自動建立PVC
阿新 • • 發佈:2020-08-05
1. 搭建NFS服務
192.168.31.200
1.1 安裝 nfs-utils
yum install nfs-utils -y
systemctl start rpcbind &&systemctl enable rpcbind
systemctl start nfs && systemctl enable nfs
1.2 建立nfs儲存目錄
echo "/data/kubernetes/ *(rw,no_root_squash,no_all_squash,sync)" >/etc/exports
exportfs -r
1.3 檢視nfs掛載
exportfs -v
/data/kubernetes
<world>(sync,wdelay,hide,no_subtree_check,sec=sys,rw,secure,no_root_squash,no_all_squash)
1.5 使得配置生效
showmount -e
Export list for hdss200.host.com:
/data/kubernetes *
如果出現報錯 clnt_create: RPC: Program not registered
systemctl stop rpcbind systemctl stop nfs systemctl start rpcbind systemctl start nfs
2. 在master上建立PV
192.168.31.37
2.1 建立rbac
- rbac.yaml
apiVersion: v1 kind: ServiceAccount metadata: name: nfs-client-provisioner namespace: kube-system --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: name: nfs-client-provisioner-runner rules: - apiGroups: [""] resources: ["persistentvolumes"] verbs: ["get", "list", "watch", "create", "delete"] - apiGroups: [""] resources: ["persistentvolumeclaims"] verbs: ["get", "list", "watch", "update"] - apiGroups: ["storage.k8s.io"] resources: ["storageclasses"] verbs: ["get", "list", "watch"] - apiGroups: [""] resources: ["events"] verbs: ["watch", "create", "update", "patch"] # - apiGroups: [""] # resources: ["services", "endpoints"] # verbs: ["get","create","list", "watch","update"] # - apiGroups: ["extensions"] # resources: ["podsecuritypolicies"] # resourceNames: ["nfs-provisioner"] # verbs: ["use"] --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: run-nfs-client-provisioner subjects: - kind: ServiceAccount name: nfs-client-provisioner namespace: kube-system roleRef: kind: ClusterRole name: nfs-client-provisioner-runner apiGroup: rbac.authorization.k8s.io --- kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata: name: leader-locking-nfs-client-provisioner namespace: kube-system rules: - apiGroups: [""] resources: [ "endpoints"] verbs: ["get", "list", "watch", "create", "update", "patch"] --- kind: RoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: leader-locking-nfs-client-provisioner namespace: kube-system subjects: - kind: ServiceAccount name: nfs-client-provisioner namespace: kube-system roleRef: kind: Role name: leader-locking-nfs-client-provisioner apiGroup: rbac.authorization.k8s.io
kubectl apply -f rbac.yaml
2.2建立sc
- storageclass.yaml
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: 200-nfs-storage
provisioner: 200-nfs-provisioner #這裡要和第三個nfs-client-provisioner的env環境變數中的value值對應。
reclaimPolicy: Retain
3、建立PVC,繫結PV
3.1 建立nfs-client-provisioner容器
- deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nfs-client-provisioner
namespace: kube-system
spec:
replicas: 1 #副本數量為1
strategy:
type: Recreate
selector:
matchLabels:
app: nfs-client-provisioner
template:
metadata:
labels:
app: nfs-client-provisioner
spec:
serviceAccount: nfs-client-provisioner #指定賬戶
containers:
- name: nfs-client-provisioner
image: harbor.od.com/public/nfs-client-provisioner:latest #使用的是這個映象
volumeMounts:
- name: nfs-client-root
mountPath: /persistentvolumes #指定容器內的掛載目錄
env:
- name: PROVISIONER_NAME #這是這個容器內建的變數
value: 200-nfs-provisioner #這是上面變數的值(名字)
- name: NFS_SERVER #內建變數,用於指定nfs服務的IP
value: 192.168.31.200
- name: NFS_PATH #內建變數,指定的是nfs共享的目錄
value: /data/kubernetes
volumes: #這下面是指定上面掛載到容器內的nfs的路徑及IP
- name: nfs-client-root
nfs:
server: 192.168.31.200
path: /data/kubernetes
3.2 建立pvc
- test-pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: test-nginx-pvc
namespace: ingress-nginx
spec:
storageClassName: 200-nfs-storage #定義儲存類的名字,要和SC的名字對應
accessModes:
- ReadWriteMany #訪問模式為RWM
resources:
requests:
storage: 500Mi
4. 建立nginx
- nginx-configmap.yaml
---
apiVersion: v1
data:
default.conf: |
server {
listen 8012;
server_name localhost;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
}
mime.types: |
types {
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;
text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;
image/png png;
image/svg+xml svg svgz;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/webp webp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
font/woff woff;
font/woff2 woff2;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.oasis.opendocument.graphics odg;
application/vnd.oasis.opendocument.presentation odp;
application/vnd.oasis.opendocument.spreadsheet ods;
application/vnd.oasis.opendocument.text odt;
application/vnd.openxmlformats-officedocument.presentationml.presentation
pptx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
xlsx;
application/vnd.openxmlformats-officedocument.wordprocessingml.document
docx;
application/vnd.wap.wmlc wmlc;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xspf+xml xspf;
application/zip zip;
application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;
audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;
video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
}
nginx.conf: |
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
kind: ConfigMap
metadata:
name: test-nginx
- nginx-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: test-nginx
namespace: ingress-nginx
labels:
k8s-app: test-nginx
spec:
replicas: 1
selector:
matchLabels:
k8s-app: test-nginx
template:
metadata:
labels:
k8s-app: test-nginx
spec:
containers:
- image: 'harbor.od.com/public/nginx:1.16.1'
imagePullPolicy: IfNotPresent
name: test-nginx
ports:
- containerPort: 8012
hostPort: 8012
protocol: TCP
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/nginx
name: config-volume
- mountPath: /usr/share/nginx/html/
name: test-volume
dnsPolicy: ClusterFirst
nodeSelector:
app-group: test
restartPolicy: Always
schedulerName: default-scheduler
terminationGracePeriodSeconds: 30
volumes:
- configMap:
defaultMode: 420
items:
- key: nginx.conf
path: nginx.conf
- key: mime.types
path: mime.types
- key: default.conf
path: conf.d/default.conf
name: test-nginx
name: config-volume
- name: test-volume
persistentVolumeClaim:
claimName: test-nginx-pvc
5. 在nfs伺服器上寫 index.html
cd /data/kubernetes/
cd ingress-nginx-test-nginx-pvc-pvc-5054b549-cdb1-4e9a-a87e-10e3de7f5dd7/
echo 'test' > index.html
6. 訪問 nginx
- 找到nginx的pod的ip地址
kubectl get pods -n ingress-nginx -owide |grep test-nginx
- 訪問nginx
curl 172.16.236.255:8012