学向勤中得,萤窗万卷书。这篇文章主要讲述[kubernetes]持久化存储之StorageClass相关的知识,希望能为你提供帮助。
熟悉了PV/PVC之后,我们知道PV和PVC是一一对应的,一旦PV被一个PVC关联之后,PV就不能被其他的PVC关联了。从这里可以看出,我们每使用一次PVC就要创建一次PV,有没有好的办法简化一些呢?有,那就是StorageClass(SC),SC就好像是帮我们提供了一个存储池,当我们在这个存储池上创建PVC的时候,会自动创建PV,而且一个SC可以对应多个PVC,也就是说我们创建了一个SC后,就可以直接创建PVC了,不用再单独创建PV。
在用户视图上就变成了这样:
但实际上是这样的:
?01
创建StorageClass?
因为StorageClass可以实现自动配置,所以使用StorageClass之前,我们需要先安装存储驱动的自动配置程序,而这个配置程序必须拥有一定的权限去访问我们的kubernetes集群(类似dashboard一样,必须有权限访问各种api,才能实现管理)。
【[kubernetes]持久化存储之StorageClass】
1)创建rbac
cat rbac.yaml
apiVersion: v1
kind: ServiceAccount# 创建一个用户
metadata:
name: nfs-client-provisioner
namespace: kube-system
---
kind: ClusterRole# 创建一个集群角色
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: nfs-client-provisioner-runner
rules:# 角色权限
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "create", "delete"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list", "watch", "update"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["events"]
verbs: ["list", "watch", "create", "update", "patch"]
- apiGroups: [""]
resources: ["endpoints"]
verbs: ["get", "list", "watch", "create", "update", "patch"]
---
kind: ClusterRoleBinding# 将用户绑定到集群角色中
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: run-nfs-client-provisioner
subjects:
- kind: ServiceAccount
name: nfs-client-provisioner
namespace: kube-system
roleRef:
kind: ClusterRole
name: nfs-client-provisioner-runner
apiGroup: rbac.authorization.k8s.io
# 应用
[root@host21 sc]# kubectl apply -f rbac.yaml
serviceaccount/nfs-client-provisioner created
clusterrole.rbac.authorization.k8s.io/nfs-client-provisioner-runner created
clusterrolebinding.rbac.authorization.k8s.io/run-nfs-client-provisioner created
2)创建自动配置程序 -- nfs-provisioner
[root@host21 sc]# cat dp.yaml
kind: Deployment
apiVersion: apps/v1
metadata:
name: nfs-provisioner-01
namespace: kube-system
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: nfs-provisioner-01
template:
metadata:
labels:
app: nfs-provisioner-01
spec:
serviceAccountName: nfs-client-provisioner# 用户名
containers:
- name: nfs-client-provisioner
image: harbor.od.com/public/nfs-client-provisioner:latest
imagePullPolicy: IfNotPresent
volumeMounts:
- name: nfs-client-root
mountPath: /persistentvolumes
env:# 定义环境变量
- name: PROVISIONER_NAME
value: nfs-provisioner-01# 此处供应者名字供storageclass调用
- name: NFS_SERVER
value: host200# 填入NFS的地址
- name: NFS_PATH
value: /data/nfs-volume/sc-pool# 填入NFS挂载的目录
volumes:
- name: nfs-client-root
nfs:
server: host200# 填入NFS的地址
path: /data/nfs-volume/sc-pool# 填入NFS挂载的目录
# 应用
[root@host21 sc]# kubectl apply -f dp.yaml
deployment.apps/nfs-provisioner-01 created
# 查看
[root@host21 sc]# kubectl get pod -n kube-system | grep nfs
nfs-provisioner-01-684f9b4798-lzbhv1/1Running03m9s
3)配置StorageClass
[root@host21 sc]# cat sc.yaml
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: nfs-sc-pool
provisioner: nfs-provisioner-01# 这里的名字要和dp里面定义的名字一样
# Supported policies: Delete、 Retain , default is Delete
reclaimPolicy: Retain
# 应用
[root@host21 sc]# kubectl apply -f sc.yaml
storageclass.storage.k8s.io/nfs-sc-pool created
# 查看
[root@host21 sc]# kubectl get sc
NAMEPROVISIONERAGE
nfs-sc-poolnfs-provisioner-0114s
02 测试
1)创建PVC
# pvc.yaml
[root@host21 sc]# cat pvc.yaml
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: pvc01-sc-pool
spec:
storageClassName: nfs-sc-pool# 指定storageclass
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Mi
# 应用
[root@host21 sc]# kubectl apply -f pvc.yaml
persistentvolumeclaim/pvc01-sc-pool created
# 查看pvc
[root@host21 sc]# kubectl get pvc
NAMESTATUSVOLUMECAPACITYACCESS MODESSTORAGECLASSAGE
pvc01-sc-poolBoundpvc-e6d1021e-0db8-4dee-8149-4229c272e2031MiRWXnfs-sc-pool5s
# 查看pv
[root@host21 sc]# kubectl get pv
NAMECAPACITYACCESS MODESRECLAIM POLICYSTATUSCLAIMSTORAGECLASSREASONAGE
pvc-e6d1021e-0db8-4dee-8149-4229c272e2031MiRWXRetainBounddefault/pvc01-sc-poolnfs-sc-pool8s
通过上面可以看出我们创建了storageclass之后,就可以不用创建pv而直接创建pvc了。
2)查看pv
[root@host21 sc]# kubectl describe pv pvc-e6d1021e-0db8-4dee-8149-4229c272e203
Name:pvc-e6d1021e-0db8-4dee-8149-4229c272e203
Labels:<
none>
Annotations:pv.kubernetes.io/provisioned-by: nfs-provisioner-01
Finalizers:[kubernetes.io/pv-protection]
StorageClass:nfs-sc-pool
Status:Bound
Claim:default/pvc01-sc-pool
Reclaim Policy:Retain
Access Modes:RWX
VolumeMode:Filesystem
Capacity:1Mi
Node Affinity:<
none>
Message:
Source:
Type:NFS (an NFS mount that lasts the lifetime of a pod)
Server:host200
Path:/data/nfs-volume/sc-pool/default-pvc01-sc-pool-pvc-e6d1021e-0db8-4dee-8149-4229c272e203
ReadOnly:false
Events:<
none>
可以看到,pv自动被自动创建后,还在nfs目录中自动创建了一个和pv名称一样的目录给该pv使用,这样我们就不用担心数据乱了。
3)生产应用
[root@host21 sc]# cat nginx.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: nginx
name: nginx
spec:
replicas: 1
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- image: nginx
name: nginx
volumeMounts:# 我们这里将nginx容器默认的页面目录挂载
- name: nginx-html
mountPath: "/usr/share/nginx/html"
volumes:
- name: nginx-html
persistentVolumeClaim:
claimName: nginx-html-pvc# 要和下面的pvc名称一样
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: nginx-html-pvc# pvc名称
spec:
storageClassName: nfs-sc-pool
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Mi
# 应用
[root@host21 sc]# kubectl apply -f nginx.yaml
deployment.apps/nginx created
# 验证
[root@host21 sc]# kubectl get pod
NAMEREADYSTATUSRESTARTSAGE
nginx-b7db77fbb-b2mln1/1Running06m3s
[root@host21 sc]#kubectl get pv
NAMECAPACITYACCESS MODESRECLAIM POLICYSTATUSCLAIMSTORAGECLASSREASONAGE
pvc-3755c46c-34ee-452b-971a-d562511199d71MiRWXRetainBounddefault/nfs-nginx-pvcnfs-sc-pool6m6s
pvc-60d11564-9713-4d3a-88a5-f9955685bdb51MiRWXRetainBounddefault/nginx-html-pvcnfs-sc-pool4m49s
pvc-e6d1021e-0db8-4dee-8149-4229c272e2031MiRWXRetainBounddefault/pvc01-sc-poolnfs-sc-pool28m
[root@host21 sc]# kubectl get pvc
NAMESTATUSVOLUMECAPACITYACCESS MODESSTORAGECLASSAGE
nfs-nginx-pvcBoundpvc-3755c46c-34ee-452b-971a-d562511199d71MiRWXnfs-sc-pool6m8s
nginx-html-pvcBoundpvc-60d11564-9713-4d3a-88a5-f9955685bdb51MiRWXnfs-sc-pool4m52s
pvc01-sc-poolBoundpvc-e6d1021e-0db8-4dee-8149-4229c272e2031MiRWXnfs-sc-pool28m
推荐阅读
- IT商业大战2
- 这10个程序员的好习惯,让我变强了
- Hive安装配置
- Napping靶机测试记录
- # yyds干货盘点 # 盘点一道Pandas中分组聚合groupby()函数用法的基础题
- 手摸手告诉 UI 妹子数据可视化 20 条优化细则切图仔直接收藏
- RT-Thread快速入门-内存池
- JVS开源框架系列(JVS轻应用可以做什么(「含开源地址」))
- 死磕Lambda表达式(Lambda的使用)