部署NFS
安装nfs套件
yum -y install nfs-utils
配置nfs路径
mkdir /home/nfs
chmod 777 /home/nfs
配置
vim /etc/exports
/home/nfs 192.168.31.10/24(rw)
启动
systemctl start nfs-server && systemctl enable nfs-server
看下111端口起来没?
[root@node1 k8s_nfs]# netstat -tnlp|grep 111
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 44466/rpcbind
tcp6 0 0 :::111 :::* LISTEN 44466/rpcbind
起来了~
挂载个目录试试~
mount -t nfs 192.168.31.10:/home/nfs /home/test
echo "hello" > /home/test/a.txt
cat /home/nfs/a.txt
没啥问题了
然后就是搞k8s的了
nfs sc动态存储怎么搞?
先配置rbac
apiVersion: v1
kind: ServiceAccount
metadata:
name: nfs-client-provisioner-one
namespace: nfs
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: nfs-client-provisioner-one-runner
rules:
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "create", "delete"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list", "watch", "update"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["events"]
verbs: ["create", "update", "patch"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: run-nfs-client-provisioner-one
subjects:
- kind: ServiceAccount
name: nfs-client-provisioner-one
namespace: nfs
roleRef:
kind: ClusterRole
name: nfs-client-provisioner-one-runner
apiGroup: rbac.authorization.k8s.io
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: leader-locking-nfs-client-provisioner-one
# replace with namespace where provisioner is deployed
namespace: nfs
rules:
- apiGroups: [""]
resources: ["endpoints"]
verbs: ["get", "list", "watch", "create", "update", "patch"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: leader-locking-nfs-client-provisioner-one
# replace with namespace where provisioner is deployed
namespace: nfs
subjects:
- kind: ServiceAccount
name: nfs-client-provisioner-one
# replace with namespace where provisioner is deployed
namespace: nfs
roleRef:
kind: Role
name: leader-locking-nfs-client-provisioner-one
apiGroup: rbac.authorization.k8s.io
权限都安排上了
provisioner配置下:
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: nfs-client-provisioner-one
name: nfs-client-provisioner-one
namespace: nfs
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app: nfs-client-provisioner-one
strategy:
type: Recreate
template:
metadata:
creationTimestamp: null
labels:
app: nfs-client-provisioner-one
spec:
containers:
- env:
- name: PROVISIONER_NAME
value: nfsone
- name: NFS_SERVER
value: 192.168.31.10
- name: NFS_PATH
value: /data-nfs
image: easzlab/nfs-subdir-external-provisioner:v4.0.1
imagePullPolicy: Always
name: nfs-client-provisioner-one
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /persistentvolumes
name: nfs-client-root
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: nfs-client-provisioner-one
serviceAccountName: nfs-client-provisioner-one
terminationGracePeriodSeconds: 30
volumes:
- name: nfs-client-root
nfs:
path: /home/nfs
server: 192.168.31.10
最后声明下StorageClass:
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
#创建PVC时会用到的参数
name: nfs-one
labels:
uds.dce.daocloud.io/storage-type: file
annotations:
# 设置该storageclass为PVC创建时默认使用的存储机制;如果不设置该参数,PVC想要使用该storageclass时需要指定 storageclassname
storageclass.kubernetes.io/is-default-class: "true"
#!!!修改值---匹配deployment中的环境变量'PROVISIONER_NAME'
provisioner: nfsone
parameters:
archiveOnDelete: "true" # "false" 删除PVC时不会保留数据,"true"将保留PVC数据
reclaimPolicy: Retain
就可以声明pvc玩玩了
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: hello-pvc
spec:
storageClassName: nfs-one
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
若有收获,就点个赞吧
0 人点赞
