miaodi
发布于 2023-03-08 / 150 阅读
0

k8s部署nfs存储类

1. 环境

  • k8s集群 1.26
  • nfs服务端已建立 服务端ip:10.8.8.103

2. 搭建

存储类是给一些有状态的服务使用,让这些服务重启后数据不丢失,比如下面要部署的pgsql数据库。

这里使用truenas共享出来的nfs作为存储,nfs服务端的搭建这里不做记录。

根据官方文档,需要在所有k8s节点上自己配置外部的nfs驱动

#这条命令所有节点master、worker都执行  
[root@k8s-n1 ~]# yum install -y nfs-utils
​  
#查看是否能查到nfs  
[root@k8s-n1 ~]# showmount -e 10.8.8.103
Export list for 10.8.8.103:
/mnt/ssd-1/nfs/k8s 10.8.8.0/24

编辑nfs清单: vim nfs-sc.yaml

apiVersion: storage.k8s.io/v1  
kind: StorageClass  
metadata:  
 name: nas-nfs # 自定义名字,后面其他服务配置存储会用到  
 annotations:  
 storageclass.kubernetes.io/is-default-class: "true"  
provisioner: nfs-provisioner  
parameters:  
 archiveOnDelete: "true" # 删除pv的时候,pv的内容是否要备份  
​  
---  
apiVersion: apps/v1  
kind: Deployment  
metadata:  
 name: nfs-client-provisioner  
 labels:  
 app: nfs-client-provisioner  
 namespace: kube-system  
spec:  
 replicas: 1  
 strategy:  
 type: Recreate  
 selector:  
 matchLabels:  
 app: nfs-client-provisioner  
 template:  
 metadata:  
 labels:  
 app: nfs-client-provisioner  
 spec:  
 serviceAccountName: nfs-client-provisioner  
 containers:  
 - name: nfs-client-provisioner  
 image: registry.cn-hangzhou.aliyuncs.com/lfy_k8s_images/nfs-subdir-external-provisioner:v4.0.2  
 volumeMounts:  
 - name: nfs-client-root  
 mountPath: /persistentvolumes  
 env:  
 - name: PROVISIONER_NAME  
 value: nfs-provisioner  
 - name: NFS_SERVER  
 value: 10.8.8.103 # 指定自己nfs服务器地址  
 - name: NFS_PATH  
 value: /mnt/ssd-1/nfs/k8s # nfs服务器上共享的目录  
 volumes:  
 - name: nfs-client-root  
 nfs:  
 server: 10.8.8.103  
 path: /mnt/ssd-1/nfs/k8s  
---  
apiVersion: v1  
kind: ServiceAccount  
metadata:  
 name: nfs-client-provisioner  
 namespace: kube-system  
---  
kind: ClusterRole  
apiVersion: rbac.authorization.k8s.io/v1  
metadata:  
 name: nfs-client-provisioner-runner  
rules:  
 - apiGroups: [""]  
 resources: ["nodes"]  
 verbs: ["get", "list", "watch"]  
 - apiGroups: [""]  
 resources: ["persistentvolumes"]  
 verbs: ["get", "list", "watch", "create", "delete"]  
 - apiGroups: [""]  
 resources: ["persistentvolumeclaims"]  
 verbs: ["get", "list", "watch", "update"]  
 - apiGroups: ["storage.k8s.io"]  
 resources: ["storageclasses"]  
 verbs: ["get", "list", "watch"]  
 - apiGroups: [""]  
 resources: ["events"]  
 verbs: ["create", "update", "patch"]  
---  
kind: ClusterRoleBinding  
apiVersion: rbac.authorization.k8s.io/v1  
metadata:  
 name: run-nfs-client-provisioner  
subjects:  
 - kind: ServiceAccount  
 name: nfs-client-provisioner  
 namespace: kube-system  
roleRef:  
 kind: ClusterRole  
 name: nfs-client-provisioner-runner  
 apiGroup: rbac.authorization.k8s.io  
---  
kind: Role  
apiVersion: rbac.authorization.k8s.io/v1  
metadata:  
 name: leader-locking-nfs-client-provisioner  
 namespace: kube-system  
rules:  
 - apiGroups: [""]  
 resources: ["endpoints"]  
 verbs: ["get", "list", "watch", "create", "update", "patch"]  
---  
kind: RoleBinding  
apiVersion: rbac.authorization.k8s.io/v1  
metadata:  
 name: leader-locking-nfs-client-provisioner  
 namespace: kube-system  
subjects:  
 - kind: ServiceAccount  
 name: nfs-client-provisioner  
 namespace: kube-system  
roleRef:  
 kind: Role  
 name: leader-locking-nfs-client-provisioner  
 apiGroup: rbac.authorization.k8s.io

部署: kubectl apply -f nfs-sc.yaml

部署完成后查看 storageclass:

[root@k8s-n1 ~]# kl get sc
NAME                PROVISIONER       RECLAIMPOLICY   VOLUMEBINDINGMODE   ALLOWVOLUMEEXPANSION   AGE
nas-nfs (default)   nfs-provisioner   Delete          Immediate           false                  19d