nfs-provisioner部署

nfs-provisioner部署

Scroll Down

nfs-client-provisioner 是一个Kubernetes的简易NFS的外部provisioner,本身不提供NFS,需要现有的NFS服务器提供存储
PV以 $
-$-$的命名格式提供(在NFS服务器上)
PV回收的时候以 archieved-$
-$-$ 的命名格式(在NFS服务器上)

搭建nfs

nfs-server:192.168.200.233
nfs-client: 192.168.200.203-210

服务端安装NFS服务步骤:

所有节点安装nfs

[root@nfs ~]# yum -y install nfs-common nfs-utils

nfs-server创建共享目录

[root@nfs ~]# mkdir /storage

授权共享目录

[root@nfs ~]# chmod 666 /storage

编辑exports文件

[root@nfs ~]# cat /etc/exports
/storage 192.168.200.0/24(rw,no_root_squash,no_all_squash,sync)

重新加载NFS服务,使配置文件生效

[root@nfs ~]# systemctl reload nfs

启动rpc和nfs(注意顺序)

[root@nfs ~]# systemctl start rpcbind
[root@nfs ~]# systemctl start nfs

作为准备工作,我们已经在nfs-server节点上搭建了一个 NFS 服务器,目录为 /storage:

[root@nfs storage]# showmount -e
Export list for nfs:
/storage 192.168.200.0/24

NFS客户端挂载配置

使用showmount命令查看nfs服务器共享信息。输出格式为“共享的目录名称 允许使用客户端地址

[root@k8s01 nfs-provisioner]# showmount -e 192.168.200.233
Export list for 192.168.200.233:
/storage 192.168.200.0/24

showmount命令的用法
|参数| 作用|
|-------|-------|
|-e|显示NFS服务器的共享列表|
|-a|显示本机挂载的文件资源的情况NFS资源的情况|
|-v|显示版本号|

nfs-provisionerd搭建

[root@k8s01 ~]# kubectl apply -f rbac.yaml
[root@k8s01 ~]# kubectl apply -f serviceaccount.yaml
[root@k8s01 ~]# kubectl apply -f storageclass.yaml
[root@k8s01 ~]# kubectl apply -f deployment.yaml
[root@k8s01 ~]# kubectl apply -f test-claim.yaml
[root@k8s01 ~]# kubectl get po
NAME                               READY   STATUS    RESTARTS   AGE
nfs-provisioner-754bf9844c-gwnkl   1/1     Running   0          38h

[root@k8s01 ~]# kubectl get sc
NAME                            PROVISIONER       AGE
managed-nfs-storage (default)   nfs-storage-231   71d

[root@k8s01 ~]# kubectl get pvc
NAME          STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS          AGE
test-claim1   Bound    pvc-66818619-daca-406a-ac29-cd7a58bc22f7   1Gi        RWX            managed-nfs-storage   3s

yaml文件如下

[root@k8s01 nfs-provisioner]# cat rbac.yaml
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: nfs-provisioner-runner
rules:
  - apiGroups: [""]
    resources: ["persistentvolumes"]
    verbs: ["get", "list", "watch", "create", "delete"]
  - apiGroups: [""]
    resources: ["persistentvolumeclaims"]
    verbs: ["get", "list", "watch", "update"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["storageclasses"]
    verbs: ["get", "list", "watch"]
  - apiGroups: [""]
    resources: ["events"]
    verbs: ["create", "update", "patch"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: run-nfs-provisioner
subjects:
  - kind: ServiceAccount
    name: nfs-provisioner
    namespace: default
roleRef:
  kind: ClusterRole
  name: nfs-provisioner-runner
  apiGroup: rbac.authorization.k8s.io
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: leader-locking-nfs-provisioner
rules:
  - apiGroups: [""]
    resources: ["endpoints"]
    verbs: ["get", "list", "watch", "create", "update", "patch"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: leader-locking-nfs-provisioner
subjects:
  - kind: ServiceAccount
    name: nfs-provisioner
    # replace with namespace where provisioner is deployed
    namespace: default
roleRef:
  kind: Role
  name: leader-locking-nfs-provisioner
  apiGroup: rbac.authorization.k8s.io
[root@k8s01 nfs-provisioner]# cat deployment.yaml
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
  name: nfs-provisioner
spec:
  replicas: 1
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: nfs-provisioner
    spec:
      serviceAccount: nfs-provisioner
      containers:
        - name: nfs-provisioner
          image: registry.cn-hangzhou.aliyuncs.com/open-ali/nfs-client-provisioner
          imagePullPolicy: IfNotPresent
          volumeMounts:
            - name: nfs-client-root
              mountPath: /persistentvolumes
          env:
            - name: PROVISIONER_NAME
              value: nfs-storage-231
            - name: NFS_SERVER
              value: 192.168.200.233
            - name: NFS_PATH
              value: /storage
      volumes:
        - name: nfs-client-root
          nfs:
            server: 192.168.200.233
            path: /storage
[root@k8s01 nfs-provisioner]# cat serviceaccount.yaml 
apiVersion: v1
kind: ServiceAccount
metadata:
  name: nfs-provisioner
[root@k8s01 nfs-provisioner]# cat storageclass.yaml
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: managed-nfs-storage
  annotations:
    storageclass.kubernetes.io/is-default-class: "true"
provisioner: nfs-storage-231
#测试动态创建pvc
[root@k8s01 nfs-provisioner]# cat test-claim.yaml
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: test-claim1
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 1Gi
  storageClassName: managed-nfs-storage