VAST CSI Operator is an OpenShift operator that helps deploy, configure and upgrade VAST CSI drivers in Red Hat OpenShift environments.
To deploy VAST CSI Driver using VAST CSI Operator:
Note
Before you start, ensure that the VAST cluster on which you are going to provision storage is configured for CSI use.
Follow OpenShift Operator guidelines to install VAST CSI Operator.
Use VAST CSI Operator to deploy the VAST CSI Driver custom resources:
VastCSIDriver,VastClusterandVastStorage.Each of the three resources is required.
Use the storage class generated by the
VastStoragecustom resource instance in your PVCs to provision storage.Assign OpenShift Security Context Constraints (SCCs) to VAST CSI Driver.
Note
VAST CSI Operator does not provide a CRD for VAST snapshots. If you are going to use VAST snapshots with VAST CSI Driver, install the snapshot CRDs manually.
Custom Resource Definitions in VAST CSI Operator
VAST CSI Operator introduces the following Custom Resource Definitions (CRD):
VastCSIDriveris a common specification for the VAST CSI Controller and VAST CSI Node, for example:apiVersion: storage.vastdata.com/v1 kind: VastCSIDriver metadata: name: csi.vastdata.com namespace: vast-csi spec: driverType: "nfs" image: csiVastPlugin: repository: docker.io/vastdataorg/csi:v2.6.4
Ensure that the specification includes the correct driver type for VAST CSI Driver:
driverType: "nfs"(default).Notice
The
driverTypeparameter is available starting with VAST CSI 2.6.3.VastClusterspecifies the VAST endpoint and credentials to connect to the VAST cluster where volumes will be provisioned. These settings are stored in a VAST CSI Driver's Kubernetes secret.The specification can include either a VMS authentication token, or a username and a password.
For example:
With a VMS authentication token:
apiVersion: storage.vastdata.com/v1 kind: VastCluster metadata: name: cluster namespace: vast-csi spec: endpoint: 198.151.100.12 token: "<token>"
With a username and password:
apiVersion: storage.vastdata.com/v1 kind: VastCluster metadata: name: cluster namespace: vast-csi spec: endpoint: 198.151.100.12 username: admin password: "<password>"
You can create multiple
VastClusterinstances to access different VAST clusters, or to access the same VAST cluster using different credentials.VastStoragedefines VAST storage options to be used when provisioning volumes on the VAST cluster. This resource generates a storage class (and optionally a snapshot class) that you can use in your PVCs.For example:
apiVersion: storage.vastdata.com/v1 kind: VastStorage metadata: name: vastdata-filesystem namespace: vast-csi spec: driverType: "nfs" provisioner: "csi.vastdata.com" secretName: vastcluster secretNamespace: vast-csi storagePath: "/k8s" viewPolicy: "default" vipPool: "vippool-1" allowVolumeExpansion: true createSnapshotClass: false
Using VastStorage-generated Storage Class in PVCs
In your PVC, specify the name of the storage class generated based on the VastStorage CRD as the storageClassName, for example:
For example:
apiVersion: v1 kind: PersistentVolumeClaim metadata: name: csi-pvc spec: accessModes: - ReadWriteOnce resources: requests: storage: 1Gi storageClassName: vastdata-filesystem
Assigning SCCs to VAST CSI Driver
Assign OpenShift Security Context Constraints (SCC) to VAST CSI Driver service accounts so that VAST CSI Driver is able to create mount points on the host machine:
oc adm policy add-scc-to-user privileged -z <release name>-vast-controller-sa -n <namespace name> oc adm policy add-scc-to-user privileged -z <release name>-vast-node-sa -n <namespace name>
Where:
<release name>identifies the VAST CSI Driver release being deployed.<namespace name>is the namespace to which VAST CSI Driver will be deployed.
For example:
oc adm policy add-scc-to-user privileged -z csi-vast-controller-sa -n vastcsi oc adm policy add-scc-to-user privileged -z csi-vast-node-sa -n vastcsi