Work with snapshots
Kubernetes volume snapshots of Persistent Volumes (PVs) enable point-in-time copies of volumes. You can create a snapshot of a volume created using Trident, import a snapshot created outside of Trident, create a new volume from an existing snapshot, and recover volume data from snapshots.
Overview
Volume snapshot is supported by ontap-nas
, ontap-nas-flexgroup
, ontap-san
, ontap-san-economy
, solidfire-san
, gcp-cvs
, and azure-netapp-files
drivers.
You must have an external snapshot controller and Custom Resource Definitions (CRDs) to work with snapshots. This is the responsibility of the Kubernetes orchestrator (for example: Kubeadm, GKE, OpenShift).
If your Kubernetes distribution does not include the snapshot controller and CRDs, refer to Deploy a volume snapshot controller.
Don't create a snapshot controller if creating on-demand volume snapshots in a GKE environment. GKE uses a built-in, hidden snapshot controller. |
Create a volume snapshot
-
Create a
VolumeSnapshotClass
. For more information, refer to VolumeSnapshotClass.-
The
driver
points to the Trident CSI driver. -
deletionPolicy
can beDelete
orRetain
. When set toRetain
, the underlying physical snapshot on the storage cluster is retained even when theVolumeSnapshot
object is deleted.Examplecat snap-sc.yaml apiVersion: snapshot.storage.k8s.io/v1 kind: VolumeSnapshotClass metadata: name: csi-snapclass driver: csi.trident.netapp.io deletionPolicy: Delete
-
-
Create a snapshot of an existing PVC.
Examples-
This example creates a snapshot of an existing PVC.
cat snap.yaml apiVersion: snapshot.storage.k8s.io/v1 kind: VolumeSnapshot metadata: name: pvc1-snap spec: volumeSnapshotClassName: csi-snapclass source: persistentVolumeClaimName: pvc1
-
This example creates a volume snapshot object for a PVC named
pvc1
and the name of the snapshot is set topvc1-snap
. A VolumeSnapshot is analogous to a PVC and is associated with aVolumeSnapshotContent
object that represents the actual snapshot.kubectl create -f snap.yaml volumesnapshot.snapshot.storage.k8s.io/pvc1-snap created kubectl get volumesnapshots NAME AGE pvc1-snap 50s
-
You can identify the
VolumeSnapshotContent
object for thepvc1-snap
VolumeSnapshot by describing it. TheSnapshot Content Name
identifies the VolumeSnapshotContent object which serves this snapshot. TheReady To Use
parameter indicates that the snapshot can be used to create a new PVC.kubectl describe volumesnapshots pvc1-snap Name: pvc1-snap Namespace: default . . . Spec: Snapshot Class Name: pvc1-snap Snapshot Content Name: snapcontent-e8d8a0ca-9826-11e9-9807-525400f3f660 Source: API Group: Kind: PersistentVolumeClaim Name: pvc1 Status: Creation Time: 2019-06-26T15:27:29Z Ready To Use: true Restore Size: 3Gi . .
-
Create a PVC from a volume snapshot
You can use dataSource
to create a PVC using a VolumeSnapshot named <pvc-name>
as the source of the data. After the PVC is created, it can be attached to a pod and used just like any other PVC.
The PVC will be created in the same backend as the source volume. Refer to KB: Creating a PVC from a Trident PVC Snapshot cannot be created in an alternate backend. |
The following example creates the PVC using pvc1-snap
as the data source.
cat pvc-from-snap.yaml apiVersion: v1 kind: PersistentVolumeClaim metadata: name: pvc-from-snap spec: accessModes: - ReadWriteOnce storageClassName: golden resources: requests: storage: 3Gi dataSource: name: pvc1-snap kind: VolumeSnapshot apiGroup: snapshot.storage.k8s.io
Import a volume snapshot
Trident supports the Kubernetes pre-provisioned snapshot process to enable the cluster administrator to create a VolumeSnapshotContent
object and import snapshots created outside of Trident.
Trident must have created or imported the snapshot's parent volume.
-
Cluster admin: Create a
VolumeSnapshotContent
object that references the backend snapshot. This initiates the snapshot workflow in Trident.-
Specify the name of the backend snapshot in
annotations
astrident.netapp.io/internalSnapshotName: <"backend-snapshot-name">
. -
Specify
<name-of-parent-volume-in-trident>/<volume-snapshot-content-name>
insnapshotHandle
. This is the only information provided to Trident by the external snapshotter in theListSnapshots
call.The <volumeSnapshotContentName>
cannot always match the backend snapshot name due to CR naming constraints.ExampleThe following example creates a
VolumeSnapshotContent
object that references backend snapshotsnap-01
.apiVersion: snapshot.storage.k8s.io/v1 kind: VolumeSnapshotContent metadata: name: import-snap-content annotations: trident.netapp.io/internalSnapshotName: "snap-01" # This is the name of the snapshot on the backend spec: deletionPolicy: Retain driver: csi.trident.netapp.io source: snapshotHandle: pvc-f71223b5-23b9-4235-bbfe-e269ac7b84b0/import-snap-content # <import PV name or source PV name>/<volume-snapshot-content-name>
-
-
Cluster admin: Create the
VolumeSnapshot
CR that references theVolumeSnapshotContent
object. This requests access to use theVolumeSnapshot
in a given namespace.ExampleThe following example creates a
VolumeSnapshot
CR namedimport-snap
that references theVolumeSnapshotContent
namedimport-snap-content
.apiVersion: snapshot.storage.k8s.io/v1 kind: VolumeSnapshot metadata: name: import-snap spec: # volumeSnapshotClassName: csi-snapclass (not required for pre-provisioned or imported snapshots) source: volumeSnapshotContentName: import-snap-content
-
Internal processing (no action required): The external snapshotter recognizes the newly created
VolumeSnapshotContent
and runs theListSnapshots
call. Trident creates theTridentSnapshot
.-
The external snapshotter sets the
VolumeSnapshotContent
toreadyToUse
and theVolumeSnapshot
totrue
. -
Trident returns
readyToUse=true
.
-
-
Any user: Create a
PersistentVolumeClaim
to reference the newVolumeSnapshot
, where thespec.dataSource
(orspec.dataSourceRef
) name is theVolumeSnapshot
name.ExampleThe following example creates a PVC referencing the
VolumeSnapshot
namedimport-snap
.apiVersion: v1 kind: PersistentVolumeClaim metadata: name: pvc-from-snap spec: accessModes: - ReadWriteOnce storageClassName: simple-sc resources: requests: storage: 1Gi dataSource: name: import-snap kind: VolumeSnapshot apiGroup: snapshot.storage.k8s.io
Recover volume data using snapshots
The snapshot directory is hidden by default to facilitate maximum compatibility of volumes provisioned using the ontap-nas
and ontap-nas-economy
drivers. Enable the .snapshot
directory to recover data from snapshots directly.
Use the volume snapshot restore ONTAP CLI to to restore a volume to a state recorded in a prior snapshot.
cluster1::*> volume snapshot restore -vserver vs0 -volume vol3 -snapshot vol3_snap_archive
When you restore a snapshot copy, the existing volume configuration is overwritten. Changes made to volume data after the snapshot copy was created are lost. |
Delete a PV with associated snapshots
When deleting a Persistent Volume with associated snapshots, the corresponding Trident volume is updated to a “Deleting state”. Remove the volume snapshots to delete the Trident volume.
Deploy a volume snapshot controller
If your Kubernetes distribution does not include the snapshot controller and CRDs, you can deploy them as follows.
-
Create volume snapshot CRDs.
cat snapshot-setup.sh #!/bin/bash # Create volume snapshot CRDs kubectl apply -f https://raw.githubusercontent.com/kubernetes-csi/external-snapshotter/release-6.1/client/config/crd/snapshot.storage.k8s.io_volumesnapshotclasses.yaml kubectl apply -f https://raw.githubusercontent.com/kubernetes-csi/external-snapshotter/release-6.1/client/config/crd/snapshot.storage.k8s.io_volumesnapshotcontents.yaml kubectl apply -f https://raw.githubusercontent.com/kubernetes-csi/external-snapshotter/release-6.1/client/config/crd/snapshot.storage.k8s.io_volumesnapshots.yaml
-
Create the snapshot controller.
kubectl apply -f https://raw.githubusercontent.com/kubernetes-csi/external-snapshotter/release-6.1/deploy/kubernetes/snapshot-controller/rbac-snapshot-controller.yaml kubectl apply -f https://raw.githubusercontent.com/kubernetes-csi/external-snapshotter/release-6.1/deploy/kubernetes/snapshot-controller/setup-snapshot-controller.yaml
If necessary, open deploy/kubernetes/snapshot-controller/rbac-snapshot-controller.yaml
and updatenamespace
to your namespace.