存储卷与数据持久化(一)
(1) emptyDir存储卷:临时存储卷
相当于pod对象上的一个临时目录,pod对象启动时创建,移除时一并删除
下面创建一个emptyDir存储卷示例
[root@k8s-master01 yaml]# cat volumes-emptydir-demo.yaml apiVersion : v1 kind: Pod metadata: name: volumes-emptydir-demo namespace: storage spec: initContainers: - name: config-file-downloader image: ikubernetes/admin-box imagePullPolicy: IfNotPresent command: ["/bin/sh","-c","wget -O /data/envoy.yaml https://raw.githubusercontent.com/iKubernetes/Kubernetes_Advanced_Practical_2rd/master/chapter4/envoy.yaml"] volumeMounts: - name: config-file-store mountPath: /data containers: - name: envoy image: envoyproxy/envoy-alpine:v1.13.1 command: ["/bin/sh","-c"] args: ["envoy -c /etc/envoy/envoy.yaml"] volumeMounts: - name: config-file-store mountPath: /etc/envoy readOnly: true volumes: - name: config-file-store emptyDir: #该存储卷嵌套定义在.spec.volumes.emptyDir字段中,可用字段主要有2个:如下 medium: Memory #该字段表示此目录所存在的存储介质类型:可用值为default或者Menory,默认是default。 sizeLimit: 16Mi #该字段表示存储卷的空间限额,默认值为nil;表示不限制;不过,在medium字段为memory时,建议务必定义此限额。
[root@k8s-master01 yaml]# kubectl apply -f volumes-emptydir-demo.yaml -n storage pod/volumes-emptydir-demo created [root@k8s-master01 yaml]# kubectl get pods -n storage -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES volumes-emptydir-demo 1/1 Running 0 3s 10.244.3.15 k8s-node03 <none> <none> [root@k8s-master01 yaml]# kubectl exec volumes-emptydir-demo -n storage -- netstat -tnl Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:9901 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN [root@k8s-master01 yaml]# podIP=$(kubectl get pods/volumes-emptydir-demo -n storage -o jsonpath={.status.podIP}) [root@k8s-master01 yaml]# curl $podIP:9901/listeners listener_0::0.0.0.0:80
[root@k8s-master01 yaml]# kubectl describe pods volumes-emptydir-demo -n storage Name: volumes-emptydir-demo Namespace: storage Priority: 0 Node: k8s-node03/10.122.138.247 Start Time: Thu, 19 Aug 2021 09:15:08 +0800 Labels: <none> Annotations: <none> Status: Running IP: 10.244.3.15 IPs: IP: 10.244.3.15 Init Containers: config-file-downloader: Container ID: docker://b34a8f69a5e0ff2c4404db02e6d2a14b8721cd9572e87d32cb6ba262ed4291ed Image: ikubernetes/admin-box Image ID: docker-pullable://ikubernetes/admin-box@sha256:56e2413d2bcc279c6667d36fa7dfc7202062a933d0f69cd8a1769b68e2155bbf Port: <none> Host Port: <none> Command: /bin/sh -c wget -O /data/envoy.yaml https://raw.githubusercontent.com/iKubernetes/Kubernetes_Advanced_Practical_2rd/master/chapter4/envoy.yaml State: Terminated Reason: Completed Exit Code: 0 Started: Thu, 19 Aug 2021 09:15:09 +0800 Finished: Thu, 19 Aug 2021 09:15:09 +0800 Ready: True Restart Count: 0 Environment: <none> Mounts: #挂载信息如下: /data from config-file-store (rw) /var/run/secrets/kubernetes.io/serviceaccount from default-token-mcbbq (ro) Containers: envoy: Container ID: docker://9a430194cb65b164edb1a7d53be1b66a8f7970fe2d0a2108166bacacb8d250dc Image: envoyproxy/envoy-alpine:v1.13.1 Image ID: docker-pullable://envoyproxy/envoy-alpine@sha256:f9a8a35268d68c9cac9fad66f30778038385093c87516083a69be6464488811b Port: <none> Host Port: <none> Command: /bin/sh -c Args: envoy -c /etc/envoy/envoy.yaml State: Running Started: Thu, 19 Aug 2021 09:15:10 +0800 Ready: True Restart Count: 0 Environment: <none> Mounts: #挂载信息如下: /etc/envoy from config-file-store (ro) /var/run/secrets/kubernetes.io/serviceaccount from default-token-mcbbq (ro) Conditions: Type Status Initialized True Ready True ContainersReady True PodScheduled True Volumes: config-file-store: Type: EmptyDir (a temporary directory that shares a pod's lifetime) Medium: Memory SizeLimit: 16Mi default-token-mcbbq: Type: Secret (a volume populated by a Secret) SecretName: default-token-mcbbq Optional: false QoS Class: BestEffort Node-Selectors: <none> Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s node.kubernetes.io/unreachable:NoExecute op=Exists for 300s Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 22m Successfully assigned storage/volumes-emptydir-demo to k8s-node03 Normal Pulled 22m kubelet, k8s-node03 Container image "ikubernetes/admin-box" already present on machine Normal Created 22m kubelet, k8s-node03 Created container config-file-downloader Normal Started 22m kubelet, k8s-node03 Started container config-file-downloader Normal Pulled 22m kubelet, k8s-node03 Container image "envoyproxy/envoy-alpine:v1.13.1" already present on machine Normal Created 22m kubelet, k8s-node03 Created container envoy Normal Started 22m kubelet, k8s-node03 Started container envoy
(二)hostPath存储卷
hostPath存储卷插件是将工作节点上某个文件系统的目录或者文件关联到pod上的一种存储类型,其数据具有同工作节点生命周期一样的持久性。hostPath存储卷使用的是工作节点本地上的存储空间,所以仅适用于特定情况下的存储卷使用需求。hostPath存储卷在运行有管理任务的系统级pod资源,以及pod资源需要访问节点上的文件时尤其有用。
(三)网络存储卷
下面的资源清单中,容器镜像文件默认会以redis用户(UID是999)运行redis-server进程,并且将数据持久保存在此容器文件系统上的/data目录上,因而需要确保UID为999的用户有权限读写该目录,于此对应,NFS服务器上用于该pod对象的存储卷的导出目录/data/redis目录也需要确保UID为999的用户有权限读写该目录,所以需要在NFS服务器(10.122.138.244) 创建该用户,并且uid=999,。
在10.122.138.244上:
mkdir -p /data/redis
useradd -u 999 redis
chown redis /data/redis
安装nfs服务器端:
yum install -y nfs-utils rpcbind
systemctl start rpcbind.service && systemctl start nfs.service
systemctl enable rpcbind.service && systemctl enable nfs.service
创建nfs配置文件
vim /etc/exports
/data/redis 10.122.138.244/24(rw,no_root_squash) 10.244.0.0/16(rw,no_root_squash)
exportfs -rv 重新加载配置文件,立即生效
showmount -e 查看挂载
然后在工作节点上安装客户端工具
yum install -y nfs-utils
systemctl start nfs-utils
systemctl enable nfs-utils
[root@k8s-master01 yaml]# cat volumes-nfs-demo.yaml apiVersion : v1 kind: Pod metadata: name: volumes-nfs-demo labels: app: redis spec: containers: - name: redis image: redis:alpine ports: - containerPort: 6379 name: redisport securityContext: runAsUser: 999 volumeMounts: - mountPath: /data name: redisdata volumes: - name: redisdata nfs: server: 10.122.138.244 path: /data/redis readOnly: false [root@k8s-master01 yaml]# kubectl get pod/volumes-nfs-demo.yaml -o wide Error from server (NotFound): pods "volumes-nfs-demo.yaml" not found [root@k8s-master01 yaml]# kubectl get pod/volumes-nfs-demo -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES volumes-nfs-demo 1/1 Running 0 87s 10.244.3.16 k8s-node03 <none> <none> [root@k8s-master01 yaml]# kubectl exec -it volumes-nfs-demo -- redis-cli 127.0.0.1:6379> set mykey "hello k8s-master" OK 127.0.0.1:6379> get mykey "hello k8s-master" 127.0.0.1:6379> BGSAVE Background saving started 127.0.0.1:6379> EXIT [root@k8s-master01 yaml]# kubectl delete pod/volumes-nfs-demo pod "volumes-nfs-demo" deleted [root@k8s-master01 yaml]# kubectl apply -f volumes-nfs-demo.yaml pod/volumes-nfs-demo created [root@k8s-master01 yaml]# kubectl exec -it volumes-nfs-demo -- redis-cli error: unable to upgrade connection: container not found ("redis") [root@k8s-master01 yaml]# kubectl exec -it volumes-nfs-demo -- redis-cli 127.0.0.1:6379> get mykey "hello k8s-master" 127.0.0.1:6379> #上面的命令显示此前创建的键nykey及其数据在pod对象删除并重新创建后依然存在,表明删除pod对象后,其关联的外部存储设备及其数据并不会一起被删除,因此才具有了跨pod生命周期的数据持久性;若要删除pod后清除数据,需要管理员通过管理接口手动进行。
浙公网安备 33010602011771号