Work with snapshots
Beginning with the 20.01 release of Astra Trident, you can create snapshots of PVs at the Kubernetes layer. You can use these snapshots to maintain point-in-time copies of volumes that have been created by Astra Trident and schedule the creation of additional volumes (clones). Volume snapshot is supported by the ontap-nas
, ontap-san
, ontap-san-economy
, solidfire-san
, aws-cvs
, gcp-cvs
, and azure-netapp-files
drivers.
This feature is available from Kubernetes 1.17 (beta) and is GA from 1.20. To understand the changes involved in moving from beta to GA, see the release blog. With the graduation to GA, the v1 API version is introduced and is backward compatible with v1beta1 snapshots.
|
-
Creating volume snapshots requires an external snapshot controller to be created as well as some Custom Resource Definitions (CRDs). This is the responsibility of the Kubernetes orchestrator that is being used (for example: Kubeadm, GKE, OpenShift).
You can create an external snapshot-controller and snapshot CRDs as follows:
-
Create volume snapshot CRDs:
$ cat snapshot-setup.sh #!/bin/bash # Create volume snapshot CRDs kubectl apply -f https://raw.githubusercontent.com/kubernetes-csi/external-snapshotter/release-3.0/client/config/crd/snapshot.storage.k8s.io_volumesnapshotclasses.yaml kubectl apply -f https://raw.githubusercontent.com/kubernetes-csi/external-snapshotter/release-3.0/client/config/crd/snapshot.storage.k8s.io_volumesnapshotcontents.yaml kubectl apply -f https://raw.githubusercontent.com/kubernetes-csi/external-snapshotter/release-3.0/client/config/crd/snapshot.storage.k8s.io_volumesnapshots.yaml
-
Create the snapshot-controller in the desired namespace. Edit the YAML manifests below to modify namespace.
kubectl apply -f https://raw.githubusercontent.com/kubernetes-csi/external-snapshotter/release-3.0/deploy/kubernetes/snapshot-controller/rbac-snapshot-controller.yaml kubectl apply -f https://raw.githubusercontent.com/kubernetes-csi/external-snapshotter/release-3.0/deploy/kubernetes/snapshot-controller/setup-snapshot-controller.yaml
CSI Snapshotter provides a validating webhook to help users validate existing v1beta1 snapshots and confirm they are valid resource objects. The validating webhook automatically labels invalid snapshot objects and prevents the creation of future invalid objects. The validating webhook is deployed by the Kubernetes orchestrator. See the instructions to deploy the validating webhook manually here. Find examples of invalid snapshot manifests here. |
The example detailed below explains the constructs required for working with snapshots and shows how snapshots can be created and used.
Step 1: Set up a VolumeSnapshotClass
Before creating a volume snapshot, set up a VolumeSnapshotClass
.
$ cat snap-sc.yaml #Use apiVersion v1 for Kubernetes 1.20 and above. For Kubernetes 1.17 - 1.19, use apiVersion v1beta1. apiVersion: snapshot.storage.k8s.io/v1 kind: VolumeSnapshotClass metadata: name: csi-snapclass driver: csi.trident.netapp.io deletionPolicy: Delete
The driver
points to Astra Trident’s CSI driver. deletionPolicy
can be Delete
or Retain
. When set to Retain
, the underlying physical snapshot on the storage cluster is retained even when the VolumeSnapshot
object is deleted.
Step 2: Create a snapshot of an existing PVC
$ cat snap.yaml #Use apiVersion v1 for Kubernetes 1.20 and above. For Kubernetes 1.17 - 1.19, use apiVersion v1beta1. apiVersion: snapshot.storage.k8s.io/v1 kind: VolumeSnapshot metadata: name: pvc1-snap spec: volumeSnapshotClassName: csi-snapclass source: persistentVolumeClaimName: pvc1
The snapshot is being created for a PVC named pvc1
, and the name of the snapshot is set to pvc1-snap
.
$ kubectl create -f snap.yaml volumesnapshot.snapshot.storage.k8s.io/pvc1-snap created $ kubectl get volumesnapshots NAME AGE pvc1-snap 50s
This created a VolumeSnapshot
object. A VolumeSnapshot is analogous to a PVC and is associated with a VolumeSnapshotContent
object that represents the actual snapshot.
It is possible to identify the VolumeSnapshotContent
object for the pvc1-snap
VolumeSnapshot by describing it.
$ kubectl describe volumesnapshots pvc1-snap Name: pvc1-snap Namespace: default . . . Spec: Snapshot Class Name: pvc1-snap Snapshot Content Name: snapcontent-e8d8a0ca-9826-11e9-9807-525400f3f660 Source: API Group: Kind: PersistentVolumeClaim Name: pvc1 Status: Creation Time: 2019-06-26T15:27:29Z Ready To Use: true Restore Size: 3Gi . .
The Snapshot Content Name
identifies the VolumeSnapshotContent object which serves this snapshot. The Ready To Use
parameter indicates that the Snapshot can be used to create a new PVC.
Step 3: Create PVCs from VolumeSnapshots
See the following example for creating a PVC using a snapshot:
$ cat pvc-from-snap.yaml apiVersion: v1 kind: PersistentVolumeClaim metadata: name: pvc-from-snap spec: accessModes: - ReadWriteOnce storageClassName: golden resources: requests: storage: 3Gi dataSource: name: pvc1-snap kind: VolumeSnapshot apiGroup: snapshot.storage.k8s.io
dataSource
shows that the PVC must be created using a VolumeSnapshot named pvc1-snap
as the source of the data. This instructs Astra Trident to create a PVC from the snapshot. After the PVC is created, it can be attached to a pod and used just like any other PVC.
When deleting a Persistent Volume with associated snapshots, the corresponding Trident volume is updated to a “Deleting state”. For the Astra Trident volume to be deleted, the snapshots of the volume should be removed. |