内容简介:本文风哥教程参考Linux官方文档、Red Hat Enterprise Linux官方文档、Ansible Automation Platform官方文档、Docker官方文档、Kubernetes官方文档和Podman官方文档等内容,学习交流加群风哥微信: itpux-com详细介绍了相关技术的配置和使用方法。
本文档介绍
风哥提示:
Kubernetes存储解决方案实战案例。
Part01-存储架构
1.1 存储方案选择
[root@k8s-master ~]# cat > /root/storage-solutions.txt << 'EOF' Kubernetes存储方案对比 ==================== 1. 本地存储 - hostPath: 节点本地路径 - local-path: 动态本地存储 - 优点: 性能高,延迟低 - 缺点: 数据不随Pod迁移 2. 网络存储 - NFS: 网络文件系统 - iSCSI: 块存储 - Ceph: 分布式存储 - 优点: 数据持久化,可迁移 - 缺点: 网络延迟 3. 云存储 - AWS EBS - Azure Disk - GCE PD - 优点: 托管服务,高可用 - 缺点: 成本较高 4. 推荐方案 - 开发环境: local-path - 生产环境: Ceph/NFS - 云环境: 云厂商存储 EOF
Part02-NFS存储配置
2.1 部署NFS Provisioner
[root@nfs-server ~]# yum install -y nfs-utils
[root@nfs-server ~]# mkdir -p /data/k8s-storage
[root@nfs-server ~]# chmod 777 /data/k8s-storage
[root@nfs-server ~]# cat > /etc/exports << 'EOF' /data/k8s-storage 192.168.1.0/24(rw,sync,no_root_squash,no_subtree_check) EOF [root@nfs-server ~]# systemctl enable nfs-server --now Created symlink /etc/systemd/system/multi-user.target.wants/nfs-server.service → /usr/lib/systemd/system/nfs-server.service. # 部署NFS Provisioner [root@k8s-master ~]# cat > nfs-provisioner.yaml << 'EOF' apiVersion: v1 kind: ServiceAccount metadata: name: nfs-provisioner namespace: kube-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: nfs-provisioner-runner rules: - apiGroups: [""] resources: ["persistentvolumes"] verbs: ["get", "list", "watch", "create", "delete"] - apiGroups: [""] resources: ["persistentvolumeclaims"] verbs: ["get", "list", "watch", "update"] - apiGroups: ["storage.k8s.io"] resources: ["storageclasses"] verbs: ["get", "list", "watch"] - apiGroups: [""] resources: ["events"] verbs: ["create", "update", "patch"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: run-nfs-provisioner subjects: - kind: ServiceAccount name: nfs-provisioner namespace: kube-system roleRef: kind: ClusterRole name: nfs-provisioner-runner apiGroup: rbac.authorization.k8s.io --- apiVersion: apps/v1 kind: Deployment metadata: name: nfs-provisioner namespace: kube-system spec: replicas: 1 selector: matchLabels: app: nfs-provisioner template: metadata: labels: app: nfs-provisioner spec: serviceAccount: nfs-provisioner containers: - name: nfs-provisioner image: registry.k8s.io/sig-storage/nfs-subdir-external-provisioner:v4.0.2 volumeMounts: - name: nfs-root mountPath: /persistentvolumes env: - name: PROVISIONER_NAME value: nfs.fgedu.net.cn - name: NFS_SERVER value: 192.168.1.100 - name: NFS_PATH value: /data/k8s-storage volumes: - name: nfs-root nfs: server: 192.168.1.100 path: /data/k8s-storage EOF [root@k8s-master ~]# kubectl apply -f nfs-provisioner.yaml serviceaccount/nfs-provisioner created clusterrole.rbfrom PG视频:www.itpux.comac.authorization.k8s.io/nfs-provisioner-runner created clusterrolebinding.rbac.authorization.k8s.io/run-nfs-provisioner created deployment.apps/nfs-provisioner created # 创建StorageClass [root@k8s-master ~]# cat > nfs-storageclass.yaml << 'EOF' apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: name: fgedu-nfs-storage provisioner: nfs.fgedu.更多视频教程www.fgedu.net.cnnet.cn parameters: archiveOnDelete: "true" reclaimPolicy: Retain volumeBindingMode: Immediate EOF [root@k8s-master ~]# kubectl apply -f nfs-storageclass.yaml storageclass.storage.k8s.io/fgedu-nfs-storage created # 设置默认StorageClass [root@k8s-master ~]# kubectl patch storageclass fgedu-nfs-storage -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}' storageclass.storage.k8s.io/fgedu-nfs-storage patched
Part03-动态存储供应
3.1 使用PVC
[root@k8s-master ~]# cat > fgedu-pvc.yaml << 'EOF' apiVersion: v1 kind: PersistentVolumeClaim metadata: name: fgedu-data-pvc namespace: fgedu-prod spec: accessModes: - ReadWriteMany storageClassName: fgedu-nfs-storage resources: requests: storage: 10Gi EOF [root@k8s-master ~]# kubectl apply -f fgedu-pvc.yaml persistentvolumeclaim/fgedu-data-pvc created # 查看PVC状态 [root@k8s-master ~]# kubectl get pvc -n fgedu-prod NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE fgedu-data-pvc Bound pvc-abc123def456-789 10Gi RWX fgedu-nfs-storage 30s # 部署使用PVC的应用 [root@k8s-master ~]# cat > fgedu-app-with-pvc.yaml << 'EOF' apiVersion: apps/v1 kind: Deployment metadata: name: fgedu-app-storage namespace: fgedu-prod spec: replicas: 2 selector: matchLabels: app: fgedu-storage template: metadata: labels: app: fgedu-storage spec: containers: - name: app image: nginx:1.25 ports: - containerPort: 80 volumeMounts: - name: data mountPath: /usr/share/nginx/html/data volumes: - name: data persistentVolumeClaim: claimName: fgedu-data-pvc EOF [root@k8s-master ~]# kubectl apply -f fgedu-app-with-pvc.yaml deployment.apps/fgedu-app-storage created # 验证数据持久化 [root@k8s-master ~]# kubectl exec -it fgedu-app-storage-abc12 -n fgedu-prod -- /bin/sh # echo "Hello from fgedu" > /usr/share/nginx/html/data/test.txt
# cat /usr/share/nginx/html/data/test.txt
Hello from fgedu
# exit
# 删除Pod后数据仍然存在
[root@k8s-master ~]# kubectl delete pod fgedu-app-storage-abc12 -n fgedu-prod
pod “fgedu-app-storage-abc12” deleted
[root@k8s-master ~]# kubectl exec -it fgedu-app-storage-def34 -n fgedu-prod — cat /usr/share/nginx/html/data/test.txt
Hello from fgedu
更多学习教程公众号风哥教程itpux_comPart04-存储扩容与快照
4.1 存储扩容
[root@k8s-master ~]# kubectl patch pvc fgedu-data-pvc -n fgedu-prod -p ‘{“spec”:{“resources”:{“requests”:{“storage”:”20Gi”}}}}’
persistentvolumeclaim/fgedu-data-pvc patched
# 查看扩容状态
[root@k8s-master ~]# kubectl get pvc -n fgedu-prod
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
fgedu-data-pvc Bound pvc-abc123def456-789 20Gi RWX fgedu-nfs-storage 10m
# 创建VolumeSnapshotClass学习交流加群风哥QQ113257174
[root@k8s-master ~]# cat > snapshot-class.yaml << 'EOF'
apiVersion: snapshot.storage.k8s.io/v1
kind: VolumeSnapshotClass
metadata:
name: fgedu-snapshot-class
driver: nfs.fgedu.net.cn
deletionPolicy: Delete
EOF
[root@k8s-master ~]# kubectl apply -f snapshot-class.yaml
volumesnapshotclass.snapshot.storage.k8s.io/fgedu-snapshot-class created
# 创建快照
[root@k8s-master ~]# cat > volume-snapshot.yaml << 'EOF'
apiVersion: snapshot.storage.k8s.io/v1
kind: VolumeSnapshot
metadata:
name: fgedu-data-snapshot
namespace: fgedu-prod
spec:
volumeSnapshotClassName: fgedu-snapshot-class
source:
persistentVolumeClaimName: fgedu-data-pvc
EOF
[root@k8s-master ~]# kubectl apply -f volume-snapshot.yaml
volumesnapshot.snapshot.storage.k8s.io/fgedu-data-snapshot created
# 查看快照状态
[root@k8s-master ~]# kubectl get volumesnapshot -n fgedu-prod
NAME READYTOUSE SOURCEPVC SOURCESNAPSHOTCONTENT RESTORESIZE SNAPSHOTCLASS SNAPSHOTCONTENT CREATIONTIME AGE
fgedu-data-snapshot true fgedu-data-pvc 10Gi fgedu-snapshot-class snapcontent-abc123def456 30s 30s
# 从快照恢复
[root@k8s-master ~]# cat > restore-pvc.yaml << 'EOF'
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: fgedu-data-restored
namespace: fgedu-prod
spec:
accessModes:
- ReadWriteMany
storageClassName: fgedu-nfs-storage
resources:
requests:
storage: 10Gi
dataSource:
name: fgedu-data-snapshot
kind: VolumeSnapshot
apiGroup: snapshot.storage.k8s.io
EOF
[root@k8s-master ~]# kubectl apply -f restore-pvc.yaml
persistentvolumeclaim/fgedu-data-restored created
- 根据场景选择合适的存储方案
- 使用StorageClass实现动态供应
- 配置存储配额控制资源使用
- 定期备份重要数据
- 监控存储使用情况
本文由风哥教程整理发布,仅用于学习测试使用,转载注明出处:http://www.fgedu.net.cn/10327.html
