部署nfs-provisioner external-storage-nfs
-
創建作業目錄
$ mkdir -p /opt/k8s/nfs/data -
下載nfs-provisioner對應的鏡像,上傳到自己的私有鏡像中
$ docker pull fishchen/nfs-provisioner:v2.2.2 $ docker tag fishchen/nfs-provisioner:v2.2.2 192.168.0.107/k8s/nfs-provisioner:v2.2.2 $ docker push 192.168.0.107/k8s/nfs-provisioner:v2.2.2 -
編輯啟動nfs-provisioner的deploy.yml檔案
$ cd /opt/k8s/nfs $ cat > deploy.yml << EOF apiVersion: v1 kind: ServiceAccount metadata: name: nfs-provisioner --- kind: Service apiVersion: v1 metadata: name: nfs-provisioner labels: app: nfs-provisioner spec: ports: - name: nfs port: 2049 - name: mountd port: 20048 - name: rpcbind port: 111 - name: rpcbind-udp port: 111 protocol: UDP selector: app: nfs-provisioner --- kind: Deployment apiVersion: apps/v1 metadata: name: nfs-provisioner spec: selector: matchLabels: app: nfs-provisioner replicas: 1 strategy: type: Recreate template: metadata: labels: app: nfs-provisioner spec: serviceAccount: nfs-provisioner containers: - name: nfs-provisioner image: 192.168.0.107/k8s/nfs-provisioner:v2.2.2 ports: - name: nfs containerPort: 2049 - name: mountd containerPort: 20048 - name: rpcbind containerPort: 111 - name: rpcbind-udp containerPort: 111 protocol: UDP securityContext: capabilities: add: - DAC_READ_SEARCH - SYS_RESOURCE args: - "-provisioner=myprovisioner.kubernetes.io/nfs" env: - name: POD_IP valueFrom: fieldRef: fieldPath: status.podIP - name: SERVICE_NAME value: nfs-provisioner - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace imagePullPolicy: "IfNotPresent" volumeMounts: - name: export-volume mountPath: /export volumes: - name: export-volume hostPath: path: /opt/k8s/nfs/data EOF- volumes.hostPath 指向剛創建的資料目錄,作為nfs的export目錄,此目錄可以是任意的Linux目錄
- args: - "-myprovisioner.kubernetes.io/nfs" 指定provisioner的名稱,要和后面創建的storeClass中的名稱保持一致
-
編輯自動創建pv相關的rbac檔案
$ cd /opt/k8s/nfs $ cat > rbac.yml << EOF kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: name: nfs-provisioner-runner rules: - apiGroups: [""] resources: ["persistentvolumes"] verbs: ["get", "list", "watch", "create", "delete"] - apiGroups: [""] resources: ["persistentvolumeclaims"] verbs: ["get", "list", "watch", "update"] - apiGroups: ["storage.k8s.io"] resources: ["storageclasses"] verbs: ["get", "list", "watch"] - apiGroups: [""] resources: ["events"] verbs: ["create", "update", "patch"] - apiGroups: [""] resources: ["services", "endpoints"] verbs: ["get"] - apiGroups: ["extensions"] resources: ["podsecuritypolicies"] resourceNames: ["nfs-provisioner"] verbs: ["use"] --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: run-nfs-provisioner subjects: - kind: ServiceAccount name: nfs-provisioner # replace with namespace where provisioner is deployed namespace: default roleRef: kind: ClusterRole name: nfs-provisioner-runner apiGroup: rbac.authorization.k8s.io --- kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata: name: leader-locking-nfs-provisioner rules: - apiGroups: [""] resources: ["endpoints"] verbs: ["get", "list", "watch", "create", "update", "patch"] --- kind: RoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: leader-locking-nfs-provisioner subjects: - kind: ServiceAccount name: nfs-provisioner # replace with namespace where provisioner is deployed namespace: default roleRef: kind: Role name: leader-locking-nfs-provisioner apiGroup: rbac.authorization.k8s.io EOF -
編輯創建StorageClass的啟動檔案
$ cd /opt/k8s/nfs $ cat > class.yml << EOF kind: StorageClass apiVersion: storage.k8s.io/v1 metadata: name: example-nfs provisioner: myprovisioner.kubernetes.io/nfs mountOptions: - vers=4.1 EOF- provisioner 對應的值要和前面deployment.yml中配置的值一樣
-
啟動nfs-provisioner
$ kubectl create -f deploy.yml -f rbac.yml -f class.yml
驗證和使用nfs-provisioner
下面我們通過一個簡單的例子來驗證剛創建的nfs-provisioner,例子中主要包含兩個應用,一個busyboxy和一個web,兩個應用掛載同一個PVC,其中busybox負責向共享存盤中寫入內容,web應用讀取共享存盤中的內容,并展示到界面,
-
編輯創建PVC檔案
$ cd /opt/k8s/nfs $ cat > claim.yml << EOF kind: PersistentVolumeClaim apiVersion: v1 metadata: name: nfs storageClassName: example-nfs spec: accessModes: - ReadWriteMany resources: requests: storage: 100Mi EOF- storageClassName: 指定前面創建的StorageClass對應的名稱
- accessModes: ReadWriteMany 允許多個node進行掛載和read、write
- 申請資源是100Mi
-
創建PVC,并檢查是否能自動創建相應的pv
$ kubectl create -f claim.yml $ kubectl get pvc NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE nfs Bound pvc-10a1a98c-2d0f-4324-8617-618cf03944fe 100Mi RWX example-nfs 11s $kubectl get pv NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE pvc-10a1a98c-2d0f-4324-8617-618cf03944fe 100Mi RWX Delete Bound default/nfs example-nfs 18s- 可以看到自動給我們創建了一個pv對應的名稱是pvc-10a1a98c-2d0f-4324-8617-618cf03944fe,STORAGECLASS是example-nfs,對應的claim是default/nfs
-
啟動一個busybox應用,通過掛載共享目錄,向其中寫入資料
-
編輯啟動檔案
$ cd /opt/k8s/nfs $ cat > deploy-busybox.yml << EOF apiVersion: apps/v1 kind: Deployment metadata: name: nfs-busybox spec: replicas: 1 selector: matchLabels: name: nfs-busybox template: metadata: labels: name: nfs-busybox spec: containers: - image: busybox command: - sh - -c - 'while true; do date > /mnt/index.html; hostname >> /mnt/index.html; sleep 20; done' imagePullPolicy: IfNotPresent name: busybox volumeMounts: # name must match the volume name below - name: nfs mountPath: "/mnt" volumes: - name: nfs persistentVolumeClaim: claimName: nfs EOF- volumes.persistentVolumeClaim.claimName 設定成剛創建的PVC
-
啟動busybox
$ cd /opt/k8s/nfs $ kubectl create -f deploy-busybox.yml查看是否在對應的pv下生成了index.html
$ cd /opt/k8s/nfs $ ls data/pvc-10a1a98c-2d0f-4324-8617-618cf03944fe/
index.html
$ cat data/pvc-10a1a98c-2d0f-4324-8617-618cf03944fe/index.html
Sun Mar 1 12:51:30 UTC 2020
nfs-busybox-6b677d655f-qcg5c``` * 可以看到在對應的pv下生成了檔案,也正確寫入了內容 -
-
啟動web應用(nginx),讀取共享掛載中的內容
-
編輯啟動檔案
$ cd /opt/k8s/nfs $ cat >deploy-web.yml << EOF apiVersion: v1 kind: Service metadata: name: nfs-web spec: type: NodePort selector: role: web-frontend ports: - name: http port: 80 targetPort: 80 nodePort: 8086 --- apiVersion: apps/v1 kind: Deployment metadata: name: nfs-web spec: replicas: 2 selector: matchLabels: role: web-frontend template: metadata: labels: role: web-frontend spec: containers: - name: web image: nginx:1.9.1 ports: - name: web containerPort: 80 volumeMounts: # name must match the volume name below - name: nfs mountPath: "/usr/share/nginx/html" volumes: - name: nfs persistentVolumeClaim: claimName: nfs EOF- volumes.persistentVolumeClaim.claimName 設定成剛創建的PVC
-
啟動web程式
$ cd /opt/k8s/nfs $ kubectl create -f deploy-web.yml -
訪問頁面
- 可以看到正確讀取了內容,沒過20秒,持續觀察可發現界面的時間可以重繪
-
遇到問題
參照github上的步驟執行,啟動PVC后無法創建pv,查看nfs-provisioner服務的日志,有出現錯誤:
error syncing claim "20eddcd8-1771-44dc-b185-b1225e060c9d": failed to provision volume with StorageClass "example-nfs": error getting NFS server IP for volume: service SERVICE_NAME=nfs-provisioner is not valid; check that it has for ports map[{111 TCP}:true {111 UDP}:true {2049 TCP}:true {20048 TCP}:true] exactly one endpoint, this pod's IP POD_IP=172.30.22.3
錯誤原因issues/1262,之后把錯誤中提到埠保留,其他埠號都去掉,正常
轉載請註明出處,本文鏈接:https://www.uj5u.com/qita/38891.html
標籤:其他
上一篇:Google、阿里、騰訊都在探索的Kubernetes,你不了解一下嗎?
下一篇:OpenShift-介紹