Volume
Pod被創建之后,容器中的資料是暫時的,當容器被關閉時資料也會隨之消失,如果要長期保存容器中的資料就需要用到資料卷,
K8s中的volume提供了在容器中掛載外部存盤的能力
Pod中使用卷,需要設定卷的來源(spec.volume)和掛載點(spec.containers.volumeMounts)這兩個引數資訊,
查看kubernets所支持的卷的型別:
https://v1-17.docs.kubernetes.io/docs/concepts/storage/volumes/
? awsElasticBlockStore
? azureDisk
? azureFile
? cephfs
? cinder
? configMap
? csi
? downwardAPI
? emptyDir
? fc (fibre channel)
? flexVolume
? flocker
? gcePersistentDisk
? gitRepo (deprecated)
? glusterfs
? hostPath
? iscsi
? local
? nfs
? persistentVolumeClaim
? projected
? portworxVolume
? quobyte
? rbd
? scaleIO
? secret
? storageos
? vsphereVolume
根據以上型別可以做簡單分類:
1 本地卷:只在當前節點使用,無法跨節點使用 hostPath emptyDir
2 網路卷:在任意節點都可以訪問到:nfs rbd cephfs glusterfs
3 公有云卷: awsElasticBlockStore azureDisk
4 k8s資源: secret configMap
emptyDir
在pod的宿主機上創建目錄,掛載到Pod中的容器,Pod洗掉該卷也會被洗掉,
應用場景: pod 中容器之間的資料共享
二 動態PV的實作
[root@master NFS]# rz -E rz waiting to receive. [root@master NFS]# ls nfs-client.zip [root@master NFS]# unzip nfs-client.zip [root@master NFS]# cd nfs-client/ [root@master nfs-client]# ls class.yaml deployment.yaml rbac.yaml [root@master nfs-client]# #class.yam定義StorageClass資源 #deployment.yaml中的鏡像負責自動創建PV #rbac.yaml用于對deployment中鏡像授權,使它可以訪問k8sAPI
class資源分析: [root@master nfs-client]# cat class.yaml apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: name: managed-nfs-storage #storageclass資源的名字 provisioner: fuseim.pri/ifs # or choose another name, must match deployment's env PROVISIONER_NAME' parameters: archiveOnDelete: "true" #ture表示當pv被洗掉時,pv中的資料會被自動歸檔(備份) [root@master nfs-client]# deployment.yaml資源分析: [root@master nfs-client]# [root@master nfs-client]# cat deployment.yaml apiVersion: v1 kind: ServiceAccount metadata: name: nfs-client-provisioner --- kind: Deployment apiVersion: apps/v1 metadata: name: nfs-client-provisioner spec: replicas: 1 strategy: type: Recreate selector: matchLabels: app: nfs-client-provisioner template: metadata: labels: app: nfs-client-provisioner spec: serviceAccountName: nfs-client-provisioner containers: - name: nfs-client-provisioner image: quay.io/external_storage/nfs-client-provisioner:latest volumeMounts: - name: nfs-client-root mountPath: /persistentvolumes env: - name: PROVISIONER_NAME value: fuseim.pri/ifs #這個變數要與class.yaml檔案中的一致 - name: NFS_SERVER value: 192.168.1.63 #nfs服務器的地址 - name: NFS_PATH value: /ifs/kubernetes #NfS服務器共享出來的目錄 volumes: - name: nfs-client-root nfs: server: 192.168.1.63 path: /ifs/kubernetes [root@master nfs-client]# rbac.yaml資源分析: [root@master nfs-client]# cat rbac.yaml kind: ServiceAccount apiVersion: v1 metadata: name: nfs-client-provisioner --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: name: nfs-client-provisioner-runner rules: - apiGroups: [""] resources: ["persistentvolumes"] verbs: ["get", "list", "watch", "create", "delete"] - apiGroups: [""] resources: ["persistentvolumeclaims"] verbs: ["get", "list", "watch", "update"] - apiGroups: ["storage.k8s.io"] resources: ["storageclasses"] verbs: ["get", "list", "watch"] - apiGroups: [""] resources: ["events"] verbs: ["create", "update", "patch"] --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: run-nfs-client-provisioner subjects: - kind: ServiceAccount name: nfs-client-provisioner namespace: default roleRef: kind: ClusterRole name: nfs-client-provisioner-runner apiGroup: rbac.authorization.k8s.io --- kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata: name: leader-locking-nfs-client-provisioner rules: - apiGroups: [""] resources: ["endpoints"] verbs: ["get", "list", "watch", "create", "update", "patch"] --- kind: RoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: leader-locking-nfs-client-provisioner subjects: - kind: ServiceAccount name: nfs-client-provisioner # replace with namespace where provisioner is deployed namespace: default roleRef: kind: Role name: leader-locking-nfs-client-provisioner apiGroup: rbac.authorization.k8s.io [root@master nfs-client]#
[root@master nfs-client]# kubectl apply -f . storageclass.storage.k8s.io/managed-nfs-storage created serviceaccount/nfs-client-provisioner created deployment.apps/nfs-client-provisioner created serviceaccount/nfs-client-provisioner unchanged clusterrole.rbac.authorization.k8s.io/nfs-client-provisioner-runner created clusterrolebinding.rbac.authorization.k8s.io/run-nfs-client-provisioner created role.rbac.authorization.k8s.io/leader-locking-nfs-client-provisioner created rolebinding.rbac.authorization.k8s.io/leader-locking-nfs-client-provisioner created [root@master nfs-client]# kubectl get pod NAME READY STATUS RESTARTS AGE nfs-client-provisioner-7676dc9cfc-j4vgl 1/1 Running 0 22s [root@master nfs-client]# [root@master nfs-client]# kubectl get sc #查看SC的name,PVC中需要使用這個名字 NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE managed-nfs-storage fuseim.pri/ifs Delete Immediate false 53m [root@master nfs-client]#
[root@master ~]# vim deployment3.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: web
name: web
spec:
name: web
spec:
replicas: 1
selector:
matchLabels:
app: web
strategy: {}
template:
metadata:
labels:
app: web
spec:
containers:
- image: nginx
name: nginx
resources: {}
volumeMounts:
- name: data
mountPath: /usr/share/nginx/html
volumes:
- name: data
persistentVolumeClaim:
claimName: my-pvc2
---
#把創建PVC的yaml檔案也放面一個檔案中方便apply,靜態PVC與動態PVC的區別就在于是否有storageClassName
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: my-pvc2
spec:
storageClassName: "managed-nfs-storage" #這里的storageClassName要與上面kubectl get sc的ame一致
accessModes:
- ReadWriteMany
resources:
requests:
storage: 9Gi
[root@master ~]#
[root@master ~]# kubectl apply -f deployment3.yaml
deployment.apps/web created
persistentvolumeclaim/my-pvc2 created
[root@master ~]#
- 查看pod,pv,pvc的狀態,從下面可以看出pv,pvc都已創建成功,并且pv寫pvc也已匹配成功,K8s介面先后創建了pvc和pv,然后兩者再自動匹配,同時查看NFS服務器上的共享目錄/ifs/kubernetes,發現這里自動創建了一個子目錄default-my-pvc2-pvc-e7bbe866-2a62-4269-9c54-a4a411e93e08,創建pv和NFS的共享目錄這兩個動作都是由StorageClass這個資源完成的,
[root@master ~]# kubectl get pod NAME READY STATUS RESTARTS AGE nfs-client-provisioner-7676dc9cfc-zfl8t 1/1 Running 0 95s web-748845d84d-tlrr6 1/1 Running 0 95s [root@master ~]# [root@master ~]# kubectl get pv NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE pvc-e7bbe866-2a62-4269-9c54-a4a411e93e08 9Gi RWX Delete Bound default/my-pvc2 managed-nfs-storage 93s [root@master ~]# [root@master ~]# kubectl get pvc NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE my-pvc2 Bound pvc-e7bbe866-2a62-4269-9c54-a4a411e93e08 9Gi RWX managed-nfs-storage 2m10s [root@master ~]# [root@node2 kubernetes]# pwd /ifs/kubernetes [root@node2 kubernetes]# ls default-my-pvc2-pvc-e7bbe866-2a62-4269-9c54-a4a411e93e08 [root@node2 kubernetes]#
- 在容器中創建資料,查看是否會持久化到目錄中,
[root@master ~]# kubectl exec -it web-748845d84d-tlrr6 -- bash root@web-748845d84d-tlrr6:/# touch /usr/share/nginx/html/abc.txt root@web-748845d84d-tlrr6:/# ls /usr/share/nginx/html/ abc.txt root@web-748845d84d-tlrr6:/# [root@node2 kubernetes]# ls default-my-pvc2-pvc-e7bbe866-2a62-4269-9c54-a4a411e93e08/ abc.txt [root@node2 kubernetes]#
- 如果把pod的副本增加到3個,那么3個Pod中的資料也是共享的,
[root@master ~]# kubectl scale deploy web --replicas=3 deployment.apps/web scaled [root@master ~]# [root@master ~]# kubectl get pod NAME READY STATUS RESTARTS AGE nfs-client-provisioner-7676dc9cfc-zfl8t 1/1 Running 0 40m web-748845d84d-2t48t 1/1 Running 0 114s web-748845d84d-6twgl 1/1 Running 0 5m30s web-748845d84d-t5tbm 1/1 Running 0 114s [root@master ~]# [root@master ~]# kubectl exec -it web-748845d84d-t5tbm -- bash root@web-748845d84d-t5tbm:/# ls /usr/share/nginx/html/ abc.txt root@web-748845d84d-t5tbm:/#
- 洗掉deployment,pvc之后,對應的pod,pv,pvc都會被洗掉,但資料會被歸檔存盤在另一個目錄,
[root@master ~]# kubectl delete -f PV-PVC/dynamic-pvc/deployment3-pvc-sc.yaml deployment.apps "web" deleted persistentvolumeclaim "my-pvc2" deleted [root@master ~]# [root@master ~]# kubectl get pod NAME READY STATUS RESTARTS AGE nfs-client-provisioner-7676dc9cfc-zfl8t 1/1 Running 0 23m [root@master ~]# [root@master ~]# kubectl get pvc No resources found in default namespace. [root@master ~]# [root@master ~]# kubectl get pv No resources found in default namespace. [root@master ~]# [root@node2 kubernetes]# ls archived-default-my-pvc2-pvc-e7bbe866-2a62-4269-9c54-a4a411e93e08 [root@node2 kubernetes]# ls archived-default-my-pvc2-pvc-e7bbe866-2a62-4269-9c54-a4a411e93e08/ abc.txt [root@node2 kubernetes]#
轉載請註明出處,本文鏈接:https://www.uj5u.com/qita/337540.html
標籤:其他