使用CephRBD为Kubernetes提供StorageClass

1、创建存储池并启用RBD功能

ceph osd pool create <poolname> <pg_num> <pgp_num>

2、创建Ceph用户,提供给k8s使用

[root@ceph-1 ~]# ceph auth get-or-create client.kube mon 'allow r' osd 'allow class-read object_prefix rbd_children,allow rwx pool=<poolname>'

[client.kube]
	key = AQCaCZRexOqiGxAAxcbV9jMEIF8Eic133uCqtQ==

3、在k8s各节点安装ceph-common

# 安装epel源
yum -y install epel-release

# 配置yum源
cat /etc/yum.repos.d/ceph.repo
[ceph]
name=Ceph packages for $basearch
baseurl=http://mirrors.aliyun.com/ceph/rpm-luminous/el7/$basearch
enabled=1
priority=2
gpgcheck=1
type=rpm-md
gpgkey=https://mirrors.aliyun.com/ceph/keys/release.asc

[ceph-noarch]
name=Ceph noarch packages
baseurl=http://mirrors.aliyun.com/ceph/rpm-luminous/el7/noarch
enabled=1
priority=2
gpgcheck=1
type=rpm-md
gpgkey=https://mirrors.aliyun.com/ceph/keys/release.asc

[ceph-source]
name=Ceph source packages
baseurl=http://mirrors.aliyun.com/ceph/rpm-luminous/el7/SRPMS
enabled=0
priority=2
gpgcheck=1
type=rpm-md
gpgkey=https://mirrors.aliyun.com/ceph/keys/release.asc

# 安装ceph-common
yum -y install ceph-common

4、复制ceph.conf以及admin用户的keyring文件到k8s各个节点(包括master和node)

# 在ceph-mon执行
for i in {1..5}; do scp /etc/ceph/{ceph.conf,ceph.client.admin.keyring} ceph-$i:/etc/ceph/

# 以上命令执行完毕,即可在k8s各节点执行ceph命令

5、创建Secret资源,以keyring的key值为data

# 在ceph-mon上获取用户keyring
[root@ceph-1 ~]# ceph auth get-key client.admin |base64
QVFDRnpvNWVrUFUyRVJBQVFmZ21qTEZGWFNhZFdnUWVzbHZ0L2c9PQ==

[root@ceph-1 ~]# ceph auth get-key client.kube |base64
QVFBTHo1SmUxNUpKTkJBQThGK0hTMk1rcWZsQXlYcEM4RnU4SXc9PQ==

# 在k8s上为ceph admin用户创建secret资源
cat ceph-admin-secret.yaml
apiVersion: v1
kind: Secret
metadata: 
  name: ceph-admin-secret
  namespace: default
data:
  key: QVFDRnpvNWVrUFUyRVJBQVFmZ21qTEZGWFNhZFdnUWVzbHZ0L2c9PQ==
type: kubernetes.io/rbd

# 在k8s上为ceph kube用户创建secret资源
cat ceph-kube-secret.yaml
apiVersion: v1
kind: Secret
metadata:
  name: ceph-kube-secret
  namespace: default
data:
  key: QVFBTHo1SmUxNUpKTkJBQThGK0hTMk1rcWZsQXlYcEM4RnU4SXc9PQ==
type: kubernetes.io/rbd

# 应用两个secret
kubectl apply -f ceph-admin-secret.yaml
kubectl apply -f ceph-kube-secret.yaml
kubectl get secret
NAME                                  TYPE                                  DATA   AGE
ceph-admin-secret                     kubernetes.io/rbd                     1      23h
ceph-kube-secret                      kubernetes.io/rbd                     1      22h

6、在Ceph存储池里面创建对应的RBDImage

rbd create -p <poolname> -s <size> <imagename>

rbd create -p mypool -s 2G ceph-image
rbd info ceph-image -p mypool
rbd image 'ceph-image':
	size 2GiB in 512 objects
	order 22 (4MiB objects)
	block_name_prefix: rbd_data.281756b8b4567
	format: 2
	features: layering, exclusive-lock, object-map, fast-diff, deep-flatten   
	# object-map, fast-diff, deep-flatten 这三个特性需要关闭,否则应用pod时会报错
	flags: 
	create_timestamp: Sun Apr 12 04:48:28 2020
# 关闭以上三个特性
rbd feature disable mypool/ceph-image object-map fast-diff deep-flatten

静态PV的使用(手动创建)

创建PV

cat pv.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
  name: ceph-test-pv
spec:
  capacity:
    storage: 2Gi			    # 存储需求
  accessModes:
  - ReadWriteOnce
  rbd:
    monitors:
    - ceph-1:6789
    - ceph-2:6789
    - ceph-3:6789
    pool: mypool				# 第一步创建的pool名称
    image: ceph-image
    user: admin
    secretRef:         
      name: ceph-admin-secret	 #  第五步创建的secret资源名称
    fsType: ext4
    readOnly: false
  persistentVolumeReclaimPolicy: Retain		# pv回收机制:Retain(保留)  Recycle(回收)  delete(删除)
# Retain保留,默认,保留生成的数据
# recycle,回收,删除生成的数据,回收pv
# delete,删除,pvc解除绑定后,pv也就自动删除
# 详情见:https://www.cnblogs.com/Smbands/p/10858145.html

# 应用PV
kubectl apply -f pv.yaml

创建PVC

cat pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: ceph-test-pvc
spec:
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 2Gi
# 应用PVC
kubectl apply -f pvc.yaml
[root@k8s-m1 ]# kubectl get pvc
NAME            STATUS   VOLUME        CAPACITY   ACCESS MODES   STORAGECLASS    AGE
ceph-test-pvc   Bound    ceph-test-pv   2Gi        RWO            rbd            22h

[root@k8s-m1 ]# kubectl get pv
NAME       CAPACITY  ACCESS MODES  RECLAIM POLICY   STATUS   CLAIM     STORAGECLASS   REASON   AGE
ceph-test-pv  2Gi      RWO         Retain           Bound    default/ceph-test-pvc             22h

创建Pod

cat ceph-test-pod.yaml
apiVersion: v1
kind: Pod
metadata:
  name: ceph-test-pod
spec:
  containers:
  - name: ceph-busybox
    image: busybox
    command: ["sleep","60000"]
    volumeMounts:
    - name: ceph-voll
      mountPath: /usr/share/busybox
      readOnly: false
  volumes:
  - name: ceph-voll
    persistentVolumeClaim:
      claimName: ceph-test-pvc			# 对应pvc name
# 应用pod
kubectl apply -f ceph-test-pod
[root@k8s-m1]# kubectl get pods
NAME                              READY   STATUS        RESTARTS   AGE
ceph-test-pod                     1/1     Running       1          24h

动态PV的使用

创建StorageClass

[root@k8s-m1]# cat class.yaml 
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: rbd
  annotations:
    storageclass.beta.kubernetes.io/is-default-class: "true"    # 声明此为默认StorageClass
provisioner: kubernetes.io/rbd
parameters:
  monitors: ceph-1:6789,ceph-2:6789,ceph-3:6789
  adminId: admin
  adminSecretName: ceph-admin-secret
  adminSecretNamespace: default
  pool: mypool
  userId: kube
  userSecretName: ceph-kube-secret
  userSecretNamespace: default
  fsType: ext4
  imageFormat: "2"
  imageFeatures: "layering"
reclaimPolicy: Retain
# 应用storageClass
kubectl apply -f class.yaml
kubectl get sc
NAME            PROVISIONER         AGE
rbd (default)   kubernetes.io/rbd   25h

创建PVC

cat pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: ceph-test-pvc
spec:
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 2Gi
  storageClassName: rbd
#  应用pvc
kubectl apply -f pvc.yaml
[root@k8s-m1 ceph]# kubectl get pvc
NAME            STATUS      VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS   AGE
ceph-test-pvc   Bound    pvc-85fb37f8-693a-4768-889b-097ee731d15f   2Gi                RWO            rbd            107s

创建Pod

cat ceph-test-pod-1.yaml
apiVersion: v1
kind: Pod
metadata:
  name: ceph-test-pod-1
spec:
  containers:
  - name: ceph-busybox
    image: busybox
    command: ["sleep","60000"]
    volumeMounts:
    - name: ceph-voll
      mountPath: /usr/share/busybox
      readOnly: false
  volumes:
  - name: ceph-voll
    persistentVolumeClaim:
      claimName: ceph-test-pvc
# 应用pod
kubectl apply -f ceph-test-pods-1.yaml
NAME                              READY   STATUS        RESTARTS   AGE
ceph-test-pod                     1/1     Running       0          84s
posted @   zh_Revival  阅读(295)  评论(0编辑  收藏  举报
编辑推荐:
· 10年+ .NET Coder 心语,封装的思维:从隐藏、稳定开始理解其本质意义
· .NET Core 中如何实现缓存的预热?
· 从 HTTP 原因短语缺失研究 HTTP/2 和 HTTP/3 的设计差异
· AI与.NET技术实操系列:向量存储与相似性搜索在 .NET 中的实现
· 基于Microsoft.Extensions.AI核心库实现RAG应用
阅读排行:
· TypeScript + Deepseek 打造卜卦网站:技术与玄学的结合
· 阿里巴巴 QwQ-32B真的超越了 DeepSeek R-1吗?
· 【译】Visual Studio 中新的强大生产力特性
· 10年+ .NET Coder 心语 ── 封装的思维:从隐藏、稳定开始理解其本质意义
· 【设计模式】告别冗长if-else语句:使用策略模式优化代码结构
点击右上角即可分享
微信分享提示
AI IDE Trae