Tencent Cloud

Recent Pages

CBS-CSI

Last updated: 2024-02-05 10:22:05

Operation Scenario
The CBS-CSI add-on allows you to select the storage class and create the corresponding PVs and PVCs of the CBS type in a TKE cluster on the console. This document introduces the features of the CBS-CSI add-on and some common use cases.
Features
Feature
Description
Static volume
Supports manual creation of volumes, PV objects, and PVC objects.
Dynamic volume
Supports configuration, creation, and deletion of volumes and PV objects through StorageClass.
Storage topology awareness
CBS does not support cross-AZ mounting. In a cluster with multiple AZs, the CBS-CSI add-on will schedule pods first, and then volumes will be created in the AZ of the node where the pods are scheduled.
Scheduler awareness of node maxAttachLimit
By default, one Tencent CVM instance can mount up to 20 cloud disks. When scheduling pods, the scheduler will filter out nodes where the number of mounted cloud disks has exceeded the limit.
Online volume expansion
You can modify the PVC capacity field to implement online expansion (only the CBS type is supported).
Volume snapshot and restoration
Supports the creation of volumes through snapshots.
Component Description
After it is deployed in a cluster, the CBS-CSI add-on contains the following components:
DaemonSet (NodePlugin): each node provides a DaemonSet. It consists of two containers, CBS-CSI Driver and node-driver-registrar. It is used to register the driver for the node and provide the ability to mount.
StatefulSet and Deployment (Controller): consists of a driver and multiple sidecars (external-provisioner, external-attacher, external-resizer, external-snapshotter, and snapshot-controller). It provides functions, such as o create or delete volumes, attach or detach, expand, and take snapshot.
﻿
﻿
﻿
Limits
TKE cluster version 1.14 or later
You can expand cloud disks online and create snapshots in a TKE cluster only after using the CBS-CSI add-on.
You can continue to use QcloudCbs (In-Tree plugin) in your TKE cluster. (It will be integrated to CBS-CSI through Volume Migration in the future.)
CBS-CSI Permission
Note:
The Permission Scenarios section only lists the permissions related to the core features of the components, for a complete permission list, please refer to the Permission Definition.
Permission Description
The permission of this component is the minimal dependency required for the current feature to operate.
The related directory /var/lib/kubelet on the host machine needs to be mounted to the container to accomplish volume mount/unmount, hence the activation of the privileged-level container is required.
Permission Scenarios
Feature
Involved Object
Involved Operation Permission
Perceiving the maximum number of disks that can be mounted on a node from the providerID in the Access Node resources
node
get/list
Executing disk creation and deletion based on pvc/pv information
pv/pvc/storageclasses/csinode
get/list/watch/create/update/patch/delete
Completing disk mounting and uninstallation based on volumeattachments resource objects
volumeattachments/volumesnapshotclasses
create/get/list/watch/update/delete
Expanding disk capacity via snapshot
pod/volumesnapshotclasses/volumesnapshots/configmap
get/list/watch
Permission Definition
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: cbs-csi-controller-role
rules:
  - apiGroups: [""]
    resources: ["pods"]
    verbs: ["get", "list", "watch"]
  - apiGroups: [""]
    resources: ["persistentvolumes"]
    verbs: ["get", "list", "watch", "update", "patch", "create", "delete"]
  - apiGroups: [""]
    resources: ["persistentvolumeclaims"]
    verbs: ["get", "list", "watch", "update"]
  - apiGroups: [""]
    resources: ["persistentvolumeclaims/status"]
    verbs: ["update", "patch"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["storageclasses"]
    verbs: ["get", "list", "watch"]
  - apiGroups: [""]
    resources: ["events"]
    verbs: ["get", "list", "watch", "create", "update", "patch"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["csinodes"]
    verbs: ["get", "list", "watch"]
  - apiGroups: [""]
    resources: ["nodes"]
    verbs: ["get", "list", "watch"]
  - apiGroups: ["coordination.k8s.io"]
    resources: ["leases"]
    verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
  - apiGroups: ["csi.storage.k8s.io"]
    resources: ["csinodeinfos"]
    verbs: ["get", "list", "watch"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["volumeattachments", "volumeattachments/status"]
    verbs: ["get", "list", "watch", "update", "patch"]
  - apiGroups: ["snapshot.storage.k8s.io"]
    resources: ["volumesnapshotclasses"]
    verbs: ["get", "list", "watch"]
  - apiGroups: ["snapshot.storage.k8s.io"]
    resources: ["volumesnapshotcontents"]
    verbs: ["create", "get", "list", "watch", "update", "delete"]
  - apiGroups: ["snapshot.storage.k8s.io"]
    resources: ["volumesnapshots"]
    verbs: ["get", "list", "watch", "update"]
  - apiGroups: ["apiextensions.k8s.io"]
    resources: ["customresourcedefinitions"]
    verbs: ["create", "list", "watch", "delete"]
  - apiGroups: ["snapshot.storage.k8s.io"]
    resources: ["volumesnapshotcontents/status"]
    verbs: ["update"]
  - apiGroups: ["snapshot.storage.k8s.io"]
    resources: ["volumesnapshots/status"]
    verbs: ["update"]
  - apiGroups: [""]
    resources: ["configmaps"]
    verbs: ["get", "list", "watch", "update", "patch", "create", "delete"]
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: cbs-csi-node-role
  namespace: kube-system
rules:
  - apiGroups: [""]
    resources: ["nodes"]
    verbs: ["get", "list"]
Use Cases
Avoid attaching cloud disk across availability zones through cbs-csi
Online Expansion of Cloud Disk
Creating Snapshot and Using It to Restore Volume

Contact Us

Contact our sales team or business advisors to help your business.

Technical Support

Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

7x24 Phone Support

tencent cloud

Recent Pages

CBS-CSI

Operation Scenario

Features

Component Description

Limits

CBS-CSI Permission

Permission Description

Permission Scenarios

Permission Definition

Use Cases

Was this page helpful?

Was this page helpful?

Feature	Description
Static volume	Supports manual creation of volumes, PV objects, and PVC objects.
Dynamic volume	Supports configuration, creation, and deletion of volumes and PV objects through StorageClass.
Storage topology awareness	CBS does not support cross-AZ mounting. In a cluster with multiple AZs, the CBS-CSI add-on will schedule pods first, and then volumes will be created in the AZ of the node where the pods are scheduled.
Scheduler awareness of node maxAttachLimit	By default, one Tencent CVM instance can mount up to 20 cloud disks. When scheduling pods, the scheduler will filter out nodes where the number of mounted cloud disks has exceeded the limit.
Online volume expansion	You can modify the PVC capacity field to implement online expansion (only the CBS type is supported).
Volume snapshot and restoration	Supports the creation of volumes through snapshots.

Feature	Involved Object	Involved Operation Permission
Perceiving the maximum number of disks that can be mounted on a node from the providerID in the Access Node resources	node	get/list
Executing disk creation and deletion based on pvc/pv information	pv/pvc/storageclasses/csinode	get/list/watch/create/update/patch/delete
Completing disk mounting and uninstallation based on volumeattachments resource objects	volumeattachments/volumesnapshotclasses	create/get/list/watch/update/delete
Expanding disk capacity via snapshot	pod/volumesnapshotclasses/volumesnapshots/configmap	get/list/watch

tencent cloud

Sign Up

Log in

Recent Pages

CBS-CSI

Operation Scenario

Features

Component Description

Limits

CBS-CSI Permission

Permission Description

Permission Scenarios

Permission Definition

Use Cases

Was this page helpful?

Was this page helpful?