VAST CSI Operator is an OpenShift operator that helps deploy, configure and upgrade VAST CSI drivers in Red Hat OpenShift environments.
To deploy VAST Block CSI Driver using VAST CSI Operator:
Note
Before you start, ensure that the VAST cluster on which you are going to provision storage is configured for CSI use.
Follow OpenShift Operator guidelines to install VAST CSI Operator.
Use VAST CSI Operator to deploy the VAST Block CSI Driver custom resources:
VastCSIDriver,VastClusterandVastStorage.Each of the three resources is required.
Use the storage class generated by the
VastStoragecustom resource instance in your PVCs to provision storage.Assign OpenShift Security Context Constraints (SCCs) to VAST Block CSI Driver.
Note
VAST CSI Operator does not provide a CRD for VAST snapshots. If you are going to use VAST snapshots with VAST Block CSI Driver, install the snapshot CRDs manually.
Custom Resource Definitions in VAST CSI Operator
VAST CSI Operator introduces the following Custom Resource Definitions (CRD):
VastCSIDriveris a common specification for the VAST CSI Controller and VAST CSI Node, for example:apiVersion: storage.vastdata.com/v1 kind: VastCSIDriver metadata: name: block.csi.vastdata.com namespace: vast-csi spec: driverType: "block" image: csiVastPlugin: repository: docker.io/vastdataorg/csi:v2.6.4
Ensure that the specification includes the correct driver type for VAST Block CSI Driver:
driverType: "block". (If not specified, the parameter defaults tonfs.)VastClusterspecifies the VAST endpoint, username and password to connect to the VAST cluster where volumes will be provisioned. These settings are stored in a VAST Block CSI Driver's Kubernetes secret.The specification can include either a VMS authentication token, or a username and a password.
For example:
With a VMS authentication token:
apiVersion: storage.vastdata.com/v1 kind: VastCluster metadata: name: cluster namespace: vast-csi spec: endpoint: 198.151.100.12 token: "<token>"
With a username and password:
apiVersion: storage.vastdata.com/v1 kind: VastCluster metadata: name: cluster namespace: vast-csi spec: endpoint: 198.151.100.12 username: admin password: "<password>"
You can create multiple
VastClusterinstances to access different VAST clusters, or to access the same VAST cluster using different credentials.VastStoragedefines VAST storage options to be used when provisioning volumes on the VAST cluster. This resource generates a storage class (and optionally a snapshot class) that you can use in your PVCs.For example:
apiVersion: storage.vastdata.com/v1 kind: VastStorage metadata: name: vastdata-block namespace: vast-csi spec: driverType: "block" provisioner: "block.csi.vastdata.com" clusterName: vastcluster subsystem: "myblock" vipPool: "vippool-1" createSnapshotClass: false
Using VastStorage-generated Storage Class in PVCs
In your PVC, specify the name of the storage class generated based on the VastStorage CRD as the storageClassName, for example:
For example:
apiVersion: v1 kind: PersistentVolumeClaim metadata: name: csi-block-pvc spec: volumeMode: Block accessModes: - ReadWriteOnce resources: requests: storage: 1Gi storageClassName: vastdata-block
Assigning SCCs to VAST Block CSI Driver
Assign OpenShift Security Context Constraints (SCC) to VAST Block CSI Driver service accounts so that VAST Block CSI Driver is able to create mount points on the host machine:
oc adm policy add-scc-to-user privileged -z <release name>-vast-controller-sa -n <namespace name> oc adm policy add-scc-to-user privileged -z <release name>-vast-node-sa -n <namespace name>
Where:
<release name>identifies the VAST Block CSI Driver release being deployed.<namespace name>is the namespace to which VAST Block CSI Driver will be deployed.
For example:
oc adm policy add-scc-to-user privileged -z csi-vast-controller-sa -n vastcsi oc adm policy add-scc-to-user privileged -z csi-vast-node-sa -n vastcsi