k8s pv pvc的使用

安装nfs服务器

yum install rpcbind nfs-utils -y
systemctl enable rpcbind
systemctl enable nfs
systemctl start rpcbind
systemctl start nfs

mkdir -p /root/data/sc-data
[root@master sc-data]# cat /etc/exports
/root/data/sc-data 192.168.1.0/24(rw,no_root_squash)
/root/data/nginx/pv  192.168.1.0/24(rw,no_root_squash)

别的服务器检测是否能用
[root@node1 ~]# showmount -e 192.168.1.90
Export list for 192.168.1.90:
/root/data/sc-data  192.168.1.0/24
/root/data/nginx/pv 192.168.1.0/24

静态创建 pv pvc

创建pv

[root@master xiongfei]# cat  pv-nginx.yaml 
apiVersion: v1
kind: PersistentVolume
metadata:name:  pv-nginx  # pv 的名字
spec:capacity:  # 容量storage: 5GiaccessModes: # 访问模式- ReadWriteMany  persistentVolumeReclaimPolicy: Retain  # 删除pv之后，nfs目录下数据的保存方式 ，delte 删除，Retain 保留nfs:path: /root/data/nginx/pvserver: 192.168.1.90

创建pvc

[root@master xiongfei]# cat nginx-pvc.yaml 
apiVersion: v1
kind: PersistentVolumeClaim
metadata:name: pvc-nginxnamespace: dev
spec:accessModes: - ReadWriteManyresources:requests:storage: 4Gi # 这个地方的容量尽量要在pv的范围之内，他会去匹配到和她比较合适的pv 进行绑定

创建一个configmap

[root@master xiongfei]# cat nginx-configmap.yaml 
apiVersion: v1
kind: ConfigMap
metadata:name: nginx-configmapnamespace: dev
data:default.conf: |-server {listen       80;server_name  localhost;#charset koi8-r;#access_log  logs/host.access.log  main;location / {root   /usr/share/nginx/html/account;  index  index.html index.htm;}location /account {proxy_pass http://192.168.1.130:8088/account;}         error_page 405 =200 $uri;error_page   500 502 503 504  /50x.html;location = /50x.html {root   html;}}server {listen 8081;server_name localhost;location / {root   /usr/share/nginx/html/org; index  index.html index.htm;}location /org {proxy_pass http://192.168.1.130:8082/org;  # 使用websocket的协议进行proxy_http_version 1.1;proxy_set_header Upgrade $http_upgrade;# 启用支持websscoket连接proxy_set_header Connection "Upgrade";proxy_set_header X-Real-IP $remote_addr;proxy_read_timeout 600s;}location ~ ^/V1.0/(.*) {rewrite /(.*)$ /org/$1 break; proxy_pass http://192.168.1.130:8082;proxy_set_header Host $proxy_host; }        }

创建一个hpa,提高可用行（这个在这里不用看）

[root@master xiongfei]# cat nginx-hpa.yaml 
apiVersion: autoscaling/v1
kind: HorizontalPodAutoscaler
metadata:name: pc-hpanamespace: dev
spec:minReplicas: 1  #最小pod数量maxReplicas: 10 #最大pod数量targetCPUUtilizationPercentage: 10 # CPU使用率指标scaleTargetRef:   # 指定要控制的nginx信息apiVersion:  apps/v1kind: Deploymentname: nginx-deploy  # 控制器的名字

创建一个pod 实例验证一下

[root@master xiongfei]# cat nginx-service-deployment.yaml 
apiVersion: v1
kind: Service
metadata:labels:app: nginx-servicename: nginx-service   namespace: dev
spec:ports:- name: account-nginxport: 80protocol: TCPtargetPort: 80nodePort: 30013- name: org-nginxport: 8081protocol: TCPtargetPort: 8081nodePort: 30014selector:app: nginx-pod1type: NodePort---
apiVersion: apps/v1
kind: Deployment
metadata:labels:app: nginx-deployname: nginx-deploynamespace: dev
spec:replicas: 1selector:matchLabels:app: nginx-pod1strategy:type: RollingUpdatetemplate:metadata:labels:app: nginx-pod1namespace: devspec:containers:- image: nginx:1.17.1name: nginxports:- containerPort: 80protocol: TCP- containerPort: 8081protocol: TCPresources:limits:cpu: "1" requests:cpu: "500m"volumeMounts:- name: nginx-configmountPath: /etc/nginx/conf.d/readOnly: true- name: nginx-htmlmountPath: /usr/share/nginx/html/readOnly: false              # - name: nginx-html2#   mountPath: /usr/share/nginx/html/app-vue2#   readOnly: falsevolumes:- name: nginx-configconfigMap:name: nginx-configmap # 指定configmap 的名字- name: nginx-htmlpersistentVolumeClaim:claimName: pvc-nginx # 指定pvc 的名字readOnly: false

查看pv pvc 之间的绑定状态

[root@master ~]# kubectl get pv,pvc  -n dev  
NAME                                                        CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM           STORAGECLASS   REASON   AGE
persistentvolume/pv-nginx                                   5Gi        RWX            Retain           Bound    dev/pvc-nginx                           2d6hNAME                              STATUS   VOLUME     CAPACITY   ACCESS MODES   STORAGECLASS   AGE
persistentvolumeclaim/pvc-nginx   Bound    pv-nginx   5Gi        RWX                           2d6h

创建一个pod 实例验证一下

以上的这种演示方式是通过手动的情况下创建的

通过StorageClass 动态创建pv,pvc

在这里插入图片描述

创建 nfs provisioner （nfs 配置器）

[root@master k8s-StorageClass]# cat deployment.yaml 
kind: Deployment
apiVersion: apps/v1
metadata:name: nfs-client-provisioner  # 我们这里存储后端使用的是 nfs，那么我们就需要使用到一个 nfs-client 的自动配置程序，我们也叫它 Provisioner（制备器），这个程序使用我们已经配置好的 nfs 服务器，来自动创建持久卷，也就是自动帮我们创建 PV。namespace: kube-system
spec:replicas: 2strategy:type: Recreateselector:matchLabels:app: nfs-client-provisionertemplate:metadata:labels:app: nfs-client-provisionerspec:serviceAccountName: nfs-client-provisioneraffinity:podAntiAffinity:preferredDuringSchedulingIgnoredDuringExecution:- weight: 100podAffinityTerm:topologyKey: kubernetes.io/hostnamelabelSelector:matchLabels:app: nfs-client-provisioner# nodeAffinity:# requiredDuringSchedulingIgnoredDuringExecution:# nodeSelectorTerms:# - matchExpressions:# - key: dedicated# operator: In# values:# - "cmp"containers:- name: nfs-client-provisionerimage: quay.io/external_storage/nfs-client-provisioner:v3.1.0-k8s1.11volumeMounts:- name: nfs-client-rootmountPath: /persistentvolumesenv:- name: PROVISIONER_NAMEvalue: nfs-client-provisioner- name: NFS_SERVERvalue: 192.168.1.90- name: NFS_PATHvalue: /root/data/sc-datavolumes:- name: nfs-client-rootnfs:server: 192.168.1.90path: /root/data/sc-data

创建rbac 资源的授权策略集合

[root@master k8s-StorageClass]# cat rabc.yaml 
kind: ServiceAccount
apiVersion: v1
metadata:name: nfs-client-provisionernamespace: kube-system
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:name: nfs-client-provisioner-runner
rules:- apiGroups: [""]resources: ["persistentvolumes"]verbs: ["get", "list", "watch", "create", "delete"]- apiGroups: [""]resources: ["persistentvolumeclaims"]verbs: ["get", "list", "watch", "update"]- apiGroups: ["storage.k8s.io"]resources: ["storageclasses"]verbs: ["get", "list", "watch"]- apiGroups: [""]resources: ["events"]verbs: ["create", "update", "patch"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:name: run-nfs-client-provisioner
subjects:- kind: ServiceAccountname: nfs-client-provisionernamespace: kube-system
roleRef:kind: ClusterRolename: nfs-client-provisioner-runnerapiGroup: rbac.authorization.k8s.io
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:namespace: kube-systemname: leader-locking-nfs-client-provisioner
rules:- apiGroups: [""]resources: ["endpoints"]verbs: ["get", "list", "watch", "create", "update", "patch"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:namespace: kube-systemname: leader-locking-nfs-client-provisioner
subjects:- kind: ServiceAccountname: nfs-client-provisioner# replace with namespace where provisioner is deployednamespace: kube-system
roleRef:kind: Rolename: leader-locking-nfs-client-provisionerapiGroup: rbac.authorization.k8s.io

创建storageclass

[root@master k8s-StorageClass]# cat storageclass.yaml 
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:annotations:kubectl.kubernetes.io/last-applied-configuration: |{"apiVersion":"storage.k8s.io/v1","kind":"StorageClass","metadata":{"annotations":{},"name":"nfs"},"provisioner":"nfs-client-provisioner","reclaimPolicy":"Delete"}storageclass.beta.kubernetes.io/is-default-class: "true"storageclass.kubernetes.io/is-default-class: "true"name: nfs
provisioner: nfs-client-provisioner
parameters:archiveOnDelete: "true"  ## 删除pv的时候，pv的内容是否要备份, 默认是true, 删除 pod  pvc 之后 nfs 目录下的 文件会以 archived-default-nginx-pvc-bcf313fa-a121-4833-8f74-2a255bdb7fcc 这样方式呈现，数据还在
reclaimPolicy: Retain  #有两种选择, Delete；Retain是保留文件
#reclaimPolicy: Retain #有两种选择, Delete；Retain是保留文件, 当删除pvc 时，pv 资源不会被立即回收，而是保留着，管理员可以手动对pv 进行清理，重用等操作，当 PVC 被删除时，PV 资源也会被删除

1. 第一种情况
parameters:archiveOnDelete: "true" 
reclaimPolicy: delete文件会以arch... 命名，数据还在，新创立的pod，不会引用之前数据目录里的数据
2. 第二种情况
parameters:archiveOnDelete: "false" 
reclaimPolicy: deletenfs 目录下的数据 会被全部删除3. **第三种情况**
parameters:archiveOnDelete: "false"  # 默认是 true
reclaimPolicy: Retain   当回收策略改为Retain时， 删除pod时候， pvc  pv  在删除时， nfs 文件不会被清楚，还是以defatult 这样的形势存在，当再次创建pod，会引用之前的数据 
5. 第四种情况
parameters:archiveOnDelete: "true" 
reclaimPolicy: Retain数据目录下的 pvc的名字不变 还是以default 这样命名，新创建的pod ，不会引用之前留存的数据，pv的状态会变为Released

创建一个测试pod

[root@master k8s-StorageClass]# cat test-nginx-pvc.yaml 
apiVersion: v1
kind: Pod
metadata:name: nginx
spec:containers:- name: nginximage: nginx:latestports:- containerPort: 80volumeMounts:- name: wwwmountPath: /usr/share/nginx/htmlvolumes:- name: wwwpersistentVolumeClaim:claimName: nginx  # 这里写上pvc的名字 
---
# 创建一个pvc,通过 sc 
apiVersion: v1
kind: PersistentVolumeClaim
metadata:name: nginx
spec:storageClassName: "nfs"  #  指定storageclass 类的名字 accessModes:- ReadWriteManyresources:requests:storage: 5Gi