nfs 搭建以及在k8s中的应用

作者: Jayce_xi | 来源:发表于2019-09-23 16:49 被阅读0次

1. 如何搭建nfs服务

#master节点安装nfs
yum -y install nfs-utils

#创建nfs目录
mkdir -p /nfs/data/

#修改权限
chmod -R 777 /nfs/data

#编辑export文件
vim /etc/exports
/nfs/data *(rw,no_root_squash,sync)

#配置生效
exportfs -r
#查看生效
exportfs

#启动rpcbind、nfs服务
systemctl restart rpcbind && systemctl enable rpcbind
systemctl restart nfs && systemctl enable nfs

#查看 RPC 服务的注册状况
rpcinfo -p localhost

#showmount测试
showmount -e 192.168.92.56

#所有node节点安装客户端
yum -y install nfs-utils
systemctl start nfs && systemctl enable nfs

作为准备工作，我们已经在 k8s-master 节点上搭建了一个 NFS 服务器，目录为 /nfs/data.

修改默认storageclass:

 kubectl patch storageclass <your-class-name> -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'

# nfs环境搭建报错clnt_create: RPC: Program not registered

命令：(注意先启动rpc)

rpcbind restart
nfs restart

2. 部署存储供应卷

根据PVC的请求, 动态创建PV存储.

[root@bogon statefulset]# cat deployment-nfs.yaml 
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
  name: nfs-client-provisioner
spec:
  replicas: 1
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: nfs-client-provisioner
    spec:
      serviceAccount: nfs-provisioner
      containers:
        - name: nfs-client-provisioner
          image: registry.cn-hangzhou.aliyuncs.com/open-ali/nfs-client-provisioner
          volumeMounts:
            - name: nfs-client-root
              mountPath: /persistentvolumes
          env:
            - name: PROVISIONER_NAME
              value: fuseim.pri/ifs
            - name: NFS_SERVER
              value: 192.168.64.136
            - name: NFS_PATH
              value: /nfs/data
      volumes:
        - name: nfs-client-root
          nfs:
            server: 192.168.1.136
            path: /nfs/data

创建服务

[root@bogon statefulset]# kubectl create -f deployment-nfs.yaml
[root@bogon statefulset]# kubectl get deployment
NAME                     DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
nfs-client-provisioner   1         1         1            1           36m

3. 部署storageclass

[root@bogon statefulset]# cat storageclass-nfs.yaml 
apiVersion: storage.k8s.io/v1beta1
kind: StorageClass
metadata:
  name: managed-nfs-storage 
provisioner: fuseim.pri/ifs

创建

[root@bogon statefulset]# kubectl create -f storageclass-nfs.yaml
[root@bogon statefulset]# kubectl get storageclass 
NAME                  PROVISIONER      AGE
managed-nfs-storage   fuseim.pri/ifs   36m

4.构建权限体系

创建 serviceaccount

[root@bogon statefulset]# cat serviceaccount.yaml 
apiVersion: v1
kind: ServiceAccount
metadata:
  name: nfs-provisioner

创建 role

[root@bogon statefulset]# cat clusterrole.yaml 
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: nfs-provisioner-runner
rules:
  - apiGroups: [""]
    resources: ["persistentvolumes"]
    verbs: ["get", "list", "watch", "create", "delete"]
  - apiGroups: [""]
    resources: ["persistentvolumeclaims"]
    verbs: ["get", "list", "watch", "update"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["storageclasses"]
    verbs: ["get", "list", "watch"]
  - apiGroups: [""]
    resources: ["events"]
    verbs: ["watch", "create", "update", "patch"]
  - apiGroups: [""]
    resources: ["services", "endpoints"]
    verbs: ["get"]
  - apiGroups: ["extensions"]
    resources: ["podsecuritypolicies"]
    resourceNames: ["nfs-provisioner"]
    verbs: ["use"]

创建：账户和角色绑定

[root@bogon statefulset]# cat clusterrolebinding.yaml 
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: run-nfs-provisioner
subjects:
  - kind: ServiceAccount
    name: nfs-provisioner
    namespace: default
roleRef:
  kind: ClusterRole
  name: nfs-provisioner-runner
  apiGroup: rbac.authorization.k8s.io

创建：

kubectl create -f serviceaccount.yaml -f clusterrole.yaml -f clusterrolebinding.yaml

5.创建测试

[root@bogon statefulset]# cat statefulset-nfs.yaml 
apiVersion: apps/v1beta1
kind: StatefulSet
metadata:
  name: web
spec:
  serviceName: "nginx1"
  replicas: 1
  volumeClaimTemplates:
  - metadata:
      name: test 
      annotations:
        volume.beta.kubernetes.io/storage-class: "managed-nfs-storage"
    spec:
      accessModes: [ "ReadWriteOnce" ]
      resources:
        requests:
          storage: 2Gi 
  template:
    metadata:
     labels:
       app: nginx1
    spec:
     serviceAccount: nfs-provisioner
     containers:
     - name: nginx1
       image: nginx:1.7.9
       volumeMounts:
       - mountPath: "/mnt"
         name: test

创建：

$ kubectl create -f statefulset-nfs.yaml

查看生成的pv,pvc,storageclass, deployment.

kubectl get pv
kubectl get pvc
kubectl get sc
kubectl get deploy

6. 参考文章

nfs 和k8s使用参考文章
 https://www.jianshu.com/p/284c999d5717
https://www.cnblogs.com/cuishuai/p/9152277.html
https://www.cnblogs.com/DaweiJ/articles/9131762.html
https://yq.aliyun.com/articles/613036
改变默认storageclass

mount -t nfs 172.16.0.158:/srv /nfs

网友评论

本文标题：nfs 搭建以及在k8s中的应用

本文链接：https://www.haomeiwen.com/subject/skrjuctx.html

延伸阅读

深度阅读

您也可以注册成为美文阅读网的作者，发表您的原创作品、分享您的心情！