通常情况下,都需要为Kubernetes配置storage class,测试环境中使用 NFS 居多,下面以 NFS 为案例,Gitlab 地址 https://github.com/kubernetes-sigs/nfs-subdir-external-provisioner
# middle-89 提供NFS存储,各个节点进行挂载。这些节点都需要安装 nfs相关工具[root@maxiaoke deploy-kubernetes]# gosh cmd -i all.ip "yum install -y nfs-utils"[root@middle-89 ~]# echo '/data/nfs 10.4.7.0/24(rw,sync,no_wdelay,no_root_squash)' > /etc/exports[root@middle-89 ~]# mkdir /data/nfs[root@middle-89 ~]# systemctl start nfs[root@middle-89 ~]# systemctl enable nfs[root@middle-89 ~]# showmount -eExport list for middle-89:/data/nfs 10.4.7.0/24
deployment.yaml:
---apiVersion: v1kind: Namespacemetadata:name: infra-storage---apiVersion: apps/v1kind: Deploymentmetadata:name: nfs-client-provisionerlabels:app: nfs-client-provisionernamespace: infra-storagespec:replicas: 1strategy:type: Recreateselector:matchLabels:app: nfs-client-provisionertemplate:metadata:labels:app: nfs-client-provisionerspec:serviceAccountName: nfs-client-provisionercontainers:- name: nfs-client-provisionerimage: linuxmaxiaoke/nfs-subdir-external-provisioner:v4.0.1volumeMounts:- name: nfs-client-rootmountPath: /persistentvolumesenv:- name: PROVISIONER_NAMEvalue: default-nfs-provisioner- name: NFS_SERVERvalue: 10.4.7.89- name: NFS_PATHvalue: /data/nfs- name: TZvalue: Asia/Shanghaivolumes:- name: nfs-client-rootnfs:server: 10.4.7.89path: /data/nfs
rbac.yaml:
apiVersion: v1kind: ServiceAccountmetadata:name: nfs-client-provisioner# replace with namespace where provisioner is deployednamespace: infra-storage---kind: ClusterRoleapiVersion: rbac.authorization.k8s.io/v1metadata:name: nfs-client-provisioner-runnerrules:- apiGroups: [""]resources: ["persistentvolumes"]verbs: ["get", "list", "watch", "create", "delete"]- apiGroups: [""]resources: ["persistentvolumeclaims"]verbs: ["get", "list", "watch", "update"]- apiGroups: ["storage.k8s.io"]resources: ["storageclasses"]verbs: ["get", "list", "watch"]- apiGroups: [""]resources: ["events"]verbs: ["create", "update", "patch"]---kind: ClusterRoleBindingapiVersion: rbac.authorization.k8s.io/v1metadata:name: run-nfs-client-provisionersubjects:- kind: ServiceAccountname: nfs-client-provisioner# replace with namespace where provisioner is deployednamespace: infra-storageroleRef:kind: ClusterRolename: nfs-client-provisioner-runnerapiGroup: rbac.authorization.k8s.io---kind: RoleapiVersion: rbac.authorization.k8s.io/v1metadata:name: leader-locking-nfs-client-provisioner# replace with namespace where provisioner is deployednamespace: infra-storagerules:- apiGroups: [""]resources: ["endpoints"]verbs: ["get", "list", "watch", "create", "update", "patch"]---kind: RoleBindingapiVersion: rbac.authorization.k8s.io/v1metadata:name: leader-locking-nfs-client-provisioner# replace with namespace where provisioner is deployednamespace: infra-storagesubjects:- kind: ServiceAccountname: nfs-client-provisioner# replace with namespace where provisioner is deployednamespace: infra-storageroleRef:kind: Rolename: leader-locking-nfs-client-provisionerapiGroup: rbac.authorization.k8s.io
class.yaml:
apiVersion: storage.k8s.io/v1kind: StorageClassmetadata:name: managed-nfs-storageprovisioner: default-nfs-provisionerparameters:archiveOnDelete: "false"
验证NFS存储
test-claim.yaml:
kind: PersistentVolumeClaimapiVersion: v1metadata:name: test-claimspec:storageClassName: managed-nfs-storageaccessModes:- ReadWriteManyresources:requests:storage: 1Mi
test-pod.yaml:
kind: PodapiVersion: v1metadata:name: test-podspec:containers:- name: test-podimage: gcr.io/google_containers/busybox:1.24command:- "/bin/sh"args:- "-c"- "touch /mnt/SUCCESS && exit 0 || exit 1"volumeMounts:- name: nfs-pvcmountPath: "/mnt"restartPolicy: "Never"volumes:- name: nfs-pvcpersistentVolumeClaim:claimName: test-claim
[root@maxiaoke nfs-provisorner]# kubectl apply -f test-claim.yaml -f test-pod[root@maxiaoke nfs-provisorner]# kubectl get podNAME READY STATUS RESTARTS AGEtest-pod 0/1 Completed 0 17s[root@maxiaoke nfs-provisorner]# kubectl get pvcNAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGEtest-claim Bound pvc-baf4603c-fea5-4ea6-93ac-b3387a1f150c 1Mi RWX managed-nfs-storage 34s
