On this page

Show all

Help Center/ Cloud Container Engine_Autopilot/ User Guide/ Storage/ Scalable File Service/ Using an SFS File System Through a Dynamic PV

Using an SFS File System Through a Dynamic PV

Updated on 2025-02-27 GMT+08:00

View PDF

You can mount the PVs created from general-purpose file systems (formerly SFS 3.0) to pods in CCE Autopilot clusters for file storage. This section describes how to use storage classes to dynamically create PVs and PVCs for data persistence and sharing in workloads.

Prerequisites

If you want to create a cluster using commands, kubectl has been used to connect to the cluster. For details, see Connecting to a Cluster Using kubectl.
You have configured a VPC endpoint required by the general-purpose file system (formerly SFS 3.0). For details, see Configuring a VPC Endpoint.

Constraints

Not all regions support volumes created from file systems. View the regions where SFS volumes are supported on the console. You can also view Function Overview to learn about all regions where SFS volumes are supported.
If a general-purpose file system (formerly SFS 3.0) is used, the owner group and permission of the mount point cannot be modified.
If a general-purpose file system (formerly SFS 3.0) is used, there may be a latency when the PVCs or PVs are created or deleted. The billing duration depends on the time when the file systems are created or deleted on the SFS console.
If the reclamation policy of the volumes created from general-purpose file systems (formerly SFS 3.0) is set to Delete, PVs and PVCs can only be deleted after all files in the file systems are deleted manually.

Using the Console

Dynamically create a PVC and PV.

In the navigation pane on the left, choose Storage. Then click the PVCs tab. In the upper right corner, click Create PVC. In the displayed dialog box, configure the parameters.

Parameter	Description
PVC Type	In this example, select SFS.
PVC Name	Enter the PVC name, which must be unique in the same namespace.
Creation Method	If no underlying storage is available, select Dynamically provision to create a PVC, PV, and underlying storage on the console in cascading mode. If underlying storage is available, select either Use existing or Create new. For details about static creation, see Using an Existing File System Through a Static PV. In this example, select Dynamically provision.
Storage Classes	The storage class of SFS volumes is csi-sfs.
Access Mode	SFS volumes support only ReadWriteMany, indicating that a storage volume can be mounted to multiple pods in read/write mode. For details, see Volume Access Modes.

Click Create to create a PVC and a PV.
In the navigation pane on the left, choose Storage. View the created PVC and PV on the PVCs and PVs tabs, respectively.

Create a workload.

In the navigation pane on the left, choose Workloads. Then click the Deployments tab.

In the upper right corner, click Create Workload. On the displayed page, click Data Storage in the Container Settings area and click Add Volume to select PVC.

Table 1 describes the parameters for mounting the volume. For details about other parameters, see Creating a Workload.

**Table 1** Parameters for mounting a storage volume
Parameter	Description
PVC	Select an existing SFS volume.
Mount Path	Enter a mount path, for example, /tmp. This parameter indicates the container path that the volume will be mounted to. Do not mount the volume to a system directory such as / or /var/run. This may cause container errors. Mount the volume to an empty directory. If the directory is not empty, ensure that there are no files that affect container startup. If there are such files, they will be replaced, which will lead to a container startup or workload creation failure. NOTICE: If a volume is mounted to a high-risk directory, use an account with minimum permissions to start the container, or high-risk files on the host may be damaged.
Subpath	Enter a subpath, for example, tmp, indicating that data in the mount path of the container is stored in the tmp directory of the storage volume. A subpath is used to mount a local volume so that the same volume is used in a single pod. If this parameter is left blank, the root path is used by default.
Permission	Read-only: You can only read the data in the mounted volume. Read-write: You can modify the volume mounted to the path. Newly written data will not be migrated if the container is migrated, which may cause data loss.

In this example, the volume is mounted to the /data path of the container. The container data generated in this path is stored in the SFS file system.

Click to enlarge

Configure other parameters and click Create Workload.
After the workload is created, the data in the container mount directory will be persistently stored. Verify the storage by referring to Verifying Data Persistence and Sharing.

Using kubectl

Use kubectl to connect to the cluster.

Use StorageClass to dynamically create a PVC and PV.

Create the pvc-sfs-auto.yaml file.

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: pvc-sfs-auto
  namespace: default
  annotations: 
    everest.io/crypt-key-id: <your_key_id>      # (Optional) ID of the key for encrypting file systems

    everest.io/crypt-alias: sfs/default         # (Optional) Key name. Mandatory for encrypting volumes.

    everest.io/crypt-domain-id: <your_domain_id>   # (Optional) ID of the tenant to which an encrypted volume belongs. Mandatory for encrypting volumes.

spec:
  accessModes:
    - ReadWriteMany             # The value must be ReadWriteMany for SFS.
  resources:
    requests:
      storage: 1Gi             # SFS volume capacity.
  storageClassName: csi-sfs    # The StorageClass of the SFS file system

**Table 2** Key parameters
Parameter	Mandatory	Description
storage	Yes	Requested capacity in the PVC, in Gi. For SFS, this field is used only for verification (cannot be empty or 0). Its value is fixed at 1, and any value you set does not take effect for SFS file systems.
everest.io/crypt-key-id	No	This parameter is mandatory when an SFS system is encrypted. Enter the encryption key ID selected during SFS system creation. You can use a custom key or the default key named sfs/default. To obtain a key ID, log in to the DEW console, locate the key to be encrypted, and copy the key ID.
everest.io/crypt-alias	No	Key name, which is mandatory when you create an encrypted volume. To obtain a key name, log in to the DEW console, locate the key to be encrypted, and copy the key name.
everest.io/crypt-domain-id	No	ID of the tenant to which the encrypted volume belongs. This parameter is mandatory for creating an encrypted volume. To obtain a tenant ID, hover the cursor over the username in the upper right corner of the ECS console, choose My Credentials, and copy the account ID.

Run the following command to create a PVC:
```
kubectl apply -f pvc-sfs-auto.yaml
```

Create a workload.

Create a file named web-demo.yaml. In this example, the SFS volume is mounted to the /data path.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: web-demo
  namespace: default
spec:
  replicas: 2
  selector:
    matchLabels:
      app: web-demo
  template:
    metadata:
      labels:
        app: web-demo
    spec:
      containers:
      - name: container-1
        image: nginx:latest
        volumeMounts:
        - name: pvc-sfs-volume    # Volume name, which must be the same as the volume name in the volumes field.
          mountPath: /data  # Location where the storage volume is mounted.
      imagePullSecrets:
        - name: default-secret
      volumes:
        - name: pvc-sfs-volume    # Volume name, which can be changed as needed.
          persistentVolumeClaim:
            claimName: pvc-sfs-auto    # PVC name.

Run the following command to create a workload that the SFS volume is mounted to:
```
kubectl apply -f web-demo.yaml
```
After the workload is created, the data in the container mount directory will be persistently stored. Verify the storage by referring to Verifying Data Persistence and Sharing.

Verifying Data Persistence and Sharing

View the deployed application and files.
1. Run the following command to view the created pod:
```
kubectl get pod | grep web-demo
```
  Expected output:
```
web-demo-846b489584-mjhm9   1/1     Running   0             46s
web-demo-846b489584-wvv5s   1/1     Running   0             46s
```
2. Run the following commands in sequence to view the files in the /data path of the pods:
```
kubectl exec web-demo-846b489584-mjhm9 -- ls /data
kubectl exec web-demo-846b489584-wvv5s -- ls /data
```
  If no result is returned for both pods, no file exists in the /data path.
Run the following command to create a file named static in the /data path:
```
kubectl exec web-demo-846b489584-mjhm9 --  touch /data/static
```
Run the following command to check the files in the /data path:
```
kubectl exec web-demo-846b489584-mjhm9 -- ls /data
```
Expected output:
```
static
```
Verify data persistence.
1. Run the following command to delete the pod named web-demo-846b489584-mjhm9:
```
kubectl delete pod web-demo-846b489584-mjhm9
```
  Expected output:
```
pod "web-demo-846b489584-mjhm9" deleted
```
  After the deletion, the Deployment controller automatically creates a replica.
2. Run the following command to view the created pod:
```
kubectl get pod | grep web-demo
```
  The expected output is as follows, in which web-demo-846b489584-d4d4j is the newly created pod:
```
web-demo-846b489584-d4d4j   1/1     Running   0             110s
web-demo-846b489584-wvv5s    1/1     Running   0             7m50s
```
3. Run the following command to check whether the files in the /data path of the new pod have been modified:
```
kubectl exec web-demo-846b489584-d4d4j -- ls /data
```
  Expected output:
```
static
```
  The static file is retained, indicating that the data in the file system can be stored persistently.
Verify data sharing.
1. Run the following command to view the created pod:
```
kubectl get pod | grep web-demo
```
  Expected output:
```
web-demo-846b489584-d4d4j   1/1     Running   0             7m
web-demo-846b489584-wvv5s   1/1     Running   0             13m
```
2. Run the following command to create a file named share in the /data path of either pod: In this example, select the pod named web-demo-846b489584-d4d4j.
```
kubectl exec web-demo-846b489584-d4d4j --  touch /data/share
```
  Check the files in the /data path of the pod.
```
kubectl exec web-demo-846b489584-d4d4j -- ls /data
```
  Expected output:
```
share
static
```
3. Check whether the share file exists in the /data path of another pod (web-demo-846b489584-wvv5s) as well to verify data sharing.
```
kubectl exec web-demo-846b489584-wvv5s -- ls /data
```
  Expected output:
```
share
static
```
  After you create a file in the /data path of a pod, if the file is also created in the /data path of the other pod, the two pods share the same volume.

Related Operations

You can also perform the operations described in Table 3.

**Table 3** Related operations
Operation	Description	Procedure
Viewing events	You can view event names, event types, number of occurrences, Kubernetes events, first occurrence time, and last occurrence time of the PVC or PV.	In the navigation pane on the left, choose Storage. Then click the PVCs or PVs tab. Locate the target PVC or PV, click View Events in the Operation column to view events generated within one hour (events are retained for one hour).
Viewing a YAML file	You can view, copy, and download the YAML files of a PVC or PV.	In the navigation pane on the left, choose Storage. Then click the PVCs or PVs tab. Locate the target PVC or PV, click View YAML in the Operation column to view or download the YAML.

Parent Topic: Scalable File Service

Previous topic: Using an Existing File System Through a Static PV

Next topic: Configuring SFS Volume Mount Options

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot