openshift/origin工作记录（13）——利用NFS动态提供后端存储卷

参考《利用NFS动态提供Kubernetes后端存储卷》以及 https://github.com/kubernetes-incubator/external-storage/tree/master/nfs-client。

使用nfs-client-provisioner这个应用，利用NFS Server给Openshift作为持久存储的后端，并且动态提供PV。

前提条件：

1. 已经安装好的NFS服务器
2. NFS服务器与Kubernetes的Slave节点都能网络连通。

所有下文用到的文件来自于git clone https://github.com/kubernetes-incubator/external-storage.git的nfs-client目录。

安装部署

• 获取源码

# git clone https://github.com/kubernetes-incubator/external-storage.git

• 修改deploy/deployment.yaml

需要修改的地方只有NFS服务器所在的IP地址（我的NFS服务器IP为10.126.3.207），以及NFS服务器共享的路径（我的NFS服务器共享路径为/exports）。

apiVersion: v1
kind: ServiceAccount
metadata:
  name: nfs-client-provisioner
---
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
  name: nfs-client-provisioner
spec:
  replicas: 1
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: nfs-client-provisioner
    spec:
      serviceAccountName: nfs-client-provisioner
      containers:
        - name: nfs-client-provisioner
          image: quay.io/external_storage/nfs-client-provisioner:latest
          volumeMounts:
            - name: nfs-client-root
              mountPath: /persistentvolumes
          env:
            - name: PROVISIONER_NAME
              value: fuseim.pri/ifs
            - name: NFS_SERVER
              value: 10.126.3.207
            - name: NFS_PATH
              value: /exports
      volumes:
        - name: nfs-client-root
          nfs:
            server: 10.126.3.207
            path: /exports

• 修改deploy/class.yaml

需要修改的地方只有provisioner的名字，需要与上面deployment的PROVISIONER_NAME名字一致。

• 部署

[root@master nfs-client]# oc project default
Now using project "default" on server "https://master.example.com:8443".
[root@master nfs-client]# oc create -f deploy/deployment.yaml
serviceaccount/nfs-client-provisioner created
deployment.extensions/nfs-client-provisioner created
[root@master nfs-client]# oc create -f deploy/class.yaml
storageclass.storage.k8s.io/managed-nfs-storage created

• 授权

# NAMESPACE=`oc project -q`
# sed -i'' "s/namespace:.*/namespace: $NAMESPACE/g" ./deploy/rbac.yaml
# oc create -f deploy/rbac.yaml
# oadm policy add-scc-to-user hostmount-anyuid system:serviceaccount:$NAMESPACE:nfs-client-provisioner

测试

• 新建测试namespace

[root@master nfs-client]# oc create namespace pvdemo
namespace/pvdemo created
[root@master nfs-client]# oc project pvdemo
Now using project "pvdemo" on server "https://master.example.com:8443".

• 测试创建PVC

该pvc文件中，最重要的一句话：

annotations:
    volume.beta.kubernetes.io/storage-class: "managed-nfs-storage"

[root@master nfs-client]# oc create -f deploy/test-claim.yaml
persistentvolumeclaim/test-claim created
[root@master nfs-client]# oc get pvc
NAME         STATUS    VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS          AGE
test-claim   Bound     pvc-9a5a1a5c-4a20-11e9-824d-000c29e558bf   1Mi        RWX            managed-nfs-storage   11s

• 测试创建POD

[root@master nfs-client]# oc create -f deploy/test-pod.yaml
pod/test-pod created

• 去NFS共享目录查看有没有SUCCESS文件。

[root@master pvdemo-test-claim-pvc-9a5a1a5c-4a20-11e9-824d-000c29e558bf]# pwd
/exports/pvdemo-test-claim-pvc-9a5a1a5c-4a20-11e9-824d-000c29e558bf
[root@master pvdemo-test-claim-pvc-9a5a1a5c-4a20-11e9-824d-000c29e558bf]# ls
SUCCESS

• 清理测试环境

[root@master ~]# oc delete project pvdemo
project.project.openshift.io "pvdemo" deleted