Kubernetes CEPH-RBD mount Step type Storageclass

Because the kubelet itself does not support RBD commands, a kube system plugin is required:

Download Plugin Quay.io/external_storage/rbd-provisioner

：

Https://quay.io/repository/external_storage/rbd-provisioner?tag=latest&tab=tags

Download Docker pull quay.io/external_storage/rbd-provisioner:latest on node of k8s cluster

Install only the plugin itself will error: need to install kube roles and permissions The following are:

Https://github.com/kubernetes-incubator/external-storage

Https://github.com/kubernetes-incubator/external-storage/tree/master/ceph/rbd/deploy/rbac #下载kube的role的yaml文件

To download the Rbac folder:

Use: Kubectl apply-f rbac/

Run Rbd-provisioner

If error:

Error because Ceph's key and Conf cannot be found in the Rbd-provisioner image, it is necessary to copy the key and Conf in the cluster into the rbd-provisioner image.

Locate Rbd-provisioner's Mirror run node

Docker cp/etc/ceph/ceph.client.admin.keyring < mirror name >:/etc/ceph/

Docker cp/etc/ceph/ceph.conf < mirror name >:/etc/ceph/

If you also have an error:

has been in pending because the Linux kernel does not support image format 1, so we have to add a new image to the SC to specify that the image format is 2

Add in Stroageclass:

ImageFormat: "2"

Imagefeatures: "Layering"

This will create a successful PVC:

Install plug-ins and Roles (RBAC):

#clusterrole. Yamlkind:clusterroleapiversion:rbac.authorization.k8s.io/v1metadata:name:rbd-provisionerrules:- Apigroups: [""] Resources: ["persistentvolumes"] verbs: ["get", "list", "Watch", "create", "delete"]-apigroups: [     Resources: ["persistentvolumeclaims"] verbs: ["get", "list", "Watch", "Update"]-apigroups: ["Storage.k8s.io"]  Resources: ["storageclasses"] verbs: ["get", "list", "Watch"]-apigroups: [""] Resources: ["events"] verbs: ["List", "Watch", "create", "Update", "Patch"]-apigroups: [""] Resources: ["Services"] ResourceNames: ["Kube-dns "] Verbs: [" list "," get "] #clusterrolebinding. yamlkind:clusterrolebindingapiversion:rbac.authorization.k8s.io/   V1metadata:name:rbd-provisionersubjects:-Kind:serviceaccount name:rbd-provisioner namespace:defaultroleref: Kind:clusterrole Name:rbd-provisioner apigroup:rbac.authorization.k8s.io#deployment.yamlapiversion:extensions/ V1beta1kind:Deploymentmetadata:name:rbD-provisionerspec:replicas:1 strategy:type:Recreate Template:metadata:labels:app:rbd-provisio         NER spec:containers:-Name:rbd-provisioner Image: "Quay.io/external_storage/rbd-provisioner:latest" ENV:-Name:provisioner_name VALUE:CEPH.COM/RBD #定义插件的名字 Serviceaccount:rbd-provisioner  #role. yamlapiversion:rbac.authorization.k8s.io/v1kind:rolemetadata:name:rbd-provisionerrules:-apiGroups: [""] Resources: ["Secrets"] verbs: ["get"] #rolebinding. Yamlapiversion:rbac.authorization.k8s.io/v1kind: Rolebindingmetadata:name:rbd-provisionerroleref:apigroup:rbac.authorization.k8s.io Kind:role Name:rbd-provisione rsubjects:-kind:serviceaccount Name:rbd-provisioner Namespace:default#serviceaccount.yamlapiversion:v1kind: Serviceaccountmetadata:name:rbd-provisioner

　　

Create Storageclass:

Kind:storageclassapiversion:storage.k8s.io/v1metadata:  name:rbd PROVISIONER:CEPH.COM/RBD    # Using plug-ins to generate Scparameters:  monitors:10.101.3.9:6789,10.101.3.11:6789,10.101.3.12:6789  adminid:admin  Adminsecretname:ceph-k-secret  adminsecretnamespace:default  #这里使用default If you want to modify the POOL:RBD in the plugin if you use other  userid:admin  usersecretname:ceph-k-secret  fstype:ext4  imageformat: "2"  imagefeatures: " Layering "

　　

To create a PVC:

ApiVersion:v1kind:PersistentVolumeClaimmetadata:  name:ceph-rbd-dyn-pv-claimspec:  accessmodes:    - Readwriteonce  STORAGECLASSNAME:RBD  Resources:    requests:      Storage:1gi

Kubernetes CEPH-RBD mount Step type Storageclass