NFS - StorageClass
基于 StorageClass 的 NFS 动态卷
172.16.1.64 K8s-Master and node 172.16.1.65 K8s-Master and node 172.16.1.66 K8s-Master and node and NFS Server
NFS 服务
# 安装 NFS server
yum -y install nfs-utils rpcbind
# k8s 所有节点 安装 NFS 客户端
yum -y install nfs-utils
配置 NFS 目录与权限
vi /etc/exports 增加 /opt/nfsdata 172.16.1.0/24(rw,sync,no_root_squash)
启动 NFS 服务
systemctl enable rpcbind.service systemctl enable nfs-server.service systemctl start rpcbind.service systemctl start nfs-server.service # 查看信息 showmount -e 172.16.1.66 Export list for 172.16.1.66: /opt/nfsdata 172.16.1.0/24
配置 NFS Client Provisioner
# 官网镜像地址 quay.io/external_storage/nfs-client-provisioner:latest # 个人镜像地址 jicki/nfs-client-provisioner:latest
[root@master1 tools]# vim nfs.yaml apiVersion: v1 kind: ServiceAccount metadata: namespace: kubesphere-system name: nfs-client-provisioner
# nfs-clusterrole.yaml kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: name: nfs-provisioner-runner rules: - apiGroups: [""] resources: ["persistentvolumes"] verbs: ["get", "list", "watch", "create", "delete"] - apiGroups: [""] resources: ["persistentvolumeclaims"] verbs: ["get", "list", "watch", "update"] - apiGroups: ["storage.k8s.io"] resources: ["storageclasses"] verbs: ["get", "list", "watch"] - apiGroups: [""] resources: ["events"] verbs: ["watch", "create", "update", "patch"] - apiGroups: [""] resources: ["services"] verbs: ["get"] - apiGroups: ["extensions"] resources: ["podsecuritypolicies"] resourceNames: ["nfs-provisioner"] verbs: ["use"] - apiGroups: [""] resources: ["endpoints"] verbs: ["get", "list", "watch", "create", "update", "patch"]
#nfs-clusterrolebinding.yaml kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: run-nfs-provisioner subjects: - kind: ServiceAccount name: default namespace: default roleRef: kind: ClusterRole name: nfs-provisioner-runner apiGroup: rbac.authorization.k8s.io
# nginx-storageclass.yaml apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: name: managed-nfs-storage provisioner: fuseim.pri/ifs
# 配置一个 deployment 服务
# nfs-deployment.yaml kind: Deployment apiVersion: apps/v1 metadata: name: nfs-client-provisioner spec: replicas: 1 strategy: type: Recreate selector: matchLabels: app: nfs-client-provisioner template: metadata: labels: app: nfs-client-provisioner spec: containers: - name: nfs-client-provisioner image: quay.io/external_storage/nfs-client-provisioner:latest volumeMounts: - name: nfs-client-root mountPath: /persistentvolumes env: - name: PROVISIONER_NAME value: fuseim.pri/ifs - name: NFS_SERVER value: 10.0.0.80 - name: NFS_PATH value: /home/centos/nfs_data volumes: - name: nfs-client-root nfs: server: 10.0.0.80 path: /home/centos/nfs_data
创建 服务
kubectl apply -f . serviceaccount "nfs-client-provisioner" created clusterrole "nfs-client-provisioner-runner" created clusterrolebinding "run-nfs-client-provisioner" created deployment "nfs-client-provisioner" created # 查看服务 kubectl get pods |grep nfs nfs-client-provisioner-8cdb56f4d-l8vmr 1/1 Running 0 26s
创建 StorageClass
# nfs-storageclass apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: name: nfs-storage provisioner: fuseim.pri/ifs # fuseim.pri/ifs 是 nfs-client-provisioner 服务中的一个 env
# 导入文件 kubectl apply -f nfs-storageclass.yaml storageclass "nfs-storage" created # 查看服务 kubectl get storageclass NAME PROVISIONER nfs-storage fuseim.pri/ifs
测试
创建一个 nginx StatefulSet
# nginx-statefulset apiVersion: apps/v1beta1 kind: StatefulSet metadata: name: web spec: serviceName: "nginx" replicas: 2 volumeClaimTemplates: - metadata: name: html annotations: volume.beta.kubernetes.io/storage-class: "nfs-storage" # 这里配置 上面创建的 storageclass 的名称 spec: accessModes: [ "ReadWriteOnce" ] resources: requests: storage: 2Gi template: metadata: labels: app: nginx spec: containers: - name: nginx image: nginx:alpine volumeMounts: - mountPath: "/usr/share/nginx/html/" name: html
# 导入nginx-statefulset kubectl apply -f nginx-statefulset.yaml statefulset "web" created # 查看服务 kubectl get pods|grep web web-0 1/1 Running 0 1m web-1 1/1 Running 0 1m # 查看 pvc kubectl get pvc NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE html-web-0 Bound pvc-bb0c0ada-b3aa-11e7-b194-80d4a5d413e2 2Gi RWO nfs-storage 1m html-web-1 Bound pvc-bc3478ac-b3aa-11e7-b194-80d4a5d413e2 2Gi RWO nfs-storage 1m
直接pod挂载nfs
volumeMounts: - mountPath: /usr/share/images name: nfs-data volumes: - name: nfs-data nfs: server: 192.168.1.194 path: "/opt/nfsdata"
#####################################################################
nfs 创建 pv pvc
apiVersion: v1 kind: PersistentVolume metadata: name: pv1 spec: storageClassName: slow capacity: storage: 10Gi accessModes: - ReadWriteMany persistentVolumeReclaimPolicy: Retain nfs: path: "/data/nfsdata" server: 10.20.1.186
创建pvc
apiVersion: v1 kind: PersistentVolumeClaim metadata: name: pvc spec: storageClassName: slow accessModes: - ReadWriteMany resources: requests: storage: 3Gi
apiVersion: v1 kind: Pod metadata: name: task-pv-pod spec: volumes: - name: task-pv-storage persistentVolumeClaim: claimName: pvc containers: - name: task-pv-container image: nginx ports: - containerPort: 80 name: "http-server" volumeMounts: - mountPath: "/usr/share/nginx/html" name: task-pv-storage
