9.存储:PV and PVC

PV概念介绍

  • PV即PersistentVolume持久化存储,是管理员定义的一块存储空间,能抽象化底层存储细节,和node类似,PV是集群级别的资源,生命周期独立于Pod,支持静态创建和动态创建,动态创建需通过StorageClass。
  • PVC即PersistentVolumeClaim持久化存储申明,作为PV资源的使用方,可以指定请求存储容量大小和访问模式
  • StorageClass,存储类型支持创建PV,通过在PVC中指定StorageClass可动态创建PV,且支持指定不同的存储

PV支持设置字段介绍:

  • Capacity 存储的特性,当前只支持通过capacity指定存储大小,未来会支持IOPS,吞吐量等指标
  • VolumeMode 存储卷的类型,默认为filesystem,如果是块设备指定为block
  • Class 通过storageClassName指定静态StorageClass的名称
  • Reclaim Policy 回收策略,支持Retain保留,Recycle回收,DELETE删除
  • Volume驱动类型,和上一篇文章介绍的类似,支持不同的plugin驱动如RBD,NFS
  • Mount Options 挂载模式,支持管理员定义不同的挂载选项
  • AccessMode 访问模式,指定node的挂载方式,支持ReadWriteOnce读写挂载一次,ReadOnlyMany多个节点挂载只读模式,ReadWriteMany多个节点挂载读写模式,不同的volume驱动类型支持的模式有所不同,如下

定义PV存储

接下来我们开始学习PV的使用,使用阶段分为:1. 预先创建好PV,2. 用户通过PVC调用PV,3. Pod中应用PVC.

在ubuntu安装NFS

NFS是实现Network File System网络文件共享的NAS存储,kubernetes与NFS对接实现存储的共享,当容器删除不影响存储且可以实现跨机存储共享,本文以搭建一个NFS存储实现kubernetes对接。

  1. 准备一个nfs server共享,将node-1的/data/nfs目录共享

    安装nfs服务
    sudo apt-get install nfs-kernel-server nfs-common
    
    配置nfs共享,提前创建好目录
    [root@node-1 ~]# cat /etc/exports
    /data/nfs *(rw,sync,no_root_squash)
    
    重启并验证
    sudo systemctl restart nfs
    showmount -e node-1
    Export list for VM-0-12-ubuntu:
    /data/nfs *
    

kubernets部署default storage class

# cat deployment.yaml 
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
  name: nfs-client-provisioner
spec:
  replicas: 1
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: nfs-client-provisioner
    spec:
      serviceAccountName: nfs-client-provisioner
      containers:
        - name: nfs-client-provisioner
          image: quay.io/external_storage/nfs-client-provisioner:latest
          volumeMounts:
            - name: nfs-client-root
              mountPath: /persistentvolumes
          env:
            - name: PROVISIONER_NAME
              value: example.com/nfs
            - name: NFS_SERVER
              value: 172.17.0.12
            - name: NFS_PATH
              value: /data/nfs
      volumes:
        - name: nfs-client-root
          nfs:
            server: 172.17.0.1
            path: /data/nfs
cat class.yaml                
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: managed-nfs-storage
provisioner: example.com/nfs
parameters:
  archiveOnDelete: "false"
cat default-sc.yaml 
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: managed-nfs-storage
  annotations:
    storageclass.kubernetes.io/is-default-class: "true"
provisioner: example.com/nfs
parameters:
  archiveOnDelete: "false"
cat rbac.yaml      
kind: ServiceAccount
apiVersion: v1
metadata:
  name: nfs-client-provisioner
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: nfs-client-provisioner-runner
rules:
  - apiGroups: [""]
    resources: ["persistentvolumes"]
    verbs: ["get", "list", "watch", "create", "delete"]
  - apiGroups: [""]
    resources: ["persistentvolumeclaims"]
    verbs: ["get", "list", "watch", "update"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["storageclasses"]
    verbs: ["get", "list", "watch"]
  - apiGroups: [""]
    resources: ["events"]
    verbs: ["create", "update", "patch"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: run-nfs-client-provisioner
subjects:
  - kind: ServiceAccount
    name: nfs-client-provisioner
    namespace: default
roleRef:
  kind: ClusterRole
  name: nfs-client-provisioner-runner
  apiGroup: rbac.authorization.k8s.io
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: leader-locking-nfs-client-provisioner
rules:
  - apiGroups: [""]
    resources: ["endpoints"]
    verbs: ["get", "list", "watch", "create", "update", "patch"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: leader-locking-nfs-client-provisioner
subjects:
  - kind: ServiceAccount
    name: nfs-client-provisioner
    # replace with namespace where provisioner is deployed
    namespace: default
roleRef:
  kind: Role
  name: leader-locking-nfs-client-provisioner
  apiGroup: rbac.authorization.k8s.io
ls
class.yaml  default-sc.yaml  deployment.yaml  rbac.yaml
kubectl apply -f .

image-20200303175252430

image-20200303174338715

这些信息有用吗?
Do you have any suggestions for improvement?

Thanks for your feedback!