听闻少年二字,当与平庸相斥。这篇文章主要讲述在kubernetes中使用nfs-provisioner动态存储卷相关的知识,希望能为你提供帮助。
【在kubernetes中使用nfs-provisioner动态存储卷】
1.安装配置nfs-server端在使用nfs-provisioner以前,需要先完成nfs server的配置。
此处服务器的环境为:
操作系统:CentOS Linux release 7.6.1810 (Core)
IP地址:192.168.45.200
共享目录路径:/data/nfs_provisioner
1.1
通过yum安装nfs server端
yum -y install nfs-utils
1.2 启动服务和设置开机启动
systemctl enable nfs-server --now
#启动nfs-server,并加入开机启动
systemctl status nfs-server
#查看nfs server是否已经正常启动
1.3 编辑配置文件,设置共享目录
vim /etc/exports
/data/nfs_provisioner 192.168.45.0/24(rw,no_root_squash)
exportfs -arv
#不用重启nfs服务,配置文件就会生效
用于配置NFS服务程序配置文件的参数:
参数 | 作用 |
ro | 只读 |
rw | 读写 |
root_squash | 当NFS客户端以root管理员访问时,映射为NFS服务器的匿名用户 |
no_root_squash | 当NFS客户端以root管理员访问时,映射为NFS服务器的root管理员 |
all_squash | 无论NFS客户端使用什么账户访问,均映射为NFS服务器的匿名用户 |
sync | 同时将数据写入到内存与硬盘中,保证不丢失数据 |
async | 优先将数据保存到内存,然后再写入硬盘;这样效率更高,但可能会丢失数据 |
客户端需要安装nfs-utils,否则将无法进行nfs的挂载
showmount -e 192.168.45.200
#查看nfs-server共享的目录
mkdir /nfs_data
#本地创建一个目录作为挂载点
mount-t nfs 192.168.45.200:/data/nfs_provisioner /nfs_data
#将nfs-server的共享目录挂载到本地
#通过df -Th
2. 部署nfs-provisioner2.1 创建ServiceAccount
cat nfs-sa.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: nfs-provisioner
kubectl apply -f nfs-sa.yaml
2.2 创建RBAC授权
cat nfs-rabc.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: nfs-provisioner-rbac
rules:
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "create", "delete"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list", "watch", "update"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["events"]
verbs: ["create", "update", "patch"]
- apiGroups: [""]
resources: ["services", "endpoints"]
verbs: ["get"]
- apiGroups: ["extensions"]
resources: ["podsecuritypolicies"]
resourceNames: ["nfs-provisioner"]
verbs: ["use"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: nfs-provisioner
subjects:
- kind: ServiceAccount
name: nfs-provisioner
namespace: jenkins
roleRef:
kind: ClusterRole
name: nfs-provisioner-rbac
apiGroup: rbac.authorization.k8s.io
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: leader-locking-nfs-provisioner
rules:
- apiGroups: [""]
resources: ["endpoints"]
verbs: ["get", "list", "watch", "create", "update", "patch"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: leader-locking-nfs-provisioner
subjects:
- kind: ServiceAccount
name: nfs-provisioner
namespace: default
roleRef:
kind: Role
name: leader-locking-nfs-provisioner
apiGroup: rbac.authorization.k8s.io
kubectl apply -f nfs-rabc.yaml
2.3 把nfs-provisioner配置成一个deployment服务
cat nfs-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nfs-provisioner
spec:
selector:
matchLabels:
app: nfs-provisioner
replicas: 1
strategy:
type: Recreate
template:
metadata:
labels:
app: nfs-provisioner
spec:
serviceAccount: nfs-provisioner
containers:
- name: nfs-provisioner
image: registry.cn-hangzhou.aliyuncs.com/open-ali/xianchao/nfs-client-provisioner:v1
imagePullPolicy推荐阅读
- Spring认证指南(了解如何使用 Spring 执行表单验证)
- #yyds干货盘点# SAP UI5 batch 请求的响应解析流程分析
- 精简指令集计算机
- 编程语言(JavaC++)先学那个好()
- 兄弟们-加油加油加油,不要放弃!linux命令chmodchown奉上!点赞收藏加关注爱你们哟!
- 百度手机助手存储资源优化实践
- 第九节:SpringBoot在线文档Swagger2入门
- 北亚数据恢复HP P2000服务器RAID5硬盘磁头损坏和逻辑故障的数据恢复
- 简单的JS鸿蒙小游戏——垃圾分类(下)