服务端安装
创建挂载目录
mkdir -p /data/volumes/develop
mkdir -p /data/volumes/product
chmod -R 777 /data/volumes
#安装软件
yum install nfs-utils
yum install rpcbind
#配置开机启动
chkconfig nfs on
chkconfig rpcbind on
#启动相关服务
service rpcbind start
service nfs start
开放防火墙端口
firewall-cmd --add-port=2049/tcp --permanent
firewall-cmd --reload
firewall-cmd --list-ports
添加系统设置
vim /etc/exports
# 添加系统配置,添加内容如下:
# 设置输出目录只读:ro,设置输出目录读写:rw
# 客户端是指网络中可以访问这个NFS输出目录的计算机:
# 指定ip地址的主机:192.168.0.200
# 指定子网中的所有主机:192.168.0.0/24 192.168.0.0/255.255.255.0
# 指定域名的主机:david.bsmart.cn
# 指定域中的所有主机:*.bsmart.cn
# 所有主机:*
##########
/data/volumes *(rw,async,no_root_squash,no_subtree_check)
##########
刷新配置
exportfs -a
验证配置内容
exportfs -rv
#重启服务
systemctl restart nfs & systemctl restart rpcbind
#设置开机自启动
systemctl enable nfs & systemctl enable rpcbind
增加NFS存储类,以方便动态扩展PV
创建 rbac.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: nfs-client-provisioner
namespace: default #根据实际环境设定namespace,下面类同
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: nfs-client-provisioner-runner
rules:
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "create", "delete"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list", "watch", "update"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["events"]
verbs: ["create", "update", "patch"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: run-nfs-client-provisioner
subjects:
- kind: ServiceAccount
name: nfs-client-provisioner
namespace: default
roleRef:
kind: ClusterRole
name: nfs-client-provisioner-runner
apiGroup: rbac.authorization.k8s.io
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: leader-locking-nfs-client-provisioner
namespace: default
rules:
- apiGroups: [""]
resources: ["endpoints"]
verbs: ["get", "list", "watch", "create", "update", "patch"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: leader-locking-nfs-client-provisioner
subjects:
- kind: ServiceAccount
name: nfs-client-provisioner
namespace: default
roleRef:
kind: Role
name: leader-locking-nfs-client-provisioner
apiGroup: rbac.authorization.k8s.io
创建NFS资源的StorageClass,nfs-storage.yaml
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: managed-nfs-storage
provisioner: qgg-nfs-storage #这里的名称要和provisioner配置文件中的环境变量PROVISIONER_NAME保持一致parameters: archiveOnDelete: "false"
创建NFS provisioner,nfs-provisioner.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nfs-client-provisioner
labels:
app: nfs-client-provisioner
namespace: default #与RBAC文件中的namespace保持一致
spec:
replicas: 1
selector:
matchLabels:
app: nfs-client-provisioner
strategy:
type: Recreate
selector:
matchLabels:
app: nfs-client-provisioner
template:
metadata:
labels:
app: nfs-client-provisioner
spec:
serviceAccountName: nfs-client-provisioner
containers:
- name: nfs-client-provisioner
image: quay.io/external_storage/nfs-client-provisioner:latest
volumeMounts:
- name: nfs-client-root
mountPath: /persistentvolumes
env:
- name: PROVISIONER_NAME
value: qgg-nfs-storage #provisioner名称,请确保该名称与 nfs-StorageClass.yaml文件中的provisioner名称保持一致
- name: NFS_SERVER
value: 172.16.20.58 #NFS Server IP地址
- name: NFS_PATH
value: /data/volumes #NFS挂载卷
volumes:
- name: nfs-client-root
nfs:
server: 172.16.20.58 #NFS Server IP地址
path: /data/volumes #NFS 挂载卷
依次创建yaml
kubectl create -f rbac.yaml
kubectl create -f nfs-storage.yaml
kubectl create -f nfs-provisioner.yaml
查看存储类
kubectl get sc
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nfs-client-provisioner-74489dc4d4-z2dmm 1/1 Running 0 43m
创建pvc一直pending问题解决
如果是通过yaml文件部署kube-apiserver的,在kube-apiserver.yaml中添加- --feature-gates=RemoveSelfLink=false参数。通过命令可以查找kube-apiserver.yaml文件位置
find / -name kube-apiserver.yaml
vi /etc/kubernetes/manifests/kube-apiserver.yaml
# 添加- --feature-gates=RemoveSelfLink=false参数
systemctl daemon-reload
image.png
image.png
image.png
