当前位置：首页 > news >正文

网站建设方案报告wordpress查看主题

news 2025/12/20 21:26:37

网站建设方案报告,wordpress查看主题,嘉兴网站排名优化价格,郑州做网站加密的公司k8s集群存储解决方案 GlusterFS 一、存储解决方案介绍1.1 GlusterFS1.2 Heketi 二、环境说明2.1 k8s集群2.2 GlusterFS集群三、GlusterFS集群部署3.1 主机准备3.1.1 主机名配置3.1.2 IP配置3.1.4 主机间免密登录设置3.1.5 硬盘准备3.1.5.1 查看硬盘3.1.5.2 格式化硬盘 3.1.6 硬… k8s集群存储解决方案 GlusterFS 一、存储解决方案介绍1.1 GlusterFS1.2 Heketi 二、环境说明2.1 k8s集群2.2 GlusterFS集群三、GlusterFS集群部署3.1 主机准备3.1.1 主机名配置3.1.2 IP配置3.1.4 主机间免密登录设置3.1.5 硬盘准备3.1.5.1 查看硬盘3.1.5.2 格式化硬盘 3.1.6 硬盘自动挂载准备3.1.6.1 准备挂载目录3.1.6.2 修改/etc/fstab文件实现自动挂载 3.2 安全设置3.2.1 firewalld设置3.2.2 SELinux设置 3.3 时间同步设置3.4 GlusterFS安装3.4.1 YUM源准备3.4.2 GlusterFS安装 3.5 GlusterFS集群配置3.6 添加复制卷验证GlusterFS集群可用性3.6.1 创建复制卷3.6.2 启动复制卷3.6.3 查询复制卷状态3.6.4 查看复制卷信息3.6.5 如果某一个brick不在线会影响客户端挂载(可选)3.6.6 限额问题(可选) 3.7 在k8s集群工作节点验证GlusterFS集群可用性四、Heketi安装4.1 配置Heketi YUM源4.2 安装Heketi4.2.1 k8s集群master节点安装4.2.2 k8s集群工作节点安装 4.3 在k8s集群master节点修改Heketi配置文件4.3.1 在k8s集群master节点查看并备份文件4.3.2 在k8s集群master节点修改配置文件 4.4 配置ssh密钥4.4.1 生成密钥并验证 4.5 启动Heketi4.6 验证Heketi4.7 创建集群4.8 添加节点4.9 添加设备4.9.1 错误的示范4.9.2 添加新硬盘4.9.3 添加GlusterFS集群节点中的设备到Heketi集群4.9.4 验证节点及设备添加情况 4.10 测试通过Heketi在GlusterFS集群中添加volume 五、K8S集群使用GlusterFS集群5.1 在k8s集群master节点创建storageclass资源清单文件5.2 在k8s集群master节点应用上述资源清单文件5.3 在k8s集群master节点验证是否创建storageclass存储对象5.4 在k8s集群master节点创建用于创建PVC的资源清单文件5.5 在k8s集群master节点应用上述资源清单文件5.6 在k8s集群master节点验证是否创建PVC5.7 在k8s集群master节点创建Pod时使用上述创建的PVC5.8 关于storageclass资源清单的扩展5.9 FAQ问题一、存储解决方案介绍 1.1 GlusterFS GlusterFS是一个开源的分布式文件系统具有强大的横向扩展能力通过扩展能够支持数PB存储容量和处理数千客户端GlusterFS 借助 TCP/IP 或 InfiniBandRDMA 网络将物理分布的存储资源聚集在一起使用单一全局命名空间来管理数据。 1.2 Heketi Heketihttps://github.com/heketi/heketi是一个基于RESTful API的GlusterFS卷管理框架。Heketi 可以方便地和云平台整合提供RESTful API供Kubernetes调用实现多GlusterFS集群的卷管理Heketi还有保证bricks和它对应的副本均匀分布在集群中的不同可用区的优点。二、环境说明 2.1 k8s集群 kubeadmkubeletkubectldocker节点数v1.21.10v1.21.10v1.21.1020.10-173;1master2slave 主机IP地址Heketimaster01192.168.10.11heketi heketi-clientworker01192.168.10.12heketi-clientworker02192.168.10.13heketi-client 2.2 GlusterFS集群主机IP地址硬盘硬盘容量g1192.168.10.60/dev/sdb100Gg2192.168.10.61/dev/sdb100Gg3192.168.10.62/dev/sdb100G 三、GlusterFS集群部署 3.1 主机准备 3.1.1 主机名配置 3.1.2 IP配置 [rootlocalhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICEeth0 TYPEEthernet ONBOOTyes BOOTPROTOstatic IPADDR192.168.10.6X NETMASK255.255.255.0 GATEWAY192.168.10.2 DNS1119.29.29.29X为0123.1.4 主机间免密登录设置在g1主机操作然后copy到其它主机即可。 3.1.5 硬盘准备 3.1.5.1 查看硬盘所有GlusterFS集群节点全部操作仅在g1主机演示操作方法。 [rootgX ~]# lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT vda 252:0 0 20G 0 disk ├─vda1 252:1 0 1G 0 part /boot └─vda2 252:2 0 19G 0 part├─centos-root 253:0 0 17G 0 lvm /└─centos-swap 253:1 0 2G 0 lvm [SWAP] sdb 252:16 0 100G 0 disk3.1.5.2 格式化硬盘 [rootgX ~]# mkfs.xfs /dev/sdb meta-data/dev/sdb isize512 agcount4, agsize6553600 blks sectsz512 attr2, projid32bit1 crc1 finobt0, sparse0 data bsize4096 blocks26214400, imaxpct25 sunit0 swidth0 blks naming version 2 bsize4096 ascii-ci0 ftype1 log internal log bsize4096 blocks12800, version2 sectsz512 sunit0 blks, lazy-count1 realtime none extsz4096 blocks0, rtextents03.1.6 硬盘自动挂载准备 3.1.6.1 准备挂载目录 [rootg1 ~]# mkdir /glustersdb3.1.6.2 修改/etc/fstab文件实现自动挂载 [rootgX ~]# cat /etc/fstab ...... /dev/sdb /glustersdb xfs defaults 0 0挂载所有 [rootgX ~]# mount -a 查看文件系统挂载情况 [rootgX ~]# df -h 文件系统容量已用可用已用% 挂载点 /dev/mapper/centos-root 17G 1.1G 16G 7% / devtmpfs 988M 0 988M 0% /dev tmpfs 1000M 0 1000M 0% /dev/shm tmpfs 1000M 8.6M 991M 1% /run tmpfs 1000M 0 1000M 0% /sys/fs/cgroup /dev/vda1 1014M 133M 882M 14% /boot tmpfs 98M 0 98M 0% /run/user/0 /dev/sdb 100G 33M 100G 1% /glustersdb3.2 安全设置 3.2.1 firewalld设置 [rootgX ~]# systemctl disable firewalld3.2.2 SELinux设置所有主机均要修改修改后请重启系统让修改生效。 [rootgX ~]# sed -ri s/SELINUXenforcing/SELINUXdisabled/ /etc/selinux/config3.3 时间同步设置 [rootgX ~]# crontab -l 0 */1 * * * ntpdate time1.aliyun.com3.4 GlusterFS安装 3.4.1 YUM源准备 [rootgX ~]# yum -y install centos-release-gluster [rootgX ~]# ls /etc/yum.repos.d/ CentOS-Gluster-7.repo CentOS-Storage-common.repo tuna.repo3.4.2 GlusterFS安装关于软件的依赖待补充。 [rootgX ~]# yum -y install glusterfs glusterfs-server glusterfs-fuse glusterfs-rdma fuse [rootgX ~]# systemctl enable glusterd [rootgX ~]# systemctl start glusterd3.5 GlusterFS集群配置在GlusterFS集群g1主机上添加g2和g3 2台主机。 [rootg1 ~]# gluster peer probe g2 peer probe: success. [rootg1 ~]# gluster peer probe g3 peer probe: success.[rootg1 ~]# gluster peer status Number of Peers: 2Hostname: g2 Uuid: 7660736f-056b-414e-8b0c-b5272265946c State: Peer in Cluster (Connected)Hostname: g3 Uuid: 75b7c358-edbe-438c-ad72-2ce16ffabf9d State: Peer in Cluster (Connected)[rootg2 ~]# gluster peer status Number of Peers: 2Hostname: g1 Uuid: 920e9070-1336-4bff-8bfd-eb6161d035d3 State: Peer in Cluster (Connected)Hostname: g3 Uuid: 75b7c358-edbe-438c-ad72-2ce16ffabf9d State: Peer in Cluster (Connected)[rootg3 ~]# gluster peer status Number of Peers: 2Hostname: g1 Uuid: 920e9070-1336-4bff-8bfd-eb6161d035d3 State: Peer in Cluster (Connected)Hostname: g2 Uuid: 7660736f-056b-414e-8b0c-b5272265946c State: Peer in Cluster (Connected)3.6 添加复制卷验证GlusterFS集群可用性如果是为K8S集群提供持久化存储请不要再继续验证GlusterFS集群可用性或验证完成后重新添加硬盘。在GlusterFS集群任意节点均可完成 3.6.1 创建复制卷 [rootg1 ~]# gluster volume create k8s-test-volume replica 3 g1:/glustersdb/r1 g2:/glustersdb/r2 g3:/glustersdb/r3 volume create: k8s-test-volume: success: please start the volume to access data [rootg1 ~]# ls /glustersdb r1 [rootg2 ~]# ls /glustersdb r2 [rootg3 ~]# ls /glustersdb r33.6.2 启动复制卷 [rootg1 ~]# gluster volume start k8s-test-volume volume start: k8s-test-volume: success3.6.3 查询复制卷状态 [rootg1 ~]# gluster volume status k8s-test-volume Status of volume: k8s-test-volume Gluster process TCP Port RDMA Port Online Pid ------------------------------------------------------------------------------ Brick g1:/glustersdb/r1 49152 0 Y 6622 Brick g2:/glustersdb/r2 49152 0 Y 6518 Brick g3:/glustersdb/r3 49152 0 Y 6518 Self-heal Daemon on localhost N/A N/A Y 6643 Self-heal Daemon on g3 N/A N/A Y 6539 Self-heal Daemon on g2 N/A N/A Y 6539Task Status of Volume k8s-test-volume ------------------------------------------------------------------------------ There are no active volume tasks3.6.4 查看复制卷信息 [rootg1 ~]# gluster volume info k8s-test-volume Volume Name: k8s-test-volume Type: Replicate #复制卷 Volume ID: 0529c5f6-1ac0-40ea-a29c-6c4f85dc54cb Status: Started Snapshot Count: 0 #快照 Number of Bricks: 1 x 3 3 Transport-type: tcp Bricks: Brick1: g1:/glustersdb/r1 Brick2: g2:/glustersdb/r2 Brick3: g3:/glustersdb/r3 Options Reconfigured: transport.address-family: inet storage.fips-mode-rchecksum: on nfs.disable: on performance.client-io-threads: off3.6.5 如果某一个brick不在线会影响客户端挂载(可选) 设置后可以允许volume中的某块brick不在线的情况 [rootg1 glusterfs]# gluster volume set k8s-test-volume cluster.server-quorum-type none volume set: success [rootg1 glusterfs]# gluster volume set k8s-test-volume cluster.quorum-type none volume set: success3.6.6 限额问题(可选) [rootg1 ~]# gluster volume quota k8s-test-volume enable volume quota : success [rootg1 ~]# gluster volume quota k8s-test-volume limit-usage / 10GB volume quota : success3.7 在k8s集群工作节点验证GlusterFS集群可用性由于仅使用一个工作节点验证GlusterFS集群可用性因此没有必要为所有工作节点全部安装GlusterFS客户端。 [rootworker01 ~]# yum -y install centos-release-gluster [rootworker01 ~]# yum -y install glusterfs glusterfs-fuse[rootworker01 ~]# mkdir /k8s-glusterfs-test-volume 如果使用主机名挂载g1,g2,g3主机名需要添加到解析。 [rootworker01 ~]# mount -t glusterfs g1:/k8s-test-volume /k8s-glusterfs-test-volume[rootworker01 ~]# df -h 文件系统容量已用可用已用% 挂载点 ...... g1:/k8s-test-volume 100G 1.1G 99G 2% /k8s-glusterfs-test-volume [rootworker01 ~]# umount /k8s-glusterfs-test-volume四、Heketi安装 heketi是为glusterfs提供RESETFUL的API 相当于给glusterfs和k8s之间架通了桥梁。k8s集群可以通过heketi提供的RESETFUL API完成对Glusterfs的PV申请和管理。 4.1 配置Heketi YUM源 k8s集群所有节点均需要 [rootmaster01 ~]# yum -y install centos-release-gluster4.2 安装Heketi 4.2.1 k8s集群master节点安装 [rootmaster01 ~]# yum -y install heketi heketi-client4.2.2 k8s集群工作节点安装 [rootworker01 ~]# yum -y install heketi-client[rootworker02 ~]# yum -y install heketi-client4.3 在k8s集群master节点修改Heketi配置文件 4.3.1 在k8s集群master节点查看并备份文件 [rootmaster01 ~]# ls /etc/heketi/ heketi.json [rootmaster01 ~]# cp /etc/heketi/heketi.json{,.bak} [rootmaster01 ~]# ls /etc/heketi/ heketi.json heketi.json.bak4.3.2 在k8s集群master节点修改配置文件 [rootmaster01 ~]# cat /etc/heketi/heketi.json {_port_comment: Heketi Server Port Number,port: 18080, 修改为18080防止与其它端口冲突_use_auth: Enable JWT authorization. Please enable for deployment,use_auth: true, 开启用户认证_jwt: Private keys for access,jwt: {_admin: Admin has access to all APIs,admin: {key: adminkey 用户认证的key},_user: User only has access to /volumes endpoint,user: {key: My Secret}},_glusterfs_comment: GlusterFS Configuration,glusterfs: {_executor_comment: [Execute plugin. Possible choices: mock, ssh,mock: This setting is used for testing and development., It will not send commands to any node.,ssh: This setting will notify Heketi to ssh to the nodes., It will need the values in sshexec to be configured.,kubernetes: Communicate with GlusterFS containers over, Kubernetes exec api.],executor: ssh, 访问glusterfs集群的方法_sshexec_comment: SSH username and private key file information,sshexec: {keyfile: /etc/heketi/heketi_key, 访问glusterfs集群使用的私钥需要提前在k8s集群master节点生成并copy到glusterfs集群所有节点,需要从/root/.ssh/id_rsa复制到此处才可以使用。user: root, 认证使用的用户port: 22, ssh连接使用的端口fstab: /etc/fstab 挂载的文件系统},_kubeexec_comment: Kubernetes configuration,kubeexec: {host :https://kubernetes.host:8443,cert : /path/to/crt.file,insecure: false,user: kubernetes username,password: password for kubernetes user,namespace: OpenShift project or Kubernetes namespace,fstab: Optional: Specify fstab file on node. Default is /etc/fstab},_db_comment: Database file name,db: /var/lib/heketi/heketi.db, 数据库位置_loglevel_comment: [Set log level. Choices are:, none, critical, error, warning, info, debug,Default is warning],loglevel : warning 修改日志级别} }需要说明的是heketi有三种executor分别为mock、ssh、kubernetes建议在测试环境使用mock生产环境使用ssh当glusterfs以容器的方式部署在kubernetes上时才使用kubernetes。我们这里将glusterfs和heketi独立部署使用ssh的方式。 4.4 配置ssh密钥在上面我们配置heketi的时候使用了ssh的executor那么就需要heketi服务器能通过ssh密钥的方式连接到所有glusterfs节点进行管理操作所以需要先生成ssh密钥 4.4.1 生成密钥并验证 [rootmaster01 ~]# ssh-keygen -t rsa -f /root/.ssh/id_rsa -N [rootmaster01 ~]# ssh-copy-id 192.168.10.60 [rootmaster01 ~]# ssh-copy-id 192.168.10.61 [rootmaster01 ~]# ssh-copy-id 192.168.10.62验证密钥的可用性 [rootmaster01 ~]# ssh 192.168.10.60 Last login: Wed Jan 29 20:17:39 2020 from 192.168.10.1 [rootg1 ~]# exit 登出 Connection to 192.168.10.60 closed. [rootmaster01 ~]# ssh 192.168.10.61 [rootmaster01 ~]# ssh 192.168.10.62### 复制私密到/etc/heketi目录 [rootmaster01 ~]# cp .ssh/id_rsa /etc/heketi/heketi_key [rootmaster01 ~]# ls /etc/heketi/ heketi.json heketi.json.bak heketi_key4.5 启动Heketi 默认yum安装后/etc/heketi及/var/lib/heketi目录所有者是root, 但是安装提供的service文件的user又是heketi. 导致不修改权限就是启动不起来因此需要修改权限再启动服务。 [rootmaster01 heketi]# chown heketi:heketi /etc/heketi/ -R || chown heketi:heketi /var/lib/heketi -R[rootmaster01 ~]# systemctl enable heketi [rootmaster01 ~]# systemctl start heketi [rootmaster01 ~]# systemctl status heketi ● heketi.service - Heketi ServerLoaded: loaded (/usr/lib/systemd/system/heketi.service; enabled; vendor preset: disabled)Active: active (running) since 三 2020-01-29 22:13:52 CST; 2min 31s agoMain PID: 23664 (heketi)Tasks: 11Memory: 8.8MCGroup: /system.slice/heketi.service└─23664 /usr/bin/heketi --config/etc/heketi/heketi.json4.6 验证Heketi 验证是否可以创建集群 [rootmaster01 ~]# heketi-cli --user admin --secret adminkey --server http://192.168.10.11:18080 --json cluster create {id:1c8824939237ea79aa17a127e958fc92,nodes:[],volumes:[],block:true,file:true,blockvolumes:[]}删除已创建的集群 [rootmaster01 ~]# heketi-cli --user admin --secret adminkey --server http://192.168.10.11:18080 --json cluster delete 1c8824939237ea79aa17a127e958fc92 Cluster 1c8824939237ea79aa17a127e958fc92 deleted4.7 创建集群 [rootmaster01 ~]# heketi-cli --user admin --secret adminkey --server http://192.168.10.11:18080 --json cluster create {id:dd456dbc15f1206e980fdb5345117085,nodes:[],volumes:[],block:true,file:true,blockvolumes:[]}说明 192.168.10.11 为在k8s集群master节点IP4.8 添加节点添加g1 [rootmaster01 ~]# heketi-cli --user admin --secret adminkey --server http://192.168.10.11:18080 --json node add --cluster dd456dbc15f1206e980fdb5345117085 --management-host-name 192.168.10.60 --storage-host-name 192.168.10.60 --zone 1 {zone:1,hostnames:{manage:[192.168.10.60],storage:[192.168.10.60]},cluster:dd456dbc15f1206e980fdb5345117085,id:217899105fa01434f9f29625e7ad9cfb,state:online,devices:[]} 添加g2 [rootmaster01 ~]# heketi-cli --user admin --secret adminkey --server http://192.168.10.11:18080 --json node add --cluster dd456dbc15f1206e980fdb5345117085 --management-host-name 192.168.10.61 --storage-host-name 192.168.10.61 --zone 1 {zone:1,hostnames:{manage:[192.168.10.61],storage:[192.168.10.61]},cluster:dd456dbc15f1206e980fdb5345117085,id:b8cb7ce3f753fea41bb170f2639a1554,state:online,devices:[]} 添加g3 [rootmaster01 ~]# heketi-cli --user admin --secret adminkey --server http://192.168.10.11:18080 --json node add --cluster dd456dbc15f1206e980fdb5345117085 --management-host-name 192.168.10.62 --storage-host-name 192.168.10.62 --zone 1 {zone:1,hostnames:{manage:[192.168.10.62],storage:[192.168.10.62]},cluster:dd456dbc15f1206e980fdb5345117085,id:bd7637215a852092583d7e5cd84b6c9e,state:online,devices:[]}查看集群中node列表 [rootmaster01 ~]# heketi-cli --user admin --secret adminkey --server http://192.168.10.11:18080 node list Id:217899105fa01434f9f29625e7ad9cfb Cluster:dd456dbc15f1206e980fdb5345117085 Id:b8cb7ce3f753fea41bb170f2639a1554 Cluster:dd456dbc15f1206e980fdb5345117085 Id:bd7637215a852092583d7e5cd84b6c9e Cluster:dd456dbc15f1206e980fdb53451170854.9 添加设备 4.9.1 错误的示范 [rootmaster01 ~]# heketi-cli --user admin --secret adminkey --server http://192.168.10.11:18080 device add --name /dev/sdb --node 217899105fa01434f9f29625e7ad9cfb Error: Setup of device /dev/sdb failed (already initialized or contains data?): Cant open /dev/sdb exclusively. Mounted filesystem?Cant open /dev/sdb exclusively. Mounted filesystem?4.9.2 添加新硬盘如果没有做使用测试可以不操作此步骤。 [rootg1 ~]# lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT vda 252:0 0 20G 0 disk ├─vda1 252:1 0 1G 0 part /boot └─vda2 252:2 0 19G 0 part├─centos-root 253:0 0 17G 0 lvm /└─centos-swap 253:1 0 2G 0 lvm [SWAP] sdb 252:16 0 100G 0 disk /glustersdb sdc 252:32 0 50G 0 disk [rootg2 ~]# lsblk [rootg3 ~]# lsblk4.9.3 添加GlusterFS集群节点中的设备到Heketi集群 [rootmaster01 ~]# heketi-cli --user admin --secret adminkey --server http://192.168.10.11:18080 device add --name /dev/sdc --node 217899105fa01434f9f29625e7ad9cfb Device added successfully [rootmaster01 ~]# heketi-cli --user admin --secret adminkey --server http://192.168.10.11:18080 device add --name /dev/sdc --node b8cb7ce3f753fea41bb170f2639a1554 [rootmaster01 ~]# heketi-cli --user admin --secret adminkey --server http://192.168.10.11:18080 device add --name /dev/sdc --node bd7637215a852092583d7e5cd84b6c9e4.9.4 验证节点及设备添加情况 [rootmaster01 ~]# heketi-cli --user admin --secret adminkey --server http://192.168.10.11:18080 topology info 或 [rootmaster01 ~]# heketi-cli --user admin --secret adminkey --server http://192.168.10.11:18080 topology info --json4.10 测试通过Heketi在GlusterFS集群中添加volume ### 在k8s集群master节点查看是否有volume [rootmaster01 ~]# heketi-cli --user admin --secret adminkey --server http://192.168.10.11:18080 volume list ### 在k8s集群master节点创建volume 获取帮助 [rootmaster01 ~]# heketi-cli --user admin --secret adminkey --server http://192.168.10.11:18080 volume create -h创建一个复制卷共5G大小。卷的名称自动生成。 [rootmaster01 ~]# heketi-cli --user admin --secret adminkey --server http://192.168.10.11:18080 volume create --size5 --replica2 Name: vol_80539c6510a73f70ad3453c221901334 Size: 5 Volume Id: 80539c6510a73f70ad3453c221901334 Cluster Id: dd456dbc15f1206e980fdb5345117085 Mount: 192.168.10.60:vol_80539c6510a73f70ad3453c221901334 Mount Options: backup-volfile-servers192.168.10.61,192.168.10.62 Block: false Free Size: 0 Reserved Size: 0 Block Hosting Restriction: (none) Block Volumes: [] Durability Type: replicate Distribute Count: 1 Replica Count: 2验证卷是否创建 [rootmaster01 ~]# heketi-cli --user admin --secret adminkey --server http://192.168.10.11:18080 volume list Id:80539c6510a73f70ad3453c221901334 Cluster:dd456dbc15f1206e980fdb5345117085 Name:vol_80539c6510a73f70ad3453c221901334在GlusterFS集群节点中验证即可看到已创建的卷。 [rootg1 ~]# gluster volume list k8s-test-volume vol_80539c6510a73f70ad3453c221901334五、K8S集群使用GlusterFS集群提示k8s中使用glusterfs的时候会根据pvc的申请自动创建对应的pv 然后绑定。 5.1 在k8s集群master节点创建storageclass资源清单文件 [rootmaster01 yaml]# cat storageclass-gluserfs.yaml apiVersion: storage.k8s.io/v1 kind: StorageClass metadata:name: glusterfs provisioner: kubernetes.io/glusterfs #表示存储分配器需要根据后端存储的不同而变更 parameters:resturl: http://192.168.10.11:18080 #heketi API服务提供的URL,为k8s集群master节点IPrestauthenabled: true #可选参数默认为false,heketi服务开启认证时必须设置为truerestuser: admin #可选参数开启认证时设置相应用户名restuserkey: adminkey #可选开启认证时设置密码volumetype: replicate:2 #可选参数设置卷类型及其参数如果未分配卷类型则有分配器决定卷类型如”volumetype: replicate:3”表示3副本的replicate卷”volumetype: disperse:4:2”表示disperse卷其中‘4’是数据’2’是冗余校验”volumetype: none”表示distribute卷5.2 在k8s集群master节点应用上述资源清单文件 [rootmaster01 yaml]# kubectl apply -f storageclass-gluserfs.yaml storageclass.storage.k8s.io/glusterfs created5.3 在k8s集群master节点验证是否创建storageclass存储对象 [rootmaster01 yaml]# kubectl get sc NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE glusterfs kubernetes.io/glusterfs Delete Immediate false 48s5.4 在k8s集群master节点创建用于创建PVC的资源清单文件 [rootmaster01 yaml]# cat glusterfs-pvc.yaml kind: PersistentVolumeClaim apiVersion: v1 metadata:name: glusterfs-mysqlnamespace: defaultannotations:volume.beta.kubernetes.io/storage-class: glusterfs spec:accessModes:- ReadWriteManyresources:requests:storage: 2Gi5.5 在k8s集群master节点应用上述资源清单文件 [rootmaster01 yaml]# kubectl apply -f glusterfs-pvc.yaml persistentvolumeclaim/glusterfs-mysql created5.6 在k8s集群master节点验证是否创建PVC [rootmaster01 yaml]# kubectl get pv,pvc NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE persistentvolume/pvc-77d6fca6-f284-49fb-a0f3-8f5664690562 2Gi RWX Delete Bound default/glusterfs-mysql glusterfs 2s NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE persistentvolumeclaim/glusterfs-mysql Bound pvc-77d6fca6-f284-49fb-a0f3-8f5664690562 2Gi RWX glusterfs 3s5.7 在k8s集群master节点创建Pod时使用上述创建的PVC [rootmaster01 yaml]# cat mysql.yaml apiVersion: v1 kind: Service metadata:name: mysql-svclabels:app: mysql-svc spec:ports:- port: 3306name: mysqlclusterIP: Noneselector:name: mysql --- apiVersion: apps/v1 kind: StatefulSet metadata:name: mysqlnamespace: default spec:serviceName: mysql-svcselector:matchLabels:name: mysqlreplicas: 1template:metadata:labels:name: mysqlspec:containers:- name: mysqlimage: mysql:5.7imagePullPolicy: IfNotPresentenv:- name: MYSQL_ROOT_PASSWORDvalue: 123456ports:- containerPort: 3306name: mysqlvolumeMounts:- name: glusterfs-mysql-datamountPath: /var/lib/mysqlvolumes:- name: glusterfs-mysql-datapersistentVolumeClaim:claimName: glusterfs-mysql[rootmaster01 yaml]# kubectl apply -f mysql.yaml service/mysql-svc created statefulset.apps/mysql created [rootmaster01 ~]# kubectl get pods NAME READY STATUS RESTARTS AGE busybox-pod 1/1 Running 247 14d mysql-0 1/1 Running 0 27s nfs-client-provisioner-5786f95795-x7bcs 1/1 Running 1 30h [rootmaster01 ~]# kubectl exec -it mysql-0 sh # mysql -uroot -p123456 mysql: [Warning] Using a password on the command line interface can be insecure. Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 2 Server version: 5.7.29 MySQL Community Server (GPL)Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved.Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.Type help; or \h for help. Type \c to clear the current input statement. mysql show databases; -------------------- | Database | -------------------- | information_schema | | mysql | | performance_schema | | sys | -------------------- 4 rows in set (0.01 sec)mysql create database k8sonline; Query OK, 1 row affected (0.01 sec)mysql show databases; -------------------- | Database | -------------------- | information_schema | | k8sonline | | mysql | | performance_schema | | sys | -------------------- 5 rows in set (0.01 sec)查看GlusterFS集群数据存储位置在g1节点 [rootg1 ~]# gluster volume list vol_80539c6510a73f70ad3453c221901334 [rootg1 ~]# gluster volume info vol_80539c6510a73f70ad3453c221901334 Volume Name: vol_80539c6510a73f70ad3453c221901334 Type: Replicate Volume ID: 5df33cf0-093d-4a6c-9a2c-d2b4ec195c9e Status: Started Snapshot Count: 0 Number of Bricks: 1 x 2 2 Transport-type: tcp Bricks: Brick1: 192.168.10.61:/var/lib/heketi/mounts/vg_d62a7a4a632dd4864edc367c952d0fa9/brick_f7d134a34348c334a369b84604db9a40/brick Brick2: 192.168.10.60:/var/lib/heketi/mounts/vg_6e8d391aec35995a4ee82e53e986bf70/brick_b4caa8e338233c536fd98966eeccce98/brick Options Reconfigured: user.heketi.id: 80539c6510a73f70ad3453c221901334 transport.address-family: inet storage.fips-mode-rchecksum: on nfs.disable: on performance.client-io-threads: off 在g2节点 [rootg2 ~]# ls /var/lib/heketi/mounts/vg_d62a7a4a632dd4864edc367c952d0fa9/brick_834718f2a0236b913b3aa14609b34819/brick/ auto.cnf ib_buffer_pool k8sonline server-cert.pem ca-key.pem ibdata1 mysql server-key.pem ca.pem ib_logfile0 performance_schema sys client-cert.pem ib_logfile1 private_key.pem client-key.pem ibtmp1 public_key.pem5.8 关于storageclass资源清单的扩展以上将userkey明文写入配置文件创建storageclass的方式官方推荐将key使用secret保存。 # glusterfs-secret.yaml内容如下 apiVersion: v1 kind: Secret metadata:name: heketi-secretnamespace: default data:# base64 encoded password. E.g.: echo -n mypassword | base64key: TFRTTkd6TlZJOEpjUndZNg type: kubernetes.io/glusterfs# storageclass-glusterfs.yaml内容修改如下 apiVersion: storage.k8s.io/v1beta1 kind: StorageClass metadata:name: glusterfs provisioner: kubernetes.io/glusterfs parameters:resturl: http://192.168.10.11:18080clusterid: dd456dbc15f1206e980fdb5345117085restauthenabled: truerestuser: adminsecretNamespace: defaultsecretName: heketi-secret#restuserkey: adminkeygidMin: 40000gidMax: 50000volumetype: replicate:25.9 FAQ 问题 heketi有些卷明明存在但是却删不了直接删除heketi存储目录/var/lib/heketi/ 下的mounts/文件夹然后 heketi.db 清空db文件重新来Can’t initialize physical volume “/dev/sdb1” of volume group “vg1” without –ff 这是因为没有卸载之前的vg和pv,使用命令vgremove,pvremove依次删除卷组逻辑卷即可

查看全文

http://www.pierceye.com/news/456441/