OpenShift Container Platform 4.10 on HPE DL365 Gen10 Plus Servers

# Deploying HPE CSI Driver for HPE Alletra storage on RHOCP 4.10

This section describes how to deploy HPE CSI Driver for HPE Alletra storage on an existing RHOCP 4.10.

Prerequisites:

Before configuring the HPE CSI Driver, the following prerequisites must be met:

  1. RHOCP 4.10 must be successfully deployed, and console should be accessible.

  2. iSCSI interface must be configured on the HPE Alletra Storage array. For more information, see the Infrastructure Master Reference Architecture based on HPE Alletra 6000 (opens new window).

  3. Additional iSCSI network interfaces must be configured on physical worker nodes.()

  4. Deploy scc.yaml file to enable Security Context Constraints (SCC).

Configuring iSCSI interface on worker nodes

The RHOCP 4.10 cluster comprises the master and physical worker nodes with RHEL 8.6 deployed as the operating system. The iSCSI interface is configured on the host nodes to establish the connection with the HPE Alletra array to the cluster. Apart from the host nodes, additional iSCSI interface needs to be configured on all the worker (physical and virtual) nodes for establishing the connection between the RHOCP cluster and HPE Alletra arrays.

To configure iSCSI interface on physical RHEL worker nodes:

  • Configure iSCSI A connection as a storage interface and iSCSI B connection as an additional storage for redundancy

For example, the iSCSI_A and iSCSI_B interface connection is configured on worker1 node, as shown in Figure 9.

FIGURE 13 iSCSI_A and iSCSI_B interface connection

Creating namespace

To create a namespace, in this case, hpe-csi:

  1. Open Red Hat OpenShift Container Platform Console on a supported web browser.

  2. Click Administration → Namespaces on the left pane.

  3. Click Create Namespaces.

  4. On the Create Namespace dialog box, enter hpe-csi.

  5. Click Create.

Deploying Security Context Constraints (SCC)

The HPE CSI Driver needs to run in the privileged mode to get access to the host ports, host network, and to mount the host path volume. Before deploying HPE CSI Driver operator on RHOCP cluster, deploy SCC to allow HPE CSI Driver to run with these privileges.

Prerequisites:

  • Ensure that you can access the scc.yaml file from the following GitHub link:

https://raw.githubusercontent.com/hpe-storage/co-deployments/master/operators/hpe-csi-operator/deploy/scc.yaml (opens new window)

To deploy SCC:

  1. On the installer VM, download scc.yaml file from the GitHub (opens new window) link using the following command:
$ curl -sL https://raw.githubusercontent.com/hpe-storage/co-deployments/master/operators/hpe-csi-operator/deploy/scc.yaml \> hpe-csi-scc.yaml

  1. Edit relevant parameters such as project name or namespace in the hpe-csi-scc.yaml file.

  2. Change my-hpe-csi-operator to the name of the project (in this case, hpe-csi) where the CSI Operator is being deployed using the following command:

$ oc new-project hpe-csi --display-name="HPE CSI Driver for Kubernetes"

$ sed -i'' -e 's/my-hpe-csi-driver-operator/hpe-csi/g' hpe-csi-scc.yaml
  1. Save the file.

The following figure illustrates the parameter that needs to be edited (project name) where the HPE CSI Driver operator is deployed:

FIGURE 14 Editing hpe-cs-scc.yaml file

  1. Deploy SCC using the following command and check the output:
$ oc create -f hpe-csi-scc.yaml

The following output is displayed:

securitycontextconstraints.security.openshift.io/hpe-csi-scc created

Installing and configuring HPE CSI Driver

NOTE

HPE CSI Driver version 2.2 is used for deploying HPE Alletra Storage on the RHOCP 4.10.

Prerequisites:

Before installing the HPE CSI Driver from the Red Hat OpenShift Container Platform Console:

  • Create a namespace for HPE CSI Driver
  • Deploy SCC for the created namespace

Installing HPE CSI Driver Operator using Red Hat OperatorHub

To install HPE CSI Driver Operator from the Red Hat OperatorHub:

  1. Log in to the Red Hat OpenShift Container Platform Console.

  2. Navigate to Operators → OperatorHub.

  3. Search for HPE CSI Driver Operator from the list of operators and click HPE CSI Driver Operator.

  4. On the HPE CSI Operator for Kubernetes page, click Install.

FIGURE 15 HPE CSI Driver Operator search

  1. On the Create Operator Subscription page, select the appropriate options:

  2. Select "A specific namespace on the cluster" in the Installation Mode option.

  3. Select the appropriate namespace (in this case, hpe-csi) in the Installed Namespace option.

  4. Select "stable" in the Update Channel option.

  5. Select "Automatic" in the Approval Strategy option.

FIGURE 16 Create Operator Subscription

  1. ClickSubscribe.

  2. The Installed Operators page is displayed with the status of the operator.

FIGURE 17 Installed Operators

Creating HPE CSI Driver

The HPE CSI Driver is a multi-vendor and multi-backend driver where each implementation has a Container Storage Provider (CSP). The HPE CSI Driver for Kubernetes uses CSP to perform data management operations on storage resources such as searching for a logical unit number (lun) and so on. The HPE CSI Driver allows any vendor or project to develop its own CSP using the CSP specification (opens new window). It enables the third parties to integrate their storage solution into Kubernetes and takes care of all the intricacies.

To create the HPE CSI Driver:

  1. Log in to the Red Hat OpenShift Container Platform Console.

  2. Navigate to Operators → Installed Operators on the left pane to view the installed operators.

  3. On the Installed Operators page, select HPECSIDriver from the Project drop-down list to switch to the hpe-csi project.

  4. On the hpe-csi project, select HPECSIDriver tab.

  5. Click Create HPECSIDriver.

  6. Click Create.

FIGURE 18 HPE CSI Driver creation

Verifying HPECSIDriver configuration

After the HPECSIDriver is deployed, the deployment pods such as hpe-csi-controller, hpe-csi-driver, primera3par-csp, and Nimble-csp are displayed on the Pods page.

FIGURE 19 Deployment pods for HPECSIDriver

NOTE

The Nimble Storage CSP also supports HPE Alletra 6000.

To verify the HPE CSI node information:

  1. On the installer VM, check HPENodeInfo and network status of worker nodes with the following commands.
$ oc get HPENodeInfo

$ oc get HPENodeInfo/<workernode fqdn> -o yaml

The following output is displayed:

FIGURE 20 HPENodeInfo on the cluster

**Creating HPE Alletra StorageClass **

After HPE CSI Driver is deployed, two additional objects, Secret and StorageClass, must be created to initiate the provisioning of persistent storage.

Creating Alletra Secret

To create a new Secret via CLI that will be used with HPE Alletra:

  1. Add the name, Namespace, backend username, backend password and the backend IP address in the Alletra-secret.yaml file and save it to be used by the CSP.

The following details are provided in the Alletra-secret.yaml file:

apiVersion: v1

kind: Secret

metadata:

  name: alletra-secret

  namespace: hpe-csi

stringData:

  serviceName: alletra-csp-svc

  servicePort: "8080"

  backend: alletramgmtip      # update alletramgmt ip

  username: admin

  password: admin
  1. Create the Alletra-secret.yaml file with the following command:
$ oc create -f Alletra-secret.yaml
  1. The following output displays the status of the alletra-secret with the "hpe-csi" namespace.

FIGURE 21 HPE Alletra Secret status

Creating StorageClass with HPE Alletra Secret

This section describes how to create a new StorageClass using the existing Alletra-secret and the necessary StorageClass parameters.

To create a new StorageClass using the Alletra-secret:

  1. Edit the following parameters in the Alletra-storageclass.yaml file:
apiVersion: storage.k8s.io/v1

kind: StorageClass

metadata:

  annotations:

    storageclass.kubernetes.io/is-default-class: "true"

  name: Alletra-storageclass

provisioner: csi.hpe.com

parameters:

  csi.storage.k8s.io/fstype: xfs

  csi.storage.k8s.io/controller-expand-secret-name: alletra-secret

  csi.storage.k8s.io/controller-expand-secret-namespace: hpe-csi

  csi.storage.k8s.io/controller-publish-secret-name: alletra-secret

  csi.storage.k8s.io/controller-publish-secret-namespace: hpe-csi

  csi.storage.k8s.io/node-publish-secret-name: alletra-secret

  csi.storage.k8s.io/node-publish-secret-namespace: hpe-csi

  csi.storage.k8s.io/node-stage-secret-name: alletra-secret

  csi.storage.k8s.io/node-stage-secret-namespace: hpe-csi

  csi.storage.k8s.io/provisioner-secret-name: alletra-secret

  csi.storage.k8s.io/provisioner-secret-namespace: hpe-csi

  description: "Volume created by the HPE CSI Driver for Kubernetes"

reclaimPolicy: Delete

allowVolumeExpansion: true
  1. Create the Alletra-storageclass.yml file with the following command:
$ oc create -f Alletra-storageclass.yml
  1. Verify the name of the storage class (in this case, Alletra-storageclass).

FIGURE 22 HPE Alletra StorageClass status

INSTALL AND CONFIGURE VELERO