k8s的存储

查k8s支持的存储

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

[root@master ~]# kubectl explain pods.spec.volumes
KIND:     Pod
VERSION:  v1
 
RESOURCE: volumes <[]Object>
 
DESCRIPTION:
     List of volumes that can be mounted by containers belonging to the pod.
     More info: https://kubernetes.io/docs/concepts/storage/volumes
 
     Volume represents a named volume in a pod that may be accessed by any
     container in the pod.
 
FIELDS:
   awsElasticBlockStore <Object>  亚马逊云存储
     AWSElasticBlockStore represents an AWS Disk resource that is attached to a
     kubelet's host machine and then exposed to the pod. More info:
     https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
 
   azureDisk    <Object>
     AzureDisk represents an Azure Data Disk mount on the host and bind mount to
     the pod.
 
   azureFile    <Object>
     AzureFile represents an Azure File Service mount on the host and bind mount
     to the pod.
 
   cephfs   <Object>
     CephFS represents a Ceph FS mount on the host that shares a pod's lifetime
 
   cinder   <Object>
     Cinder represents a cinder volume attached and mounted on kubelets host
     machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md
 
   configMap    <Object>
     ConfigMap represents a configMap that should populate this volume
 
   csi  <Object>
     CSI (Container Storage Interface) represents storage that is handled by an
     external CSI driver (Alpha feature).
 
   downwardAPI  <Object>
     DownwardAPI represents downward API about the pod that should populate this
     volume
 
   emptyDir <Object>  临时目录（空目录），与pod的一起存在，pod删除后存储也删除
     EmptyDir represents a temporary directory that shares a pod's lifetime.
     More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
 
   fc   <Object>
     FC represents a Fibre Channel resource that is attached to a kubelet's host
     machine and then exposed to the pod.
 
   flexVolume   <Object>
     FlexVolume represents a generic volume resource that is
     provisioned/attached using an exec based plugin.
 
   flocker  <Object>
     Flocker represents a Flocker volume attached to a kubelet's host machine.
     This depends on the Flocker control service being running
 
   gcePersistentDisk    <Object>   谷歌云
     GCEPersistentDisk represents a GCE Disk resource that is attached to a
     kubelet's host machine and then exposed to the pod. More info:
     https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
 
   gitRepo  <Object>   Git仓库
     GitRepo represents a git repository at a particular revision. DEPRECATED:
     GitRepo is deprecated. To provision a container with a git repo, mount an
     EmptyDir into an InitContainer that clones the repo using git, then mount
     the EmptyDir into the Pod's container.
 
   glusterfs    <Object>
     Glusterfs represents a Glusterfs mount on the host that shares a pod's
     lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md
 
   hostPath <Object>   主机目录，在一定程度上实现数据持久；仅本机pod重新调度数据不存在
     HostPath represents a pre-existing file or directory on the host machine
     that is directly exposed to the container. This is generally used for
     system agents or other privileged things that are allowed to see the host
     machine. Most containers will NOT need this. More info:
     https://kubernetes.io/docs/concepts/storage/volumes#hostpath
 
   iscsi    <Object>
     ISCSI represents an ISCSI Disk resource that is attached to a kubelet's
     host machine and then exposed to the pod. More info:
     https://examples.k8s.io/volumes/iscsi/README.md
 
   name <string> -required-
     Volume's name. Must be a DNS_LABEL and unique within the pod. More info:
     https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
 
   nfs  <Object>   共享存储
     NFS represents an NFS mount on the host that shares a pod's lifetime More
     info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
 
   persistentVolumeClaim    <Object>  持久数据卷申请
     PersistentVolumeClaimVolumeSource represents a reference to a
     PersistentVolumeClaim in the same namespace. More info:
     https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
 
   photonPersistentDisk <Object>
     PhotonPersistentDisk represents a PhotonController persistent disk attached
     and mounted on kubelets host machine
 
   portworxVolume   <Object>
     PortworxVolume represents a portworx volume attached and mounted on
     kubelets host machine
 
   projected    <Object>
     Items for all in one resources secrets, configmaps, and downward API
 
   quobyte  <Object>
     Quobyte represents a Quobyte mount on the host that shares a pod's lifetime
 
   rbd  <Object> 
     RBD represents a Rados Block Device mount on the host that shares a pod's
     lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md
 
   scaleIO  <Object>
     ScaleIO represents a ScaleIO persistent volume attached and mounted on
     Kubernetes nodes.
 
   secret   <Object>
     Secret represents a secret that should populate this volume. More info:
     https://kubernetes.io/docs/concepts/storage/volumes#secret
 
   storageos    <Object>
     StorageOS represents a StorageOS volume attached and mounted on Kubernetes
     nodes.
 
   vsphereVolume    <Object>
     VsphereVolume represents a vSphere volume attached and mounted on kubelets
     host machine

　　编写一个

[root@master vml]# cat myapp.yaml 
apiVersion: v1
kind: Pod
metadata:
  name: pod-demo
  namespace: default
  labels:
    app: myapp
    tier: frontend
spec:
  containers:
  - name: myapp
    image: ikubernetes/myapp:v1
    ports:
    - name: http
      containerPort: 80
    - name: https 
      containerPort: 443
    volumeMounts:
    - name: html   挂在名字为html设备
      mountPath: /chenxi/cx   挂在点；在容器里可以不存在会自动创建
  - name: busybox
    image: busybox:latest
    imagePullPolicy: IfNotPresent
    command:
    - "/bin/sh"
    - "-c"
    - "sleep 360000"
    volumeMounts:
    - name: html  挂在设备
      mountPath: /cx   挂在点
  volumes:
  - name: html   名字
    emptyDir: {}   都可以省略，类型是空表示磁盘；上限可以省略

　　创建pod后分别进入pod的两个容器测试

[root@master ~]# kubectl exec -it pod-demo -c busybox -- /bin/sh   #进入第二个容器
/ # ls
bin   cx    dev   etc   home  proc  root  sys   tmp   usr   var
/ # cd cx/
/cx # ls
html
/cx # echo $(date) >> html 
/cx # echo $(date) >> html 
/cx # echo $(date) >> html 
/cx # echo $(date) >> html 
/cx # echo $(date) >> html 
/cx # echo $(date) >> html 
/cx # echo $(date) >> html 
/cx # echo $(date) >> html 
/cx # echo $(date) >> html 
/cx # echo $(date) >> html 
/cx # echo $(date) >> html 
/cx # echo $(date) >> html 
/cx # echo $(date) >> html 
/cx # echo $(date) >> html 
/cx # echo "chenxi" >> html 
[root@master ~]#  kubectl exec -it pod-demo -c myapp -- /bin/sh   #进入第一个容器
/ # ls
bin     chenxi  dev     etc     home    lib     media   mnt     proc    root    run     sbin    srv     sys     tmp     usr     var
/ # cd chenxi/cx/
/chenxi/cx # cat html 
Sun Apr 26 08:44:34 UTC 2020
Sun Apr 26 08:44:35 UTC 2020
Sun Apr 26 08:44:35 UTC 2020
Sun Apr 26 08:44:35 UTC 2020
Sun Apr 26 08:44:36 UTC 2020
Sun Apr 26 08:44:36 UTC 2020
Sun Apr 26 08:44:37 UTC 2020
Sun Apr 26 08:44:37 UTC 2020
Sun Apr 26 08:44:37 UTC 2020
Sun Apr 26 08:44:38 UTC 2020
Sun Apr 26 08:44:38 UTC 2020
Sun Apr 26 08:44:38 UTC 2020
Sun Apr 26 08:44:39 UTC 2020
Sun Apr 26 08:44:39 UTC 2020
chenxi

　　主机目录卷的介绍官方文档 https://kubernetes.io/docs/concepts/storage/volumes/#hostpath

[root@master vml]# kubectl explain pods.spec.volumes.hostPath
KIND:     Pod
VERSION:  v1
 
RESOURCE: hostPath <Object>
 
DESCRIPTION:
     HostPath represents a pre-existing file or directory on the host machine
     that is directly exposed to the container. This is generally used for
     system agents or other privileged things that are allowed to see the host
     machine. Most containers will NOT need this. More info:
     https://kubernetes.io/docs/concepts/storage/volumes#hostpath
 
     Represents a host path mapped into a pod. Host path volumes do not support
     ownership management or SELinux relabeling.
 
FIELDS:
   path <string> -required-   主机路径
     Path of the directory on the host. If the path is a symlink, it will follow
     the link to the real path. More info:
     https://kubernetes.io/docs/concepts/storage/volumes#hostpath
 
   type <string>   类型
     Type for HostPath Volume Defaults to "" More info:
     https://kubernetes.io/docs/concepts/storage/volumes#hostpath
 
 
type的值
  类型为空：空字符串（默认）是为了向后兼容，这意味着在装入hostPath卷之前将不执行任何检查。
   DirectoryOrCreate：如果给定路径上不存在任何内容，则将根据需要在该目录中创建一个空目录，并将权限设置为0755，该目录与Kubelet具有相同的组和所有权。
 
  Directory：必须给定一个已存在的目录
FileOrCreate： 如果给定路径上不存在任何内容，则将根据需要在其中创建一个空文件，并将权限设置为0644，并与Kubelet具有相同的组和所有权。
File： 给定的文件必须存在
Socket： 给定的UNIX 套接字文件必须存在
CharDevice： 给定已存在的字符设备
BlockDevice： 必须给定已存在的块设备  

当使用这种类型的卷时要小心，因为：

具有相同配置（例如从 podTemplate 创建）的多个 Pod 会由于节点上文件的不同而在不同节点上有不同的行为。
当 Kubernetes 按照计划添加资源感知的调度时，这类调度机制将无法考虑由 hostPath 使用的资源。
基础主机上创建的文件或目录只能由 root 用户写入。您需要在特权容器中以 root 身份运行进程，或者修改主机上的文件权限以便容器能够写入 hostPath 卷。

　应注意，该FileOrCreate模式不会创建文件的父目录。如果挂载文件的父目录不存在，则pod无法启动。

编写hostpath类型的文建

[root@master vml]# cat hostpath.yaml 
apiVersion: v1
kind: Pod
metadata:
  name: host-1
  namespace: default
  labels:
    app: myapp
    tier: frontend
spec:
  containers:
  - name: myapp
    image: ikubernetes/myapp:v1
    ports:
    - name: http
      containerPort: 80
    - name: https 
      containerPort: 443
    volumeMounts:
    - name: html
      mountPath: /chenxi/cx
  - name: busybox
    image: busybox:latest
    imagePullPolicy: IfNotPresent
    command:
    - "/bin/sh"
    - "-c"
    - "echo 'chenxi1234' >> /cx/html "
    volumeMounts:
    - name: html
      mountPath: /cx
  volumes:
  - name: html
    hostPath: 
      path: /data  node节点目录我没有创建
      type: DirectoryOrCreate   让他检查如果不存在自己创建

　　node节点查看

[root@node02 ~]# ls /data/
ls: 无法访问/data/: 没有那个文件或目录
[root@master vml]# kubectl apply -f hostpath.yaml 
[root@node02 ~]# ls /data/
html

　　部署Nfs 实现pod数据持久化，并测试是否可以正常挂载

yum -y install nfs-utils
[root@ES ~]#  vim /etc/exports
/data/kubernetes  192.168.10.21(rw,sync,no_root_squash,no_all_squash)
/data/kubernetes  192.168.10.22(rw,sync,no_root_squash,no_all_squash)
mkdir /data/kubernetes
systemctl start nfs
node节点挂载
yum -y install nfs-utils.x86_64
mkdir /kubernetes/pod -p
mount -t nfs 192.168.10.16:/data/kubernetes /kubernetes/pod
umount /kubernetes/pod  卸载不用主机挂载

　　编写文件

[root@master vml]# cat nfs.yaml 
apiVersion: v1
kind: Pod
metadata:
  name: nfs-1
  namespace: default
  labels:
    app: myapp
    tier: frontend
spec:
  containers:
  - name: myapp
    image: ikubernetes/myapp:v1
    ports:
    - name: http
      containerPort: 80
    - name: https 
      containerPort: 443
    volumeMounts:
    - name: html
      mountPath: /chenxi/cx
  - name: busybox
    image: busybox:latest
    imagePullPolicy: IfNotPresent
    command:
    - "/bin/sh"
    - "-c"
    - "echo 'chenxi1234' >> /cx/html "
    volumeMounts:
    - name: html
      mountPath: /cx
  volumes:
  - name: html
    nfs: 
      path: /data/kubernetes  ：nfs共享目录
      server: 192.168.10.16  ： nfs 主机
      # readOnly ： 是否只读方式挂载；不写就是不以只读方式挂载

　　创建测试

[root@master vml]# kubectl apply -f nfs.yaml 
pod/nfs-1 configured
[root@ES ~]# cat /data/kubernetes/html   在nfs查看生成文件
chenxi1234
chenxi1234
chenxi1234
chenxi1234
chenxi1234
chenxi1234
[root@master vml]# kubectl get pods -o wide
NAME                        READY   STATUS    RESTARTS   AGE     IP            NODE     NOMINATED NODE   READINESS GATES
myapp-dp-75889b7b8c-kcddh   1/1     Running   4          5d10h   10.244.1.71   node01   <none>           <none>
myapp-dp-75889b7b8c-p9cfk   1/1     Running   3          5d10h   10.244.2.66   node02   <none>           <none>
mysql-sgtwf                 1/1     Running   9          95d     10.244.1.72   node01   <none>           <none>
nfs-1                       1/2     Running   6          6m11s   10.244.2.73   node02   <none>           <none>
nginx                       2/2     Running   14         37d     10.244.1.74   node01   <none>           <none>
test-downwardapi-volume     1/1     Running   6          37d     10.244.1.76   node01   <none>           <none>
test-projected-volume       1/1     Running   9          8d      10.244.1.73   node01   <none>           <none>
tomcat-6d98f4958-7mwzm      1/1     Running   3          5d9h    10.244.2.67   node02   <none>           <none>
tomcat-6d98f4958-n87hz      1/1     Running   3          5d9h    10.244.2.70   node02   <none>           <none>
tomcat-6d98f4958-n94b4      1/1     Running   9          5d9h    10.244.1.75   node01   <none>           <none>