cephFS的使用以及K8S对接cephFS

1 cephFS快速搭建

1.创建两个存储池分别用于存储mds的元数据和数据

bash 复制代码
[root@ceph141ceph]# ceph osd pool create cephfs_data
pool 'cephfs_data' created
[root@ceph141ceph]# ceph osd pool create cephfs_metadata
pool 'cephfs_metadata' created

2.创建一个文件系统,名称为"zhiyong18-cephfs"

bash 复制代码
[root@ceph141ceph]# ceph fs new zhiyong18-cephfs cephfs_metadata cephfs_data
  Pool 'cephfs_data' (id '10') has pg autoscale mode 'on' but is not marked as bulk.
  Consider setting the flag by running
    # ceph osd pool set cephfs_data bulk true
new fs with metadata pool 11 and data pool 10

3.查看创建的存储池

bash 复制代码
[root@ceph141ceph]# ceph fs ls
name: zhiyong18-cephfs, metadata pool: cephfs_metadata, data pools: [cephfs_data ]
[root@ceph141ceph]# ceph mds stat
zhiyong18-cephfs:0
[root@ceph141ceph]# ceph -s
  cluster:
    id:     12fad866-9aa0-11ef-8656-6516a17ad6dd
    health: HEALTH_ERR
            1 filesystem is offline
            1 filesystem is online with fewer MDS than max_mds
            1 pool(s) do not have an application enabled
 
  services:
    mon: 3 daemons, quorum ceph141,ceph142,ceph143 (age 73m)
    mgr: ceph141.yvswvf(active, since 73m), standbys: ceph142.gtcikx
    mds: 0/0 daemons up
    osd: 7 osds: 7 up (since 73m), 7 in (since 38h)
 
  data:
    volumes: 1/1 healthy
    pools:   6 pools, 129 pgs
    objects: 50 objects, 18 MiB
    usage:   335 MiB used, 3.3 TiB / 3.3 TiB avail
    pgs:     129 active+clean

发现:存储池的状态无法正常使用,而且集群是有错误的(HEALTH_ERR),因此我们需要先解决这个问题

在web页面中也有提示:All MDS ranks are unavailable. The MDS daemons managing metadata are down, rendering the filesystem offline.


所以先开启mds服务,元数据服务

4.应用mds的文件系统

bash 复制代码
[root@ceph141ceph]# ceph orch apply mds zhiyong18-cephfs
Scheduled mds.zhiyong18-cephfs update...

5.添加第1个mds服务器,ceph143节点

bash 复制代码
[root@ceph141ceph]# ceph orch daemon add mds zhiyong18-cephfs ceph143
Deployed mds.zhiyong18-cephfs.ceph143.eltfff on host 'ceph143'
[root@ceph141ceph]# ceph mds stat
zhiyong18-cephfs:1 {0=zhiyong18-cephfs.ceph143.eltfff=up:active} 1 up:standby

添加第2个mds,ceph141节点

bash 复制代码
[root@ceph141ceph]# ceph orch daemon add mds zhiyong18-cephfs ceph141
Deployed mds.zhiyong18-cephfs.ceph141.geohlx on host 'ceph141'

6.目前活跃提供服务是ceph143,备用的是ceph141

bash 复制代码
[root@ceph141ceph]# ceph fs status zhiyong18-cephfs
zhiyong18-cephfs - 0 clients
================
RANK  STATE                 MDS                   ACTIVITY     DNS    INOS   DIRS   CAPS  
 0    active  zhiyong18-cephfs.ceph143.eltfff  Reqs:    0 /s    10     13     12      0   
      POOL         TYPE     USED  AVAIL  
cephfs_metadata  metadata  96.0k  1083G  
  cephfs_data      data       0   1083G  
          STANDBY MDS            
zhiyong18-cephfs.ceph141.geohlx  
MDS version: ceph version 18.2.4 (e7ad5345525c7aa95470c26863873b581076945d) reef (stable)

7.再次查看集群状态ERR状态消失。此处ERR状态是因为,之前的rbd问题(可以忽略)

bash 复制代码
[root@ceph141ceph]# ceph -s
  cluster:
    id:     12fad866-9aa0-11ef-8656-6516a17ad6dd
    health: HEALTH_WARN
            1 pool(s) do not have an application enabled
 
  services:
    mon: 3 daemons, quorum ceph141,ceph142,ceph143 (age 84m)
    mgr: ceph141.yvswvf(active, since 84m), standbys: ceph142.gtcikx
    mds: 1/1 daemons up, 1 standby
    osd: 7 osds: 7 up (since 84m), 7 in (since 39h)
 
  data:
    volumes: 1/1 healthy
    pools:   6 pools, 129 pgs
    objects: 72 objects, 18 MiB
    usage:   335 MiB used, 3.3 TiB / 3.3 TiB avail
    pgs:     129 active+clean

8.验证mds的高可用性

直接给ceph143节点关机:init 0,然后查看cephfs的状态还是正常的

bash 复制代码
[root@ceph141ceph]# ceph fs status zhiyong18-cephfs
zhiyong18-cephfs - 0 clients
================
RANK  STATE                 MDS                   ACTIVITY     DNS    INOS   DIRS   CAPS  
 0    active  zhiyong18-cephfs.ceph141.geohlx  Reqs:    0 /s    10     13     12      0   
      POOL         TYPE     USED  AVAIL  
cephfs_metadata  metadata  96.0k  1625G  
  cephfs_data      data       0   1083G  
MDS version: ceph version 18.2.4 (e7ad5345525c7aa95470c26863873b581076945d) reef (stable)

2 cephFS配置多活

1.查看之前的状态

bash 复制代码
[root@ceph141~]# ceph fs status zhiyong18-cephfs
zhiyong18-cephfs - 0 clients
================
RANK  STATE                 MDS                   ACTIVITY     DNS    INOS   DIRS   CAPS  
 0    active  zhiyong18-cephfs.ceph141.geohlx  Reqs:    0 /s    10     13     12      0   
      POOL         TYPE     USED  AVAIL  
cephfs_metadata  metadata   104k  1083G  
  cephfs_data      data       0   1083G  
          STANDBY MDS            
zhiyong18-cephfs.ceph143.eltfff  
MDS version: ceph version 18.2.4 (e7ad5345525c7aa95470c26863873b581076945d) reef (stable)

2.查看默认的mds数量为1,同时仅有一个对外提供服务。修改为2,以让2个mds同时对外提供服务

bash 复制代码
[root@ceph141~]# ceph fs get zhiyong18-cephfs | grep  max_mds
max_mds	1
[root@ceph141~]# ceph fs set zhiyong18-cephfs  max_mds 2
[root@ceph141~]# ceph fs get zhiyong18-cephfs | grep  max_mds
max_mds	2

3.再次查看cephFS 。此时ceph141和ceph143同时对外提供服务,任何一个mds挂掉,都导致集群不可用!

bash 复制代码
[root@ceph141~]# ceph orch daemon add mds zhiyong18-cephfs ceph142
[root@ceph141~]# ceph fs status zhiyong18-cephfs
zhiyong18-cephfs - 0 clients
================
RANK  STATE                 MDS                   ACTIVITY     DNS    INOS   DIRS   CAPS  
 0    active  zhiyong18-cephfs.ceph141.geohlx  Reqs:    0 /s    10     13     12      0   
 1    active  zhiyong18-cephfs.ceph143.eltfff  Reqs:    0 /s    10     13     11      0   
      POOL         TYPE     USED  AVAIL  
cephfs_metadata  metadata   176k  1083G  
  cephfs_data      data       0   1083G  
MDS version: ceph version 18.2.4 (e7ad5345525c7aa95470c26863873b581076945d) reef (stable)

4.添加一个备用的mds,ceph142充当。添加后再次查看cephFS状态

bash 复制代码
[root@ceph141~]# ceph fs status zhiyong18-cephfs
zhiyong18-cephfs - 0 clients
================
RANK  STATE                 MDS                   ACTIVITY     DNS    INOS   DIRS   CAPS  
 0    active  zhiyong18-cephfs.ceph141.geohlx  Reqs:    0 /s    10     13     12      0   
 1    active  zhiyong18-cephfs.ceph143.eltfff  Reqs:    0 /s    10     13     11      0   
      POOL         TYPE     USED  AVAIL  
cephfs_metadata  metadata   176k  1083G  
  cephfs_data      data       0   1083G  
          STANDBY MDS            
zhiyong18-cephfs.ceph142.igigvp  
MDS version: ceph version 18.2.4 (e7ad5345525c7aa95470c26863873b581076945d) reef (stable)

5.验证是否生效。关闭ceph143节点:init 0。然后发现ceph142节点切换过去。

bash 复制代码
[root@ceph141~]# ceph fs status zhiyong18-cephfs
zhiyong18-cephfs - 0 clients
================
RANK  STATE                 MDS                   ACTIVITY     DNS    INOS   DIRS   CAPS  
 0    active  zhiyong18-cephfs.ceph141.geohlx  Reqs:    0 /s    10     13     12      0   
 1    active  zhiyong18-cephfs.ceph142.igigvp  Reqs:    0 /s    10     13     11      0   
      POOL         TYPE     USED  AVAIL  
cephfs_metadata  metadata   183k  1625G  
  cephfs_data      data       0   1083G  
MDS version: ceph version 18.2.4 (e7ad5345525c7aa95470c26863873b581076945d) reef (stable)
[root@ceph141~]# ceph -s
  cluster:
    id:     12fad866-9aa0-11ef-8656-6516a17ad6dd
    health: HEALTH_WARN
            failed to probe daemons or devices
            insufficient standby MDS daemons available
            1/3 mons down, quorum ceph141,ceph142
            2 osds down
            1 host (2 osds) down
            Degraded data redundancy: 91/273 objects degraded (33.333%), 50 pgs degraded
            1 pool(s) do not have an application enabled
 
  services:
    mon: 3 daemons, quorum ceph141,ceph142 (age 36s), out of quorum: ceph143
    mgr: ceph141.yvswvf(active, since 7h), standbys: ceph142.gtcikx
    mds: 2/2 daemons up
    osd: 7 osds: 5 up (since 35s), 7 in (since 80m)
 
  data:
    volumes: 1/1 healthy
    pools:   6 pools, 129 pgs
    objects: 91 objects, 18 MiB
    usage:   367 MiB used, 3.3 TiB / 3.3 TiB avail
    pgs:     91/273 objects degraded (33.333%)
             79 active+undersized
             50 active+undersized+degraded

6.再把ceph143添加到集群

bash 复制代码
[root@ceph141~]# ceph orch daemon add mds zhiyong18-cephfs ceph143

最后发现添加不成功,可能是mds不支持3个,最后把max_mds改为了1

3 客户端使用cephFS

01 服务端准备工作

1.确认cephFS的可用

bash 复制代码
[root@ceph141~]# ceph fs ls
name: zhiyong18-cephfs, metadata pool: cephfs_metadata, data pools: [cephfs_data ]
[root@ceph141~]# ceph fs status zhiyong18-cephfs
zhiyong18-cephfs - 0 clients
================
RANK  STATE                 MDS                   ACTIVITY     DNS    INOS   DIRS   CAPS  
 0    active  zhiyong18-cephfs.ceph141.geohlx  Reqs:    0 /s    10     13     12      0   
      POOL         TYPE     USED  AVAIL  
cephfs_metadata  metadata   249k  1083G  
  cephfs_data      data       0   1083G  
          STANDBY MDS            
zhiyong18-cephfs.ceph142.oszjfe  
MDS version: ceph version 18.2.4 (e7ad5345525c7aa95470c26863873b581076945d) reef (stable)
[root@ceph141~]# ceph fs get zhiyong18-cephfs | grep max_mds
max_mds	1

2.管理节点创建用户并导出钥匙环和key文件,发到其他节点

bash 复制代码
[root@ceph141~]# ceph auth add client.wenzhiyongfs mon 'allow r' mds 'allow rw' osd 'allow rwx'
added key for client.wenzhiyongfs
[root@ceph141~]# ceph auth get client.wenzhiyongfs
[client.wenzhiyongfs]
	key = AQCOfitnDobhOBAAdJT9D0JVIjRch+kOQl8q3g==
	caps mds = "allow rw"
	caps mon = "allow r"
	caps osd = "allow rwx"
[root@ceph141~]# ceph auth get client.wenzhiyongfs > ceph.client.wenzhiyongfs.keyring
[root@ceph141~]# ceph auth  print-key client.wenzhiyongfs > wenzhiyongfs.key
[root@ceph141~]# more wenzhiyongfs.key 
AQCOfitnDobhOBAAdJT9D0JVIjRch+kOQl8q3g==


[root@ceph141~]# scp ceph.client.wenzhiyongfs.keyring wenzhiyongfs.key ceph143:/etc/ceph/
[root@ceph141~]# scp ceph.client.wenzhiyongfs.keyring  ceph142:/etc/ceph/

3.客户端确认本地的认证文件

复制代码
[root@ceph143ceph]# ll | grep wen
-rw-r--r-- 1 root root 139 Nov  6 22:53 ceph.client.wenzhiyongfs.keyring
-rw-r--r-- 1 root root  40 Nov  6 22:53 wenzhiyongfs.key

02 客户端使用cephFS

1.客户端ceph141基于key文件进行挂载并尝试写入数据

bash 复制代码
[root@ceph143ceph]# df -h | grep mnt
[root@ceph143ceph]# mount -t ceph ceph141:6789,ceph142:6789,ceph143:6789:/ /mnt \
-o name=wenzhiyongfs,secretfile=/etc/ceph/wenzhiyongfs.key

[root@ceph143ceph]# df -h | grep mnt
10.0.0.141:6789,10.0.0.142:6789,127.0.1.1:6789,10.0.0.143:6789:/  1.1T     0  1.1T   0% /mnt

[root@ceph143ceph]# cp /etc/os-release /etc/fstab /etc/hosts /mnt/
[root@ceph143ceph]# ls /mnt/
fstab  hosts  os-release

2.启动另一个客户端ceph142测试,测试时发现数据和ceph143同步了:都能看到所有节点上传的4个文件

bash 复制代码
[root@ceph142~]# mount -t ceph ceph141:6789,ceph142:6789,ceph143:6789:/ /mnt \
-o name=wenzhiyongfs,secret=AQCOfitnDobhOBAAdJT9D0JVIjRch+kOQl8q3g==
[root@ceph142~]# df -h | grep mnt
10.0.0.141:6789,127.0.1.1:6789,10.0.0.142:6789,10.0.0.143:6789:/  1.1T     0  1.1T   0% /mnt
[root@ceph142~]# cp /etc/hostname /mnt/
[root@ceph142~]# ls /mnt/
fstab  hostname  hosts  os-release

ceph143节点查看:

bash 复制代码
[root@ceph143~]# ls /mnt/
fstab  hostname  hosts  os-release

3.把认证文件删除后ceph.client.wenzhiyongfs.keyring,虽然不影响挂载,但是会有提示。

bash 复制代码
[root@ceph142ceph]# ls
ceph.client.admin.keyring  ceph.client.wenzhiyongfs.keyring  ceph.conf  rbdmap
[root@ceph142ceph]# rm -rf ceph.client.wenzhiyongfs.keyring 
[root@ceph142ceph]# umount /mnt 
[root@ceph142ceph]# mount -t ceph ceph141:6789,ceph142:6789,ceph143:6789:/ /mnt -o name=wenzhiyongfs,secret=AQCOfitnDobhOBAAdJT9D0JVIjRch+kOQl8q3g==
2024-11-06T23:35:58.145+0800 7f21d1629100 -1 auth: unable to find a keyring on /etc/ceph/ceph.client.wenzhiyongfs.keyring,/etc/ceph/ceph.keyring,/etc/ceph/keyring,/etc/ceph/keyring.bin: (2) No such file or directory
[root@ceph142ceph]# df -h | grep mnt
10.0.0.141:6789,127.0.1.1:6789,10.0.0.142:6789,10.0.0.143:6789:/  1.1T     0  1.1T   0% /mnt

4.ceph142节点依旧可以正常写入。用起来就和NFS差不多

bash 复制代码
[root@ceph142ceph]# cp /etc/netplan/00-installer-config.yaml /mnt/

4 K8S对接cephFS

4.1 cephFS作为volumes

1.Ubuntu默认安装的最新版本是17.2.7,也可以使用拷贝ceph的APT源,实现安装最新版。

所有K8S节点安装ceph-common:

bash 复制代码
apt -y install ceph-common

ceph节点把认证文件传输到所有K8S节点:

bash 复制代码
scp admin.secret 10.0.0.231:/etc/ceph/
scp admin.secret 10.0.0.232:/etc/ceph/
scp admin.secret 10.0.0.233:/etc/ceph/

1.编写资源清单

yaml 复制代码
[root@master23104-cephfs]# cat 01-k8s-use-cephfs.yaml 
apiVersion: apps/v1
kind: Deployment
metadata:
  name: deploy-volume-cephfs-admin-secretfile
spec:
  replicas: 3
  selector:
    matchLabels:
      apps: ceph-fs
  template:
    metadata:
      labels:
        apps: ceph-fs
    spec:
      volumes:
      - name: data
        # 指定存储卷的类型是cephFS
        cephfs:
          monitors:
          - 10.0.0.141:6789
          - 10.0.0.142:6789
          - 10.0.0.143:6789
          # 指定引用的cephFS的路径,若不指定默认为"/"
          path: /
          # 对于Pod而言,无需修改文件,因此设置为true
          readOnly: true
          # 指定连接ceph集群的用户,若不指定,默认为admin
          user: admin
          # 指定admin用户对应的认证文件所在路径
          secretFile: "/etc/ceph/admin.secret"
      containers:
      - name: c1
        image: registry.cn-hangzhou.aliyuncs.com/yinzhengjie-k8s/apps:v1
        volumeMounts:
        - name: data
          mountPath: /wenzhiyong-data
        ports:
        - containerPort: 80
---

apiVersion: v1
kind: Service
metadata:
  name: svc-cephfs-secretfile
spec:
  type: NodePort
  selector:
    apps: ceph-fs
  ports:
  - protocol: TCP
    port: 80
    targetPort: 80
    nodePort: 30011

2.进入容器测试,可以看到之前ceph节点写入的数据;因为设置了只读,所以不能写入数据。pod如果要有写入权限,就把volumes中改为:readOnly: false

bash 复制代码
kubectl exec deploy-volume-cephfs-admin-secretfile-57f6cf7df5-wmfg5 -- sh -c 'ls /wenzhiyong-data'

00-installer-config.yaml
fstab
hostname
hosts
os-release

# 进入pod测试
/ # cd /wenzhiyong-data/
/wenzhiyong-data # ls
00-installer-config.yaml  fstab                     hostname                  hosts                     os-release
/wenzhiyong-data # echo 11 >> pods.txt
sh: can't create pods.txt: Read-only file system

4.2 cephFS作为PVC

yaml 复制代码
apiVersion: v1
kind: PersistentVolume
metadata:
  name: zhiyong18-cephfs-pv
  labels:
    school: zhiyong18
spec:
  accessModes:
  - ReadWriteMany
  cephfs:
    monitors:
    - 10.0.0.141:6789
    - 10.0.0.141:6789
    - 10.0.0.141:6789
    path: /
    readOnly: false
    user: admin
    secretFile: "/etc/ceph/admin.secret"
  persistentVolumeReclaimPolicy: Retain
  capacity:
    storage: 2Gi
---

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: zhiyong18-cephfs-pvc
spec:
  # 选择上一步创建的PV
  volumeName: zhiyong18-cephfs-pv
  accessModes:
  - ReadWriteMany
  resources:
    limits:
       storage: 2Gi
    requests:
       storage: 1Gi
---

apiVersion: apps/v1
kind: Deployment
metadata:
  name: deploy-pvc-cephfs-secretfile
spec:
  replicas: 3
  selector:
    matchLabels:
      apps: cephfs
  template:
    metadata:
      labels:
        apps: cephfs
    spec:
      volumes:
      - name: data
        persistentVolumeClaim:
          claimName: zhiyong18-cephfs-pvc
      containers:
      - name: c1
        image: registry.cn-hangzhou.aliyuncs.com/yinzhengjie-k8s/apps:v1
        volumeMounts:
        - name: data
          mountPath: /usr/share/nginx/html
        ports:
        - containerPort: 80
---

apiVersion: v1
kind: Service
metadata:
  name: svc-cephfs-secretfile
spec:
  type: NodePort
  selector:
    apps: cephfs
  ports:
  - protocol: TCP
    port: 80
    targetPort: 80
    nodePort: 30012
  • PV 的 accessModes 表示该卷支持的访问模式范围。ReadWriteMany` 表示该 PV 可以支持多个节点同时读写该卷
  • PVC 的 accessModes 表示 PVC 向PV请求的访问模式。如果 PVC 请求的是 ReadWriteMany,那么它会尝试绑定一个支持该模式的 PV

2.运用后查看pod目录下的文件,还有之前ceph集群测试时留下来的文件。在nginx pod内创建目录和写入文件。

bash 复制代码
[root@master23104-cephfs]# kubectl exec -it deploy-pvc-cephfs-secretfile-6cfcdbfcf-r6sbt -- sh
/ # cd /usr/share/nginx/html/
/usr/share/nginx/html # ls
00-installer-config.yaml     fstab         hostname        hosts         os-release

/usr/share/nginx/html # mkdir nginx
/usr/share/nginx/html # echo wzywzy.fun > nginx/index.html

3.回到宿主机测试,访问任意一个pod都能看到返回正确的内容,说明:3个pod在共享这个cephFS

bash 复制代码
[root@master23104-cephfs]# kubectl get pods -o wide
NAME                                           READY   STATUS    RESTARTS   AGE     IP            NODE        NOMINATED NODE   READINESS GATES
deploy-pvc-cephfs-secretfile-6cfcdbfcf-r6sbt   1/1     Running   0          7m57s   10.100.2.37   worker232   <none>           <none>
deploy-pvc-cephfs-secretfile-6cfcdbfcf-v55zb   1/1     Running   0          7m57s   10.100.2.38   worker232   <none>           <none>
deploy-pvc-cephfs-secretfile-6cfcdbfcf-vzzbf   1/1     Running   0          7m57s   10.100.1.19   worker233   <none>           <none>
[root@master23104-cephfs]# curl 10.100.2.37/nginx/index.html
wzywzy.fun
[root@master23104-cephfs]# curl 10.100.2.38/nginx/index.html
wzywzy.fun
[root@master23104-cephfs]# curl 10.100.1.19/nginx/index.html
wzywzy.fun
ning   0          7m57s   10.100.2.37   worker232   <none>           <none>
deploy-pvc-cephfs-secretfile-6cfcdbfcf-v55zb   1/1     Running   0          7m57s   10.100.2.38   worker232   <none>           <none>
deploy-pvc-cephfs-secretfile-6cfcdbfcf-vzzbf   1/1     Running   0          7m57s   10.100.1.19   worker233   <none>           <none>
[root@master23104-cephfs]# curl 10.100.2.37/nginx/index.html
wzywzy.fun
[root@master23104-cephfs]# curl 10.100.2.38/nginx/index.html
wzywzy.fun
[root@master23104-cephfs]# curl 10.100.1.19/nginx/index.html
wzywzy.fun
相关推荐
chuanauc3 小时前
Kubernets K8s 学习
java·学习·kubernetes
小张是铁粉3 小时前
docker学习二天之镜像操作与容器操作
学习·docker·容器
烟雨书信3 小时前
Docker文件操作、数据卷、挂载
运维·docker·容器
IT成长日记3 小时前
【Docker基础】Docker数据卷管理:docker volume prune及其参数详解
运维·docker·容器·volume·prune
这儿有一堆花3 小时前
Docker编译环境搭建与开发实战指南
运维·docker·容器
LuckyLay3 小时前
Compose 高级用法详解——AI教你学Docker
运维·docker·容器
Uluoyu3 小时前
redisSearch docker安装
运维·redis·docker·容器
IT成长日记8 小时前
【Docker基础】Docker数据持久化与卷(Volume)介绍
运维·docker·容器·数据持久化·volume·
疯子的模样12 小时前
Docker 安装 Neo4j 保姆级教程
docker·容器·neo4j
虚伪的空想家13 小时前
rook-ceph配置dashboard代理无法访问
ceph·云原生·k8s·存储·rook