k8s1.5.4挂載volume之nfs
volume的例子集合
https://github.com/kubernetes/kubernetes/tree/master/examples/volumes
http://www.dockerinfo.net/2926.html
https://kubernetes.io/docs/user-guide/volumes/
其他相關文檔
k8s叢集安裝部署
http://jerrymin.blog.51cto.com/3002256/1898243
k8s叢集RC、SVC、POD部署
http://jerrymin.blog.51cto.com/3002256/1900260
k8s叢集元件kubernetes-dashboard和kube-dns部署
http://jerrymin.blog.51cto.com/3002256/1900508
k8s叢集監控元件heapster部署
http://jerrymin.blog.51cto.com/3002256/1904460
k8s叢集反向代理負載均衡元件部署
http://jerrymin.blog.51cto.com/3002256/1904463
k8s叢集挂載volume之nfs
http://jerrymin.blog.51cto.com/3002256/1906778
k8s叢集挂載volume之glusterfs
http://jerrymin.blog.51cto.com/3002256/1907274
參考github上的例子
[root@k8s-master nfs]# pwd
/usr/local/kubernetes/examples/volumes/nfs
[root@k8s-master nfs]# cat README.md
## Quickstart
```console
$ kubectl create -f examples/volumes/nfs/provisioner/nfs-server-gce-pv.yaml
$ kubectl create -f examples/volumes/nfs/nfs-server-rc.yaml
$ kubectl create -f examples/volumes/nfs/nfs-server-service.yaml
# get the cluster IP of the server using the following command
$ kubectl describe services nfs-server
# use the NFS server IP to update nfs-pv.yaml and execute the following
$ kubectl create -f examples/volumes/nfs/nfs-pv.yaml
$ kubectl create -f examples/volumes/nfs/nfs-pvc.yaml
# run a fake backend
$ kubectl create -f examples/volumes/nfs/nfs-busybox-rc.yaml
# get pod name from this command
$ kubectl get pod -l name=nfs-busybox
# use the pod name to check the test file
$ kubectl exec nfs-busybox-jdhf3 -- cat /mnt/index.html
```
具體操作
[root@k8s-master nfs]# kubectl create -f provisioner/nfs-server-gce-pv.yaml
persistentvolumeclaim "nfs-pv-provisioning-demo" created
剛添加的PVC的狀态是Pending,如果有合适的PV,這個Pending狀态會立刻變為Bound,同時相應的PVC也會變為Bound。 你也可以先添加PVC,後添加PV,這樣就能保證看到Pending狀态。
[root@k8s-master nfs]# kubectl create -f nfs-server-rc.yaml
The ReplicationController "nfs-server" is invalid: spec.template.spec.containers[0].securityContext.privileged: Forbidden: disallowed by policy
查找參數--allow-privileged為true後k8s将允許在pod中運作擁有系統特權的容器應用
修改/etc/kubernetes/config 值KUBE_ALLOW_PRIV="--allow-privileged=true"後重新開機所有元件
但是這種方式出現了錯誤,錯誤見https://github.com/kubernetes/kubernetes/issues/43120
後調整了方案:
nfs伺服器不在容器裡部署,直接在節點上部署,然後容器挂載的方式測試,畢竟生存環境中存儲一般也不會跑在容器裡,開始圖友善直接用nfs容器了。nfs伺服器搭建比較簡單,這裡省略了。可以參考http://www.cnblogs.com/zhangmingcheng/p/6134210.html。
[root@k8s-master nfs]# vim /etc/exports
[root@k8s-master nfs]# systemctl enable rpcbind.service
[root@k8s-master nfs]# systemctl enable nfs-server.service
Created symlink from /etc/systemd/system/multi-user.target.wants/nfs-server.service to /usr/lib/systemd/system/nfs-server.service.
[root@k8s-master nfs]# systemctl start rpcbind.service
[root@k8s-master nfs]# systemctl start nfs-server.service
[root@k8s-master nfs]# rpcinfo -p
program vers proto port service
100000 4 tcp 111 portmapper
100000 3 tcp 111 portmapper
100000 2 tcp 111 portmapper
100000 4 udp 111 portmapper
100000 3 udp 111 portmapper
100000 2 udp 111 portmapper
100024 1 udp 37284 status
100024 1 tcp 57305 status
100005 1 udp 20048 mountd
100005 1 tcp 20048 mountd
100005 2 udp 20048 mountd
100005 2 tcp 20048 mountd
100005 3 udp 20048 mountd
100005 3 tcp 20048 mountd
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs
100227 3 tcp 2049 nfs_acl
100003 3 udp 2049 nfs
100003 4 udp 2049 nfs
100227 3 udp 2049 nfs_acl
100021 1 udp 36397 nlockmgr
100021 3 udp 36397 nlockmgr
100021 4 udp 36397 nlockmgr
100021 1 tcp 40459 nlockmgr
100021 3 tcp 40459 nlockmgr
100021 4 tcp 40459 nlockmgr
主要node節點, flanneld,docker網絡都要有挂載權限才行
[root@k8s-master nfs]# exportfs
/data/nfs 10.1.0.0/16
/data/nfs 10.254.0.0/16
/data/nfs 172.17.3.0/24
[root@k8s-master nfs]# showmount -e
Export list for k8s-master:
/data/nfs 172.17.3.0/24,10.254.0.0/16,10.1.0.0/16
[root@k8s-master nfs]# vim nfs-pv.yaml
nfs:
# FIXME: use the right IP
server: 172.17.3.20
path: "/data/nfs"
[root@k8s-master nfs]# kubectl create -f nfs-pv.yaml
persistentvolume "nfs" created
[root@k8s-master nfs]# kubectl create -f nfs-pvc.yaml
persistentvolumeclaim "nfs" created
[root@k8s-master nfs]# kubectl create -f nfs-web-rc.yaml
replicationcontroller "nfs-web" created
[root@k8s-master nfs]# kubectl create -f nfs-web-service.yaml
service "nfs-web" created
檢視PV\PVC狀态
[root@k8s-master nfs]# kubectl get pv
NAME CAPACITY ACCESSMODES RECLAIMPOLICY STATUS CLAIM REASON AGE
nfs 100Mi RWX Retain Bound default/nfs 25m
[root@k8s-master nfs]# kubectl get pvc
NAME STATUS VOLUME CAPACITY ACCESSMODES AGE
nfs Bound nfs 100Mi RWX 25m
[root@k8s-master ~]# kubectl get pods |grep nfs-web
nfs-web-gj1qr 1/1 Running 0 7m
nfs-web-vrzh4 1/1 Running 0 8m
root@nfs-web-vrzh4:/usr/share/nginx/html# df -h |grep nginx
172.17.3.20:/data/nfs 422G 925M 421G 1% /usr/share/nginx/html
[root@k8s-master ~]# cd /data/nfs/
[root@k8s-master nfs]# echo 'hello world!' > index.html
root@nfs-web-vrzh4:/usr/share/nginx/html# cat index.html
hello world!
[root@k8s-master nfs]# kubectl get ep|grep nfs-web
nfs-web 10.1.15.2:80,10.1.39.11:80 15m
[root@k8s-master nfs]# curl 10.1.15.2:80
hello world!
[root@k8s-master nfs]# curl 10.1.39.11:80
hello world!