生产实例---k8s基于NFS创建StorageClass存储卷
[root@rootlocalhost55 /opt/zcf/sc/dbagent]#cat rbac.yaml
kind: ServiceAccount
apiVersion: v1
metadata:
name: nfs-client-provisioner-fzzx-dbagent
namespace: fzzx-sc
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: nfs-client-provisioner-fzzx-dbagent-runner
namespace: fzzx-sc
rules:
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "create", "delete"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list", "watch", "update"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["events"]
verbs: ["create", "update", "patch"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: run-nfs-client-provisioner-fzzx-dbagent
namespace: fzzx-sc
subjects:
- kind: ServiceAccount
name: nfs-client-provisioner-fzzx-dbagent
namespace: fzzx-sc
roleRef:
kind: ClusterRole
name: nfs-client-provisioner-fzzx-dbagent-runner
apiGroup: rbac.authorization.k8s.io
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: leader-locking-nfs-client-provisioner-fzzx-dbagent
namespace: fzzx-sc
rules:
- apiGroups: [""]
resources: ["endpoints"]
verbs: ["get", "list", "watch", "create", "update", "patch"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: leader-locking-nfs-client-provisioner-fzzx-dbagent
namespace: fzzx-sc
subjects:
- kind: ServiceAccount
name: nfs-client-provisioner-fzzx-dbagent
namespace: fzzx-sc
roleRef:
kind: Role
name: leader-locking-nfs-client-provisioner-fzzx-dbagent
apiGroup: rbac.authorization.k8s.io
[root@rootlocalhost55 /opt/zcf/sc/dbagent]#cat class.yaml
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: managed-nfs-storage-fzzx-dbagent
provisioner: fuseim.pri/fzzx-ifs-dbagent # or choose another name, must match deployment's env PROVISIONER_NAME'
parameters:
archiveOnDelete: "false"
[root@rootlocalhost55 /opt/zcf/sc/dbagent]#cat deployment.yaml
kind: Deployment
apiVersion: apps/v1
metadata:
name: nfs-client-provisioner-fzzx-dbagent
namespace: fzzx-sc
spec:
replicas: 1
selector:
matchLabels:
app: nfs-client-provisioner-fzzx-dbagent
strategy:
type: Recreate
template:
metadata:
labels:
app: nfs-client-provisioner-fzzx-dbagent
spec:
serviceAccountName: nfs-client-provisioner-fzzx-dbagent #关联rbac metadata名称
containers:
- name: nfs-client-provisioner-fzzx-dbagent
image: 10.248.9.204:1121/kube_system/external_storage/nfs-client-provisioner #提供nfs客户端工具镜像
volumeMounts:
- name: nfs-client-root-dbagent
mountPath: /persistentvolumes
env:
- name: PROVISIONER_NAME
value: fuseim.pri/fzzx-ifs-dbagent #填写class下的provisioner名称
- name: NFS_SERVER
value: 10.248.31.160
- name: NFS_PATH
value: /storageclass/dbagent
volumes:
- name: nfs-client-root-dbagent
nfs:
server: 10.248.31.160
path: /storageclass/dbagent
浙公网安备 33010602011771号