首页 > 其他分享 >LAB-13:创建PVC

LAB-13:创建PVC

时间:2022-11-22 13:55:23浏览次数:43  
标签:13 user1 LAB PVC client nfs provisioner master k8s

LAB-13:创建PVC

LAB 概述

创建一个名字为 pv-volume 的 pvc,指定 storageClass 为 csi-hostpath-sc,大小为10Mi。
然后创建一个 Pod,名字为 web-server,镜像为 nginx,并且挂载该 PVC 至 /usr/share/nginx/html,挂载的权限为 ReadWriteOnce。
之后通过 kubectl edit 或者 kubectl path 将 pvc 改成 70Mi,并且记录修改记录。

LAB 预配

# 使用 NFS 配置 storageClass
# 1、配置 NFS 共享存储
# 创建 NFS 服务器
user1@k8s-master:~$ sudo apt-get install -y nfs-kernel-server

# 配置 NFS 文件共享。
user1@k8s-master:~$ sudo mkdir /nfs-server
user1@k8s-master:~$ cat /etc/exports 
/nfs-server *(rw,sync,no_root_squash)
user1@k8s-master:~$ sudo chmod 700 /nfs-server/
user1@k8s-master:~$ sudo service nfs-kernel-server restart
user1@k8s-master:~$ sudo service nfs-kernel-server status

# 验证NFS服务。
user1@k8s-master:~$ sudo showmount -e 127.0.0.1
Export list for 127.0.0.1:
/nfs-server *

# 在所有 node 节点也要安装 nfs client 软件。并且测试一下 nfs 存储
user1@k8s-node-2:~$ sudo apt-get install -y nfs-kernel-server
user1@k8s-node-2:~$ sudo showmount -e k8s-master
Export list for k8s-master:
/nfs-server *

# 2、配置 storageClass
# 需要一个对应的 provisioner 来自动创建 PV,这里使用的 NFS 存储,则可以使用 nfs-subdir-external-provisioner 这个 Provisioner,它使用现有的和已配置的 NFS 服务器来支持通过 PVC 动态配置 PV。链接如下:https://github.com/kubernetes-sigs/nfs-subdir-external-provisioner/tree/master/deploy

# 创建 ServiceAccount 解决权限问题。
# 编写 RBAC 资源清单文件
user1@k8s-master:~/cka-2022-05-01/13$ cat rbac.yaml 
apiVersion: v1
kind: ServiceAccount
metadata:
  name: nfs-client-provisioner
  namespace: default
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: nfs-client-provisioner-runner
rules:
  - apiGroups: [""]
    resources: ["persistentvolumes"]
    verbs: ["get", "list", "watch", "create", "delete"]
  - apiGroups: [""]
    resources: ["persistentvolumeclaims"]
    verbs: ["get", "list", "watch", "update"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["storageclasses"]
    verbs: ["get", "list", "watch"]
  - apiGroups: [""]
    resources: ["events"]
    verbs: ["create", "update", "patch"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: run-nfs-client-provisioner
subjects:
  - kind: ServiceAccount
    name: nfs-client-provisioner
    namespace: default
roleRef:
  kind: ClusterRole
  name: nfs-client-provisioner-runner
  apiGroup: rbac.authorization.k8s.io
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: leader-locking-nfs-client-provisioner
  namespace: default
rules:
  - apiGroups: [""]
    resources: ["endpoints"]
    verbs: ["get", "list", "watch", "create", "update", "patch"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: leader-locking-nfs-client-provisioner
subjects:
  - kind: ServiceAccount
    name: nfs-client-provisioner
    namespace: default
roleRef:
  kind: Role
  name: leader-locking-nfs-client-provisioner
  apiGroup: rbac.authorization.k8s.io

# 创建 RBAC 资源
user1@k8s-master:~/cka-2022-05-01/13$ kubectl apply -f rbac.yaml

# 编写 nfs-client 的资源清单文件
user1@k8s-master:~/cka-2022-05-01/13$ cat nfs-client-provisioner.yaml 
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nfs-client-provisioner
  labels:
    app: nfs-client-provisioner
  namespace: default
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nfs-client-provisioner
  strategy:
    type: Recreate
  selector:
    matchLabels:
      app: nfs-client-provisioner
  template:
    metadata:
      labels:
        app: nfs-client-provisioner
    spec:
      serviceAccountName: nfs-client-provisioner
      containers:
        - name: nfs-client-provisioner
          image: quay.io/external_storage/nfs-client-provisioner:latest
          volumeMounts:
            - name: nfs-client-root
              mountPath: /persistentvolumes
          env:
            - name: PROVISIONER_NAME
              value: nfs-storage  # provisioner 的名称,后面创建SC使用
            - name: NFS_SERVER
              value: k8s-master   # nfs server: k8s-master
            - name: NFS_PATH  
              value: /nfs-server  # nfs 共享的目录
      volumes:
        - name: nfs-client-root
          nfs:
            server: k8s-master
            path: /nfs-server

# 创建 nfs-client 资源
user1@k8s-master:~/cka-2022-05-01/13$ kubectl apply -f nfs-client-provisioner.yaml

# 查看 nfs-client 的 pod
user1@k8s-master:~$ kubectl get pod nfs-client-provisioner-6546c4b76-zw2k2 
NAME                                     READY   STATUS    RESTARTS      AGE
nfs-client-provisioner-6546c4b76-zw2k2   1/1     Running   0             30s

# 编写 storageclass 资源清单
# 注意: allowVolumeExpansion 可以根据情况是否设置为 true (默认为 false ), allowVolumeExpansion 为 flase 时不能动态扩容(例如不能直接修改 pvc 大小,当 allowVolumeExpansion 为 true 时可以修改)
user1@k8s-master:~/cka-2022-05-01/13$ cat managed-nfs-storageclass.yaml 
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: csi-hostpath-sc
provisioner: nfs-storage
allowVolumeExpansion: true

# 创建 storageclass 资源
user1@k8s-master:~/cka-2022-05-01/13$ kubectl apply -f managed-nfs-storageclass.yaml  
storageclass.storage.k8s.io/csi-hostpath-sc created

# 查看 storageclass 资源
user1@k8s-master:~$ kubectl get storageclasses.storage.k8s.io csi-hostpath-sc 
NAME              PROVISIONER   RECLAIMPOLICY   VOLUMEBINDINGMODE   ALLOWVOLUMEEXPANSION   AGE
csi-hostpath-sc   nfs-storage   Delete          Immediate           true                   36s

# 有可能出现错误:k8s升级到1.20.X以上版本时,nfs-client-provisioner 启动中出现了报错,可以修改 /etc/kubernetes/manifests/kube-apiserver.yaml,增加’–feature-gates=RemoveSelfLink=false’的参数。
user1@k8s-master:~$ sudo cat /etc/kubernetes/manifests/kube-apiserver.yaml
apiVersion: v1
···
    - --tls-private-key-file=/etc/kubernetes/pki/apiserver.key
    - --feature-gates=RemoveSelfLink=false # 添加这个配置

# 重启 kubelet.service 
user1@k8s-master:~$ sudo systemctl restart kubelet.service 

# 具体错误如下:
$ kubectl describe pod nfs-client-provisioner-6546c4b76-mgxv7 
......
persistentvolume-controller  waiting for a volume to be created, either by external provisioner "nfs-storage" or manually created by system administrator

# pvc pending 状态
$ kubectl describe pvc pv-volume 
 Normal  ExternalProvisioning  13s (x3 over 35s)  persistentvolume-controller  waiting for a volume to be created, either by external provisioner "nfs-storage" or manually created by system administrator

 LAB 答案

# 切换 content
$ kubectl config use-context k8s

# 编写 yaml 文件
$ cat pv-volume.yaml 
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: pv-volume
spec:
  storageClassName: csi-hostpath-sc
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 10Mi
---
apiVersion: v1
kind: Pod
metadata:
  name: web-server
spec:
  volumes:
    - name: task-pv-storage
      persistentVolumeClaim:
        claimName: pv-volume
  containers:
    - name: web-server
      image: nginx:1.18.0
      ports:
        - containerPort: 80
          name: "http-server"
      volumeMounts:
        - mountPath: "/usr/share/nginx/html"
          name: task-pv-storage

# 执行 yaml 文件
user1@k8s-master:~/cka-2022-05-01/13$ kubectl apply -f pv-volume.yaml 

# 扩容(注,NFS 不支持扩容)修改为70Mi
# 方式1: Patch
$ kubectl patch pvc pv-volume  -p '{"spec":{"resources":{"requests":{"storage": "70Mi"}}}}' --record

# 方式2: edit
$ kubectl  edit pvc pv-volume

 LAB 验证

# 查看 PVC
user1@k8s-master:~$ kubectl get pvc
NAME        STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS      AGE
pv-volume   Bound    pvc-39e0aef5-21da-4af3-b375-6e9744da3f78   10Mi       RWO            csi-hostpath-sc   6m54s

# 查看 nfs 上多了一个目录
user1@k8s-master:~$ sudo ls -d /nfs-server/default-pv-volume-pvc-39e0aef5-21da-4af3-b375-6e9744da3f78 
/nfs-server/default-pv-volume-pvc-39e0aef5-21da-4af3-b375-6e9744da3f78

# 在 NFS 上写入 index.html
user1@k8s-master:~$ sudo sh -c 'echo "http-server storageclass" > /nfs-server/default-pv-volume-pvc-39e0aef5-21da-4af3-b375-6e9744da3f78/index.html'

# 测试访问
user1@k8s-master:~$ kubectl get pod web-server  -o wide
NAME         READY   STATUS    RESTARTS   AGE   IP              NODE         NOMINATED NODE   READINESS GATES
web-server   1/1     Running   0          16m   10.244.76.155   k8s-node-3   <none>           <none>
user1@k8s-master:~$ curl 10.244.76.155
http-server storageclass

 

参考资料

  • https://kubernetes.io/zh/docs/tasks/configure-pod-container/configure-persistent-volume-storage/

标签:13,user1,LAB,PVC,client,nfs,provisioner,master,k8s
From: https://www.cnblogs.com/quqibinggan/p/16914903.html

相关文章

  • LAB-14:监控Pod日志
    LAB-14:监控Pod日志LAB概述监控 pod foobar 的日志并提取错误的 unable-access-website 相对于的日志写入到 /opt/KUTR00101/foobarLAB预配#编写pod为foob......
  • 前端013-css-后台布局2-absolute定位
    <!DOCTYPEhtml><htmllang="en"><head><metacharset="UTF-8"><title>css后台布局</title><style>body{margin:0}/*去掉边框,*/.page-heade......
  • 【华为OJ13】句子逆序
    题目描述将一个英文语句以单词为单位逆序排放。例如“I am a boy”,逆序排放后为“boy a am I”所有单词之间用一个空格隔开,语句中除了英文字母外,不再包含其他字符i......
  • 剑指offer——Day13 双指针(简单)
    Day132022.11.19双指针(简单)21.调整数组顺序使奇数位于偶数前面自己实现初步想法是一个指针从开头向右移动,移动到偶数停止;另一个指针从数组中间位置向右移动,移动到奇......
  • luffy学习-13
    一、支付宝支付介绍项目中需要在线支付功能支付宝支付微信支付:需要备案过域名云闪付此次项目以支付宝支付为例先整明白支付宝的支付流程然后去支付宝上找找API、......
  • mysql 错误 SQL Error: 1366: Incorrect string value:
    在查mysql1366的错误原因时,发现一些有趣的回答。地址为:http://zhidao.baidu.com/question/59029575.html不过,还是有人给出了比较好的解决方法:http://www.phplamp.org......
  • set ip next-hop verify-availabitity
    setipnext-hopverify-availabitity   R2配置setipnext-hopverify-availabitity 让路由器搜索CDP邻居表来验证下一跳地址是否在列表中,如果不在,       ......
  • 【2022.11.21】luffy项目部署(13)
    内容详情1支付宝支付介绍#项目中需要有在线支付功能 -支付宝支付-微信支付:备案过域名-云闪付#咱们项目以支付宝支付为例 -支付流程-AP......
  • Docker Compose 部署GitLab
    先决条件DockerEngine和DockerCompose是必需的。请参阅在CentOS上安装DockerEngine。建议使用4核的服务器,同时至少分配4G的内存,理论上4核4G可最多支持500个用户。......
  • 洛谷 P3336 [ZJOI2013]话旧
    洛谷P3336[ZJOI2013]话旧图是洛谷搞的做点简单的观察发现,每一次下降必须经过零点。对于每个点,有两种状态,从上面走过来,记为下降;从下面走过来,记为上升。\((0,0)\)我们......