Google Cloud NetApp Volumes后端配置选项和示例
了解适用于Google Cloud NetApp卷的NFS后端配置选项并查看配置示例。
后端配置选项
每个后端都会在一个 Google Cloud 区域中配置卷。要在其他区域创建卷,您可以定义其他后端。
参数 | Description | Default |
---|---|---|
|
始终为 1 |
|
|
存储驱动程序的名称 |
的值 |
|
(可选)存储后端的自定义名称 |
驱动程序名称 + "_" + API 密钥的一部分 |
|
用于指定用于创建卷的存储池的可选参数。 |
|
|
Google Cloud 帐户项目编号。此值可在Google Cloud门户主页上找到。 |
|
|
Asta Trident创建GCNV卷的Google Cloud位置。创建跨区域Kubnetes集群时、在中创建的卷 |
|
|
具有角色的Google Cloud服务帐户的API密钥 |
|
|
精细控制 NFS 挂载选项。 |
"nfsvers=3" |
|
如果请求的卷大小超过此值、则配置失败。 |
"" (默认情况下不强制实施) |
|
存储池及其卷的服务级别。值为 |
|
|
用于GCNV卷的Google Cloud网络。 |
|
|
故障排除时要使用的调试标志。例如, |
空 |
|
表示此后端支持的区域和区域的列表。有关详细信息,请参阅 "使用 CSI 拓扑"。例如: |
卷配置选项
您可以在中控制默认卷配置 defaults
部分。
参数 | Description | Default |
---|---|---|
|
新卷的导出规则。必须是IPv4地址任意组合的逗号分隔列表。 |
"0.0.0.0/0 |
|
访问 ` .snapshot` 目录 |
false |
|
为快照预留的卷百分比 |
""(接受默认值0) |
|
新卷的UNIX权限(4个八进制数字)。 |
"" |
示例配置
以下示例显示了将大多数参数保留为默认值的基本配置。这是定义后端的最简单方法。
最低配置
这是绝对的最低后端配置。通过此配置、Astra Trident会发现在配置位置委派给Google Cloud NetApp卷的所有存储池、并随机将新卷放置在其中一个池中。由于 nasType
省略了、因此会 nfs
应用默认设置、后端将为NFS卷配置。
当您刚刚开始使用Google Cloud NetApp卷并尝试操作时、此配置是理想的选择、但实际上、您很可能需要为您配置的卷提供额外的范围界定。
--- apiVersion: v1 kind: Secret metadata: name: backend-tbc-gcnv-secret type: Opaque stringData: private_key_id: 'f2cb6ed6d7cc10c453f7d3406fc700c5df0ab9ec' private_key: | -----BEGIN PRIVATE KEY----- znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m XsYg6gyxy4zq7OlwWgLwGa== -----END PRIVATE KEY----- --- apiVersion: trident.netapp.io/v1 kind: TridentBackendConfig metadata: name: backend-tbc-gcnv spec: version: 1 storageDriverName: google-cloud-netapp-volumes projectNumber: '123455380079' location: europe-west6 serviceLevel: premium apiKey: type: service_account project_id: my-gcnv-project client_email: myproject-prod@my-gcnv-project.iam.gserviceaccount.com client_id: '103346282737811234567' auth_uri: https://accounts.google.com/o/oauth2/auth token_uri: https://oauth2.googleapis.com/token auth_provider_x509_cert_url: https://www.googleapis.com/oauth2/v1/certs client_x509_cert_url: https://www.googleapis.com/robot/v1/metadata/x509/myproject-prod%40my-gcnv-project.iam.gserviceaccount.com credentials: name: backend-tbc-gcnv-secret
使用StoragePools筛选器的配置
apiVersion: v1 kind: Secret metadata: name: backend-tbc-gcnv-secret type: Opaque stringData: private_key_id: 'f2cb6ed6d7cc10c453f7d3406fc700c5df0ab9ec' private_key: | -----BEGIN PRIVATE KEY----- znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m XsYg6gyxy4zq7OlwWgLwGa== -----END PRIVATE KEY----- --- apiVersion: trident.netapp.io/v1 kind: TridentBackendConfig metadata: name: backend-tbc-gcnv spec: version: 1 storageDriverName: google-cloud-netapp-volumes projectNumber: '123455380079' location: europe-west6 serviceLevel: premium storagePools: - premium-pool1-europe-west6 - premium-pool2-europe-west6 apiKey: type: service_account project_id: my-gcnv-project client_email: myproject-prod@my-gcnv-project.iam.gserviceaccount.com client_id: '103346282737811234567' auth_uri: https://accounts.google.com/o/oauth2/auth token_uri: https://oauth2.googleapis.com/token auth_provider_x509_cert_url: https://www.googleapis.com/oauth2/v1/certs client_x509_cert_url: https://www.googleapis.com/robot/v1/metadata/x509/myproject-prod%40my-gcnv-project.iam.gserviceaccount.com credentials: name: backend-tbc-gcnv-secret
虚拟池配置
此后端配置可在一个文件中定义多个虚拟池。虚拟池在一节中进行了定义 storage
。如果您有多个存储池支持不同的服务级别、而您希望在Kubbernetes中创建表示这些服务级别的存储类、则这些选项板非常有用。虚拟池标签用于区分池。例如、在以下示例中 performance
、标签和 serviceLevel
类型用于区分虚拟池。
此外、您还可以设置一些适用于所有虚拟池的默认值、并覆盖各个虚拟池的默认值。在以下示例中、 snapshotReserve
和 exportRule
用作所有虚拟池的默认值。
有关详细信息,请参阅 "虚拟池"。
--- apiVersion: v1 kind: Secret metadata: name: backend-tbc-gcnv-secret type: Opaque stringData: private_key_id: 'f2cb6ed6d7cc10c453f7d3406fc700c5df0ab9ec' private_key: | -----BEGIN PRIVATE KEY----- znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m znHczZsrrtHisIsAbOguSaPIKeyAZNchRAGzlzZE4jK3bl/qp8B4Kws8zX5ojY9m XsYg6gyxy4zq7OlwWgLwGa== -----END PRIVATE KEY----- --- apiVersion: trident.netapp.io/v1 kind: TridentBackendConfig metadata: name: backend-tbc-gcnv spec: version: 1 storageDriverName: google-cloud-netapp-volumes projectNumber: '123455380079' location: europe-west6 apiKey: type: service_account project_id: my-gcnv-project client_email: myproject-prod@my-gcnv-project.iam.gserviceaccount.com client_id: '103346282737811234567' auth_uri: https://accounts.google.com/o/oauth2/auth token_uri: https://oauth2.googleapis.com/token auth_provider_x509_cert_url: https://www.googleapis.com/oauth2/v1/certs client_x509_cert_url: https://www.googleapis.com/robot/v1/metadata/x509/myproject-prod%40my-gcnv-project.iam.gserviceaccount.com credentials: name: backend-tbc-gcnv-secret defaults: snapshotReserve: '10' exportRule: 10.0.0.0/24 storage: - labels: performance: extreme serviceLevel: extreme defaults: snapshotReserve: '5' exportRule: 0.0.0.0/0 - labels: performance: premium serviceLevel: premium - labels: performance: standard serviceLevel: standard
下一步是什么?
创建后端配置文件后,运行以下命令:
kubectl create -f <backend-file>
要验证是否已成功创建后端、请运行以下命令:
kubectl get tridentbackendconfig NAME BACKEND NAME BACKEND UUID PHASE STATUS backend-tbc-gcnv backend-tbc-gcnv b2fd1ff9-b234-477e-88fd-713913294f65 Bound Success
如果后端创建失败,则后端配置出现问题。您可以使用命令说明后端 kubectl get tridentbackendconfig <backend-name>
、或者运行以下命令查看日志以确定原因:
tridentctl logs
确定并更正配置文件的问题后、您可以删除后端并再次运行create命令。
更多示例
存储类定义示例
下面是有关上述后端的基本 StorageClass
定义。
apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: name: gcnv-nfs-sc provisioner: csi.trident.netapp.io parameters: backendType: "google-cloud-netapp-volumes"
使用字段的示例定义 parameter.selector
:
使用、 parameter.selector
您可以为每个指定 StorageClass
"虚拟池" 用于托管卷的。卷将在选定池中定义各个方面。
apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: name: extreme-sc provisioner: csi.trident.netapp.io parameters: selector: "performance=extreme" backendType: "google-cloud-netapp-volumes" --- apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: name: premium-sc provisioner: csi.trident.netapp.io parameters: selector: "performance=premium" backendType: "google-cloud-netapp-volumes" --- apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: name: standard-sc provisioner: csi.trident.netapp.io parameters: selector: "performance=standard" backendType: "google-cloud-netapp-volumes"
有关存储类的详细信息,请参见 "创建存储类。"。
PVC定义示例
kind: PersistentVolumeClaim apiVersion: v1 metadata: name: gcnv-nfs-pvc spec: accessModes: - ReadWriteMany resources: requests: storage: 100Gi storageClassName: gcnv-nfs-sc
要验证PVC是否已绑定、请运行以下命令:
kubectl get pvc gcnv-nfs-pvc NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE gcnv-nfs-pvc Bound pvc-b00f2414-e229-40e6-9b16-ee03eb79a213 100Gi RWX gcnv-nfs-sc 1m