Cloud Native Storage (CNS) integrates vSphere and Kubernetes and offers capabilities to create and manage container volumes in vSphere environment. CNS consists of the two components, CNS component in vCenter Server and a vSphere volume driver in Kubernetes, called vSphere Container Storage Plug-in.

The main goal of CNS is to enable vSphere and vSphere storage, including vSAN, as a platform to run stateful Kubernetes workloads. vSphere offers a highly reliable and performant data path, mature for enterprise use. CNS enables access of this data path to Kubernetes and brings an understanding of Kubernetes volume and pod abstractions to vSphere.

Cloud Native Storage Architecture

The following illustration demonstrates how CNS components, CNS in vCenter Server and vSphere Container Storage Plug-in, interact with other components in vSphere environment.

CNS Component in vCenter Server

In the vSphere environment, the CNS control plane introduces a concept of volumes, such as container volumes and persistent volumes. CNS in vCenter Server is a storage control plane for container volumes. CNS is responsible for managing the life cycle of volumes, including operations such as create, read, update, and delete. It is also responsible for managing volume metadata, snapshot and restore, volume copy and clone, as well as monitoring the health and compliance of volumes. These volumes are independent of the virtual machine life cycle and have their own identity in vSphere.

CNS leverages the existing Storage Policy Based Management (SPBM) functionality for volume provisioning. The DevOps users can use the storage policies, created by the vSphere administrator in vSphere, to specify the storage SLAs for the application volumes within Kubernetes. CNS enables the DevOps users to self-provision storage for their apps with appropriate storage SLAs. CNS honors these storage SLAs by provisioning the volume on an SPBM policy-compliant datastore in vSphere. The SPBM policy is applied at the granularity of a container volume.

CNS supports block volumes backed by First Class Disk (FCD) and file volumes backed by vSAN file shares. A block volume can only be attached to one Kubernetes pod with ReadWriteOnce access mode at any point in time. A file volume can be attached to one or more pods with ReadWriteMany/ReadOnlyMany access modes.

vSphere Container Storage Plug-in in Kubernetes

In Kubernetes, CNS provides a volume driver that consist of two sub components.
  • CSI Plug-in: The CSI plug-in is responsible for volume provisioning, attaching and detaching the volume to VMs, mounting, formatting, and unmounting volumes from the pod within the node VM, and so on. It is built as an out-of-tree CSI plug-in for Kubernetes.
  • Syncer: The syncer is responsible for pushing the PV, PVC, and pod metadata to CNS. It also offers a CNS operator that is used in vSphere with Tanzu. For information, see vSphere with Tanzu Configuration and Management.