K8s(九)持久化存储PV与PVC

PV和PVC

PV 和 PVC 之间的关系是一种动态的供需匹配关系。PVC 表示应用程序对持久化存储的需求,而 PV 表示可用的持久化存储资源。Kubernetes 控制平面会根据 PVC 的需求来选择和绑定合适的 PV,将其挂载到应用程序的 Pod 中,从而使应用程序可以访问持久化存储。

PV可以静态或动态的创建;PV和PVC必须一一对应;PVC如果没有对应的绑定PV则会Pending

PVC被删除后,PV内的数据有两种处理策略分别是Retain保留(默认)、Delete删除

接下来的实验中会对这几种模式进行测试,测试结果发现并没有什么区别(k8s1.26)

静态创建PV

#绑定master2节点的/dirfornfs
yum -y install nfs-utils
#创建一个新的nfs目录,并添加到/etc/exports文件中
mkdir -p /dirfornfs/{1..5}
#
echo "/dirfornfs *(rw,no_root_squash)
/dirfornfs/1 *(rw,no_root_squash)
/dirfornfs/2 *(rw,no_root_squash)
/dirfornfs/3 *(rw,no_root_squash)
/dirfornfs/4 *(rw,no_root_squash)
/dirfornfs/5 *(rw,no_root_squash)" > /etc/exports
#创建pv资源
cat > jintai-PV.yaml << EOF
apiVersion: v1
kind: PersistentVolume
metadata: 
  name: jintai-pv1
  labels:
     stor: pv1
spec: 
  nfs: 
    server: 192.168.8.159
    path: /dirfornfs/1
  accessModes: ["ReadWriteOnce"]  #访问模式 只支持同一node的读写
  capacity:
     storage: 1.5Gi  #分配1.5个G
---
apiVersion: v1
kind: PersistentVolume
metadata: 
  name: jintai-pv2
  labels:
     stor: pv2
spec: 
  nfs: 
    server: 192.168.8.159
    path: /dirfornfs/2
  accessModes: ["ReadWriteMany"] #支持多个node读写
  capacity:
     storage: 2Gi  #分配2个G
---
apiVersion: v1
kind: PersistentVolume
metadata: 
  name: jintai-pv3
  labels:
     stor: pv3
spec: 
  nfs: 
    server: 192.168.8.159
    path: /dirfornfs/3
  accessModes: ["ReadOnlyMany"]  #多个node只读
  capacity:
     storage: 3Gi  #分配3个G
EOF
kubectl apply -f jintai-PV.yaml
kubectl get pv
NAME         CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS     
jintai-pv1   1536Mi     RWO            Retain           Available   #单节点读写   
jintai-pv2   2Gi        RWX            Retain           Available   #多节点读写   
jintai-pv3   3Gi        ROX            Retain           Available   #多节点只读

#创建pvc
cat > pvc.yaml << EOF
apiVersion: v1
kind: PersistentVolumeClaim
metadata: 
  name: pvc1
spec:
  accessModes: ["ReadWriteOnce"] #对应的pv必须访问模式保持相同
  selector: 
    matchLabels:
       stor: pv1
  resources:
     requests:
       storage: 1.5Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata: 
  name: pvc2
spec:
  accessModes: ["ReadWriteMany"] #对应的pv必须访问模式保持相同
  selector: 
    matchLabels:
       stor: pv2
  resources:
     requests:
       storage: 2Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata: 
  name: pvc3
spec:
  accessModes: ["ReadOnlyMany"] #对应的pv必须访问模式保持相同
  selector: 
    matchLabels:
       stor: pv3 #对应上pv的标签
  resources:
     requests:
       storage: 3Gi
EOF
kubectl apply -f pvc.yaml
kubectl get pvc
NAME   STATUS   VOLUME       CAPACITY   ACCESS MODES   STORAGECLASS   AGE
pvc1   Bound    jintai-pv1   1536Mi     RWO                           54s
pvc2   Bound    jintai-pv2   2Gi        RWX                           54s
pvc3   Bound    jintai-pv3   3Gi        ROX                           54s

#创建pod1,让pvc1挂载上去
cat > pod-pvc.yaml << EOF
apiVersion: apps/v1
kind: Deployment
metadata:
  name: pod-pvc1
spec:
  replicas: 3
  selector:
    matchLabels:
      stor: pvc
  template:
    metadata:
      labels:
        stor: pvc
    spec:
      containers:
      - name: test
        image: docker.io/library/nginx
        imagePullPolicy: IfNotPresent
        volumeMounts:
        - mountPath: /usr/share/nginx/html
          name: pvc1
      volumes:
      - name: pvc1
        persistentVolumeClaim:
          claimName: pvc1
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: pod-pvc2
spec:
  replicas: 3
  selector:
    matchLabels:
      stor: pvc
  template:
    metadata:
      labels:
        stor: pvc
    spec:
      containers:
      - name: test
        image: docker.io/library/nginx
        imagePullPolicy: IfNotPresent
        volumeMounts:
        - mountPath: /usr/share/nginx/html
          name: pvc2
      volumes:
      - name: pvc2
        persistentVolumeClaim:
          claimName: pvc2
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: pod-pvc3
spec:
  replicas: 3
  selector:
    matchLabels:
      stor: pvc
  template:
    metadata:
      labels:
        stor: pvc
    spec:
      containers:
      - name: test
        image: docker.io/library/nginx
        imagePullPolicy: IfNotPresent
        volumeMounts:
        - mountPath: /usr/share/nginx/html
          name: pvc3
      volumes:
      - name: pvc3
        persistentVolumeClaim:
          claimName: pvc3
EOF
kubectl apply -f pod-pvc.yaml
kubectl get pods -owide
NAME                        READY   STATUS    RESTARTS   AGE   IP             NODE           NOMINATED NODE   READINESS GATES
pod-pvc1-69b655447-5zmjn    1/1     Running   0          95s   10.10.179.12   ws-k8s-node1   <none>           <none>
pod-pvc1-69b655447-crnfr    1/1     Running   0          95s   10.10.179.11   ws-k8s-node1   <none>           <none>
pod-pvc1-69b655447-kzpf5    1/1     Running   0          95s   10.10.234.75   ws-k8s-node2   <none>           <none>
pod-pvc2-697979cddb-6x658   1/1     Running   0          95s   10.10.179.13   ws-k8s-node1   <none>           <none>
pod-pvc2-697979cddb-bxcxm   1/1     Running   0          95s   10.10.179.15   ws-k8s-node1   <none>           <none>
pod-pvc2-697979cddb-zffwh   1/1     Running   0          95s   10.10.234.74   ws-k8s-node2   <none>           <none>
pod-pvc3-7588fbc489-2v8pt   1/1     Running   0          95s   10.10.179.14   ws-k8s-node1   <none>           <none>
pod-pvc3-7588fbc489-5scpd   1/1     Running   0          95s   10.10.234.76   ws-k8s-node2   <none>           <none>
pod-pvc3-7588fbc489-b7cp9   1/1     Running   0          95s   10.10.234.77   ws-k8s-node2   <none>           <none>
#进入不同node节点的pod查看是否同步
#pvc1
kubectl exec -it pod-pvc1-69b655447-5zmjn -- /bin/bash
cd  /usr/share/nginx/html/
touch 11
exit
kubectl exec -it pod-pvc1-69b655447-kzpf5  -- /bin/bash
ls /usr/share/nginx/html/11
/usr/share/nginx/html/11 #不同节点依然可以同时访问到这个pv

#pvc2也可以,略过了

#pvc3  ACCESS MODES为ROX,无法创建
root@pod-pvc3-7588fbc489-b7cp9:/# touch 123454 /usr/share/nginx/html/
root@pod-pvc3-7588fbc489-b7cp9:/#
root@pod-pvc3-7588fbc489-b7cp9:/# ls /usr/share/nginx/html/ 
root@pod-pvc3-7588fbc489-b7cp9:/# 无输出
#
#删除
kubectl delete -f pod-pvc.yaml
kubectl delete -f pvc.yaml
kubectl delete -f jintai-PV.yaml
#启用
kubectl apply -f jintai-PV.yaml
kubectl apply -f pvc.yaml
kubectl apply -f pod-pvc.yaml
kubectl exec -it pod-pvc1-69b655447-46h5h -- /bin/bash
ls /usr/share/nginx/html/
11 #依然保留了数据

#修改回收策略
#
vim jintai-PV.yaml
...
capacity:
     storage: 1.5Gi  #分配1.5个G
persistentVolumeReclaimPolicy: Delete #回收策略为Delete
---
...
kubectl delete -f pod-pvc.yaml
kubectl delete -f pvc.yaml
kubectl delete -f jintai-PV.yaml
kubectl apply -f jintai-PV.yaml
kubectl apply -f pvc.yaml
kubectl apply -f pod-pvc.yaml

#创建一个新pod关联pvc1
cat > pod-test.yaml << EOF
apiVersion: v1
kind: Pod
metadata:
  name: pod-pvc-test
spec:
    containers:
      - name: test10
        image: docker.io/library/nginx
        imagePullPolicy: IfNotPresent
        volumeMounts:
        - mountPath: /usr/share/nginx/html
          name: pvc1
    volumes:
      - name: pvc1
        persistentVolumeClaim:
          claimName: pvc1
EOF
kubectl apply -f pod-test.yaml
#使用测试pod新建文件
kubectl exec -it pod-pvc-test -- /bin/bash
cd  /usr/share/nginx/html/
mkdir 123
exit 
#进入另一个pod查看
kubectl exec -it pod-pvc1-69b655447-7lxwl  -- /bin/bash
ls /usr/share/nginx/html/
123  12345
#删除新建文件的测试pod
kubectl delete -f pod-test.yaml
#在另一个查看
ls /usr/share/nginx/html/
123  12345 #依然存在
#
#回收策略Delete和Retain没什么区别,都不会被删除
#清理
kubectl delete -f pod-pvc.yaml
kubectl delete -f pvc.yaml
kubectl delete -f jintai-PV.yaml

StorageClass创建pv

#查看帮助
kubectl explain storageclass
allowVolumeExpansion <boolean> # 是否允许持久卷的扩展,不能支持缩小
allowedTopologies <[]Object> # 定义允许使用该StorageClass的节点拓扑约束
apiVersion <string> 
kind <string> 
metadata <Object> 
mountOptions <[]string> # 挂载持久卷时使用的挂载选项
parameters <map[string]string> # 存储提供程序的特定参数
provisioner <string> -required- # 供应商,不同供应商要填写的不同
reclaimPolicy <string> # 定义持久卷回收策略
volumeBindingMode <string> # 定义持久卷与节点的绑定模式
#
#在nfs服务器中加入实验的目录
mkdir -p /dirfornfs/nfs
echo "/dirfornfs/nfs *(rw,no_root_squash)" >> /etc/exports
exportfs -arv
systemctl restart nfs

#创建nfs的资源供应商的认证授权
cat > serviceaccount.yaml << EOF
apiVersion: v1
kind: ServiceAccount
metadata:
  name: nfs-provisioner
EOF
kubectl apply -f serviceaccount.yaml
kubectl create clusterrolebinding nfs-provisioner-clusterrolebinding --clusterrole=cluster-admin --serviceaccount=default:nfs-provisioner

#
cat > nfs.yaml << EOF
kind: Deployment
apiVersion: apps/v1
metadata:
  name: nfs-provisioner
spec:
  selector:
    matchLabels:
      app: nfs-provisioner
  replicas: 1
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: nfs-provisioner
    spec:
      serviceAccount: nfs-provisioner
      containers:
        - name: nfs-provisioner
          image: registry.cn-beijing.aliyuncs.com/mydlq/nfs-subdir-external-provisioner:v4.0.0
          imagePullPolicy: IfNotPresent
          volumeMounts:
            - name: nfs-client-root
              mountPath: /persistentvolumes
          env:                        #环境变量
            - name: PROVISIONER_NAME  #供应商名称值改为example.com/nfs,存储类文件需要于其一致
              value: example.com/nfs 
            - name: NFS_SERVER
              value: 192.168.8.159
            - name: NFS_PATH
              value: /dirfornfs/nfs/
      volumes:
        - name: nfs-client-root
          nfs:
            server: 192.168.8.159
            path: /dirfornfs/nfs/
EOF
kubectl apply -f nfs.yaml

#创建一个nfs的storageclass存储类
cat > nfs-storageclass.yaml << EOF
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: nfs                  #存储类名称为nfs
provisioner: example.com/nfs #nfs的供应商为example.com/nfs
EOF
kubectl apply -f nfs-storageclass.yaml

#根据存储类 创建pvc
cat > pvc.yaml << EOF
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: test
spec:
  accessModes:  ["ReadWriteMany"] #多节点可读写
  resources:
    requests:
      storage: 1Gi
  storageClassName: nfs   #要与上面的存储类名字相同
EOF
kubectl apply -f pv-sc.yaml

kubectl get pv
NAME                                       CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM                STORAGECLASS   REASON   AGE
pvc-660c088b-c9ba-412b-8c54-7d0716844b24   1Gi        RWX            Delete           Bound    default/claim-test   nfs                     2m58s
kubectl get pvc
NAME         STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS   AGE
test   Bound    pvc-660c088b-c9ba-412b-8c54-7d0716844b24   1Gi        RWX            nfs            3m13s
#已经绑定完成

#
cat > pvc-test.yaml <<  EOF
kind: Pod
apiVersion: v1
metadata:
  name: read-pod
spec:
  containers:
  - name: read-pod
    image: nginx
    imagePullPolicy: IfNotPresent
    volumeMounts:
    - name: nfs-pvc
      mountPath: /usr/share/nginx/html
  restartPolicy: "Never"
  volumes:
  - name: nfs-pvc
    persistentVolumeClaim:  #
      claimName: test 
EOF
kubectl apply -f pvc-test.yaml
kubectl get pods
NAME                               READY   STATUS              RESTARTS   AGE
nfs-provisioner-5468dbd878-95jmz   1/1     Running             0          15m
read-pod                           1/1     Running             0          14m
#正常运行
#查看nfs服务器,自动创建了对应的目录
ls /dirfornfs/nfs/
default-claim-test-pvc-f2f469c5-df7d-44a8-8ddb-adb9744fb528

#清理
kubectl delete -f pvc-test.yaml
相关推荐
SRExianxian26 分钟前
kubernetes存储架构之PV controller源码解读
容器·架构·kubernetes
cdg==吃蛋糕2 小时前
docker代理配置
docker·容器·eureka
ether-lin3 小时前
DevOps实战:用Kubernetes和Argo打造自动化CI/CD流程(2)
kubernetes·自动化·devops
web135085886353 小时前
使用docker compose安装gitlab
docker·容器·gitlab
IT机器猫3 小时前
Docker完整技术汇总
运维·docker·容器
董健正3 小时前
Docker安装
docker·容器·docker-compose
无所不在的物质3 小时前
Jenkins基础教程
运维·云原生·自动化·jenkins
coco_1998_24 小时前
nvidia docker, nvidia docker2, nvidia container toolkits区别
docker·容器
vvw&5 小时前
Docker Build 命令详解:在 Ubuntu 上构建 Docker 镜像教程
linux·运维·服务器·ubuntu·docker·容器·开源
是芽芽哩!6 小时前
【Kubernetes 指南】基础入门——Kubernetes 基本概念(二)
云原生·容器·kubernetes