k8s的存储
查k8s支持的存储
[root@master ~]# kubectl explain pods.spec.volumes KIND: Pod VERSION: v1 RESOURCE: volumes <[]Object> DESCRIPTION: List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes Volume represents a named volume in a pod that may be accessed by any container in the pod. FIELDS: awsElasticBlockStore <Object> 亚马逊云存储 AWSElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore azureDisk <Object> AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. azureFile <Object> AzureFile represents an Azure File Service mount on the host and bind mount to the pod. cephfs <Object> CephFS represents a Ceph FS mount on the host that shares a pod's lifetime cinder <Object> Cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md configMap <Object> ConfigMap represents a configMap that should populate this volume csi <Object> CSI (Container Storage Interface) represents storage that is handled by an external CSI driver (Alpha feature). downwardAPI <Object> DownwardAPI represents downward API about the pod that should populate this volume emptyDir <Object> 临时目录(空目录),与pod的一起存在,pod删除后存储也删除 EmptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir fc <Object> FC represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. flexVolume <Object> FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. flocker <Object> Flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running gcePersistentDisk <Object> 谷歌云 GCEPersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk gitRepo <Object> Git仓库 GitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. glusterfs <Object> Glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md hostPath <Object> 主机目录,在一定程度上实现数据持久;仅本机pod重新调度数据不存在 HostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath iscsi <Object> ISCSI represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md name <string> -required- Volume's name. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names nfs <Object> 共享存储 NFS represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs persistentVolumeClaim <Object> 持久数据卷申请 PersistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims photonPersistentDisk <Object> PhotonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine portworxVolume <Object> PortworxVolume represents a portworx volume attached and mounted on kubelets host machine projected <Object> Items for all in one resources secrets, configmaps, and downward API quobyte <Object> Quobyte represents a Quobyte mount on the host that shares a pod's lifetime rbd <Object> RBD represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md scaleIO <Object> ScaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. secret <Object> Secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret storageos <Object> StorageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. vsphereVolume <Object> VsphereVolume represents a vSphere volume attached and mounted on kubelets host machine
编写一个
[root@master vml]# cat myapp.yaml apiVersion: v1 kind: Pod metadata: name: pod-demo namespace: default labels: app: myapp tier: frontend spec: containers: - name: myapp image: ikubernetes/myapp:v1 ports: - name: http containerPort: 80 - name: https containerPort: 443 volumeMounts: - name: html 挂在名字为html设备 mountPath: /chenxi/cx 挂在点;在容器里可以不存在会自动创建 - name: busybox image: busybox:latest imagePullPolicy: IfNotPresent command: - "/bin/sh" - "-c" - "sleep 360000" volumeMounts: - name: html 挂在设备 mountPath: /cx 挂在点 volumes: - name: html 名字 emptyDir: {} 都可以省略,类型是空表示磁盘;上限可以省略
创建pod后 分别进入pod的两个容器测试
[root@master ~]# kubectl exec -it pod-demo -c busybox -- /bin/sh #进入第二个容器 / # ls bin cx dev etc home proc root sys tmp usr var / # cd cx/ /cx # ls html /cx # echo $(date) >> html /cx # echo $(date) >> html /cx # echo $(date) >> html /cx # echo $(date) >> html /cx # echo $(date) >> html /cx # echo $(date) >> html /cx # echo $(date) >> html /cx # echo $(date) >> html /cx # echo $(date) >> html /cx # echo $(date) >> html /cx # echo $(date) >> html /cx # echo $(date) >> html /cx # echo $(date) >> html /cx # echo $(date) >> html /cx # echo "chenxi" >> html [root@master ~]# kubectl exec -it pod-demo -c myapp -- /bin/sh #进入第一个容器 / # ls bin chenxi dev etc home lib media mnt proc root run sbin srv sys tmp usr var / # cd chenxi/cx/ /chenxi/cx # cat html Sun Apr 26 08:44:34 UTC 2020 Sun Apr 26 08:44:35 UTC 2020 Sun Apr 26 08:44:35 UTC 2020 Sun Apr 26 08:44:35 UTC 2020 Sun Apr 26 08:44:36 UTC 2020 Sun Apr 26 08:44:36 UTC 2020 Sun Apr 26 08:44:37 UTC 2020 Sun Apr 26 08:44:37 UTC 2020 Sun Apr 26 08:44:37 UTC 2020 Sun Apr 26 08:44:38 UTC 2020 Sun Apr 26 08:44:38 UTC 2020 Sun Apr 26 08:44:38 UTC 2020 Sun Apr 26 08:44:39 UTC 2020 Sun Apr 26 08:44:39 UTC 2020 chenxi
主机目录卷的介绍 官方文档 https://kubernetes.io/docs/concepts/storage/volumes/#hostpath
[root@master vml]# kubectl explain pods.spec.volumes.hostPath KIND: Pod VERSION: v1 RESOURCE: hostPath <Object> DESCRIPTION: HostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath Represents a host path mapped into a pod. Host path volumes do not support ownership management or SELinux relabeling. FIELDS: path <string> -required- 主机路径 Path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath type <string> 类型 Type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath type的值 类型为空:空字符串(默认)是为了向后兼容,这意味着在装入hostPath卷之前将不执行任何检查。 DirectoryOrCreate:如果给定路径上不存在任何内容,则将根据需要在该目录中创建一个空目录,并将权限设置为0755,该目录与Kubelet具有相同的组和所有权。 Directory:必须给定一个已存在的目录 FileOrCreate: 如果给定路径上不存在任何内容,则将根据需要在其中创建一个空文件,并将权限设置为0644,并与Kubelet具有相同的组和所有权。 File: 给定的文件必须存在 Socket: 给定的UNIX 套接字文件必须存在 CharDevice: 给定已存在的字符设备 BlockDevice: 必须给定已存在的块设备
当使用这种类型的卷时要小心,因为:
- 具有相同配置(例如从 podTemplate 创建)的多个 Pod 会由于节点上文件的不同而在不同节点上有不同的行为。
- 当 Kubernetes 按照计划添加资源感知的调度时,这类调度机制将无法考虑由
hostPath
使用的资源。 - 基础主机上创建的文件或目录只能由 root 用户写入。您需要在 特权容器 中以 root 身份运行进程,或者修改主机上的文件权限以便容器能够写入
hostPath
卷。
应注意,该FileOrCreate
模式不会创建文件的父目录。如果挂载文件的父目录不存在,则pod无法启动。
编写hostpath类型的文建
[root@master vml]# cat hostpath.yaml apiVersion: v1 kind: Pod metadata: name: host-1 namespace: default labels: app: myapp tier: frontend spec: containers: - name: myapp image: ikubernetes/myapp:v1 ports: - name: http containerPort: 80 - name: https containerPort: 443 volumeMounts: - name: html mountPath: /chenxi/cx - name: busybox image: busybox:latest imagePullPolicy: IfNotPresent command: - "/bin/sh" - "-c" - "echo 'chenxi1234' >> /cx/html " volumeMounts: - name: html mountPath: /cx volumes: - name: html hostPath: path: /data node节点目录我没有创建 type: DirectoryOrCreate 让他检查如果不存在自己创建
node节点查看
[root@node02 ~]# ls /data/ ls: 无法访问/data/: 没有那个文件或目录 [root@master vml]# kubectl apply -f hostpath.yaml [root@node02 ~]# ls /data/ html
部署Nfs 实现pod数据持久化,并测试是否可以正常挂载
yum -y install nfs-utils [root@ES ~]# vim /etc/exports /data/kubernetes 192.168.10.21(rw,sync,no_root_squash,no_all_squash) /data/kubernetes 192.168.10.22(rw,sync,no_root_squash,no_all_squash) mkdir /data/kubernetes systemctl start nfs node节点挂载 yum -y install nfs-utils.x86_64 mkdir /kubernetes/pod -p mount -t nfs 192.168.10.16:/data/kubernetes /kubernetes/pod umount /kubernetes/pod 卸载不用主机挂载
编写文件
[root@master vml]# cat nfs.yaml apiVersion: v1 kind: Pod metadata: name: nfs-1 namespace: default labels: app: myapp tier: frontend spec: containers: - name: myapp image: ikubernetes/myapp:v1 ports: - name: http containerPort: 80 - name: https containerPort: 443 volumeMounts: - name: html mountPath: /chenxi/cx - name: busybox image: busybox:latest imagePullPolicy: IfNotPresent command: - "/bin/sh" - "-c" - "echo 'chenxi1234' >> /cx/html " volumeMounts: - name: html mountPath: /cx volumes: - name: html nfs: path: /data/kubernetes :nfs共享目录 server: 192.168.10.16 : nfs 主机 # readOnly : 是否只读方式挂载;不写就是不以只读方式挂载
创建测试
[root@master vml]# kubectl apply -f nfs.yaml pod/nfs-1 configured [root@ES ~]# cat /data/kubernetes/html 在nfs查看生成文件 chenxi1234 chenxi1234 chenxi1234 chenxi1234 chenxi1234 chenxi1234 [root@master vml]# kubectl get pods -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES myapp-dp-75889b7b8c-kcddh 1/1 Running 4 5d10h 10.244.1.71 node01 <none> <none> myapp-dp-75889b7b8c-p9cfk 1/1 Running 3 5d10h 10.244.2.66 node02 <none> <none> mysql-sgtwf 1/1 Running 9 95d 10.244.1.72 node01 <none> <none> nfs-1 1/2 Running 6 6m11s 10.244.2.73 node02 <none> <none> nginx 2/2 Running 14 37d 10.244.1.74 node01 <none> <none> test-downwardapi-volume 1/1 Running 6 37d 10.244.1.76 node01 <none> <none> test-projected-volume 1/1 Running 9 8d 10.244.1.73 node01 <none> <none> tomcat-6d98f4958-7mwzm 1/1 Running 3 5d9h 10.244.2.67 node02 <none> <none> tomcat-6d98f4958-n87hz 1/1 Running 3 5d9h 10.244.2.70 node02 <none> <none> tomcat-6d98f4958-n94b4 1/1 Running 9 5d9h 10.244.1.75 node01 <none> <none>
草都可以从石头缝隙中长出来更可况你呢