内容简介:本文风哥教程参考Linux官方文档、Red Hat Enterprise Linux官方文档、Ansible Automation Platform官方文档、Docker官方文档、Kubernetes官方文档和Podman官方文档等内容,详细介绍了相关技术的配置和使用方法。
本
风哥提示:
文档介绍Kubernetes存储方案的配置方法。
Part01-存储概述
1.1 存储类型
[root@k8s-master ~]# cat > /root/k8s-storage.txt << 'EOF' Kubernetes存储方案 ================= 1. 存储类型 - emptyDir: 临时存储 - hostPath: 节点存储 - NFS: 网络存储 - Ceph: 分布式存储 - 云存储: AWS EBS/阿里云盘 2. 存储资源 - PV: 持久卷 - PVC: 持久卷声明 - StorageClass: 存储类 3. 存储模式 - ReadWriteOnce: 单节点读写 - ReadOnlyMany: 多节点只读 - ReadWriteMany: 多节点读写 4. 动态供给 - 自动创建PV - 存储类配置 - 回收策略 EOF
Part02-NFS存储配置
2.1 部署NFS服务
[root@nfs-server ~]# yum install -y nfs-utils
Dependencies resolved.
================================================================================
Package Architecture Version Repository Size
================================================================================
Installing:
nfs-utils x86_64 1:2.5.4-20.el9 baseos 450 k
# 创建共享目录
[root@nfs-server ~]# mkdir -p /data/k8s-storage
[root@nfs-server ~]# chmod 777 /data/k8s-storage
# 配置NFS导出
[root@nfs-server ~]# cat >> /etc/exports << 'EOF'
/data/k8s-storage 192.168.1.0/24(rw,sync,no_root_squash,no_subtree_check)
EOF
# 启动NFS服务
[root@nfs-server ~]# systemctl enable nfs-server --now
Created symlink /etc/systemd/system/multi-user.target.wants/nfs-server.service → /usr/lib/systemd/system/nfs-server.service.
[root@nfs-server ~]# exportfs -av
exporting 192.168.1.0/24:/data/k8s-storage
# 验证导出
[root@nfs-server ~]# showmount -e localhost
Export list for localhost:
/data/k8s-storage 192.168.1.学习交流加群风哥微信: itpux-com0/24
# 在K8s节点安装NFS客户端
[root@k8s-node1 ~]# yum install -y nfs-utils
[root@k8s-node2 ~]# yum install -y nfs-utils
# 部署NFS Provisioner
[root@k8s-master ~]# cat > nfs-provisioner.yaml << 'EOF'
apiVersion: v1
kind: ServiceAccount
metadata:
name: nfs-provisioner
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: nfs-provisioner
rules:
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "create", "delete"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list", "watch", "update"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["events"]
verbs: ["create", "update", "patch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: nfs-provisioner
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: nfs-provisioner
subjects:
- kind: ServiceAccount
name: nfs-provisioner
namespace: kube-system
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: nfs-provisioner
namespace: kube-system
spec:
replicas: 1
selector:
matchLabels:
app: nfs-provisioner
template:
metadata:
labels:
app: nfs-provisioner
spec:
serviceAccountName: nfs-provisioner
containers:
- name: nfs-provisioner
学习交流from PG视频:www.itpux.com加群风哥QQ113257174 image: registry.k8s.io/sig-storage/nfs-subdir-external-provisioner:v4.0.2
volumeMounts:
- name: nfs-root
mountPath: /persistentvolumes
env:
- name: PROVISIONER_NAME
value: nfs.fgedu.net.cn
- name: NFS_SERVER
value: 192.168.1.100
- name: NFS_PATH
value: /data/k8s-storage
volumes:
- name: nfs-root
nfs:
server: 192.168.1.100
path: /data/k8s-storage
EOF
[root@k8s-master ~]# kubectl apply -f nfs-provisioner.yaml
serviceaccount/nfs-provisioner created
clusterrole.rbac.authorization.k8s.io/nfs-provisioner created
clusterrolebinding.rbac.authorization.k8s.io/nfs-provisioner created
deployment.apps/nfs-provisioner created
Part03-StorageClass配置
3.1 创建存储类
[root@k8s-master ~]# cat > fgedu-storageclass.yaml << 'EOF' apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: name: fgedu-nfs-storage provisioner: nfs.fgedu.net.cn parameters: archiveOnDelete: "true" reclaimPolicy: Delete volumeBindingMode: Immediate allowVolumeExpansion: true mountOptions: - hard - nfsvers=4.1 EOF [root@k8s-master ~]# kubectl apply -f fgedu-storageclass.yaml storageclass.更多视频教程www.fgedu.net.cnstorage.k8s.io/fgedu-nfs-storage created # 设置默认StorageClass [root@k8s-master ~]# kubectl patch storageclass fgedu-nfs-storage -p '{"metadata": {"annotations":{"storageclass.ku更多学习教程公众号风哥教程itpux_combernetes.io/is-default-class":"true"}}}' storageclass.storage.k8s.io/fgedu-nfs-storage patched # 查看StorageClass [root@k8s-master ~]# kubectl get storageclass NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE fgedu-nfs-storage (default) nfs.fgedu.net.cn Delete Immediate true 1m # 创建PVC测试 [root@k8s-master ~]# cat > fgedu-pvc-test.yaml << 'EOF' apiVersion: v1 kind: PersistentVolumeClaim metadata: name: fgedu-data-pvc namespace: fgedu-prod spec: accessModes: - ReadWriteMany storageClassName: fgedu-nfs-storage resources: requests: storage: 10Gi EOF [root@k8s-master ~]# kubectl apply -f fgedu-pvc-test.yaml persistentvolumeclaim/fgedu-data-pvc created # 查看PVC状态 [root@k8s-master ~]# kubectl get pvc -n fgedu-prod NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE fgedu-data-pvc Bound pvc-abc123def456789012345678901234 10Gi RWX fgedu-nfs-storage 10s # 查看自动创建的PV [root@k8s-master ~]# kubectl get pv NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS AGE pvc-abc123def456789012345678901234 10Gi RWX Delete Bound fgedu-prod/fgedu-data-pvc fgedu-nfs-storage 30s
Part04-StatefulSet存储
4.1 有状态应用存储
[root@k8s-master ~]# cat > fgedu-statefulset-storage.yaml << 'EOF' apiVersion: apps/v1 kind: StatefulSet metadata: name: fgedu-database namespace: fgedu-prod spec: serviceName: fgedu-database replicas: 3 selector: matchLabels: app: fgedu-database template: metadata: labels: app: fgedu-database spec: containers: - name: mysql image: mysql:8.0 ports: - containerPort: 3306 env: - name: MYSQL_ROOT_PASSWORD valueFrom: secretKeyRef: name: fgedu-db-secret key: root-password - name: MYSQL_DATABASE value: fgedudb volumeMounts: - name: data mountPath: /var/lib/mysql volumeClaimTemplates: - metadata: name: data spec: accessModes: [ "ReadWriteOnce" ] storageClassName: fgedu-nfs-storage resources: requests: storage: 20Gi --- apiVersion: v1 kind: Secret metadata: name: fgedu-db-secret namespace: fgedu-prod type: Opaque stringData: root-password: fgedu123 --- apiVersion: v1 kind: Service metadata: name: fgedu-database namespace: fgedu-prod spec: ports: - port: 3306 targetPort: 3306 clusterIP: None selector: app: fgedu-database EOF [root@k8s-master ~]# kubectl apply -f fgedu-statefulset-storage.yaml statefulset.apps/fgedu-database created secret/fgedu-db-secret created service/fgedu-database created # 查看StatefulSet状态 [root@k8s-master ~]# kubectl get statefulset -n fgedu-prod NAME READY AGE fgedu-database 3/3 2m # 查看Pod状态 [root@k8s-master ~]# kubectl get pods -n fgedu-prod -l app=fgedu-database NAME READY STATUS RESTARTS AGE fgedu-database-0 1/1 Running 0 2m fgedu-database-1 1/1 Running 0 1m fgedu-database-2 1/1 Running 0 30s # 查看PVC [root@k8s-master ~]# kubectl get pvc -n fgedu-prod NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE data-fgedu-database-0 Bound pvc-abc123def456789012345678901234 20Gi RWO fgedu-nfs-storage 2m data-fgedu-database-1 Bound pvc-def456ghi789012345678901234567 20Gi RWO fgedu-nfs-storage 1m data-fgedu-database-2 Bound pvc-ghi789jkl012345678901234567890 20Gi RWO fgedu-nfs-storage 30s fgedu-data-pvc Bound pvc-jkl012mno345678901234567890123 10Gi RWX fgedu-nfs-storage 5m
- 使用StorageClass动态供给
- 配置合理的回收策略
- 为有状态应用使用StatefulSet
- 定期备份重要数据
- 监控存储使用情况
本文由风哥教程整理发布,仅用于学习测试使用,转载注明出处:http://www.fgedu.net.cn/10327.html
