版权声明:本文为博主原创文章,可以转载分享,希望大家相互学习,共同进步 https://blog.csdn.net/shenhonglei1234/article/details/84996515
Kubernetes1.13.0存储NFS -PersistentVolumeClaim
安装配置NFS,请参考上一篇文章:
k8s中ClusterRoleBindings和RoleBindings,创建自定义角色
RBAC使用标准Kubernetes资源配置,用户可以通过绑定(ClusterRoleBindings和RoleBindings)到一组角色(集群角色和角色)。用户启动时没有权限,必须由管理员明确授予访问权限
== 完整yaml== 下载链接:https://pan.baidu.com/s/1ARGRHUTsAs9H9_Bpeyb3RQ 密码:4xap
#自定义角色 nfs-client-provisioner-runner
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: nfs-client-provisioner-runner
rules:
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "create", "delete"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list", "watch", "update"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["events"]
verbs: ["create", "update", "patch"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: run-nfs-client-provisioner
subjects:
- kind: ServiceAccount
name: nfs-client-provisioner
namespace: default
roleRef:
kind: ClusterRole
name: nfs-client-provisioner-runner
apiGroup: rbac.authorization.k8s.io
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: leader-locking-nfs-client-provisioner
rules:
- apiGroups: [""]
resources: ["endpoints"]
verbs: ["get", "list", "watch", "create", "update", "patch"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: leader-locking-nfs-client-provisioner
subjects:
- kind: ServiceAccount
name: nfs-client-provisioner
# replace with namespace where provisioner is deployed
namespace: default
roleRef:
kind: Role
name: leader-locking-nfs-client-provisioner
apiGroup: rbac.authorization.k8s.io
---
k8s中Deployment(nfs-client-provisioner)
1.这个镜像需要下载,配置自己仓库地址image: 10.10.31.205/k8s/nfs-client-provisioner:latest
2.env和volumes的配置信息
apiVersion: v1
kind: ServiceAccount
metadata:
name: nfs-client-provisioner
---
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
name: nfs-client-provisioner
spec:
replicas: 1
strategy:
type: Recreate
template:
metadata:
labels:
app: nfs-client-provisioner
spec:
serviceAccountName: nfs-client-provisioner
containers:
- name: nfs-client-provisioner
image: 10.10.31.205/k8s/nfs-client-provisioner:latest
volumeMounts:
- name: nfs-client-root
mountPath: /persistentvolumes
env:
- name: PROVISIONER_NAME
value: szycloud/nfs1
- name: NFS_SERVER
value: 10.10.31.202
- name: NFS_PATH
value: /data
volumes:
- name: nfs-client-root
nfs:
server: 10.10.31.202
path: /data
---
k8s中StorageClass
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: szy-cloud-nfs-1
provisioner: szycloud/nfs1 # or choose another name, must match deployment's env PROVISIONER_NAME'
parameters:
archiveOnDelete: "false"
示例图片:
注意:nfs服务配置的文件目录要有操作权限
Normal ExternalProvisioning 3s (x18 over 4m18s) persistentvolume-controller waiting for a volume to be created, either by external provisioner “szycloud/nfs1” or manually created by system administrator
[root@test01 data]# ls
default-my-nfs-pvc-d3da6dc3-febe-11e8-8d69-00505681317e
[root@test01 data]# cat /etc/exports
/data/ *(rw,sync,all_squash)
/nfs/prometheus/data/ 10.10.31.0/24(rw,no_root_squash,no_all_squash,sync)
/nfs/grafana/data/ 10.10.31.0/24(rw,no_root_squash,no_all_squash,sync)
[root@test01 data]#
#NFS服务的配置文件 /etc/exports。 这个文件可能不会存在,需要新建
[root@szy-k8s-master /]# cat /etc/exports
/nfs/prometheus/data/ 10.10.31.0/24(rw,no_root_squash,no_all_squash,sync)
#exports中的配置的内容,需要创建下/nfs/prometheus/data/
[root@szy-k8s-master /]# mkdir -p /nfs/prometheus/data/
#修改权限
[root@szy-k8s-master /]# chmod -R 777 /nfs/prometheus/data/
#验证配置的/nfs/prometheus/data/是否正确
[root@szy-k8s-master /]# exportfs -r