K8S卷(Volume) 能够解决的问题:
1. 容器出问题 kubelet重建容器,容器内文件会丢失
2. 一个Pod中运行多个容器需要共享文件
使用卷时, 在 .spec.volumes 字段中设置为 Pod 提供的卷,并在 .spec.containers[*].volumeMounts 字段中声明卷在容器中的挂载位置。
节点本地数据卷例如 emptyDir 和 hostPath,可以解决上述问题 2
@ emptyDir卷:一个临时存储卷,与Pod生命周期绑定,Pod被删除卷也会被删除
应用场景: Pod中容器之间数据共享
【例】启动一个Pod,包含两个容器,一个写日志,另一个打印日志
[root@k8s-master ~]# cat test-log-emptydir.yaml
apiVersion: v1
kind: Pod
metadata:
name: test-log-emptydir
spec:
containers:
- name: writelog
image: centos
command: ["bash","-c","for i in {1..60};do echo $i $(date +'%m-%d %H:%M:%S') >> /data/currenttime.log;sleep 1;done"]
volumeMounts:
- name: data
mountPath: /data
- name: printlog
image: centos
command: ["bash","-c","tail -f /data/currenttime.log"]
volumeMounts:
- name: data
mountPath: /data
volumes:
- name: data
emptyDir: {}
[root@k8s-master ~]#创建Pod后可以看到其包含两个容器,目前正在创建(READY 0/2, STATUS ContainerCreating)
[root@k8s-master ~]# kubectl apply -f test-log-emptydir.yaml
pod/test-log-emptydir created
[root@k8s-master ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
test-log-emptydir 0/2 ContainerCreating 0 5s
web-d779974b6-mpmxz 1/1 Running 1 2d
web-d779974b6-n8nnf 1/1 Running 1 2d
web-d779974b6-rc5lz 1/1 Running 1 2d
[root@k8s-master ~]#待Pod状态变为Running后,分别再打开两个窗口进入这两个容器,tail日志,文件是共享的
进入容器 writelog -> kubectl exec -it test-log-emptydir -c writelog -- bash
[root@k8s-master ~]# kubectl exec -it test-log-emptydir -c writelog -- bash
[root@test-log-emptydir /]# tail -f /data/currenttime.log
54 08-27 12:43:42
55 08-27 12:43:43
56 08-27 12:43:44
57 08-27 12:43:45
58 08-27 12:43:46
59 08-27 12:43:47
60 08-27 12:43:48
command terminated with exit code 137
[root@k8s-master ~]#进入容器 printlog -> kubectl exec -it test-log-emptydir -c printlog -- bash,同理(略)
/data这个路径可以在宿主机找到,首先看看Pod起在哪个节点 --> k8s-node1
[root@k8s-master ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
test-log-emptydir 2/2 Running 2 3m19s 10.244.36.104 k8s-node1 <none> <none>
web-d779974b6-mpmxz 1/1 Running 1 2d 10.244.36.97 k8s-node1 <none> <none>
web-d779974b6-n8nnf 1/1 Running 1 2d 10.244.36.103 k8s-node1 <none> <none>
web-d779974b6-rc5lz 1/1 Running 1 2d 10.244.169.179 k8s-node2 <none> <none>
[root@k8s-master ~]#到k8s-node1看看pod ID是什么 --> 392b843e-9334-440f-93ae-6b4bc59352f6
[root@k8s-node1 pods]# docker ps | grep test-log-emptydir
19fa342768e6 centos "bash -c 'for i in {…" 12 seconds ago Up 11 seconds k8s_writelog_test-log-emptydir_default_392b843e-9334-440f-93ae-6b4bc59352f6_3
7ded691b1c7e centos "bash -c 'tail -f /d…" 4 minutes ago Up 4 minutes k8s_printlog_test-log-emptydir_default_392b843e-9334-440f-93ae-6b4bc59352f6_0
3cf737d26911 registry.aliyuncs.com/google_containers/pause:3.2 "/pause" 4 minutes ago Up 4 minutes k8s_POD_test-log-emptydir_default_392b843e-9334-440f-93ae-6b4bc59352f6_0
[root@k8s-node1 pods]#进入 /var/lib/kubelet/pods/392b843e-9334-440f-93ae-6b4bc59352f6/volumes/kubernetes.io~empty-dir,有一个data路径
[root@k8s-node1 pods]# cd /var/lib/kubelet/pods
[root@k8s-node1 pods]# docker ps | grep test-log-emptydir
19fa342768e6 centos "bash -c 'for i in {…" 12 seconds ago Up 11 seconds k8s_writelog_test-log-emptydir_default_392b843e-9334-440f-93ae-6b4bc59352f6_3
7ded691b1c7e centos "bash -c 'tail -f /d…" 4 minutes ago Up 4 minutes k8s_printlog_test-log-emptydir_default_392b843e-9334-440f-93ae-6b4bc59352f6_0
3cf737d26911 registry.aliyuncs.com/google_containers/pause:3.2 "/pause" 4 minutes ago Up 4 minutes k8s_POD_test-log-emptydir_default_392b843e-9334-440f-93ae-6b4bc59352f6_0
[root@k8s-node1 pods]# cd 392b843e-9334-440f-93ae-6b4bc59352f6/
[root@k8s-node1 392b843e-9334-440f-93ae-6b4bc59352f6]# ls
containers etc-hosts plugins volumes
[root@k8s-node1 392b843e-9334-440f-93ae-6b4bc59352f6]# cd volumes/
[root@k8s-node1 volumes]# ls
kubernetes.io~empty-dir kubernetes.io~secret
[root@k8s-node1 volumes]# cd kubernetes.io~empty-dir/
[root@k8s-node1 kubernetes.io~empty-dir]# ls
data
[root@k8s-node1 kubernetes.io~empty-dir]# cd data/
[root@k8s-node1 data]# ls
currenttime.log
[root@k8s-node1 data]# pwd
/var/lib/kubelet/pods/392b843e-9334-440f-93ae-6b4bc59352f6/volumes/kubernetes.io~empty-dir/data
[root@k8s-node1 data]#@ hostPath卷:挂载Node文件系统(Pod所在节点)上路径或文件到Pod中的容器
应用场景:Pod中容器需要访问宿主机路径或文件
【例】将宿主机/var路径挂载到容器中的/data路径
[root@k8s-master ~]# cat test-hostpath.yaml
apiVersion: v1
kind: Pod
metadata:
name: test-hostpath
spec:
containers:
- name: busybox
image: busybox
args:
- /bin/sh
- -c
- sleep 3600
volumeMounts:
- name: data
mountPath: /data
volumes:
- name: data
hostPath:
path: /var
type: Directory
[root@k8s-master ~]#Pod调度到了k8s-node1
[root@k8s-master ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
test-hostpath 1/1 Running 0 2m9s 10.244.36.106 k8s-node1
[root@k8s-master ~]#进入容器的/data路径看看,kubectl exec -it test-hostpath -- sh 可以看出其/data路径下的内容和k8s-node1路径/var下的内容一致。在/data路径创建一个文件,宿主机的/var路径下也能看到
容器 /data
[root@k8s-master ~]# kubectl exec -it test-hostpath -- sh
/ # cd /data
/data # ls
account cache db games kerberos local log nis preserve spool tmp
adm crash empty gopher lib lock mail opt run target yp
/data #
/data # touch fromContainer
/data #
宿主机 /var
[root@k8s-node1 var]# ls
account cache db fromContainer gopher lib lock mail opt run target yp
adm crash empty games kerberos local log nis preserve spool tmp
[root@k8s-node1 var]#