Kubernetes using NFS as a shared storage
Kubernetes managed containers are encapsulated, and sometimes we need to put logs from the container running locally or shared storage to prevent the container from going down, and the logs can also analyze the problem. Kubernetes's shared storage scheme is currently more prevalent in three, namely: Nfs,glusterfs and Ceph.
Previously wrote an article kubernetes use Glusterfs, if interested can also go to practice: http://blog.51cto.com/passed/2139299
Today, we're talking about kubernetes. Using NFS as a shared storage
I. Creating an NFS server
NFS allows the system to share its directories and files with other systems on the network. With NFS, users and applications can access files on remote systems as if they were local files.
1. Installation
CentOS 7.x Press the following command to install Server for NFS:
yum -y install nfs*
2. Configuration
Edit the/etc/exports file to add the required shared directory, each directory's settings exclusive one line, written in the following format:
NFS Shared directory path client IP or name (parameter 1, parameter 2,..., parameter n)
For example:
/home *(ro,sync,insecure,no_root_squash)/data/nginx 192.168.1.*(rw,sync,insecure,no_subtree_check,no_root_squash)
参数 说明ro 只读访问rw 读写访问sync 所有数据在请求时写入共享async nfs在写入数据前可以响应请求secure nfs通过1024以下的安全TCP/IP端口发送insecure nfs通过1024以上的端口发送wdelay 如果多个用户要写入nfs目录,则归组写入(默认)no_wdelay 如果多个用户要写入nfs目录,则立即写入,当使用async时,无需此设置hide 在nfs共享目录中不共享其子目录no_hide 共享nfs目录的子目录subtree_check 如果共享/usr/bin之类的子目录时,强制nfs检查父目录的权限(默认)no_subtree_check 不检查父目录权限all_squash 共享文件的UID和GID映射匿名用户anonymous,适合公用目录no_all_squash 保留共享文件的UID和GID(默认)root_squash root用户的所有请求映射成如anonymous用户一样的权限(默认)no_root_squash root用户具有根目录的完全管理访问权限anonuid=xxx 指定nfs服务器/etc/passwd文件中匿名用户的UIDanongid=xxx 指定nfs服务器/etc/passwd文件中匿名用户的GID
Note 1: Try to specify a host name or IP or IP segment to minimize clients that are authorized to access NFS-mounted resources
NOTE 2: Test parameter insecure must be added, otherwise client mount error mount.nfs:access denied by server while mounting
3. Start
After the configuration is complete, you can start server for NFS by running the following command at the terminal prompt:
systemctl start nfs.service
4. Client Mount
CentOS 7, need to install Nfs-utils package
yum install nfs-utils
Use the Mount command to mount an NFS directory shared by other machines. You can enter a command similar to the following at the terminal prompt:
mount nfs_server_ip:/data/nginx /mnt
mount point/mnt directory must already exist. And there are no files or subdirectories in the/mnt directory.
Another way to mount an NFS share is to add a row to the/etc/fstab file. The row must indicate the host name of the NFS server, the directory name of the server output, and the native directory on which to mount the NFS share.
The following are the common syntax in/etc/fstab:
nfs_server_ip:/data/nginx /mnt nfs rsize=8192,wsize=8192,timeo=14,intr
Second, deploy an application on the Kubernetes Nginx shared storage using NFS
On the Kubernetes master node, create a Yaml file for the Kubernetes deployment: Nfs-nginx.yaml
# #创建namespacesapiVersion: v1kind:Namespacemetadata:name:test labels:name:test# #创建nfs-PV---apiversion:v1kind: PERSISTENTVOLUMEMETADATA:NAME:NFS-PV namespace:test Labels:pv:nfs-pvspec:capacity:storage:10gi AccessM Odes:-Readwritemany persistentvolumereclaimpolicy:retain nfs:path:/data/nginx server:192.168.22.8# #创建 NFS -PVC---KIND:PERSISTENTVOLUMECLAIMAPIVERSION:V1METADATA:NAME:NFS-PVC namespace:testspec:accessModes:-Readwrit Emany resources:requests:storage:10gi selector:matchlabels:pv:nfs-pv## Deployment application Nginx---apiversion:v1k Ind:replicationcontrollermetadata:name:nginx-test labels:name:nginx-test Namespace:testspec:replicas:2 Sel Ector:name:nginx-test template:metadata:labels:name:nginx-test spec:containers:-N Ame:nginx-test Image:docker.io/nginx volumemounts:-Mountpath:/usr/share/nginx/html name : Nginx-data PortS:-containerport:80 volumes:-Name:nginx-data persistentvolumeclaim:claimname:nfs- pvc# #创建Service---apiversion:v1kind:servicemetadata:name:nginx-test labels:name:nginx-test namespace:testspec: Type:nodeport ports:-port:80 protocol:tcp targetport:80 name:http nodeport:20080 Selector:nam E:nginx-test
[[email protected] ]# kubectl create -f nfs-nginx.yaml namespace/test createdpersistentvolume/nfs-pv createdpersistentvolumeclaim/nfs-pvc createdreplicationcontroller/nginx-test createdservice/nginx-test created
[[email protected] ~]# kubectl get pod -n testNAME READY STATUS RESTARTS AGEnginx-test-ssbnr 1/1 Running 0 4mnginx-test-zl7vk 1/1 Running 0 4m
[[email protected] ~]# kubectl get service -n testNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEnginx-test NodePort 10.68.145.112 <none> 80:20080/TCP 5m
As you can see, nginx applications have been deployed successfully.
The data directory for Nginx applications is the NFS shared storage used, we add the index.html file to the NFS shared directory, and then access the Nginx-service exposed port
Come to NFS server
[[email protected] ~]# echo "Test NFS Share discovery"> /data/nginx/index.html
Access to the Kubernetes master node ip:20080 on the browser to see the above content
End.
Kubernetes using NFS as a shared storage