K8S基础：存储服务

K8S基础：存储服务

常见的K8S的存储服务：GlusterFS、NFS、CephFS

1、Pod使用共享存储（NFS）

#在各个节点上安装 yum install -y nfs-utils #在master上启动NFS服务 [root@master ~]# echo "/nfs/data/ *(insecure,rw,sync,no_root_squash) " > /etc/exports [root@master ~]# mkdir -p /nfs/data/ [root@master ~]# systemctl enable rpcbind [root@master ~]# systemctl start rpcbind [root@master ~]# systemctl enable nfs-server Created symlink from /etc/systemd/system/multi-user.target.wants/nfs-server.service to /usr/lib/systemd/system/nfs-server.service. [root@master ~]# systemctl start nfs-server [root@master ~]# exportfs -r [root@master ~]# exportfs /nfs/data [root@master ~]# #在node节点上查看master共享存储 [root@node01 ~]# showmount -e 172.18.0.2 Export list for 172.18.0.2: /nfs/data * [root@node01 ~]# mount -t nfs 172.18.0.2:/nfs/data /nfs/data #在master上的共享目录写入数据 [root@master ~]# cd /nfs/data/ [root@master data]# ls [root@master data]# touch aaa [root@master data]# echo "123" >> aaa #在node上查看共享目录是否有数据 [root@node01 ~]# cd /nfs/data/ [root@node01 data]# ls aaa [root@node01 data]# cat aaa 123 [root@node01 data]# #创建yaml文件，部署pod [root@master server]# vim nfs.pod apiVersion: apps/v1 kind: Deployment metadata: labels: app: nginx-pv-demo name: nginx-pv-demo spec: replicas: 2 selector: matchLabels: app: nginx-pv-demo template: metadata: labels: app: nginx-pv-demo spec: containers: - image: nginx name: nginx volumeMounts: - name: html mountPath: /usr/share/nginx/html volumes: - name: html nfs: server: 172.18.0.2 path: /nfs/data/nginx-pv [root@master server]# kubectl apply -f nfs.yaml deployment.apps/nginx-pv-demo created [root@master server]# kubectl get pod NAME READY STATUS RESTARTS AGE nginx-pv-demo-d696b6675-tmd92 1/1 Running 0 17m nginx-pv-demo-d696b6675-v4npk 1/1 Running 0 17m [root@master server]# cd /nfs/data/nginx-pv/ [root@master nginx-pv]# ls [root@master nginx-pv]# echo "111" >index.html #进入Pod查看数据是否同步进去 [root@master ~]# kubectl exec -it nginx-pv-demo-d696b6675-tmd92 -- /bin/bash root@nginx-pv-demo-d696b6675-tmd92:/# cd /usr/share/nginx/html/ root@nginx-pv-demo-d696b6675-tmd92:/usr/share/nginx/html# cat index.html 111 root@nginx-pv-demo-d696b6675-tmd92:/usr/share/nginx/html#exit [root@master ~]# kubectl get pod -owide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES nginx-pv-demo-d696b6675-tmd92 1/1 Running 0 32m 10.233.82.59 node01 nginx-pv-demo-d696b6675-v4npk 1/1 Running 0 32m 10.233.82.60 node01 [root@master ~]# curl 10.233.82.59 111 [root@master ~]#

2、Pod使用共享存储（PV/PVC）

#创建PV [root@master server]# vim pv.yaml apiVersion: v1 kind: PersistentVolume metadata: labels: name: pv01-10m spec: capacity: storage: 10M accessModes: - ReadWriteMany storageClassName: nfs nfs: path: /nfs/data/01 server: 172.18.0.2 [root@master server]# kubectl apply -f pv.yaml persistentvolume/pv01-10m created [root@master data]# kubectl get persistentvolume NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE pv01-10m 10M RWX Retain Available nfs 3m11s #创建PVC [root@master server]# cat pvc.yaml kind: PersistentVolumeClaim apiVersion: v1 metadata: name: nginx-pvc spec: accessModes: - ReadWriteMany resources: requests: storage: 5Mi storageClassName: nfs [root@master server]# kubectl apply -f pvc.yaml persistentvolumeclaim/nginx-pvc created [root@master server]# #查看PV的状态显示Bound，证明跟刚才创建的PVC绑定了 [root@master server]# kubectl get pv NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE pv01-10m 10M RWX Retain Bound default/nginx-pvc nfs 10m #pod绑定pvc [root@master server]# vim app-pvc.yaml apiVersion: apps/v1 kind: Deployment metadata: labels: app: nginx-pvc-demo name: nginx-pvc-demo spec: replicas: 2 selector: matchLabels: app: nginx-pvc-demo template: metadata: labels: app: nginx-pvc-demo spec: containers: - image: nginx name: nginx volumeMounts: - name: html mountPath: /usr/share/nginx/html volumes: - name: html persistentVolumeClaim: claimName: nginx-pvc [root@master server]# kubectl apply -f app-pvc.yaml deployment.apps/nginx-pvc-demo created [root@master server]# kubectl get pod -owide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES nginx-pvc-demo-7469ff7b85-cwrsb 1/1 Running 0 86s 10.233.82.61 node01 nginx-pvc-demo-7469ff7b85-vq2jt 1/1 Running 0 86s 10.233.82.62 node01 [root@master server]# kubectl get deploy NAME READY UP-TO-DATE AVAILABLE AGE nginx-pvc-demo 2/2 2 2 92s [root@master server]# kubectl get pvc NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE nginx-pvc Bound pv01-10m 10M RWX nfs 7m41s [root@master server]# kubectl get pv,pvc NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE persistentvolume/pv01-10m 10M RWX Retain Bound default/nginx-pvc nfs 18m NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE persistentvolumeclaim/nginx-pvc Bound pv01-10m 10M RWX nfs 8m14s [root@master server]#

3、Pod使用外置服务配置文件（ComfigMap）

#创建redis配置集（comfigmap） [root@master server]# echo "appendonly yes" > redis.conf [root@master server]# kubectl create cm redis-conf --from-file=redis.conf configmap/redis-conf created [root@master server]# kubectl get cm NAME DATA AGE kube-root-ca.crt 1 47h redis-conf 1 59s #查看comfigmap的yaml [root@master server]# kubectl get cm redis-conf -oyaml apiVersion: v1 data: #data是所有真正的数据 redis.conf: | appendonly yes kind: ConfigMap metadata: creationTimestamp: "2022-04-14T14:40:21Z" name: redis-conf namespace: default resourceVersion: "313557" uid: 042939b4-1ee2-4252-bb1c-e5c1c87d754f #创建redis的yaml文件 [root@master server]# cat redis.yaml apiVersion: v1 kind: Pod metadata: name: redis spec: containers: - name: redis image: redis command: - redis-server - "/redis-master/redis.conf" #这里指定的是redis容器内部位置 ports: - containerPort: 6379 volumeMounts: - mountPath: /data name: data - mountPath: /redis-master name: config volumes: - name: data emptyDir: {} - name: config configMap: name: redis-conf items: - key: redis.conf path: redis.conf [root@master server]# kubectl apply -f redis.yaml pod/redis created [root@master server]# watch -n 1 kubectl get pod #每秒刷新pod状态 NAME READY STATUS RESTARTS AGE redis 0/1 ContainerCreating 0 3m25s

4、Pod使用外置密钥配置文件（secret）

#创建演示的secret [root@master server]# kubectl create secret docker-registry leoheng-docker --docker-username=leoheng \ > --docker-password=leoheng123 \ > --docker-email=bohengli@yunify.com secret/leoheng-docker created [root@master server]# kubectl get secret NAME TYPE DATA AGE default-token-5sv8m kubernetes.io/service-account-token 3 47h leoheng-docker kubernetes.io/dockerconfigjson 1 44s #查看演示的secret的yaml文件 [root@master server]# kubectl get secret leoheng-docker -oyaml apiVersion: v1 data: .dockerconfigjson: eyJhdXRocyI6eyJodHRwczovL2luZGV4LmRvY2tlci5pby92MS8iOnsidXNlcm5hbWUiOiJsZW9oZW5nIiwicGFzc3dvcmQiOiJsZW9oZW5nMTIzIiwiZW1haWwiOiJib2hlbmdsaUB5dW5pZnkuY29tIiwiYXV0aCI6ImJHVnZhR1Z1Wnpwc1pXOW9aVzVuTVRJeiJ9fX0= kind: Secret metadata: creationTimestamp: "2022-04-14T15:13:36Z" name: leoheng-docker namespace: default resourceVersion: "319771" uid: b9547465-5c61-4a44-a20b-2ed7a5fca7da type: kubernetes.io/dockerconfigjson #创建新的pod引用演示的secret [root@master server]# cat sec-pod.yaml apiVersion: v1 kind: Pod metadata: labels: run: sec-nginx name: sec-nginx spec: containers: - name: sec-nginx image: leoheng/nginx:v1 imagePullSecrets: - name: leoheng-docker [root@master server]# kubectl apply -f sec-pod.yaml pod/sec-nginx created

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。