当前位置:  首页>> 技术小册>> Kubernetes合辑1-安装Kubernetes

通常情况下,都需要为Kubernetes配置storage class,测试环境中使用 NFS 居多,下面以 NFS 为案例,Gitlab 地址 https://github.com/kubernetes-sigs/nfs-subdir-external-provisioner

  1. # middle-89 提供NFS存储,各个节点进行挂载。这些节点都需要安装 nfs相关工具
  2. [root@maxiaoke deploy-kubernetes]# gosh cmd -i all.ip "yum install -y nfs-utils"
  3. [root@middle-89 ~]# echo '/data/nfs 10.4.7.0/24(rw,sync,no_wdelay,no_root_squash)' > /etc/exports
  4. [root@middle-89 ~]# mkdir /data/nfs
  5. [root@middle-89 ~]# systemctl start nfs
  6. [root@middle-89 ~]# systemctl enable nfs
  7. [root@middle-89 ~]# showmount -e
  8. Export list for middle-89:
  9. /data/nfs 10.4.7.0/24

deployment.yaml:

  1. ---
  2. apiVersion: v1
  3. kind: Namespace
  4. metadata:
  5. name: infra-storage
  6. ---
  7. apiVersion: apps/v1
  8. kind: Deployment
  9. metadata:
  10. name: nfs-client-provisioner
  11. labels:
  12. app: nfs-client-provisioner
  13. namespace: infra-storage
  14. spec:
  15. replicas: 1
  16. strategy:
  17. type: Recreate
  18. selector:
  19. matchLabels:
  20. app: nfs-client-provisioner
  21. template:
  22. metadata:
  23. labels:
  24. app: nfs-client-provisioner
  25. spec:
  26. serviceAccountName: nfs-client-provisioner
  27. containers:
  28. - name: nfs-client-provisioner
  29. image: linuxmaxiaoke/nfs-subdir-external-provisioner:v4.0.1
  30. volumeMounts:
  31. - name: nfs-client-root
  32. mountPath: /persistentvolumes
  33. env:
  34. - name: PROVISIONER_NAME
  35. value: default-nfs-provisioner
  36. - name: NFS_SERVER
  37. value: 10.4.7.89
  38. - name: NFS_PATH
  39. value: /data/nfs
  40. - name: TZ
  41. value: Asia/Shanghai
  42. volumes:
  43. - name: nfs-client-root
  44. nfs:
  45. server: 10.4.7.89
  46. path: /data/nfs

rbac.yaml:

  1. apiVersion: v1
  2. kind: ServiceAccount
  3. metadata:
  4. name: nfs-client-provisioner
  5. # replace with namespace where provisioner is deployed
  6. namespace: infra-storage
  7. ---
  8. kind: ClusterRole
  9. apiVersion: rbac.authorization.k8s.io/v1
  10. metadata:
  11. name: nfs-client-provisioner-runner
  12. rules:
  13. - apiGroups: [""]
  14. resources: ["persistentvolumes"]
  15. verbs: ["get", "list", "watch", "create", "delete"]
  16. - apiGroups: [""]
  17. resources: ["persistentvolumeclaims"]
  18. verbs: ["get", "list", "watch", "update"]
  19. - apiGroups: ["storage.k8s.io"]
  20. resources: ["storageclasses"]
  21. verbs: ["get", "list", "watch"]
  22. - apiGroups: [""]
  23. resources: ["events"]
  24. verbs: ["create", "update", "patch"]
  25. ---
  26. kind: ClusterRoleBinding
  27. apiVersion: rbac.authorization.k8s.io/v1
  28. metadata:
  29. name: run-nfs-client-provisioner
  30. subjects:
  31. - kind: ServiceAccount
  32. name: nfs-client-provisioner
  33. # replace with namespace where provisioner is deployed
  34. namespace: infra-storage
  35. roleRef:
  36. kind: ClusterRole
  37. name: nfs-client-provisioner-runner
  38. apiGroup: rbac.authorization.k8s.io
  39. ---
  40. kind: Role
  41. apiVersion: rbac.authorization.k8s.io/v1
  42. metadata:
  43. name: leader-locking-nfs-client-provisioner
  44. # replace with namespace where provisioner is deployed
  45. namespace: infra-storage
  46. rules:
  47. - apiGroups: [""]
  48. resources: ["endpoints"]
  49. verbs: ["get", "list", "watch", "create", "update", "patch"]
  50. ---
  51. kind: RoleBinding
  52. apiVersion: rbac.authorization.k8s.io/v1
  53. metadata:
  54. name: leader-locking-nfs-client-provisioner
  55. # replace with namespace where provisioner is deployed
  56. namespace: infra-storage
  57. subjects:
  58. - kind: ServiceAccount
  59. name: nfs-client-provisioner
  60. # replace with namespace where provisioner is deployed
  61. namespace: infra-storage
  62. roleRef:
  63. kind: Role
  64. name: leader-locking-nfs-client-provisioner
  65. apiGroup: rbac.authorization.k8s.io

class.yaml:

  1. apiVersion: storage.k8s.io/v1
  2. kind: StorageClass
  3. metadata:
  4. name: managed-nfs-storage
  5. provisioner: default-nfs-provisioner
  6. parameters:
  7. archiveOnDelete: "false"

验证NFS存储

test-claim.yaml:

  1. kind: PersistentVolumeClaim
  2. apiVersion: v1
  3. metadata:
  4. name: test-claim
  5. spec:
  6. storageClassName: managed-nfs-storage
  7. accessModes:
  8. - ReadWriteMany
  9. resources:
  10. requests:
  11. storage: 1Mi

test-pod.yaml:

  1. kind: Pod
  2. apiVersion: v1
  3. metadata:
  4. name: test-pod
  5. spec:
  6. containers:
  7. - name: test-pod
  8. image: gcr.io/google_containers/busybox:1.24
  9. command:
  10. - "/bin/sh"
  11. args:
  12. - "-c"
  13. - "touch /mnt/SUCCESS && exit 0 || exit 1"
  14. volumeMounts:
  15. - name: nfs-pvc
  16. mountPath: "/mnt"
  17. restartPolicy: "Never"
  18. volumes:
  19. - name: nfs-pvc
  20. persistentVolumeClaim:
  21. claimName: test-claim
  1. [root@maxiaoke nfs-provisorner]# kubectl apply -f test-claim.yaml -f test-pod
  2. [root@maxiaoke nfs-provisorner]# kubectl get pod
  3. NAME READY STATUS RESTARTS AGE
  4. test-pod 0/1 Completed 0 17s
  5. [root@maxiaoke nfs-provisorner]# kubectl get pvc
  6. NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
  7. test-claim Bound pvc-baf4603c-fea5-4ea6-93ac-b3387a1f150c 1Mi RWX managed-nfs-storage 34s

该分类下的相关小册推荐: