没有公众号建微信网站,wordpress制作简易前台会员中心,学生网页设计主题,宜昌市建设厅官方网站博客原文 文章目录 前言集群环境nfs 环境搭建pod 挂载 nfs架构图 pvc 方式挂载 nfs架构图 storageclass 方式动态申请 pv架构图 参考 前言
持久化卷#xff08;Persistent Volume, PV#xff09;允许用户将外部存储映射到集群#xff0c;而持久化卷申请#xff08;Persist… 博客原文 文章目录 前言集群环境nfs 环境搭建pod 挂载 nfs架构图 pvc 方式挂载 nfs架构图 storageclass 方式动态申请 pv架构图 参考 前言
持久化卷Persistent Volume, PV允许用户将外部存储映射到集群而持久化卷申请Persistent Volume Claim, PVC则类似于许可证使有授权的应用Pod可以使用PV。 持久化卷Persistent VolumePV。 持久化卷申请Persistent Volume ClaimPVC。 存储类Storage ClassSC。
概括地说PV代表的是Kubernetes中的存储PVC就像许可证赋予Pod访问PV的权限sc则使分配过程是动态的。
集群环境
操作系统: Ubuntu 20.04
IPHostname配置192.168.254.130master012C 4G 30G192.168.254.131node012C 4G 30G192.168.254.132node022C 4G 30G192.168.254.133nfs-tools2C 4G 30G
nfs 环境搭建
安装 nfs
sudo apt-get install -y nfs-kernel-server # 安装 NFS服务器端
sudo apt-get install -y nfs-common # 安装 NFS客户端nfs服务器端只在集群中某一台安装即可 创建nfs共享目录
mkdir -p /nfs/share
chmod -R 777 /nfs/share修改配置 vim /etc/exports
# 当登录NFS主机使用共享目录的使用者是root时其权限将被转换成为匿名使用者通常它的UID与GID都会变成nobody身份,添加no_root_squash参数确保root账户能用
/nfs/share *(rw,sync,no_root_squash) # * 表示允许任何网段 IP 的系统访问该 NFS 目录配置生效
exportfs -r
exportfs # 查看生效启动服务
sudo /etc/init.d/nfs-kernel-server restartmount -t nfs 192.168.254.130:/nfs/share /nfsremote -o nolock如果提示 mount.nfs: access denied by server while mounting 在服务器端 /etc/exports中加入insecure 如: /nfs/share *(insecure,rw,sync,no_root_squash) 实例数据
echo hello world /nfs/share/index.htmlpod 挂载 nfs
架构图 pod_nfs.yaml:
apiVersion: v1
kind: Pod
metadata:name: nfs-testpodlabels:app: nfs-testpod
spec:containers:- name: nfs-testpodimage: nginximagePullPolicy: IfNotPresentsecurityContext:privileged: trueports:- containerPort: 80hostPort: 8080 # 将该端口暴露在主机的 8080volumeMounts:- mountPath: /usr/share/nginx/htmlname: datadirrestartPolicy: Alwaysvolumes:- name: datadirnfs:server: 192.168.254.133path: /nfs/share验证结果:
$ k create -f pod_nfs.yaml$ k get po -owide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nfs-testpod 1/1 Running 0 16m 10.244.196.134 node01 none none$ curl node01:8080
hello worldpvc 方式挂载 nfs
架构图 pod_nfs_pv_pvc.yaml:
# pv 分配资源
apiVersion: v1
kind: PersistentVolume
metadata:name: nfs-pv01labels:pv: nfs-pv01
spec:capacity:storage: 1GiaccessModes:- ReadWriteMany# 挂载 nfsnfs:path: /nfs/shareserver: 192.168.254.133
---
# pvc 向一个 pv 去请求资源
apiVersion: v1
kind: PersistentVolumeClaim
metadata:name: nfs-pvc01labels:pv: nfs-pvc01
spec:# 向 pv 请求的存储大小resources:requests:storage: 500MiaccessModes:- ReadWriteMany# 通过 label 选择 pvselector:matchLabels:pv: nfs-pv01
---
apiVersion: v1
kind: Pod
metadata:name: nfs-pv-pvc-podlabels:app: nfs-pv-pvc-pod
spec:containers:- name: nfs-pv-pvc-podimage: nginximagePullPolicy: IfNotPresentports:- containerPort: 80hostPort: 8081 # 暴露 8081 volumeMounts:- mountPath: /usr/share/nginx/htmlname: datadirrestartPolicy: Alwaysvolumes:- name: datadirpersistentVolumeClaim:claimName: nfs-pvc01验证结果:
$ k get po -owide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nfs-pv-pvc-pod 1/1 Running 0 97s 10.244.196.135 node01 none none
nfs-testpod 1/1 Running 0 16m 10.244.196.134 node01 none none$ k get pv
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS VOLUMEATTRIBUTESCLASS REASON AGE
nfs-pv01 1Gi RWX Retain Bound default/nfs-pvc01 unset 8s
$ k get pvc
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS VOLUMEATTRIBUTESCLASS AGE
nfs-pvc01 Bound nfs-pv01 1Gi RWX unset 10s$ curl node01:8081
hello world注意: 1 个 pv 能绑定一个 pvc storageclass 方式动态申请 pv
架构图 sc 要方式动态申请 pv, 需要一个与存储对应的 provisioner, 可以是云服务器的 provisioner. 参考
我们使用的是 nfs, 所以需要 nfs-provisioner
安装 nfs-provisioner
本次使用的是 nfs-provisioner 是 nfs subdir
# 通过 helm 安装, 安装 helm
wget https://get.helm.sh/helm-v3.7.0-linux-amd64.tar.gz
tar zxvf helm-v3.7.0-linux-amd64.tar.gz
mv linux-amd64/helm /usr/local/bin/$ helm repo add nfs-subdir-external-provisioner https://kubernetes-sigs.github.io/nfs-subdir-external-provisioner/
$ helm install nfs-subdir-external-provisioner nfs-subdir-external-provisioner/nfs-subdir-external-provisioner \--set nfs.server192.168.254.133 \--set nfs.path/nfs/share
# 也可以 helm pull nfs-subdir-external-provisioner/nfs-subdir-external-provisioner 后修改 values 的值
# 推荐 helm pull 下来后修改镜像地址 aifeierwithinmkt/nfs-subdir-external-provisioner (无法拉取镜像, 我推到 dockerhub的镜像)
NAME: nfs-subdir-external-provisioner
LAST DEPLOYED: Sun Jan 28 15:39:16 2024
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None# 查看 pod
$ k get po -owide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nfs-pv-pvc-pod 1/1 Running 0 50m 10.244.196.135 node01 none none
nfs-subdir-external-provisioner-f8db66c64-cgpqk 1/1 Running 0 52s 10.244.196.137 node01 none none
nfs-testpod 1/1 Running 0 65m 10.244.196.134 node01 none none# 我们需要从 pod 中获取 provisioner 的地址(pod 的环境变量), 用作 sc 的 provisioner 地址
k describe po nfs-subdir-external-provisioner-f8db66c64-cgpqk | grep PROVISIONER_NAMEpod_nfs_sc_pvc.yaml:
# 构建 storageclass
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:name: nfs-sc
provisioner: cluster.local/nfs-subdir-external-provisioner
mountOptions:- nfsvers4
#parameters:
# server: nfs-server.example.com
# path: /share
# readOnly: false
---
# pvc 向一个 pv 去请求资源
apiVersion: v1
kind: PersistentVolumeClaim
metadata:name: nfs-pvc02labels:pv: nfs-pvc02
spec:# 向 pv 请求的存储大小resources:requests:storage: 500MiaccessModes:- ReadWriteMany# 指定 storageclassstorageClassName: nfs-sc# 通过 label 选择 pv
# selector:
# matchLabels:
# pv: nfs-pv01
---
apiVersion: v1
kind: Pod
metadata:name: nfs-sc-pvc-podlabels:app: nfs-sc-pvc-pod
spec:containers:- name: nfs-sc-pvc-podimage: nginximagePullPolicy: IfNotPresentports:- containerPort: 80hostPort: 8082volumeMounts:- mountPath: /usr/share/nginx/htmlname: datadirrestartPolicy: Alwaysvolumes:- name: datadirpersistentVolumeClaim:claimName: nfs-pvc02验证结果:
$ k get po -owide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nfs-sc-pvc-pod 1/1 Running 0 10s 10.244.196.138 node01 none none$ k get pvc
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS VOLUMEATTRIBUTESCLASS AGE
nfs-pvc02 Bound pvc-7ebac745-38f2-4ea7-8d18-0465f6fdf2d1 500Mi RWX nfs-sc unset 2m4s$ curl node01:8082
hello world参考 https://kubernetes.io/zh-cn/docs/concepts/storage/storage-classes/#nfs
