使用nfs製做動態分配存儲卷

時間 2019-11-12

標籤使用 nfs 製做動態分配存儲欄目 Linux 简体版

原文原文鏈接

參考文獻：https://yq.aliyun.com/articles/613036html

相對於靜態存儲, 動態存儲的優點:nginx

● 管理員無需預先建立大量的PV做爲存儲資源;vim

● 靜態存儲須要用戶申請PVC時保證容量和讀寫類型與預置PV的容量及讀寫類型徹底匹配, 而動態存儲則無需如此.api

首先建立好nfs服務app

一、建立ServiceAccount資源測試

$ vim serviceaccount.yaml

apiVersion: v1
kind: ServiceAccount
metadata:
  name: nfs-provisioner         # serviceaccount名稱，與下文對應
  namespace: testing            # serviceaccount屬於名稱空間級別的資源

二、建立ClusterRole資源阿里雲

$ vim clusterrole.yaml

kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: nfs-provisioner-runner              # clusterrole名稱，clusterrole屬於集羣級別的資源
rules:
  - apiGroups: [""]
    resources: ["persistentvolumes"]
    verbs: ["get", "list", "watch", "create", "delete"]
  - apiGroups: [""]
    resources: ["persistentvolumeclaims"]
    verbs: ["get", "list", "watch", "update"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["storageclasses"]
    verbs: ["get", "list", "watch"]
  - apiGroups: [""]
    resources: ["events"]
    verbs: ["watch", "create", "update", "patch"]
  - apiGroups: [""]
    resources: ["services", "endpoints"]
    verbs: ["get"]
  - apiGroups: ["extensions"]
    resources: ["podsecuritypolicies"]
    resourceNames: ["nfs-provisioner"]
    verbs: ["use"]

三、建立ClusterRoleBinding資源，將clusterrole與serviceaccount兩者綁定spa

$ vim clusterrolebinding.yaml

kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: run-nfs-provisioner               #clusterrolebinding的名稱，後文會使用
subjects:
  - kind: ServiceAccount
    name: nfs-provisioner
    namespace: testing
roleRef:
  kind: ClusterRole
  name: nfs-provisioner-runner
  apiGroup: rbac.authorization.k8s.io

四、建立provisionercode

$ vim deployment-provisioner.yaml 

kind: Deployment
apiVersion: extensions/v1beta1
metadata:
  name: nfs-client-provisioner
  namespace: testing
spec:
  replicas: 1
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: nfs-client-provisioner
    spec:
      serviceAccount: nfs-provisioner
      containers:
        - name: nfs-client-provisioner
          image: registry.cn-hangzhou.aliyuncs.com/open-ali/nfs-client-provisioner                            # 此處使用阿里雲鏡像
          volumeMounts:
            - name: nfs-client-root
              mountPath: /persistentvolumes           #此處寫死
          env:
            - name: PROVISIONER_NAME
              value: fuseim.pri/ifs                        # 此處名稱自定義，需與下文統一
            - name: NFS_SERVER
              value: 192.168.186.81                     # nfs服務主機
            - name: NFS_PATH
              value: /data/nfs                              # nfs共享路徑
      volumes:
        - name: nfs-client-root
          nfs:
            server: 192.168.186.81                    # nfs服務主機
            path: /data/nfs                               # nfs共享路徑

五、建立StorageClass資源server

$ vim storageclass-nfs.yaml

apiVersion: storage.k8s.io/v1beta1
kind: StorageClass
metadata:
  name: managed-nfs-storage          #存儲類的名稱，後文使用
provisioner: fuseim.pri/ifs

六、建立pvc資源

$ vim pvc.yaml

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: test-claim                      #存儲類的名稱
  namespace: testing                  #StorageClass屬於名稱空間級別資源
  annotations:
    volume.beta.kubernetes.io/storage-class: "managed-nfs-storage"   # 此處註解與以前建立的存儲類關聯
spec:
  accessModes:
  - ReadWriteMany
  resources:
    requests:
      storage: 1Mi

七、建立pod資源，測試使用狀況

$ vim pod.yaml

apiVersion: v1
kind: Pod
metadata:
  name: vol-sc-pod
  namespace: testing
spec:
  containers:
  - name: nginx
    image: nginx:1.12-alpine
    volumeMounts:
    - name: html
      mountPath: /usr/share/nginx/html
  - name: alpine
    image: alpine
    volumeMounts:
    - name: html
      mountPath: /html
    command: ["/bin/sh","-c"]
    args:
    - while true; do
        echo $(hostname) $(date) >> /html/index.html;
        sleep 10;
      done
  terminationGracePeriodSeconds: 30
  volumes:
  - name: html
    persistentVolumeClaim:
      claimName: test-claim              # 此處爲pvc的名稱