Because the kubelet itself does not support RBD commands, a kube system plugin is required:
Download Plugin Quay.io/external_storage/rbd-provisioner
:
Https://quay.io/repository/external_storage/rbd-provisioner?tag=latest&tab=tags
Download Docker pull quay.io/external_storage/rbd-provisioner:latest on node of k8s cluster
Install only the plugin itself will error: need to install kube roles and permissions The following are:
Https://github.com/kubernetes-incubator/external-storage
Https://github.com/kubernetes-incubator/external-storage/tree/master/ceph/rbd/deploy/rbac #下载kube的role的yaml文件
To download the Rbac folder:
Use: Kubectl apply-f rbac/
Run Rbd-provisioner
If error:
Error because Ceph's key and Conf cannot be found in the Rbd-provisioner image, it is necessary to copy the key and Conf in the cluster into the rbd-provisioner image.
Locate Rbd-provisioner's Mirror run node
Docker cp/etc/ceph/ceph.client.admin.keyring < mirror name >:/etc/ceph/
Docker cp/etc/ceph/ceph.conf < mirror name >:/etc/ceph/
If you also have an error:
has been in pending because the Linux kernel does not support image format 1, so we have to add a new image to the SC to specify that the image format is 2
Add in Stroageclass:
ImageFormat: "2"
Imagefeatures: "Layering"
This will create a successful PVC:
Install plug-ins and Roles (RBAC):
#clusterrole. Yamlkind:clusterroleapiversion:rbac.authorization.k8s.io/v1metadata:name:rbd-provisionerrules:- Apigroups: [""] Resources: ["persistentvolumes"] verbs: ["get", "list", "Watch", "create", "delete"]-apigroups: [ Resources: ["persistentvolumeclaims"] verbs: ["get", "list", "Watch", "Update"]-apigroups: ["Storage.k8s.io"] Resources: ["storageclasses"] verbs: ["get", "list", "Watch"]-apigroups: [""] Resources: ["events"] verbs: ["List", "Watch", "create", "Update", "Patch"]-apigroups: [""] Resources: ["Services"] ResourceNames: ["Kube-dns "] Verbs: [" list "," get "] #clusterrolebinding. yamlkind:clusterrolebindingapiversion:rbac.authorization.k8s.io/ V1metadata:name:rbd-provisionersubjects:-Kind:serviceaccount name:rbd-provisioner namespace:defaultroleref: Kind:clusterrole Name:rbd-provisioner apigroup:rbac.authorization.k8s.io#deployment.yamlapiversion:extensions/ V1beta1kind:Deploymentmetadata:name:rbD-provisionerspec:replicas:1 strategy:type:Recreate Template:metadata:labels:app:rbd-provisio NER spec:containers:-Name:rbd-provisioner Image: "Quay.io/external_storage/rbd-provisioner:latest" ENV:-Name:provisioner_name VALUE:CEPH.COM/RBD #定义插件的名字 Serviceaccount:rbd-provisioner #role. yamlapiversion:rbac.authorization.k8s.io/v1kind:rolemetadata:name:rbd-provisionerrules:-apiGroups: [""] Resources: ["Secrets"] verbs: ["get"] #rolebinding. Yamlapiversion:rbac.authorization.k8s.io/v1kind: Rolebindingmetadata:name:rbd-provisionerroleref:apigroup:rbac.authorization.k8s.io Kind:role Name:rbd-provisione rsubjects:-kind:serviceaccount Name:rbd-provisioner Namespace:default#serviceaccount.yamlapiversion:v1kind: Serviceaccountmetadata:name:rbd-provisioner
Create Storageclass:
Kind:storageclassapiversion:storage.k8s.io/v1metadata: name:rbd PROVISIONER:CEPH.COM/RBD # Using plug-ins to generate Scparameters: monitors:10.101.3.9:6789,10.101.3.11:6789,10.101.3.12:6789 adminid:admin Adminsecretname:ceph-k-secret adminsecretnamespace:default #这里使用default If you want to modify the POOL:RBD in the plugin if you use other userid:admin usersecretname:ceph-k-secret fstype:ext4 imageformat: "2" imagefeatures: " Layering "
To create a PVC:
ApiVersion:v1kind:PersistentVolumeClaimmetadata: name:ceph-rbd-dyn-pv-claimspec: accessmodes: - Readwriteonce STORAGECLASSNAME:RBD Resources: requests: Storage:1gi
Kubernetes CEPH-RBD mount Step type Storageclass