Using EVS Volumes

Prerequisites

You have created a CCE cluster and installed the FlexVolume plug-in (storage-driver) in the cluster.

Notes and Constraints

• EVS disks cannot be attached across AZs and cannot be used by multiple workloads, multiple pods of the same workload, or multiple jobs.
• Data in a shared disk cannot be shared between nodes in a CCE cluster. If the same EVS disk is attached to multiple nodes, read and write conflicts and data cache conflicts may occur. When creating a Deployment, you are advised to create only one pod if you want to use EVS disks.
• When you create a StatefulSet and add a cloud storage volume, existing EVS volumes cannot be used.
• EVS disks that have partitions or have non-ext4 file systems cannot be imported.
• Container storage in CCE clusters of Kubernetes 1.13 or later version supports encryption. Currently, E2E encryption is supported only in certain regions.
• Volumes cannot be created in specified enterprise projects. Only the default enterprise project is supported.
• The following operations apply to clusters of Kubernetes 1.13 or earlier.

Buying an EVS Disk

1. Log in to the CCE console. In the navigation pane, choose Resource Management > Storage. Click Create EVS Disk.
2. Configure basic disk information. Table 1 describes the parameters.

   Table 1 Configuring basic disk information

   Parameter	Description
   * PVC Name	New PVC Name: name of the PVC to be created. A storage volume is automatically created when a PVC is created. One PVC corresponds to one storage volume. The storage volume name is automatically generated when the PVC is created.
   Cluster Name	Cluster where the EVS disk is deployed.
   Namespace	Namespace where the EVS disk is deployed. You can retain the default value or specify one.
   Volume Capacity (GB)	Size of the storage to be created.
   Access Mode	Access permissions of user applications on storage resources (PVs). ReadWriteOnce (RWO): The volume can be mounted as read-write by a single node, and data reading and writing are supported based on a non-shared EVS volume. EVS volumes in RWO mode are supported since v1.13.10-r1.
   AZ	AZ to which the disk belongs.
   Type	Type of the new EVS disk. Common I/O: uses Serial Advanced Technology Attachment (SATA) drives to store data. High I/O: uses serial attached SCSI (SAS) drives to store data. Ultra-high I/O: uses solid state disk (SSD) drives to store data.
   Encryption	KMS Encryption is deselected by default. After KMS Encryption is selected, Key Management Service (KMS), an easy-to-use and highly secure cloud service for your keys, will be used for EVS disks. If no agency has been created, click Create Agency and set the following parameters: Agency Name: Agencies can be used to assign permissions to trusted accounts or cloud services for a specific period of time. If no agency is created, click Create Agency. The agency name EVSAccessKMS indicates that EVS is granted the permission to access KMS. After EVS is authorized successfully, it can obtain KMS keys to encrypt and decrypt EVS systems. Key Name: After a key is created, it can be loaded and used in containerized applications. Key ID: generated by default. This function is supported only for clusters of v1.13.10 and later in certain regions.

3. Review your order, click Submit, and wait until the creation is successful.

   The file system is displayed in the list. When its status becomes Normal, the file system is created successfully.

4. Click the volume name to view detailed information about the volume.

Adding an EVS Volume

1. Create a workload or job by referring to Creating a Deployment, Creating a StatefulSet, or Creating a Job. During creation, expand Data Storage after adding a container. On the Cloud Volume tab page, click Add Cloud Volume.
2. Set the storage volume type to EVS.

   Table 2 Parameters required for mounting an EVS volume

   Parameter	Description
   Type	EVS: You can use EVS disks the same way you use traditional hard disks on servers. EVS disks deliver higher data reliability and I/O throughput and are easy to use. They can be used for file systems, databases, or other system software and applications that require block storage resources. CAUTION: To attach an EVS disk to a workload, you must set the number of pods to 1 when creating the workload. If multiple pods are created, you cannot attach EVS disks. When you create a StatefulSet and add a cloud storage volume, existing EVS volumes cannot be used. EVS disks cannot be attached across AZs and cannot be used by multiple workloads, multiple pods of the same workload, or multiple jobs.
   Allocation Mode
   Manual	Select a created disk. If no disk is available, follow the prompts to create one. For the same cluster and namespace, you can use an existing storage volume when creating a Deployment (with Allocation Mode set to Manual). When creating a StatefulSet, you can only use a volume automatically allocated by the system (only Automatic is available for Allocation Mode).
   Automatic	If you select Automatic, you need to configure the following items: Access Mode: permissions of user applications on storage resources (PVs). ReadWriteOnce (RWO): A non-shared EVS volume is mounted as read-write to a pod by a single node. EVS volumes in RWO mode are supported since v1.13.10-r1. Availability Zone: AZ where the storage volume is located. Only the AZ where the worker node is located can be selected. Sub-Type: Select a storage subtype. Common I/O: uses Serial Advanced Technology Attachment (SATA) drives to store data. High I/O: uses serial attached SCSI (SAS) drives to store data. Ultra-high I/O: uses solid state disk (SSD) drives to store data. Storage Capacity: Enter the storage capacity in the unit of GB. Ensure that the storage capacity quota is not exceeded; otherwise, creation will fail. After you select KMS Encryption, Key Management Service (KMS), an easy-to-use and highly secure service, will be enabled for EVS disks. This function is supported only for clusters of v1.13.10 and later in certain regions. If no agency has been created, click Create Agency and set the following parameters: Agency Name: Agencies can be used to assign permissions to trusted accounts or cloud services for a specific period of time. If no agency is created, click Create Agency. The agency name EVSAccessKMS indicates that EVS is granted the permission to access KMS. After EVS is authorized successfully, it can obtain KMS keys to encrypt and decrypt EVS systems. Key Name: After a key is created, it can be loaded and used in containerized applications. Key ID: generated by default.
   Add Container Path	Click Add Container Path. Container Path: Enter the container path to which the volume is mounted. NOTICE: Do not mount the volume to a system directory such as / or /var/run; this action may cause container errors. You are advised to mount the volume to an empty directory. If the directory is not empty, ensure that there are no files affecting container startup in the directory. Otherwise, such files will be replaced, resulting in failures to start the container and create the workload. If the volume is mounted to a high-risk directory, you are advised to use an account with minimum permissions to start the container; otherwise, high-risk files on the host machine may be damaged. Set permissions. Read-only: You can only read the data in the mounted volumes. Read/Write: You can modify the data in the mounted volumes. Newly written data is not migrated if the container is migrated, which causes a data loss.

3. Click OK.

Importing an EVS Disk

CCE allows you to import existing EVS disks.

An EVS disk can be imported into only one namespace. If an EVS disk has been imported into a namespace, it is invisible in other namespaces and cannot be imported again. If you want to import an EVS disk that has file system (ext4) formatted, ensure that no partition has been created for the disk. Otherwise, data may be lost.

1. Log in to the CCE console. In the navigation pane, choose Resource Management > Storage. On the EVS tab page, click Import.
2. Select one or more EVS disks that you want to import. Then, click OK.

Unbinding an EVS Disk

After an EVS volume is successfully created or imported, the EVS volume is automatically bound to the current cluster and cannot be used by other clusters. When the volume is unbound from the cluster, other clusters can still use the volume.

If the EVS volume has been mounted to a workload, it cannot be unbound from the cluster.

1. Log in to the CCE console. In the navigation pane, choose Resource Management > Storage. In the EVS disk list, click Unbind next to the target EVS disk.
2. Confirm the unbinding, and click OK.

Related Operations