Kubernetes using NFS as a shared storage

Kubernetes using NFS as a shared storage

Kubernetes managed containers are encapsulated, and sometimes we need to put logs from the container running locally or shared storage to prevent the container from going down, and the logs can also analyze the problem. Kubernetes's shared storage scheme is currently more prevalent in three, namely: Nfs,glusterfs and Ceph.

Previously wrote an article kubernetes use Glusterfs, if interested can also go to practice: http://blog.51cto.com/passed/2139299

Today, we're talking about kubernetes. Using NFS as a shared storage

I. Creating an NFS server

NFS allows the system to share its directories and files with other systems on the network. With NFS, users and applications can access files on remote systems as if they were local files.

1. Installation

CentOS 7.x Press the following command to install Server for NFS:

yum -y install nfs*

2. Configuration

Edit the/etc/exports file to add the required shared directory, each directory's settings exclusive one line, written in the following format:

NFS Shared directory path client IP or name (parameter 1, parameter 2,..., parameter n)

For example:

/home *(ro,sync,insecure,no_root_squash)/data/nginx 192.168.1.*(rw,sync,insecure,no_subtree_check,no_root_squash)

参数  说明ro  只读访问rw  读写访问sync    所有数据在请求时写入共享async   nfs在写入数据前可以响应请求secure  nfs通过1024以下的安全TCP/IP端口发送insecure    nfs通过1024以上的端口发送wdelay  如果多个用户要写入nfs目录，则归组写入（默认）no_wdelay   如果多个用户要写入nfs目录，则立即写入，当使用async时，无需此设置hide    在nfs共享目录中不共享其子目录no_hide 共享nfs目录的子目录subtree_check   如果共享/usr/bin之类的子目录时，强制nfs检查父目录的权限（默认）no_subtree_check    不检查父目录权限all_squash  共享文件的UID和GID映射匿名用户anonymous，适合公用目录no_all_squash   保留共享文件的UID和GID（默认）root_squash root用户的所有请求映射成如anonymous用户一样的权限（默认）no_root_squash  root用户具有根目录的完全管理访问权限anonuid=xxx 指定nfs服务器/etc/passwd文件中匿名用户的UIDanongid=xxx 指定nfs服务器/etc/passwd文件中匿名用户的GID

Note 1: Try to specify a host name or IP or IP segment to minimize clients that are authorized to access NFS-mounted resources
NOTE 2: Test parameter insecure must be added, otherwise client mount error mount.nfs:access denied by server while mounting

3. Start

After the configuration is complete, you can start server for NFS by running the following command at the terminal prompt:

systemctl start nfs.service

4. Client Mount

CentOS 7, need to install Nfs-utils package

yum install nfs-utils
Use the Mount command to mount an NFS directory shared by other machines. You can enter a command similar to the following at the terminal prompt:

mount nfs_server_ip:/data/nginx /mnt
mount point/mnt directory must already exist. And there are no files or subdirectories in the/mnt directory.

Another way to mount an NFS share is to add a row to the/etc/fstab file. The row must indicate the host name of the NFS server, the directory name of the server output, and the native directory on which to mount the NFS share.

The following are the common syntax in/etc/fstab:
nfs_server_ip:/data/nginx /mnt nfs rsize=8192,wsize=8192,timeo=14,intr

Second, deploy an application on the Kubernetes Nginx shared storage using NFS
On the Kubernetes master node, create a Yaml file for the Kubernetes deployment: Nfs-nginx.yaml

# #创建namespacesapiVersion: v1kind:Namespacemetadata:name:test labels:name:test# #创建nfs-PV---apiversion:v1kind: PERSISTENTVOLUMEMETADATA:NAME:NFS-PV namespace:test Labels:pv:nfs-pvspec:capacity:storage:10gi AccessM Odes:-Readwritemany persistentvolumereclaimpolicy:retain nfs:path:/data/nginx server:192.168.22.8# #创建 NFS -PVC---KIND:PERSISTENTVOLUMECLAIMAPIVERSION:V1METADATA:NAME:NFS-PVC namespace:testspec:accessModes:-Readwrit Emany resources:requests:storage:10gi selector:matchlabels:pv:nfs-pv## Deployment application Nginx---apiversion:v1k Ind:replicationcontrollermetadata:name:nginx-test labels:name:nginx-test Namespace:testspec:replicas:2 Sel Ector:name:nginx-test template:metadata:labels:name:nginx-test spec:containers:-N Ame:nginx-test Image:docker.io/nginx volumemounts:-Mountpath:/usr/share/nginx/html name : Nginx-data PortS:-containerport:80 volumes:-Name:nginx-data persistentvolumeclaim:claimname:nfs-   pvc# #创建Service---apiversion:v1kind:servicemetadata:name:nginx-test labels:name:nginx-test namespace:testspec: Type:nodeport ports:-port:80 protocol:tcp targetport:80 name:http nodeport:20080 Selector:nam E:nginx-test

[[email protected] ]# kubectl create -f nfs-nginx.yaml namespace/test createdpersistentvolume/nfs-pv createdpersistentvolumeclaim/nfs-pvc createdreplicationcontroller/nginx-test createdservice/nginx-test created

[[email protected] ~]# kubectl get pod -n testNAME               READY     STATUS    RESTARTS   AGEnginx-test-ssbnr   1/1       Running   0          4mnginx-test-zl7vk   1/1       Running   0          4m

[[email protected] ~]# kubectl get service -n testNAME         TYPE       CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGEnginx-test   NodePort   10.68.145.112   <none>        80:20080/TCP   5m

As you can see, nginx applications have been deployed successfully.

The data directory for Nginx applications is the NFS shared storage used, we add the index.html file to the NFS shared directory, and then access the Nginx-service exposed port

Come to NFS server

[[email protected] ~]# echo "Test NFS Share discovery"> /data/nginx/index.html

Access to the Kubernetes master node ip:20080 on the browser to see the above content

End.

Kubernetes using NFS as a shared storage