In the dynamic world of Kubernetes, the Container Storage Interface (CSI) has emerged as a key player, offering scalability and ease of use independent of providers. Unlike its predecessor, in-tree volume plugins, CSI enables seamless integration of new volume plugins without being tied to the Kubernetes release process. This blog explores the functionality of CSI, focusing on how to leverage its capabilities for Persistent Volume Claim (PVC) snapshots.
Understanding CSI Functionality
CSI comes equipped with a range of features, including dynamic provisioning, access modes, and snapshots. In this blog, we'll delve into the process of PVC snapshot creation using an example.
To explore the wide array of CSI drivers and their features, refer to the official documentation: CSI Drivers Documentation. (https://kubernetes-csi.github.io/docs/drivers.html)
Example: CephFS with CSI Driver
Let's consider an example with CephFS, assuming that the user has the Ceph CSI driver installed and functioning correctly. If not, the CSI installation for Ceph can be found here : https://github.com/ceph/ceph-csi
Sample Storage Class for CephFS
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: csi-cephfs-sc
provisioner: cephfs.csi.ceph.com
parameters:
clusterID: <cluster-id>
fsName: <cephfs-name>
csi.storage.k8s.io/provisioner-secret-name: csi-cephfs-secret
csi.storage.k8s.io/provisioner-secret-namespace: default
csi.storage.k8s.io/controller-expand-secret-name: csi-cephfs-secret
csi.storage.k8s.io/controller-expand-secret-namespace: default
csi.storage.k8s.io/node-stage-secret-name: csi-cephfs-secret
csi.storage.k8s.io/node-stage-secret-namespace: default
reclaimPolicy: Delete
allowVolumeExpansion: true
Volume Snapshot Class
---
apiVersion: snapshot.storage.k8s.io/v1
kind: VolumeSnapshotClass
metadata:
name: csi-cephfsplugin-snapclass
driver: cephfs.csi.ceph.com
parameters:
clusterID: <cluster-id>
csi.storage.k8s.io/snapshotter-secret-name: csi-cephfs-secret
csi.storage.k8s.io/snapshotter-secret-namespace: default
deletionPolicy: Delete
Creation of Test PVC
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: csi-cephfs-pvc
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
storageClassName: csi-cephfs-sc
---
Snapshot Creation of Test PVC
---
apiVersion: snapshot.storage.k8s.io/v1
kind: VolumeSnapshot
metadata:
name: cephfs-pvc-snapshot
spec:
volumeSnapshotClassName: csi-cephfsplugin-snapclass
source:
persistentVolumeClaimName: csi-cephfs-pvc
Snapshot Verification and Restore
Once the storage class, snapshot class, and respective resources are created, users can verify the snapshot's existence and readiness using the following commands:
kubectl get volumesnapshot (Volume snapshot should be present and readytouse flag should be True)
kubectl get volumesnapshotcontent
In the event of data loss or the need for a restore, the following YAML can be used to recover from the PVC snapshot:
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: cephfs-pvc-restore
spec:
storageClassName: csi-cephfs-sc
dataSource:
name: cephfs-pvc-snapshot
kind: VolumeSnapshot
apiGroup: snapshot.storage.k8s.io
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
Scalable Backup Solutions
While the above method works for individual PVCs, it may not be ideal for backing up multiple namespaces with multiple PVCs, especially for mission-critical applications. Trilio offers an enterprise-level backup solution that goes beyond PVC backups, ensuring the entire application's resilience. With Trilio, users can effortlessly restore entire applications using a user-friendly UI, eliminating concerns about the location of different components.
Importantly, standard practice dictates storing backups outside the cluster to prevent data loss in case of cluster failures. Trilio adheres to this practice, ensuring that backups are securely stored outside the cluster, mitigating risks associated with cluster-based backups.
In conclusion, while CSI provides robust functionality for PVC snapshots, a comprehensive backup solution like Trilio ensures the resilience and recoverability of entire applications, offering peace of mind in complex Kubernetes environments.
Why do you need to have a backup solution for Kubernetes?
Implementing backup solutions for Kubernetes is crucial to ensure data resilience and business continuity. Kubernetes manages complex containerized applications, and failures or data loss can be a big business loss. As Trilio provides a safety net by capturing the state of applications, configurations, and persistent data. In the event of system failures, human errors, or disasters, these backups enable swift recovery, minimizing downtime and data loss. Additionally, backups support versioning, allowing organizations to roll back to a known good state. This proactive approach safeguards against unforeseen challenges, enhances reliability, and upholds the integrity of Kubernetes environments in the face of evolving operational demands.