[k8s]使用nfs挂载pod的应用日志文件
前言
某些特殊场景下应用日志无法通过elk、grafana等工具直接查看,需要将日志文件挂载出来再处理。本文以nfs作为远程存储,统一存放pod日志。
- 系统版本:CentOS 7 x86-64
- 宿主机IP网段:10.10.17.190/27,服务端IP:10.10.17.191
1. 安装配置nfs
- 挑一台宿主机作为nfs服务端,安装相关服务
yum install -y nfs-utils rpcbind
- 创建共享目录并设置权限
mkdir -p /home/apps/nfs
chmod -R 755 /home/apps/nfs
- 编辑
/etc/exports,添加以下内容
/home/apps/nfs/ 10.10.17.190/27(rw,no_root_squash,no_all_squash,sync)
- 使配置生效
exportfs -r
- 启动服务。(如果有防火墙,需要先在防火墙开放相关端口)
systemctl start rpcbind
systemctl start nfs
systemctl enable rpcbind
systemctl enable nfs
- 在服务端检查是否正常
# 查看端口是否生效
rpcinfo -p
# 查看服务端是否可连接
showmount -e localhost
- 找另一台服务器作为客户端测试
# 查看端口是否生效
rpcinfo -p
# 查看服务端是否可连接
showmount -e localhost
# 安装客户端程序
yum install -y rpcbind nfs-utils
# 查看远端是否可连接
showmount -e 10.10.17.191
# 建立挂载目录
mkdir -p /home/apps/nfs
mount -t nfs 10.10.17.191:/home/apps/nfs /home/apps/nfs -o nolock,nfsvers=3,vers=3
# 解除挂载
umount /home/apps/nfs
2. 创建PV
创建pv,容量限制为60GiB。标签和容量根据实际情况调整。注意修改nfs相关配置为实际nfs地址。
apiVersion: v1
kind: PersistentVolume
metadata:
name: pv-nfs
namespace: default
labels:
env: uat
spec:
capacity:
storage: 60Gi
volumeMode: Filesystem
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Retain
storageClassName: ""
nfs:
path: /home/apps/nfs/
server: 10.10.17.191
3. 创建pvc
创建pvc,通过标签绑定到pv。
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: pvc-nfs
namespace: default
spec:
accessModes: # 访问模式
- ReadWriteMany
volumeMode: Filesystem # 存储卷模式
resources: # 资源请求
requests:
storage: 30Gi
storageClassName: ""
selector:
matchLabels:
env: "uat"
4. 配置pod使用pvc
下面的示例为创建deployment和相应的service,使用nodeAffinity优先调度到指定的服务器。从内网私有化部署的harbor拉取docker镜像,并配置harbor账号的secret。使用Downward API获取pod名称,以pod名称作为挂载子目录名称
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: deploy-myapp
spec:
replicas: 3
selector:
matchLabels:
app: myapp
template:
metadata:
labels:
app: myapp
spec:
affinity:
nodeAffinity: # pod调度
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 1
preference:
matchExpressions:
- key: type
operator: In
values:
- "app"
- key: env
operator: In
values:
- "uat"
containers:
- name: myapp
image: harbor.neiwang.com/demo/myapp:1.0.2
imagePullPolicy: IfNotPresent
ports:
- name: main-http
containerPort: 8201
- name: main-dubbo
containerPort: 28201
env:
- name: POD_NAME # 使用Downward API获取POD名称
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
envFrom: # 引用configMap中的环境变量
- configMapRef:
name: cm-common
- configMapRef:
name: cm-spring
volumeMounts:
- mountPath: /app/log
name: logdir
subPathExpr: myapp/$(POD_NAME) # 使用子目录, 便于定位指定pod的日志
volumes:
- name: logdir
persistentVolumeClaim:
claimName: pvc-nfs
imagePullSecrets: # 从私有harbor仓库拉取镜像需要配置账户信息的secret
- name: registry-harbor
---
apiVersion: v1
kind: Service
metadata:
name: svc-myapp
spec:
selector:
app: myapp
ports:
- name: main-http
protocol: TCP
port: 8201
targetPort: 8201
- name: main-dubbo
protocol: TCP
port: 28201
targetPort: 28201
使用yaml文件创建deployment和service
kubectl create -f myapp.yaml
查看pod是否启动
kubectl get pods
到nfs服务端查看是否有新生成的pod文件
本文来自博客园,作者:花酒锄作田,转载请注明原文链接:https://www.cnblogs.com/XY-Heruo/p/17217497.html
