Skip to main content

Hi Guys.
Is here anyone who tried to use Kasten on OCI (Oracle CLoud Infrastructure) block volumes and succeed?
Seems I am not the only one who tries to utilise oci-bv storageclass

OCI Block volumes are supported via CSI integration - here is an implementation I’ve tried.

https://github.com/oracle/oci-cloud-controller-manager/blob/master/container-storage-interface.md

 

Kasten has a generic CSI integration which should support this. documented here: https://docs.kasten.io/latest/install/storage.html#container-storage-interface-csi


Hello @marcinbojko 

I think oracle is not one  of storage providers that either automatically discovered and configured within K10 or can be configured for direct integration

but you still can use CSI (  Container Storage Interface) ,K10 supports invoking volume snapshots operations via the Container Storage Interface (CSI). To ensure that this works correctly, please ensure the following requirements are met.

 

https://docs.kasten.io/latest/install/storage.html

 

Thanks 

Ahmed Hagag


Thank you @IuriiKogan , I am past reading these
Unfortunately seems OKE cluster is not setting VolumeSnapshotDataSource feature, as all my VolumeSnapshot Classes are empty
I was looking for a hands-on experience


@marcinbojko did you run the K10 pre-flight check script after you annotated the storage class? Could you provide the output from the script? maybe we can help diagnose... 


@IuriiKogan Absolutely
I was fighting with VolumeSnapshot CRD’s missing as mentioned above

```

I0221 10:35:36.746523 6 request.go:665] Waited for 1.039429935s due to client-side throttling, not priority and fairness, request: GET:https://10.96.0.1:443/apis/coordination.k8s.io/v1

Kubernetes Version Check:

Valid kubernetes version (v1.19.7) - OK

RBAC Check:

Kubernetes RBAC is enabled - OK

Aggregated Layer Check:

The Kubernetes Aggregated Layer is enabled - OK

W0221 10:35:37.670097 6 warnings.go:70] storage.k8s.io/v1beta1 CSIDriver is deprecated in v1.19+, unavailable in v1.22+; use storage.k8s.io/v1 CSIDriver

W0221 10:35:37.675476 6 warnings.go:70] storage.k8s.io/v1beta1 CSIDriver is deprecated in v1.19+, unavailable in v1.22+; use storage.k8s.io/v1 CSIDriver

CSI Capabilities Check:

VolumeSnapshot CRD-based APIs are not installed - Error

W0221 10:35:39.060366 6 warnings.go:70] storage.k8s.io/v1beta1 CSIDriver is deprecated in v1.19+, unavailable in v1.22+; use storage.k8s.io/v1 CSIDriver

W0221 10:35:39.064728 6 warnings.go:70] storage.k8s.io/v1beta1 CSIDriver is deprecated in v1.19+, unavailable in v1.22+; use storage.k8s.io/v1 CSIDriver

W0221 10:35:39.068995 6 warnings.go:70] storage.k8s.io/v1beta1 CSIDriver is deprecated in v1.19+, unavailable in v1.22+; use storage.k8s.io/v1 CSIDriver

W0221 10:35:39.073668 6 warnings.go:70] storage.k8s.io/v1beta1 CSIDriver is deprecated in v1.19+, unavailable in v1.22+; use storage.k8s.io/v1 CSIDriver

W0221 10:35:40.556682 6 warnings.go:70] storage.k8s.io/v1beta1 CSIDriver is deprecated in v1.19+, unavailable in v1.22+; use storage.k8s.io/v1 CSIDriver

W0221 10:35:40.607382 6 warnings.go:70] storage.k8s.io/v1beta1 CSIDriver is deprecated in v1.19+, unavailable in v1.22+; use storage.k8s.io/v1 CSIDriver

Validating Provisioners:

blockvolume.csi.oraclecloud.com:

Is a CSI Provisioner - OK

Missing/Failed to Fetch CSIDriver Object

VolumeSnapshot CRD-based APIs are not installed - Error

Storage Classes:

oci-bv

Valid Storage Class - OK

retain-oci-bv

Valid Storage Class - OK

oracle.com/oci:

Storage Classes:

oci

Supported via K10 Generic Volume Backup. See https://docs.kasten.io/latest/install/generic.html.

Validate Generic Volume Snapshot:

Pod Created successfully - OK

GVS Backup command executed successfully - OK

Pod deleted successfully - OK

serviceaccount "k10-primer" deleted

clusterrolebinding.rbac.authorization.k8s.io "k10-primer" deleted

job.batch "k10primer" deleted
```


I think I am getting somewhere, csi-snapshotter is missing ;)


@IuriiKogan @Hagag Does anyone from Kasten team tried OCI block volumes? Seems there is no snapshot support for these (different sources, can be wrong) so there is no possibility to backup anything other way than Generic Backup with probably Kanister support.
Can anyone guys confirm that?


@marcinbojko Try this below to fix the issue in OCI and create a VolumeSnapshotClass

kubectl create -f https://raw.githubusercontent.com/kubernetes-csi/external-snapshotter/release-4.0/client/config/crd/snapshot.storage.k8s.io_volumesnapshotclasses.yaml

 

kubectl create -f https://raw.githubusercontent.com/kubernetes-csi/external-snapshotter/release-4.0/client/config/crd/snapshot.storage.k8s.io_volumesnapshotcontents.yaml

 

kubectl create -f https://raw.githubusercontent.com/kubernetes-csi/external-snapshotter/release-4.0/client/config/crd/snapshot.storage.k8s.io_volumesnapshots.yaml

 

kubectl create -f https://raw.githubusercontent.com/kubernetes-csi/external-snapshotter/release-4.0/deploy/kubernetes/snapshot-controller/rbac-snapshot-controller.yaml

 

kubectl create -f https://raw.githubusercontent.com/kubernetes-csi/external-snapshotter/release-4.0/deploy/kubernetes/snapshot-controller/setup-snapshot-controller.yaml

 

Create a VolumeSnapshotClass

 

echo '

apiVersion: snapshot.storage.k8s.io/v1

kind: VolumeSnapshotClass

driver: blockvolume.csi.oraclecloud.com

metadata:

  annotations:

    k10.kasten.io/is-snapshot-class: "true"

  name: csi-oci-disk-snapclass

deletionPolicy: Retain

' | kubectl apply -f -

 

Run the command to derive the list of provisioners along with their StorageClasses and VolumeSnapshotClasses

 

curl -s https://docs.kasten.io/tools/k10_primer.sh  | bash

Namespace option not provided, using default namespace

Checking for tools

 --> Found kubectl

 --> Found helm

 --> Found jq

Checking if the Kasten Helm repo is present

 --> The Kasten Helm repo was found

Checking for required Helm version (>= v3.0.0)

 --> No Tiller needed with Helm v3.7.1

K10Primer image

 --> Using Image (gcr.io/kasten-images/k10tools:6.0.0) to run test

Checking access to the Kubernetes context context-ckghxkrxhxa

 --> Able to access the default Kubernetes namespace

K10 Kanister tools image

 --> Using Kanister tools image (ghcr.io/kanisterio/kanister-tools:0.92.0) to run test

Running K10Primer Job in cluster with command-

     ./k10tools primer

serviceaccount/k10-primer created

clusterrolebinding.rbac.authorization.k8s.io/k10-primer created

job.batch/k10primer created

Pod Ready!

Kubernetes Version Check:

  Valid kubernetes version (v1.26.2)  -  OK

RBAC Check:

  Kubernetes RBAC is enabled  -  OK

Aggregated Layer Check:

  The Kubernetes Aggregated Layer is enabled  -  OK

         Found multiple snapshot API group versions, using preferred.

CSI Capabilities Check:

  Using CSI GroupVersion snapshot.storage.k8s.io/v1  -  OK

         Found multiple snapshot API group versions, using preferred.

Validating Provisioners:

oracle.com/oci:

  Storage Classes:

    oci

      Supported via K10 Generic Volume Backup. See https://docs.kasten.io/latest/install/generic.html.

blockvolume.csi.oraclecloud.com:

  Is a CSI Provisioner  -  OK

  Missing/Failed to Fetch CSIDriver Object

  Storage Classes:

    oci-bv

      Valid Storage Class  -  OK

  Volume Snapshot Classes:

    csi-oci-disk-snapclass

      Has k10.kasten.io/is-snapshot-class annotation set to true  -  OK

      Has deletionPolicy 'Retain'  -  OK

Validate Generic Volume Snapshot:

  Pod created successfully  -  OK

  GVS Backup command executed successfully  -  OK

  Pod deleted successfully  -  OK

serviceaccount "k10-primer" deleted

clusterrolebinding.rbac.authorization.k8s.io "k10-primer" deleted

job.batch "k10primer" deleted

 

Preflight check for CSI snapshot validation

 

curl -s https://docs.kasten.io/tools/k10_primer.sh  | bash /dev/stdin -c "storage csi-checker -s oci-bv  --runAsUser=1000"

Namespace option not provided, using default namespace

Checking for tools

 --> Found kubectl

 --> Found helm

 --> Found jq

Checking if the Kasten Helm repo is present

 --> The Kasten Helm repo was found

Checking for required Helm version (>= v3.0.0)

 --> No Tiller needed with Helm v3.7.1

K10Primer image

 --> Using Image (gcr.io/kasten-images/k10tools:6.0.0) to run test

Checking access to the Kubernetes context context-ckghxkrxhxa

 --> Able to access the default Kubernetes namespace

K10 Kanister tools image

 --> Using Kanister tools image (ghcr.io/kanisterio/kanister-tools:0.92.0) to run test

Running K10Primer Job in cluster with command-

     ./k10tools primer storage csi-checker -s oci-bv  --runAsUser=1000

serviceaccount/k10-primer created

clusterrolebinding.rbac.authorization.k8s.io/k10-primer created

job.batch/k10primer created

Pod Ready!

Command "csi-checker" is deprecated, Use `check csi` command instead

Starting CSI checker. Could take up to 5 minutes

         Found multiple snapshot API group versions, using preferred.

Creating application

  -> Created pod (kubestr-csi-original-podg9lw4) and pvc (kubestr-csi-original-pvcgjh5c)

Taking a snapshot

  -> Created snapshot (kubestr-snapshot-20230615143324)

Restoring application

  -> Restored pod (kubestr-csi-cloned-podrc25j) and pvc (kubestr-csi-cloned-pvctmm8k)

Cleaning up resources

CSI Snapshot Walkthrough:

  Using annotated VolumeSnapshotClass (csi-oci-disk-snapclass)

  Successfully tested snapshot restore functionality.  -  OK

serviceaccount "k10-primer" deleted

clusterrolebinding.rbac.authorization.k8s.io "k10-primer" deleted

job.batch "k10primer" deleted

 

 


Comment