机器环境筹备

应用StorageClass为k8s作为动静存储,大规模集群中可能会有很多PV,如果这些PV都须要运维手动来解决这也是一件很繁琐的事件,所以就有了动静供应概念,也就是Dynamic Provisioning。而咱们下面的创立的PV都是动态供应形式,也就是Static Provisioning。而动静供应的要害就是StorageClass,它的作用就是创立PV模板,进步工作效率,创PVC时会动静主动创立PV。

服务器用处
10.4.2.104nfs服务器
10.4.2.100-105k8s集群

搭建nfs服务器

  • 10.4.2.104上搭建nfs服务器
yum install rpcbindyum -y install nfs-utilskcat << EOF >> /etc/hosts/volumes 10.0.0.0/8(rw,no_root_squash,anonuid=998,anongid=994)EOFexportfs -rvsystemctl restart rpcbindsystemctl restart nfssystemctl enable nfs
  • k8s所有节点装置nfs客户端
yum -y install nfs-utils

K8S装置nfs-client

  • 创立RABCServiceAccount
apiVersion: v1kind: ServiceAccountmetadata:  name: nfs-client-provisioner  # replace with namespace where provisioner is deployed  namespace: storage-class---kind: ClusterRoleapiVersion: rbac.authorization.k8s.io/v1metadata:  name: nfs-client-provisioner-runnerrules:  - apiGroups: [""]    resources: ["persistentvolumes"]    verbs: ["get", "list", "watch", "create", "delete"]  - apiGroups: [""]    resources: ["persistentvolumeclaims"]    verbs: ["get", "list", "watch", "update"]  - apiGroups: ["storage.k8s.io"]    resources: ["storageclasses"]    verbs: ["get", "list", "watch"]  - apiGroups: [""]    resources: ["events"]    verbs: ["create", "update", "patch"]---kind: ClusterRoleBindingapiVersion: rbac.authorization.k8s.io/v1metadata:  name: run-nfs-client-provisionersubjects:  - kind: ServiceAccount    name: nfs-client-provisioner    # replace with namespace where provisioner is deployed    namespace: storage-classroleRef:  kind: ClusterRole  name: nfs-client-provisioner-runner  apiGroup: rbac.authorization.k8s.io---kind: RoleapiVersion: rbac.authorization.k8s.io/v1metadata:  name: leader-locking-nfs-client-provisioner    # replace with namespace where provisioner is deployed  namespace: storage-classrules:  - apiGroups: [""]    resources: ["endpoints"]    verbs: ["get", "list", "watch", "create", "update", "patch"]---kind: RoleBindingapiVersion: rbac.authorization.k8s.io/v1metadata:  name: leader-locking-nfs-client-provisioner  namespace: storage-classsubjects:  - kind: ServiceAccount    name: nfs-client-provisioner    # replace with namespace where provisioner is deployed    namespace: storage-classroleRef:  kind: Role  name: leader-locking-nfs-client-provisioner  apiGroup: rbac.authorization.k8s.io
kubectl apply -f rabc.yaml
  • 装置nfs-client
apiVersion: apps/v1kind: Deploymentmetadata:  name: nfs-client-provisioner  labels:    app: nfs-client-provisioner  # replace with namespace where provisioner is deployed  namespace: storage-classspec:  replicas: 1  selector:    matchLabels:      app: nfs-client-provisioner  strategy:    type: Recreate  selector:    matchLabels:      app: nfs-client-provisioner  template:    metadata:      labels:        app: nfs-client-provisioner    spec:      serviceAccountName: nfs-client-provisioner      containers:        - name: nfs-client-provisioner          image: harbor-k8s.iwgame.com/containers/nfs-client-provisioner:latest          volumeMounts:            - name: nfs-client-root              mountPath: /persistentvolumes/          env:            - name: PROVISIONER_NAME              value: g.iwgame.com/nfs            - name: NFS_SERVER              value: 10.4.2.104            - name: NFS_PATH              value: /volumes      volumes:        - name: nfs-client-root          nfs:            server: 10.4.2.104            path: /volumes
kubectl apply -f deployment.yaml

创立StorageClass

apiVersion: storage.k8s.io/v1kind: StorageClassmetadata:  name: iwgame-nfs-storage  annotations:    storageclass.kubernetes.io/is-default-class: "true"provisioner: g.iwgame.com/nfs # or choose another name, must match deployment's env PROVISIONER_NAME'reclaimPolicy: Retainparameters:  archiveOnDelete: "false"

创立PVC测试