Help Center/ Cloud Container Instance/ User Guide/ Bursting to CCI/ CCE Cloud Bursting Engine for CCI/ Storage
Updated on 2024-11-14 GMT+08:00
View PDF
Share

Storage

Overview

There are multiple storage volume types that can be used by the pods scheduled to CCI. In this section, you can learn about:

  • Storage volume types used by the pods scheduled to CCI.
  • Typical scenarios of hostPath volumes and how to use them.

Constraints

CCE pods that are scheduled to CCI supports ConfigMap, Secret, emptyDir, DownwardAPI, Projected, and PersistentVolumeClaims volumes, and the DownwardAPI and Projected volumes can only be used in bursting 1.3.25 and later versions.

  • emptyDir: Subpaths are not supported.
  • PersistentVolumeClaims: Only SFS and SFS Turbo cloud storage types and CSI storage classes are supported. Not volumes of all cloud storage types are supported by Volcano.
  • Projected: If a source of the serviceAccountToken type is configured, the token in the corresponding service-account-token secret is mounted after the pod is scheduled to CCI. The token is valid for a long time and has no expected audience. That is, the expirationSeconds and audience configurations do not take effect.

Storage Volume Types

There are various storage volume types on the CCE cluster console.

The following table lists the storage volume types.

Volume Type

Supported by CCI

Remarks

hostPath

No
  • CCI underlying clusters are used by all users so using the hostPath volumes presents many security risks. As a result, hostPath volumes are unavailable.
  • 1.5.9 and later versions support hostPath volumes whose path is /etc/localtime. After the configuration, the time zone of CCI containers is the same as that of CCE nodes.

ConfigMap

Yes

-

Secret

Yes

-

emptyDir

Yes

Subpaths are not supported when an emptyDir volume is mounted.

For emptyDir, the value of sizeLimit must be an integer multiple of 1Gi and cannot be greater than 10 times the number of pod vCPUs.

DownwardAPI

Yes

-

Projected

Yes

If a source of the serviceAccountToken type is configured, the token in the corresponding service-account-token secret is injected into the pod scheduled to CCI. The token is valid for a long time and has no audience. This means the settings of expirationSeconds and audience do not take effect.

PersistentVolumeClaims

Yes

Only SFS and SFS Turbo are supported, with StorageClass set to CSI.

How to Use hostPath

Scenario

A hostPath volume can be used for storage when CCE or other Kubernetes clusters are used. However, CCI underlying clusters are used by all users so using hostPath volumes presents many security risks. As a result, hostPath volumes are unavailable. When a pod with a hostPath volume mounted is scheduled to CCI, the pods will be rejected. If hostPath configured in spec.volumes for a pod cannot be changed, you can configure annotations to allow the pod to be scheduled to CCI. During the bursting verification, hostPath needs to be removed or replaced with localDir, emptyDir, or flexVolume.

Constraints

  • The value of sizeLimit can only be 1Gi or 2Gi for LocalDir.
  • For emptyDir, the value of sizeLimit must be an integer multiple of 1Gi and cannot be greater than 10 times the number of pod vCPUs.

Procedure

You can add annotations to Pod.Annotations to convert hostPath to localDir, emptyDir, or flexVolume.
  • Replace hostPath with localDir. 
    "coordinator.cci.io/hostpath-replacement": '[{"name":"source-hostpath-volume","policyType":"replaceByLocalDir","localDir":{"sizeLimit":"1Gi"}}]
  • Replace hostPath with flexVolume. 
    "coordinator.cci.io/hostpath-replacement": '[{"name":"source-hostpath-volume-1","policyType":"remove"},{"name":"source-hostpath-volume-2","policyType":"replaceByLocalDir","localDir":{"sizeLimit":"1Gi"}},{"name":"source-hostpath-volume-3","policyType":"replaceByEmptyDir","emptyDir":{"sizeLimit":"10Gi"}}]'

    EVS supports three specifications: common I/O, high I/O, and ultra-high I/O. Set volumeType based on service requirements.

    Table 1 EVS specifications

    EVS Specification

    Disk Type

    Application Scenario

    Scenario Example

    Common I/O

    sata

    SATA is used for backend storage. If an application processes only a few transactions but requires a large capacity and moderate read/write speed, you can store data on common I/O EVS disks.

    Development testing and enterprise office applications

    High I/O

    sas

    SAS is used for backend storage. If an application requires high performance, high read/write speed, and real-time data storage, you can store data on high I/O EVS disks.

    File system creation and distributed file sharing

    Ultra-high I/O

    ssd

    SSD is used for backend storage. If an application processes large volumes of data and requires high performance and high read/write speed, you can store data on ultra-high I/O EVS disks.

    NoSQL, relational databases, and data warehouses (such as Oracle RAC and SAP HANA)
  • Ignore all hostPath volumes. 
    "coordinator.cci.io/hostpath-replacement": '[{"name":"*","policyType":"remove"}]'
  • Replace each hostPath volume with a different storage type. 
    "coordinator.cci.io/hostpath-replacement": '[{"name":"source-hostpath-volume-1","policyType":"remove"},{"name":"source-hostpath-volume-2","policyType":"replaceByLocalDir","localDir":{"sizeLimit":"1Gi"}},{"name":"source-hostpath-volume-3","policyType":"replaceByEmptyDir","emptyDir":{"sizeLimit":"10Gi"}}]'

    For hostPath volumes whose path is /etc/localtime, if the name of a hostPath volume is the same as that of a replacement policy, the hostPath volume will be replaced. If the replacement policy name is *, hostPath volumes whose path is /etc/localtime will not be replaced.

    Example (a Deployment):

    apiVersion: apps/v1
kind: Deployment
metadata:
  annotations:
    description: ''
  labels:
    virtual-kubelet.io/burst-to-cci: enforce
    appgroup: ''
    version: v1
  name: test
  namespace: default
spec:
  replicas: 2
  selector:
    matchLabels:
      app: test
      version: v1
  template:
    metadata:
      labels:
        app: test
        version: v1
      annotations:
        coordinator.cci.io/hostpath-replacement: '[{"name": "test-log2", "policyType": "remove"}, {"name": "test-log", "policyType": "replaceByEmptyDir", "emptyDir":{"sizeLimit":"10Gi"}}, {"name": "test-log1", "policyType": "replaceByLocalDir", "localDir":{"sizeLimit":"1Gi"}}]'
    spec:
      containers:
        - name: container-1
          image: nginx
          imagePullPolicy: IfNotPresent
          env:
            - name: PAAS_APP_NAME
              value: test
            - name: PAAS_NAMESPACE
              value: default
            - name: PAAS_PROJECT_ID
              value: 0b52a6e40b00d3682f36c0005163a82c
          resources:
            requests:
              cpu: 250m
              memory: 512Mi
            limits:
              cpu: 250m
              memory: 512Mi
          volumeMounts:
            - name: test-log
              mountPath: /tmp/log
            - name: test-log1
              mountPath: /tmp/log1
            - name: test-log2
              mountPath: /tmp/log2
      volumes:
      - hostPath:
          path: /var/paas/sys/log/virtual-kubelet
          type: ""
        name: test-log
      - hostPath:
          path: /var/paas/sys/log
          type: ""
        name: test-log1
      - hostPath:
          path: /var/paas/sys/log2
          type: ""
        name: test-log2