Skip to main content

Configure Google Cloud NetApp Volumes for SAN workloads

Contributors joan-ing
PDFs

You can configure Trident to provision block storage volumes using the iSCSI
protocol from Google Cloud NetApp Volumes. SAN volumes are provisioned from
Flex Unified storage pools by using the
google-cloud-netapp-volumes-san storage driver.

This driver is dedicated to block workloads and does not support NAS protocols.

Note The google-cloud-netapp-volumes-san backend is required to provision iSCSI block
volumes. The google-cloud-netapp-volumes backend supports NAS protocols only and
cannot be used for SAN workloads.

NAS volumes and iSCSI block volumes

Google Cloud NetApp Volumes supports both NAS and block storage, which differ in
how applications access and manage data.

NAS volumes provide file-based storage and are mounted as shared filesystems using
NFS or SMB. These volumes are commonly used when multiple pods or nodes require
concurrent access to the same data.

iSCSI block volumes provide raw block storage and are attached to Kubernetes nodes
as block devices. Each volume is provisioned as a Logical Unit Number (LUN) and
accessed using the iSCSI protocol. Block storage is typically used when workloads
require block-level access or application-managed I/O behavior.

You can deploy block-oriented workloads on Google Kubernetes Engine using
Trident-managed iSCSI storage backed by Flex Unified Google Cloud NetApp Volumes pools.

This applies to the following environments:

  • Trident 26.02 and later

  • Google Kubernetes Engine (GKE)

  • Google Cloud NetApp Volumes Flex Unified storage pools

  • iSCSI-based block workloads

Note Only the Flex service level is supported for SAN workloads in Trident 26.02.

Storage architecture overview

For SAN workloads, Trident provisions block storage by creating iSCSI Logical Unit
Numbers (LUNs) in Flex Unified storage pools.

Each Kubernetes PersistentVolume corresponds to a single LUN. Trident manages the
full lifecycle of the LUN, including creation, host mapping, attachment, and
cleanup.

Flex Unified storage pools

Flex Unified storage pools provide block storage using the iSCSI protocol and are
required for SAN provisioning.

For Trident 26.02:

  • Only Flex Unified REGIONAL pools are supported

  • Flex Unified ZONAL pools are supported starting with Trident 26.02.1

  • Only the Flex service level is supported for SAN workloads

Block volumes

Block volumes are provisioned as iSCSI LUNs and presented to Kubernetes nodes as
block devices.

Block volumes:

  • Use the iSCSI protocol

  • Support filesystem and raw block presentation

  • Are attached and managed by Trident

  • Support multiple Kubernetes access modes

Access modes

Block volumes provisioned by Trident support the following access modes:

  • ReadWriteOnce (RWO)

  • ReadOnlyMany (ROX)

  • ReadWriteOncePod (RWOP)

  • ReadWriteMany (RWX), supported only when volumeMode: Block

volumeMode behavior

The volumeMode field controls how a block volume is exposed:

  • Filesystem
    Trident formats and mounts the volume.

  • Block
    Trident attaches the device and exposes it as a raw block device.

Configure a Trident SAN backend

apiVersion: trident.netapp.io/v1
kind: TridentBackendConfig
metadata:
  name: gcnv-san
  namespace: trident
spec:
  version: 1
  storageDriverName: google-cloud-netapp-volumes-san
  projectNumber: "<project-number>"
  location: "<region>"
  sdkTimeout: "600"
  storage:
  - labels:
      cloud: gcp
      performance: flex
    network: "<vpc-network>"
    serviceLevel: Flex

Create a StorageClass for SAN workloads

After configuring the SAN backend, create a StorageClass that references the
google-cloud-netapp-volumes-san driver.

The filesystem type is defined in the StorageClass, not in the backend.

apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: gcnv-san
provisioner: csi.trident.netapp.io
parameters:
  backendType: "google-cloud-netapp-volumes-san"
  fsType: "ext4"
allowVolumeExpansion: true

Supported filesystem types:

  • ext4 (default)

  • ext3

  • xfs

Note The SAN driver supports only the Flex service level and does not use
NAS-specific backend parameters such as exportRule, unixPermissions,
nasType, snapshotDir, nfsMountOptions, or tiering-related settings.

Supported operations

Block volumes provisioned using the
google-cloud-netapp-volumes-san driver support:

  • Create

  • Delete

  • Clone

  • Snapshot

  • Resize

  • Import

Provision block volumes

ReadWriteOnce (RWO)

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: gcnv-san-rwo
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 100Gi
  storageClassName: gcnv-san

ReadWriteOncePod (RWOP)

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: gcnv-san-rwop
spec:
  accessModes:
    - ReadWriteOncePod
  resources:
    requests:
      storage: 100Gi
  storageClassName: gcnv-san

ReadOnlyMany (ROX)

A common pattern for ROX is to clone an existing ReadWriteOnce volume and
mount the clone as read-only.

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: gcnv-san-rox
spec:
  accessModes:
    - ReadOnlyMany
  resources:
    requests:
      storage: 100Gi
  storageClassName: gcnv-san
  dataSource:
    kind: PersistentVolumeClaim
    name: gcnv-san-rwo

ReadWriteMany (RWX) — raw block only

ReadWriteMany is supported only when volumeMode: Block.

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: gcnv-san-raw-rwx
spec:
  accessModes:
    - ReadWriteMany
  volumeMode: Block
  resources:
    requests:
      storage: 100Gi
  storageClassName: gcnv-san

Extra GiB overprovisioning behavior

Google Cloud NetApp Volumes block volumes include internal metadata overhead.
This overhead reduces the kernel-visible device size compared to the
provisioned capacity.

Testing shows:

  • Approximately 300 KiB overhead on initial creation

  • Up to approximately 107 MiB overhead after a resize

Because Google Cloud NetApp Volumes accepts only whole-GiB allocations,
Trident ensures that the usable device size always meets or exceeds the
PVC request by:

  • Rounding the requested size up to the next whole GiB

  • Adding an additional 1 GiB buffer

Example:

  • PVC request: 100 GiB

  • Provisioned size in Google Cloud NetApp Volumes: 101 GiB

  • Usable space visible to the application: at least 100 GiB

This guarantees that applications always receive the requested capacity,
even after accounting for internal metadata overhead.

Pod examples

Filesystem-mounted block volume (RWO)

apiVersion: v1
kind: Pod
metadata:
  name: app-rwo
spec:
  containers:
  - name: app
    image: ubuntu:22.04
    command: ["sleep", "infinity"]
    volumeMounts:
    - name: data
      mountPath: /mnt/data
  volumes:
  - name: data
    persistentVolumeClaim:
      claimName: gcnv-san-rwo

Raw block device (RWX)

apiVersion: v1
kind: Pod
metadata:
  name: app-raw-rwx
spec:
  containers:
  - name: app
    image: ubuntu:22.04
    command: ["sleep", "infinity"]
    volumeDevices:
    - name: data
      devicePath: /dev/xda
  volumes:
  - name: data
    persistentVolumeClaim:
      claimName: gcnv-san-raw-rwx

Attach and mount behavior

For SAN volumes provisioned from Google Cloud NetApp Volumes:

  • Trident creates a Logical Unit Number (LUN) in a Flex Unified storage pool.

  • During publish, Trident maps the LUN to a per-node host group.

  • During node staging, Trident:

    • Logs in to the iSCSI target

    • Discovers the LUN

    • Configures multipath

  • If volumeMode: Filesystem, Trident formats the device if required and
    mounts it.

  • If volumeMode: Block, Trident attaches the device and exposes it
    directly to the pod without formatting or mounting.

Note SAN block volumes do not provide distributed locking or write
coordination. When a block volume is accessed by multiple nodes
(ReadWriteMany with volumeMode: Block), the application or filesystem
must manage concurrency.