Deploying VAST CSI Driver on OpenShift with VAST CSI Operator

  • Updated on Feb 13, 2026
  • Published on Jan 26, 2026
  • 2 minute(s) read
Prev Next

VAST CSI Operator is an OpenShift operator that helps deploy, configure and upgrade VAST CSI Driver in Red Hat OpenShift environments.

To deploy VAST CSI Driver using VAST CSI Operator:

Note

Before you start, ensure that the VAST cluster on which you are going to provision storage is configured for CSI use.

  1. Follow OpenShift Operator guidelines to install VAST CSI Operator.

  2. Use VAST CSI Operator to deploy the VAST CSI Driver custom resources: VastCSIDriver, VastCluster and VastStorage.

    Each of the three resources is required.

  3. Use the storage class generated by the VastStorage custom resource instance in your PVCs to provision storage.

  4. Assign OpenShift Security Context Constraints (SCCs) to VAST CSI Driver.

Note

VAST CSI Operator does not provide a CRD for VAST snapshots. If you are going to use VAST snapshots with VAST CSI Driver, install the snapshot CRDs manually.

Custom Resource Definitions in VAST CSI Operator

VAST CSI Operator introduces the following Custom Resource Definitions (CRD):

  • VastCSIDriver is a common specification for the VAST CSI Controller and VAST CSI Node, for example: 

    apiVersion: storage.vastdata.com/v1
kind: VastCSIDriver
metadata:
  name: csidriver
  namespace: vast-csi
spec:
  image:
    csiVastPlugin:
      image: vastdataorg/csi:v2.5.0

  • VastCluster specifies the VAST endpoint, username and password to connect to the VAST cluster where volumes will be provisioned. These settings are stored in a VAST CSI Driver's Kubernetes secret.

    For example:

    apiVersion: storage.vastdata.com/v1
kind: VastCluster
metadata:
  name: cluster
  namespace: vast-csi
spec:
  endpoint: 198.151.100.12
  username: admin
  password: "xxxxxx"

    You can create multiple VastCluster instances to access different VAST clusters, or to access the same VAST cluster using different credentials.

  • VastStorage defines VAST storage options to be used when provisioning volumes on the VAST cluster, such as the path to the volumes on the VAST cluster, VAST view policy, VAST virtual IP pool name or FQDN, additional mount options, and so on. This resource generates a storage class (and optionally a snapshot class) that you can use in your PVCs.

    For example:

    apiVersion: storage.vastdata.com/v1
kind: VastStorage
metadata:
  name: vastdata-filesystem
  namespace: vast-csi
spec:
  clusterName: cluster
  storagePath: "/k8s"
  viewPolicy: "default"
  vipPool: "vippool-1"
  allowVolumeExpansion: true
  createSnapshotClass: true

Using VastStorage-generated Storage Class in PVCs

In your PVC, specify the name of the storage class generated based on the VastStorage CRD as the storageClassName, for example:

For example:

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: csi-pvc
spec:
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 1Gi
  storageClassName: vastdata-filesystem

Assigning SCCs to VAST CSI Driver

Assign OpenShift Security Context Constraints (SCC) to VAST CSI Driver service accounts so that VAST CSI Driver is able to create mount points on the host machine:

oc adm policy add-scc-to-user privileged -z <release name>-vast-controller-sa -n <namespace name>
oc adm policy add-scc-to-user privileged -z <release name>-vast-node-sa -n <namespace name>

Where:

  • <release name> identifies the VAST CSI Driver release being deployed.

  • <namespace name> is the namespace to which VAST CSI Driver will be deployed.

For example:

oc adm policy add-scc-to-user privileged -z csi-vast-controller-sa -n vastcsi
oc adm policy add-scc-to-user privileged -z csi-vast-node-sa -n vastcsi
Related articles