csi-driver-smb部署手册(helm版本)
使用 Helm 部署 CSI Driver SMB
本文档介绍如何使用 Helm 在 Kubernetes 集群中部署 CSI Driver for SMB。
前提条件
- Kubernetes 集群(建议 v1.19+)
- 已安装并配置好
kubectl - 已安装 Helm 3
- 可访问目标 SMB 服务器(IP 可达,端口 445 开放)
1. 添加 Helm 仓库
helm repo add csi-driver-smb https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts
helm repo update
2.创建自定义 values 文件(csi-driver-smb-values.yaml)
# 镜像配置(可选:使用国内镜像源)
image:
baseRepo: swr.cn-north-4.myhuaweicloud.com/ddn-k8s/registry.k8s.io/sig-storage
smb:
repository: swr.cn-north-4.myhuaweicloud.com/ddn-k8s/registry.k8s.io/sig-storage/smbplugin
tag: v1.18.0
pullPolicy: IfNotPresent
csiProvisioner:
repository: swr.cn-north-4.myhuaweicloud.com/ddn-k8s/registry.k8s.io/sig-storage/csi-provisioner
tag: v5.2.0
pullPolicy: IfNotPresent
csiResizer:
repository: swr.cn-north-4.myhuaweicloud.com/ddn-k8s/registry.k8s.io/sig-storage/csi-resizer
tag: v1.13.2
pullPolicy: IfNotPresent
livenessProbe:
repository: swr.cn-north-4.myhuaweicloud.com/ddn-k8s/registry.k8s.io/sig-storage/livenessprobe
tag: v2.15.0
pullPolicy: IfNotPresent
nodeDriverRegistrar:
repository: swr.cn-north-4.myhuaweicloud.com/ddn-k8s/registry.k8s.io/sig-storage/csi-node-driver-registrar
tag: v2.13.0
pullPolicy: IfNotPresent
windows:
enabled: false
3.安装 CSI Driver SMB
helm upgrade --install csi-driver-smb csi-driver-smb/csi-driver-smb \
--namespace csi-driver-smb \
--create-namespace \
--version 1.18.0 \
-f csi-driver-smb-values.yaml
4.验证安装
检查控制器和节点组件是否正常运行:
kubectl get pods -n csi-driver-smb -l app.kubernetes.io/name=csi-driver-smb
预期输出示例:
NAME READY STATUS RESTARTS AGE
csi-smb-controller-0 3/3 Running 0 2m10s
csi-smb-node-4z9x2 2/2 Running 0 2m10s
确认 CSI 驱动已注册:
kubectl get csidrivers
应看到:
NAME ATTACHREQUIRED PODINFOONMOUNT MODES AGE
smb.csi.k8s.io false true Persistent,Ephemeral 3m
5.创建认证 Secret
apiVersion: v1
kind: Secret
metadata:
name: smbcreds
namespace: default
type: Opaque
stringData:
username: your-username
password: your-password
应用配置:
kubectl apply -f secret-smb.yaml
6.创建 PersistentVolume(PV)
apiVersion: v1
kind: PersistentVolume
metadata:
name: smb-pv
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Retain
storageClassName: "" # 空字符串,避免绑定到动态 StorageClass
csi:
driver: smb.csi.k8s.io
volumeHandle: smb-pv-volume # 必须唯一,可理解为卷ID
volumeAttributes:
source: "//10.110.0.80/smb" # SMB 服务器地址和共享路径
nodeStageSecretRef:
name: smbcreds #与上述认证Secret name保持一致
namespace: default #与上述认证Secret namespace保持一致
mountOptions:
- dir_mode=0777 # 目录权限设置为 777(所有用户可读、写、执行)
- file_mode=0777 # 文件权限设置为 777
- uid=0 # 设置文件所有者的用户 ID(默认root)
- gid=0 # 设置文件所有者的组 ID(默认root)
- nobrl # 禁用字节范围锁,提高兼容性
- mfsymlinks # 支持 Minshall+French 符号链接
- cache=strict # 使用严格的缓存策略
- nosharesock # 不为每个共享创建新套接字
- domain=your-domain # 指定域/工作组名称(如果是域账户,需要加上 domain)
应用配置:
kubectl apply -f storageclass-smb.yaml
7.创建 PersistentVolumeClaim (PVC)
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: smb-pvc
namespace: default
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 10Gi
volumeName: smb-pv # 明确指定要绑定的 PV
storageClassName: ""
8.在 Pod 中使用 PVC
apiVersion: v1
kind: Pod
metadata:
name: nginx-smb
namespace: default
spec:
containers:
- name: nginx
image: nginx:alpine
ports:
- containerPort: 80
volumeMounts:
- name: smb-storage
mountPath: /usr/share/nginx/html
volumes:
- name: smb-storage
persistentVolumeClaim:
claimName: smb-pvc
9.验证挂载
kubectl exec -it nginx-smb -n default -- sh
df -h | grep smb
10.卸载 CSI Driver
helm uninstall csi-driver-smb -n csi-driver-smb
注意:卸载 Helm Release 不会删除已创建的 PV、PVC、StorageClass 和 Secret,请手动清理。
浙公网安备 33010602011771号