About this task
The storage class must have read, write, and execute permissions on the local file system.
Remember: Storage classes are cluster-wide resources.
Procedure
- Log in to your cluster as a user with sufficient permissions.
- Set the following environment variables:
NETAPP_USERNAME
- Specify the username of the user who provisioned the storage.
NETAPP_PASSWORD
- Specify the password of the user who provisioned the storage.
TRIDENT_OPERATOR_NAMESPACE
- Specify the OpenShift project where
the NetApp Trident operator is installed.
MANAGEMENT_LIF
- Specify the IP address associated with the NetApp Trident LIF. For more information, see Display LIF information in the NetApp Trident documentation.
STORAGE_VM
- Specify the name of the storage virtual machine (SVM) that you want to set up. For more
information, see Viewing the Storage VM list and details in the NetApp Trident documentation.
- Create a secret for the backend.
cat <<EOF |oc apply -f -
apiVersion: v1
kind: Secret
metadata:
name: backend-tbc-ontap-nas-advanced-secret
namespace: ${TRIDENT_OPERATOR_NAMESPACE
}
type: Opaque
stringData:
username: ${NETAPP_USERNAME
}
password: ${NETAPP_PASSWORD
}
EOF
- Create the backend.
Run the appropriate command for your storage type.
Self-managed NetApp Trident
cat <<EOF |oc apply -f -
apiVersion: trident.netapp.io/v1
kind: TridentBackendConfig
metadata:
name: backend-tbc-ontap-nas-advanced
namespace: ${TRIDENT_OPERATOR_NAMESPACE
}
spec:
version: 1
storageDriverName: ontap-nas
managementLIF: ${MANAGEMENT_LIF
}
backendName: tbc-ontap-nas-advanced
svm: ${STORAGE_VM
}
credentials:
name: backend-tbc-ontap-nas-advanced-secret
nfsMountOptions: nfsvers=3,nolock
autoExportPolicy: true
defaults:
spaceReserve: none
deletionPolicy: delete
EOF
Amazon FSx for NetApp ONTAP
cat <<EOF |oc apply -f -
apiVersion: trident.netapp.io/v1
kind: TridentBackendConfig
metadata:
name: backend-fsx-ontap-nas
namespace: ${TRIDENT_OPERATOR_NAMESPACE
}
spec:
version: 1
backendName: tbc-ontap-nas-advanced
storageDriverName: ontap-nas
managementLIF: ${MANAGEMENT_LIF
}
svm: ${STORAGE_VM
}
credentials:
name: backend-tbc-ontap-nas-advanced-secret
nfsMountOptions: nfsvers=3,nolock
EOF
- Check whether the
TridentBackendConfig
custom resource was successfully
created and bound.
oc get tbc <TridentBackendConfig name>-n <{TRIDENT_OPERATOR_NAMESPACE
}>
When the custom resource was successfully created and bound, you see a Success
status.
- Create the storage class.
The following sample includes the minimum required information for the storage class:
cat <<EOF |oc apply -f -
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: ontap-nas
provisioner: csi.trident.netapp.io
parameters:
storagePools: "tbc-ontap-nas-advanced:.*"
fsType: "nfs"
allowVolumeExpansion: true
mountOptions:
- nfsvers=3
- nolock
EOF
What to do next
Now that you've created the storage class, you are ready to complete Creating custom security context constraints for services.