Deployment considerations

Ensure that the following steps are completed before you deploy IBM Storage Scale Container Storage Interface driver in your cluster.

  • Worker nodes selection: By default, Kubernetes or Red Hat® OpenShift® schedules the IBM Storage Scale Container Storage Interface driver pods on all worker nodes. It is essential to have IBM Storage Scale client installed on all these nodes. If you want to schedule the IBM Storage Scale Container Storage Interface driver pods only on selected worker nodes, you must label the selected nodes and use this label in node selector. For more information, see Using the node selector.
  • Start of changeNode selection for sidecar pods: The CSI sidecar pods can be scheduled on specific nodes by adding labels to nodes, and adding the nodeSelectors for the sidecar pods. For more information, see Using the node selector. IBM Storage Scale Container Storage Interface driver pod must also be scheduled on the nodes that run sidecar pods. On the Red Hat OpenShift, if the infrastructure nodes are worker nodes, schedule the sidecar pods to run on the infrastructure nodes.End of change
  • Local file system: If you plan to use a local file system for PVC provisioning, ensure that the IBM Storage Scale GUI is initialized and running on your IBM Storage Scale cluster.
  • Remote cluster setup: If you plan to use a remotely mounted file system for PVC provisioning, ensure that the following setup is completed:
    • The IBM Storage Scale GUI is initialized and running on both clusters (owning cluster and accessing cluster)
    • Remote cluster details are added to the Operator configuration. For more information, see Remote cluster support.
  • SELinux considerations: Different Kubernetes distributions handle the SELinux enforcing mode differently. There might be differences in terms of SELinux context that is set on files, relabeling of volumes and the process context of containers. As a prerequisite, appropriate SELinux rules must be set up to allow IBM Storage Scale Container Storage Interface driver containers to access the required resources on host. For example, the “container_t” context needs to have access to csi.sock and the IBM Storage Scale file system, or the files that need access from containers need to have the “container_file_t” context set. Refer to audit logs for any SELinux failures and set up appropriate rules as required.
    Note: If you are running IBM Storage Scale Container Storage Interface driver with IBM Storage Scale Container Native, refer the SELinux limitations.
  • Node names: At times, it is possible that IBM Storage Scale cluster and Kubernetes or Red Hat OpenShift cluster are configured with different node names for the same host.
    1. Issue the following command to check the nodes used by the Kubernetes. Do not consider the nodes name where the IBM Storage Scale is not expected to run. For example, the master nodes.
      kubectl get nodes
    2. Check the node name used by IBM Storage Scale by issuing the following curl command against the IBM Storage Scale GUI host of primary cluster.
      curl --insecure -u '<gui_username>:<gui_username_password>' -X GET https://<gui host IP/name>:443/scalemgmt/v2/filesystems/<filesystemname>?fields=mount
    Note:
    • The preceding command lists the node names where the file system is mounted in the field nodesMountedReadWrite. The preceding command may return the long list of the nodes where the specified file system mounts. Consider the node names listed only for the Kubernetes nodes.
    • If the node names listed in step 1 are not present as is (exact string) in the node names that are listed in step 2, then configure node mapping in the Operator configuration. For more information, see Kubernetes to IBM Storage Scale node mapping.
  • Internet connectivity: If your worker nodes do not have internet connectivity and access to the quay.io registry, you need to manually download the following images and upload to the local image registry.
    Start of change
    Table 1. Image links for IBM Storage Scale Container Storage Interface driver 2.10.1
    Name Version Image
    ibm-spectrum-scale-csi-operator 2.10.1

    quay.io/ibm-spectrum-scale/ibm-spectrum-scale-csi-operator@sha256:ccb895d8916171352aed2f06d9d6f3a1a7aba20405cd129091e9b57d59ad1343
    ibm-spectrum-scale-csi-driver 2.10.1 quay.io/ibm-spectrum-scale/ibm-spectrum-scale-csi-driver@sha256:a61878203bb642320e67edc9229bf84ad37ef0828522ad6d8566bd7747d631f6
    csi-node-driver-registrar 2.8.0 registry.k8s.io/sig-storage/csi-node-driver-registrar@sha256:f6717ce72a2615c7fbc746b4068f788e78579c54c43b8716e5ce650d97af2df1
    livenessprobe 2.10.0 registry.k8s.io/sig-storage/livenessprobe@sha256:4dc0b87ccd69f9865b89234d8555d3a614ab0a16ed94a3016ffd27f8106132ce
    csi-attacher 4.3.0 registry.k8s.io/sig-storage/csi-attacher@sha256:4eb73137b66381b7b5dfd4d21d460f4b4095347ab6ed4626e0199c29d8d021af
    csi-provisioner 3.5.0 registry.k8s.io/sig-storage/csi-provisioner@sha256:d078dc174323407e8cc6f0f9abd4efaac5db27838f1564d0253d5e3233e3f17f
    csi-snapshotter 6.2.2 registry.k8s.io/sig-storage/csi-snapshotter@sha256:becc53e25b96573f61f7469923a92fb3e9d3a3781732159954ce0d9da07233a2
    csi-resizer 1.8.0 registry.k8s.io/sig-storage/csi-resizer@sha256:2e2b44393539d744a55b9370b346e8ebd95a77573064f3f9a8caf18c22f4d0d0
    End of change
  • Parallel volume clones and volume restore: To increase the limit of copy jobs in parallel for the volume clones and the volume restore use the following command:
    mmxcp config --set-max-value <no. of copy jobs in parallel>
    The default limit is 10, the maximum limit is 100.
  • IBM Storage Scale services: GUI nodes, protocol nodes, and NSD nodes are not part of the Kubernetes cluster.
  • IBM Storage Scale Container Storage Interface driver version support: Rollback to the old versions of IBM Storage Scale Container Storage Interface driver is not supported.