Storage options
You can use any storage provider that OpenShift Container Platform supports.
OpenShift Container Platform storage options
For more information about the storage providers that OpenShift Container Platform supports, see the OpenShift documentation:
- For OpenShift version 4.16, see Storage
- For OpenShift version 4.15, see Storage
- For OpenShift version 4.14, see Storage
- For OpenShift version 4.13, see Storage
- For OpenShift version 4.12, see Storage
For the IBM Cloud Pak foundational services installer versions on which these OpenShift Container Platform versions are supported, see Supported OpenShift versions and platforms.
For clusters that are installed on Linux® on IBM® Z and LinuxONE and are using OpenShift Container Platform version 4.6 or later, you can use Red Hat OpenShift Container Storage or Network File System (NFS) to provision persistent storage.
Storage options for IBM Cloud Pak foundational services
Notes:
- The IBM Cloud Pak foundational services requires block storage that is configured to use the
XFS
orext4
file system. RWOaccessMode
is preferred. - The file systems (
XFS
andext4
) are POSIX-compliant and fully compatible with all supported Red Hat Enterprise Linux releases. - The IBM Cloud Pak foundational services supports the
volumeBindingMode
with eitherImmediate
orWaitForFirstConsumer
values to control volume binding and dynamic provisioning. - Recommend using Storage performance validation playbook and Storage validation tool to measure the performance of the underlying storage with relevant metrics for workloads.
The storage providers that are verified for use with IBM Cloud Pak foundational services are marked in the All foundational services row in Table 1. Storage options. All foundational services, except the ones that have specific requirements or storage options, can use these storage providers. If you plan to use NFS, see NFS support and configuration in IBM Cloud Pak foundational services.
Storage options for foundational services
Important: The following table includes storage providers that allow you to provision persistent volumes for use by your product. There is no guarantee that all features of a storage provider, such as snapshot-based backup and restore of the volumes, are supported.
Service | Amazon FSx for NetApp ONTAP (backendType: ontap-nas ) |
Amazon Elastic Block Store (EBS) | Amazon Elastic File System (EFS) | Azure Disk | GCE Persistent Disk | IBM Cloud Block Storage at Gold level | IBM Cloud File Storage at Gold level | IBM Spectrum Fusion | IBM Spectrum Scale | Network File System (NFS) | Portworx | Red Hat OpenShift Data Foundation | Rook Ceph Block Storage | VMWare vSphere |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
All foundational services |
x | x See Amazon EFS storage support for foundational services and NFS subdir external provisioner on AWS Elastic File System |
x | x | x | x | x | x | x | x | x | x | ||
IAM | x | x | x See Amazon EFS storage support for foundational services and NFS subdir external provisioner on AWS Elastic File System |
x | x | x | x | x | x | x | x | x | x | |
Platform UI ( ibm-zen-operator , zen-cpp-operator ) |
x | x | x | x | x (Container Native) |
x | x | x (Red Hat Ceph Storage) |
||||||
Events | x | x | x | x | x | x | x | x | ||||||
User Data Services | x | x | x | x (Red Hat Ceph Storage) |
Important: Some foundational services services have specific requirements or storage options. The options are marked in the Table 1. Storage options.
The following foundational services can be used only with specific storage providers as indicated in Table 1. Storage options:
- Platform UI (
ibm-zen-operator
andzen-cpp-operator
): Requires storage that supports Read, Write, Many (RWX) mode. If you use IBM Cloud File Storage at Gold level, the storage must allow non-root user access. - The service also requires a storage class that supports Read, Write, Once (RWO) access mode for the
zen-metastoredb
component. Following storage classes are verified for use with thezen-metastoredb
component:- Amazon EBS block
- ibmc-block-gold
- Custom Portworx non-shared
- Red Hat Ceph RBD
- Events: Requires block storage. This storage must be formatted to use the
XFS
orext4
file system. If you use VMWare vSphere, the accessed storage infrastructure must be block storage. Note: The Events service, which is based on open source technology, does not encrypt data that is received before it is written to disk. If the data that is received and stored on the persistent storage volumes needs to be encrypted, encrypt your storage system. - User Data Services: Requires block storage only that supports RWO access mode.
The following foundational services can be used with any storage provider that is verified for use with foundational services. However, these services have specific requirements.
-
MongoDB (
ibm-mongodb-operator
): From foundational services version 3.19 and later, MongoDB supports block and file type storages to configure the storage class. MongoDB does not encrypt data at rest. To ensure that the stored data is encrypted, choose a storage solution that guarantees data encryption. -
Business Teams Service (
ibm-bts-operator
): Requires a storage class for dynamic provisioning. Business Teams Service uses the default storage class that you set in your cluster. If you do not set a default storage class, the service uses the first storage class from your list of storage classes in the cluster. - License Service Reporter: License Service does not require persistent storage. License Service Reporter, which is an optional component with the License Service, uses the default storage class.
Amazon EFS storage support for foundational services
To use Amazon EFS with foundational services, do the following steps:
-
Find the uid and gid on the {{site.data.keyword.cs_ocp}} (OCP) cluster for the namespace where you deployed the IBM Cloud Pak foundational services.
oc get project <name of the storageclass> -o yaml
See the following sample output:
openshift.io/sa.scc.supplemental-groups: 1000770000/10000.
Where
1000770000
is the gid range.openshift.io/sa.scc.uid-range: 1000770000/10000.
Where
1000770000
is the uid range. -
Edit
Parameters
section in theefs-sc
storage class to add theuid
andgid
values for the namespace where you deployed the foundational services.For example:
Name: efs-sc IsDefaultClass: Yes Annotations: storageclass.kubernetes.io/is-default-class=true Provisioner: efs.csi.aws.com Parameters: basePath=/dynamic_provisioning,directoryPerms=777,fileSystemId=fs-0e85126ea1cc0ae5c,gid=1000770000,provisioningMode=efs-ap,uid=1000770000 AllowVolumeExpansion: <unset> MountOptions: <none> ReclaimPolicy: Delete VolumeBindingMode: Immediate Events: <none>
Note: The
uid
andgid
values are different for each namespace where you deployed the IBM Cloud Pak foundational services. Ensure that you create a different EFS storage class for each namespace.
NFS subdir external provisioner on Amazon EFS
To use Amazon EFS with foundational services, configure NFS subdir external provisioner on your Amazon EFS.
-
Install and configure the AWS EFS CSI (Container Storage Interface) Driver Operator in your cluster.
-
Deploy NFS Subdir External Provisioner to your cluster. Complete steps 1 - 6.
NFS support and configuration in IBM Cloud Pak foundational services
You must use one of the following enterprise-grade NFS providers:
- IBM Spectrum Scale
- NetApp Trident
- Dell EMC Powerscale
Note: It is your responsibility to secure the NFS storage.
NFS in non-production environment
You can use NFS in production and non-production environments. It is ideal to use a separate NFS server for each environment.
For more information about setting up your OpenShift Container Platform clusters with persistent storage by using NFS, see Kubernetes NFS Subdir External Provisioner .
Minimum requirements for NFS configuration in non-production and production environments
The following list shows the minimum requirements for the NFS configuration in both non-production and production environments.
-
Options that are required to export the NFS share to all the NFS clients:
rw
sync
no_root_squash
no_subtree_check
IMPORTANT: You must export the NFS share to all the NFS clients.
-
Minimum NFS configuration requirements for optimal performance of the Identity and Access Management (IAM) components:
- Minimum input/output operations per second (IOPS): 200
- IOPS per GB: 10