubernetes.For more information, see Reclaiming.NOTEIf this volume was created using dynamic provisioning,Deletecauses the underlying volume to be deleted.capacitySpecifies how big the allocated storage should be. This value is not validated against the quota or advisory quota. It is up to the person creating the PV to specify this value accurately. csi: nodePublishSecretRefThe Ticket Secret for the CSI driver. nodePublishSecretRef:nameThe name of the Ticket Secret that contains the ticket to use when mounting to the cluster. See Configuring a Secret. nodePublishSecretRef:namespaceThe namespace that contains the Ticket Secret. Use the same namespace as the namespace used by the PersistentVolume. csi: driverThe CSI driver being used. Call it by specifying driver: mapr.com/maprfs.volumeHandleThe existing volume name or unique volume name for static provisioning. volumePathThe mount point within the file system. This parameter specifies an existing path. For example, you can specify the root volume as "/", providing access to the entire filesystem.clusterThe Data Fabric cluster name. cldbHostsThe hostname or IP addresses of the CLDB hosts for the cluster. You must provide at least one CLDB host. For fault-tolerance, providing multiple CLDB hosts is recommended. To specify multiple hosts, separate each name or IP address by a space. securityTypeA parameter that indicates whether tickets are used or not used. If tickets are used, specify secure. Otherwise, specifyunsecure.platinumIf set to platinum: "true", the POSIX client uses the platinum driver for better performance. Note that the platinum driver consumes more host resources and Platinum licenses.license(FUSE POSIX)Release 1.0.2 and later support the license: "<license-name>"parameter in addition to theplatinum: "<true | false>"parameter for the FUSE POSIX plugin. Thelicense: "<license-name>"parameter can have one of three values that control the number of host resources that are consumed:- "container"for the Container driver (one binary, 8 threads)
- "basic"for the Basic driver (one binary, 64 threads)
- "platinum"for the Platinum driver (multiple binaries, each running 64 threads)
 license: "<license-name>"parameter:- To use the license: "<license-name>"parameter, you must have a Platinum license.
-  If you specify both the platinum: "<true | false>"parameter and thelicense: "<license-name>"parameter, theplatinum: "<true | false>"parameter overrides thelicense: "<license-name>"parameter.
- If neither the platinum: "<true | false>"nor thelicense:parameter is specified, thecontainerdriver is implemented.
 startupConfig(FUSE POSIX)Release 1.0.2 and later support specifying the startupConfigline. ThestartupConfigline allows you to specify FUSE configuration parameters that are passed to thefuse.conffile. For the parameters that can be passed, see Configuring the HPE Ezmeral Data Fabric FUSE-Based POSIX Client.If nostartupConfigline is specified, these default startup settings are used:"-o allow_other -o big_writes -o auto_unmount"The default settings allow other users to access the mount point, enable writes larger than 4 KB, and automatically unmount the filesystem when the process is terminated. The following example includes the three default settings and adds some additional settings (shown in bold):
 The additional settings enable asynchronous direct I/O, set the maximum number of asynchronous requests to 24, automatically invalidate the kernel FUSE cache for any data change that causes a change in the files, and disable the writeback cache.startupConfig: "-o allow_other -o big_writes -o auto_unmount -o async_dio -o max_background=24 -o auto_inval_data --disable_writeback"startupConfig(Loopback NFS)The startupConfigline allows you to specify configuration parameters that are passed to thenfsserver.conffile. For the parameters that can be passed, see nfsserver.conf. ThestartupConfigvalues supported for Loopback NFS are all the configs supported in thenfsserver.conffile. Values must be separated by a space. If nostartupConfigline is specified, these default startup settings are used:startupConfig: "NFS_HEAPSIZE=1024 DrCacheSize=1024000"numrpcthreadsSets the number of RPC threads for the Data Fabric client. The default value is 1. The maximum value is 4. Use this option to increase throughput with FUSE basic or container licenses or with the Loopback NFS driver. trackMemoryEnables memory profiling to debug memory leaks in the FUSE or Loopback NFS process. To be enabled after direction from the DF support team. The default value is false.logLevelSets the log level to one of the following values: error,warn,info, ordebug. For the FUSE POSIX driver (com.mapr.csi-kdf), the default value iserror. For the Loopback NFS driver (com.mapr.csi-nfskdf), the default value isinfo.retainLogsRetains the logs for the pod on the host machine. The default value is false.startDelaySets the wait time after launching the FUSE or Loopback NFS processes and before making the mount available to the application pod. The default value is5.CAUTIONSetting the value below2to3seconds may affect the availability of the mount.
- 
                Create a PersistentVolumeClaim (PVC) spec and set the
                        accessModeof the PVC toReadWriteOnce.For example:
 The following table shows the properties used in the sample PersistentVolumeClaim:kind: PersistentVolumeClaim apiVersion: v1 metadata: name: test-simplepvc namespace: test-csi spec: accessModes: - ReadWriteOnce resources: requests: storage: 5GParameter Notes metadata: nameThe PersistentVolumeClaim name. metadata: namespaceThe namespace in which the PersistentVolumeClaim is configured. accessModeHow the requested PersistentVolume is mounted on the host. For more information, see Kubernetes Access Modes and Access Modes.NOTEThe PV and PVC modes should be the same so that they can bind.
- 
                Generate a service ticket, and create and deploy a ticket secret on the pod (if
                    you have already not done it as described in steps 1 and 2 of this example).
                Seemaprloginfor information on generating a ticket and Configuring a Secret for information on creating and deploying a ticket secret.
- 
                Create the pod spec and set the runAsUserand thefsGroupparameters to the UID and GID of the user that created the ticket.For example:
 The following table shows the properties defined in the sample pod spec:apiVersion: v1 kind: Pod metadata: name: test-pv namespace: test-csi spec: securityContext: runAsUser: 1000 fsGroup: 2000 containers: - name: busybox image: busybox args: - sleep - "1000000" resources: requests: memory: "2Gi" cpu: "500m" volumeMounts: - mountPath: /mapr name: maprflex volumes: - name: maprflex persistentVolumeClaim: claimName: test-simplepvcParameter Notes apiVersionThe Kubernetes API version for the pod spec. kindThe kind of object being created. The example uses a naked pod for clarity. Generally, it is better to use a Deployment, DaemonSet, or StatefulSet for high availability and ease of upgrade. metadata: nameThe pod name. metadata: namespaceThe namespace in which the pod runs. securityContext: runAsUserThe user ID to run the container under. This user ID must be the same as the user ID for which the ticket was generated. securityContext: fsGroupThe group ID to run the container under. This group ID must be the same as the group ID of the user for which the ticket was generated. volumeMounts: mountPathA directory inside the container that is designated as the mount path. volumeMounts: nameA name that you assign to the Kubernetes volumeMountsresource. Matches withVolumes: name.Volumes: nameA string to identify the name of the Kubernetes volumesresource. The value should matchvolumeMounts: name.persistentVolumeClaim: claimNameThe name of the PersistentVolumeClaim (PVC). For more information, see PersistentVolumeClaims. 
- 
                Deploy the .yamlfile on the pod by running the following command:
 For each Pod mount request, the POSIX client starts with the pod's hostname and new generated hostid, which is tracked on the Data Fabric cluster. You can run thekubectl apply -f <filename>.yamlnode listcommand on the Data Fabric cluster to determine the number of POSIX clients. For example:FUSE POSIX
 Loopback NFS# maprcli node list -clientsonly true clienttype clienthealth hostname ip lasthb id posixclientbasic Inactive 4f3d34fe-2007-11e9-8980-0cc47ab39644 10.10.102.94,172.17.0.1,192.168.28.0 11225 7407394893618656436 posixclientbasic Inactive 7906d011-200f-11e9-84c0-0cc47ab39644 10.10.102.94,172.17.0.1,192.168.28.0 8174 7544602061076655421 posixclientbasic Inactive 9ed61912-2004-11e9-8980-0cc47ab39644 10.10.102.92,172.17.0.1,192.168.184.128 11224 2540810767207593086 posixclientbasic Inactive c35ab639-2010-11e9-84c0-0cc47ab39644 10.10.102.94,172.17.0.1,192.168.28.0 7568 7947067275504513691 posixclientbasic Active e5dc10e8-2012-11e9-84c0-0cc47ab39644 10.10.102.94,172.17.0.1,192.168.28.0 18 5849529086453778130# maprcli node list -clientsonly true clienttype clienthealth hostname ip lasthb id LOOPBACK_NFS Active 3ae5bb79-0aa1-431d-a17b-2cf0ef692060 10.163.160.104,192.168.252.65 1 3740102597316282880 LOOPBACK_NFS Active 8c096a3c-0424-466a-8eda-6a61999ac3e4 10.163.160.103,192.168.19.192 1 6892565781040807680 LOOPBACK_NFS Active ae92fe4b-a3c9-4cb3-8858-c688dd6e0bdc 10.163.160.103,192.168.19.192 1 1038944668644089888 LOOPBACK_NFS Active fe855a47-bf66-4b72-8f28-c713b5ec4004 10.163.160.105,192.168.153.128 1 5958455784535826944
Example
apiVersion: v1
kind: PersistentVolume
metadata:
  name: test-simplepv
  namespace: test-csi
  labels:
    name: pv-simplepv-test
spec:
  accessModes:
  - ReadWriteOnce
  persistentVolumeReclaimPolicy: Delete
  capacity:
    storage: 5Gi
  csi:
    nodePublishSecretRef:
      name: "mapr-ticket-secret"
      namespace: "test-csi"
    driver: com.mapr.csi-kdf
    volumeHandle: test-simplepv
    volumeAttributes:
      volumePath: "/"
      cluster: "clusterA"
      cldbHosts: "10.10.102.96"
      securityType: "secure"
      platinum: "true"
---
apiVersion: v1
kind: Pod
metadata:
  name: test-pv
  namespace: test-csi
spec:
  securityContext:
    runAsUser: 1000
    fsGroup: 2000
  containers:
  - name: busybox
    image: busybox
    args:
    - sleep
    - "1000000"
    resources:
      requests:
        memory: "2Gi"
        cpu: "500m"
    volumeMounts:
    - mountPath: /mapr
      name: maprflex
  volumes:
    - name: maprflex
      persistentVolumeClaim:
        claimName: test-simplepvc
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: test-simplepvc
  namespace: test-csi
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 5G