• k8s storageClass对接nfs

    前提:已存在一个nfs服务

    192.168.137.11:/home/nfs_data

    下面以rbac方式对接nfs

    1、创建/root/k8s-nfs-rbac/serviceaccount.yaml

    apiVersion: v1
kind: ServiceAccount
metadata:
  name: nfs-client-provisioner

    2、创建/root/k8s-nfs-rbac/rbac.yaml

    kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: nfs-provisioner-runner
rules:
  - apiGroups: [""]
    resources: ["persistentvolumes"]
    verbs: ["get", "list", "watch", "create", "delete"]
  - apiGroups: [""]
    resources: ["persistentvolumeclaims"]
    verbs: ["get", "list", "watch", "update"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["storageclasses"]
    verbs: ["get", "list", "watch"]
  - apiGroups: [""]
    resources: ["events"]
    verbs: ["list", "watch", "create", "update", "patch"]
  - apiGroups: [""]
    resources: ["services"]
    resourceNames: ["kube-dns","coredns"]
    verbs: ["list", "get"]
  - apiGroups: [""]
    resources: ["endpoints"]
    verbs: ["get", "list", "watch", "create", "update", "patch"]

---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: run-nfs-provisioner
subjects:
  - kind: ServiceAccount
    name: nfs-provisioner
    namespace: default
roleRef:
  kind: ClusterRole
  name: nfs-provisioner-runner
  apiGroup: rbac.authorization.k8s.io

---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: leader-locking-nfs-provisioner
rules:
  - apiGroups: [""]
    resources: ["endpoints"]
    verbs: ["get", "list", "watch", "create", "update", "patch"]

---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: leader-locking-nfs-provisioner
subjects:
  - kind: ServiceAccount
    name: nfs-provisioner
    namespace: default
roleRef:
  kind: Role
  name: leader-locking-nfs-provisioner
  apiGroup: rbac.authorization.k8s.io

    3、创建/root/k8s-nfs-rbac/deployment.yaml

    kind: Deployment
apiVersion: extensions/v1beta1
metadata:
  name: nfs-provisioner
spec:
  replicas: 1
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: nfs-provisioner
    spec:
      serviceAccount: nfs-provisioner
      containers:
        - name: nfs-provisioner
          image: registry.cn-hangzhou.aliyuncs.com/boshen-ns/nfs-client-provisioner:latest
          imagePullPolicy: IfNotPresent
          volumeMounts:
            - name: nfs-client-root
              mountPath: /persistentvolumes
          env:
            - name: PROVISIONER_NAME
              value: example.com/nfs
            - name: NFS_SERVER
              value: 192.168.137.11
            - name: NFS_PATH
              value: /home/nfs_data
      volumes:
        - name: nfs-client-root
          nfs:
            server: 192.168.137.11
            path: /home/nfs_data

    以上红色加粗的部分修改为真实的nfs服务的ip和path

    4、执行以下命令创建资源

    cd /root/
kubectl apply -f k8s-nfs-rbac/

    5、创建一个pvc,看是否能成功

     

    状态为Bound,表示创建成功

    6、去nfs服务器查看,是否真正的创建成功
  • 相关阅读:
    Windows系统的DOS常用命令
    常用pom
    ssm整合
    pom依赖集合
    json
    软件项目管理笔记-软件项目计划
    CSS
    网络配置
    用户组
    用户管理
  • 原文地址:https://www.cnblogs.com/boshen-hzb/p/10555721.html
Copyright © 2020-2023  润新知