搭建NFS服务器

192.168.0.13

# 安装服务
yum install nfs-utils rpcbind -y
# 创建共享目录
mkdir /data/k8s -p
# 配置NFS配置文件
vim /etc/exports
/data/k8s *(rw,sync,no_root_squash)

# 启动服务
systemctl start rpcbind
systemctl start nfs
systemctl enable rpcbind
systemctl enable nfs
 
# 测试
showmount -e 192.168.0.13

静态存储

# 管理员 创建pv 
cat > pv3.yml << EOF
apiVersion: v1
kind: PersistentVolume
metadata:
  name: my-pv01
  labels:
    storage: pv
spec:
  accessModes:
  - ReadWriteOnce
  capacity:
    storage: 1Gi
  persistentVolumeReclaimPolicy: Recycle
  nfs:
    path: /data/k8s
    server: 192.168.0.13
EOF

kubectl apply -f pv3.yml

# 查看
kubectl get pv
# 用户创建pvc
cat > pvc3.yml << EOF
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: pvc-test
spec:
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 1Gi
EOF

kubectl apply -f pvc3.yml

# 查看
kubectl get pvc

# 测试效果
cat > pod.yml << EOF
apiVersion: v1
kind: Pod
metadata:
  name: test-nfs
spec:
  containers:
  - image: nginx:alpine
    imagePullPolicy: IfNotPresent
    name: nginx
    volumeMounts:
    - mountPath: /data
      name: nfs-volume
  volumes:
  - name: nfs-volume
    persistentVolumeClaim:
      claimName: pvc-test
EOF
kubectl apply -f pod.yml

动态存储

创建NFS ServiceAccount

cat > nfs_serviceaAccount.yml << EOF
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: nfs-client-provisioner

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: nfs-client-provisioner-clusterrole
rules:
  - apiGroups: [""]
    resources: ["persistentvolumes"]
    verbs: ["get", "list", "watch", "create", "delete"]
  - apiGroups: [""]
    resources: ["persistentvolumeclaims"]
    verbs: ["get", "list", "watch", "update"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["storageclasses"]
    verbs: ["get", "list", "watch"]
  - apiGroups: [""]
    resources: ["events"]
    verbs: ["list", "watch", "create", "update", "patch"]
  - apiGroups: [""]
    resources: ["endpoints"]
    verbs: ["create", "delete", "get", "list", "watch", "patch", "update"]

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: nfs-client-provisioner-clusterrolebinding
subjects:
- kind: ServiceAccount
  name: nfs-client-provisioner
  namespace: default
roleRef:
  kind: ClusterRole
  name: nfs-client-provisioner-clusterrole
  apiGroup: rbac.authorization.k8s.io
EOF

kubectl apply -f nfs_serviceaAccount.yml

# 创建NFS Provisioner
cat > nfs_provistioner.yml << EOF
---
apiVersion: apps/v1 
kind: Deployment
metadata:
  name: nfs-client-prosioner
spec:
  replicas: 1
  strategy:
    type: Recreate
  selector:
    matchLabels:
      app: nfs-client-prosioner
  template:
    metadata:
      labels:
        app: nfs-client-prosioner
    spec:
      serviceAccountName: nfs-client-provisioner
      containers:
      - name: nfs-client-prosioner
        image: registry.cn-hangzhou.aliyuncs.com/rookieops/nfs-client-provisioner:4.0
        imagePullPolicy: IfNotPresent
        volumeMounts:
        - name: nfs-client-root
          mountPath: /data/pv
        env:
        - name: PROVISIONER_NAME
          value: rookieops/nfs
        - name: NFS_SERVER
          value: 192.168.0.13
        - name: NFS_PATH
          value: /data/k8s
      volumes:
      - name: nfs-client-root
        nfs:
          server: 192.168.0.13
          path: /data/k8s
EOF

kubectl apply -f nfs_provistioner.yml

# 查看
kubectl get po

StorageClass

cat > sc.yml << EOF
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: nfs
provisioner: rookieops/nfs
EOF
# 启动
kubectl apply -f sc.yml

# 配置使用sc
cat > pvc-from-sc.yml << EOF
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: pvc-from-sc
spec:
  accessModes:
    - ReadWriteOnce
  storageClassName: nfs
  resources:
    requests:
      storage: 1Mi
EOF

kubectl apply -f pvc-from-sc.yml

设置默认存储

kubectl patch storageclass nfs -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'

测试

启动测试pod

cat > pod1.yml << EOF
apiVersion: v1
kind: Pod
metadata:
  name: nginx
spec:
  containers:
  - name: nginx
    image: nginx
    imagePullPolicy: IfNotPresent
    volumeMounts:
    - name: nfs-pvc
      mountPath: /mnt
  restartPolicy: Never
  volumes:
  - name: nfs-pvc
    persistentVolumeClaim:
      claimName: pvc-from-sc
EOF
kubectl apply -f pod1.yml

测试nfs

kubectl exec -it nginx -- /bin/bash
# 进入 创建数据
echo "test" > /mnt/text.txt

# 进入 nfs服务器
cd /data/k8s/default-pvc-from-sc-pvc-a4a71b8c-5664-4d1a-b286-9e4adcf6f96a
cat text.txt 
test

其他命令

# 强制删除 pv
kubectl patch pv nfs-pv-storage-nfs -p '{"metadata":{"finalizers":null}}'
# 强制删除 pvc
kubectl patch pvc pvc-xxxx  -p '{"metadata":{"finalizers":null}}' -n senyint
# 详情
kubectl describe pvc