企業運維實戰--k8s學習筆記8.Volumes配置管理之動態pv、statefulset的使用
- 一、Nfs動態分配pv
- 二、StatefulSet如何通過Headless Service維持Pod的拓撲狀態
一、Nfs動態分配pv
有兩種PV提供的方式:靜態和動態,
靜態PV:集群管理員創建多個PV,它們攜帶著真實存盤的詳細資訊,這些存盤對于集群用戶是可用的,它們存在于Kubernetes API中,并可用于存盤使用,
動態PV:當管理員創建的靜態PV都不匹配用戶的PVC時,集群可能會嘗試專門地供給volume給PVC,這種供給基于StorageClass,
StorageClass提供了一種描述存盤類(class)的方法,不同的class可能會映射到不同的服務質量等級和備份策略或其他策略等,
每個 StorageClass 都包含 provisioner、parameters 和 reclaimPolicy 欄位, 這些欄位會在StorageClass需要動態分配 PersistentVolume 時會使用到,
自動創建PV和對應的PVC,本身不提供NFS存盤,需要外部先有一套NFS存盤服務,所以本章操作是基于實驗環境中nfs已部署完成才進行的,
創建操作目錄并進入,將檔案移入
mkdir nfs-client
cd nfs-client/
cp ~/nfs-client-provisioner.yaml .
編輯資源清單,參考官網:https://github.com/kubernetes-incubator/external-storage/tree/master/nfs-client
vim nfs-client-provisioner.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: nfs-client-provisioner
# replace with namespace where provisioner is deployed
namespace: nfs-client-provisioner
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: nfs-client-provisioner-runner
rules:
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "create", "delete"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list", "watch", "update"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["events"]
verbs: ["create", "update", "patch"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: run-nfs-client-provisioner
subjects:
- kind: ServiceAccount
name: nfs-client-provisioner
# replace with namespace where provisioner is deployed
namespace: nfs-client-provisioner
roleRef:
kind: ClusterRole
name: nfs-client-provisioner-runner
apiGroup: rbac.authorization.k8s.io
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: leader-locking-nfs-client-provisioner
# replace with namespace where provisioner is deployed
namespace: nfs-client-provisioner
rules:
- apiGroups: [""]
resources: ["endpoints"]
verbs: ["get", "list", "watch", "create", "update", "patch"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: leader-locking-nfs-client-provisioner
# replace with namespace where provisioner is deployed
namespace: nfs-client-provisioner
subjects:
- kind: ServiceAccount
name: nfs-client-provisioner
# replace with namespace where provisioner is deployed
namespace: nfs-client-provisioner
roleRef:
kind: Role
name: leader-locking-nfs-client-provisioner
apiGroup: rbac.authorization.k8s.io
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: nfs-client-provisioner
labels:
app: nfs-client-provisioner
# replace with namespace where provisioner is deployed
namespace: nfs-client-provisioner
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: nfs-client-provisioner
template:
metadata:
labels:
app: nfs-client-provisioner
spec:
serviceAccountName: nfs-client-provisioner
containers:
- name: nfs-client-provisioner
image: nfs-subdir-external-provisioner:v4.0.0
volumeMounts:
- name: nfs-client-root
mountPath: /persistentvolumes
env:
- name: PROVISIONER_NAME
value: westos.org/nfs
- name: NFS_SERVER
value: 172.25.9.1 #指定nfs server主機
- name: NFS_PATH
value: /mnt/nfs #指定nfs共享路徑
volumes:
- name: nfs-client-root
nfs:
server: 172.25.9.1 #同上
path: /mnt/nfs
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: managed-nfs-storage
provisioner: westos.org/nfs
parameters:
archiveOnDelete: "true" #true為洗掉后自動打包備份,false為洗掉后不打包
拉起清單前,先創建好storageclass,準備好鏡像
創建sc,拉起清單
kubectl create namespace nfs-client-provisioner
kubectl apply -f nfs-client-provisioner.yaml
kubectl get sc
創建pvc
vim test-pvc.yaml
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: nfs-pv1
annotations:
volume.beta.kubernetes.io/storage-class: "managed-nfs-storage"
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 100Mi
查看創建好的pv和pvc狀態,顯示Bound
kubectl apply -f test-pvc.yaml
kubectl get pvc
kubectl get pv
Delete表示洗掉pvc后 pv也會洗掉,同時檔案會打包
測驗:
首先查看掛載目錄中的檔案
洗掉識訓清單,可以看到pv和pvc均已經洗掉
kubectl delete -f test-pvc.yaml
kubectl get pvc
kubectl get pv
再次查看掛載目錄,檔案已被打包,
測驗完畢,拉起pvc
kubectl apply -f test-pvc.yaml
創建pod節點test-pd
vim pod.yaml
cat pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: test-pd
spec:
containers:
- image: nginx
name: nginx
volumeMounts:
- mountPath: /usr/share/nginx/html
name: pv1
volumes:
- name: pv1
persistentVolumeClaim:
claimName: nfs-pv1
需要注意的是,選取pvc名稱需與之前創建的pvc名稱一致,
拉起pod
kubectl apply -f pod.yaml
初次訪問報錯403,原因是默認發布檔案被覆寫
kubectl get pod -o wide
curl 10.244.141.237
添加測驗頁,再次測驗,訪問成功
kubectl get pod -o wide
curl 10.244.141.237
編輯資源清單nfs-client-provisioner.yaml,關閉洗掉后打包,洗掉pvc后檔案會消失
vim nfs-client-provisioner.yaml
parameters:
archiveOnDelete: "false"
想要檔案更新修改內容,必須洗掉sc后再次生成
kubectl delete sc managed-nfs-storage
kubectl apply -f nfs-client-provisioner.yaml
kubectl get sc
洗掉pvc或pod節點
kubectl delete -f test-pvc.yaml
洗掉太慢可以之間洗掉節點
kubectl delete pod test-pd
kubectl get pvc
kubectl get pv
進入共享目錄下查看
默認的 StorageClass 將被用于動態的為沒有特定 storage class 需求的PersistentVolumeClaims 配置存盤
為pvc設定默認sc狀態
編輯pvc檔案,不特指sc
vim test-pvc.yaml
cat test-pvc.yaml
apiVersion: v1
metadata:
name: nfs-pv1
spec:
#storageClassName: managed-nfs-storage
accessModes:
- ReadWriteMany
resources:
requests:
storage: 100Mi
設定默認storageclass
kubectl patch storageclass managed-nfs-storage -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'
拉起清單,查看sc
kubectl apply -f test-pvc.yaml
kubectl get sc
二、StatefulSet如何通過Headless Service維持Pod的拓撲狀態
創建作業目錄并進入
mkdir statefulset
cd statefulset/
編輯資源清單,創建服務nginx
vim nginx-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: nginx-svc
labels:
app: nginx
spec:
ports:
- port: 80
name: web
clusterIP: None
selector:
app: nginx
拉起并查看服務
kubectl apply -f nginx-svc.yaml
kubectl get svc
此時服務還沒有后端endpoint
kubectl describe svc nginx-svc
編輯資源清單創建StatefulSet,設定初始副本數為二個
vim statefulset.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: web
spec:
serviceName: "nginx-svc"
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: myapp:v1
ports:
- containerPort: 80
name: web
拉起容器,查看pod
kubectl apply -f statefulset.yaml
擴容pv,只需將清黨副本數改為6
vim statefulset.yaml
```yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: web
spec:
serviceName: "nginx-svc"
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: myapp:v1
ports:
- containerPort: 80
name: web
volumeMounts:
- name: www
mountPath: /usr/share/nginx/html
volumeClaimTemplates:
- metadata:
name: www
spec:
#storageClassName: nfs
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
拉起容器并查看
kubectl get pod
測驗采用三個副本數,恢復副本數到3
vim statefulset.yaml
kubectl apply -f statefulset.yaml
查看節點健康狀況
kubectl get pod
進入容器 ,訪問查看
進入容器,測驗訪問
kubectl run demo --image=busyboxplus -it
kubectl attach demo -it
將pvc與pod節點結合
創建測驗index.html,進入/mnt/nfs各目錄中
echo web-0 > index.html
echo web-1 > index.html
echo web-2 > index.html
進入容器查看修改內容
kubectl attach demo -it
訪問查看是否負載均衡
curl nginx-svc
洗掉副本后重新拉起,可繼續保留之前的內容
vim statefulset.yaml
將副本改為0即視為洗掉
kubectl apply -f statefulset.yaml
節點正在逐個回收
重新拉起三個副本
進入容器測驗:
依舊負載均衡
轉載請註明出處,本文鏈接:https://www.uj5u.com/ruanti/291433.html
標籤:其他
下一篇:華為云物聯網設備接入及OBS使用