bash
# rustfs-deployment.yaml
# RustFS Kubernetes 部署配置
# 1. Deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: rustfs-deployment
labels:
app: rustfs
spec:
replicas: 1
selector:
matchLabels:
app: rustfs
template:
metadata:
labels:
app: rustfs
spec:
containers:
- name: rustfs
image: registry.cn-hangzhou.aliyuncs.com/qiluo-images/rustfs:latest
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9000
name: api
protocol: TCP
- containerPort: 9001
name: console
protocol: TCP
env:
- name: RUSTFS_ACCESS_KEY
valueFrom:
secretKeyRef:
name: rustfs-secrets
key: RUSTFS_ACCESS_KEY
- name: RUSTFS_SECRET_KEY
valueFrom:
secretKeyRef:
name: rustfs-secrets
key: RUSTFS_SECRET_KEY
- name: TZ
value: "Asia/Shanghai"
- name: RUSTFS_SERVER_URL
value: "http://rustfs-service:9000"
volumeMounts:
- name: rustfs-data
mountPath: /data
- name: rustfs-config
mountPath: /root/.rustfs
resources:
limits:
cpu: "1"
memory: "2Gi"
requests:
cpu: "0.5"
memory: "1Gi"
readinessProbe:
tcpSocket:
port: 9000
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
livenessProbe:
tcpSocket:
port: 9000
initialDelaySeconds: 30
periodSeconds: 30
timeoutSeconds: 5
securityContext:
runAsUser: 1000
runAsGroup: 1000
volumes:
- name: rustfs-data
persistentVolumeClaim:
claimName: rustfs-pvc
- name: rustfs-config
persistentVolumeClaim:
claimName: rustfs-config-pvc
restartPolicy: Always
terminationGracePeriodSeconds: 30
---
# 2. Service
apiVersion: v1
kind: Service
metadata:
name: rustfs-service
labels:
app: rustfs
spec:
selector:
app: rustfs
ports:
- name: api
protocol: TCP
port: 9000
targetPort: 9000
nodePort: 32090
- name: console
protocol: TCP
port: 9001
targetPort: 9001
nodePort: 32091
type: NodePort
sessionAffinity: None
externalTrafficPolicy: Cluster
---
# 3. PersistentVolume - 数据存储
apiVersion: v1
kind: PersistentVolume
metadata:
name: rustfs-pv
spec:
capacity:
storage: 100Gi
accessModes:
- ReadWriteOnce
hostPath:
path: /data/rustfs/data
type: DirectoryOrCreate
persistentVolumeReclaimPolicy: Retain
storageClassName: manual
---
# 4. PersistentVolumeClaim - 数据存储
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: rustfs-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 100Gi
storageClassName: manual
---
# 5. PersistentVolume - 配置存储
apiVersion: v1
kind: PersistentVolume
metadata:
name: rustfs-config-pv
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteOnce
hostPath:
path: /data/rustfs/config
type: DirectoryOrCreate
persistentVolumeReclaimPolicy: Retain
storageClassName: manual
---
# 6. PersistentVolumeClaim - 配置存储
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: rustfs-config-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
storageClassName: manual
bash
#!/bin/bash
# deploy-rustfs.sh
set -e
echo "=== RustFS Kubernetes 部署 ==="
# 配置参数
RUSTFS_DATA_DIR="/data/rustfs"
RUSTFS_KEYS_FILE="$RUSTFS_DATA_DIR/.rustfs-keys"
# 1. 生成安全密钥
echo "1. 生成安全密钥..."
ACCESS_KEY=$(openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | head -c 20)
SECRET_KEY=$(openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | head -c 40)
echo "Access Key: $ACCESS_KEY"
echo "Secret Key: $SECRET_KEY"
# 保存密钥到文件
echo "2. 保存密钥到文件..."
mkdir -p "$RUSTFS_DATA_DIR"
cat > "$RUSTFS_KEYS_FILE" << EOF
# RustFS 密钥文件
# 生成时间: $(date)
RUSTFS_ACCESS_KEY=$ACCESS_KEY
RUSTFS_SECRET_KEY=$SECRET_KEY
EOF
chmod 600 "$RUSTFS_KEYS_FILE"
echo "密钥已保存到: $RUSTFS_KEYS_FILE"
# 2. 创建 Kubernetes Secret
echo "3. 创建 Kubernetes Secret..."
kubectl create secret generic rustfs-secrets \
--from-literal=RUSTFS_ACCESS_KEY="$ACCESS_KEY" \
--from-literal=RUSTFS_SECRET_KEY="$SECRET_KEY" \
--dry-run=client -o yaml | kubectl apply -f -
echo "✅ Secret 创建成功"
# 3. 创建数据目录并设置权限
echo "4. 创建数据目录..."
sudo mkdir -p "$RUSTFS_DATA_DIR/data"
sudo mkdir -p "$RUSTFS_DATA_DIR/config"
# 设置目录权限(容器内用户通常是 UID 1000)
echo "设置目录权限..."
sudo chown -R 1000:1000 "$RUSTFS_DATA_DIR"
sudo chmod -R 755 "$RUSTFS_DATA_DIR"
echo "目录结构:"
ls -la "$RUSTFS_DATA_DIR/"
# 4. 部署 YAML 文件
echo "5. 部署 RustFS..."
kubectl apply -f rustfs-deployment.yaml
# 5. 等待并验证部署
echo "6. 等待 Pod 启动..."
for i in {1..30}; do
POD_STATUS=$(kubectl get pods -l app=rustfs -o jsonpath='{.items[0].status.phase}' 2>/dev/null || echo "Unknown")
if [ "$POD_STATUS" = "Running" ]; then
echo "✅ Pod 已进入 Running 状态"
break
fi
if [ $i -eq 30 ]; then
echo "⚠️ Pod 启动超时,当前状态: $POD_STATUS"
else
echo "等待 Pod 启动... ($i/30) - 当前状态: $POD_STATUS"
sleep 5
fi
done
# 6. 显示部署结果
echo ""
echo "=== 部署结果 ==="
echo "Deployment:"
kubectl get deployment rustfs-deployment
echo ""
echo "Service:"
kubectl get service rustfs-service
echo ""
echo "Pods:"
kubectl get pods -l app=rustfs
echo ""
echo "PVC:"
kubectl get pvc rustfs-pvc rustfs-config-pvc
echo ""
echo "PV:"
kubectl get pv rustfs-pv rustfs-config-pv
# 获取 Pod 名称和日志
POD_NAME=$(kubectl get pods -l app=rustfs -o jsonpath='{.items[0].metadata.name}' 2>/dev/null || echo "未找到")
if [ "$POD_NAME" != "未找到" ]; then
echo ""
echo "Pod 日志 (最后10行):"
kubectl logs --tail=10 "$POD_NAME"
fi
# 获取节点 IP
NODE_IP=$(kubectl get nodes -o jsonpath='{.items[0].status.addresses[?(@.type=="InternalIP")].address}' 2>/dev/null)
if [ -z "$NODE_IP" ]; then
NODE_IP="<节点IP>"
fi
echo ""
echo "=== 部署完成 ==="
echo "📊 服务信息:"
echo " Access Key: $ACCESS_KEY"
echo " Secret Key: $SECRET_KEY"
echo " API端点: http://$NODE_IP:32090"
echo " 控制台: http://$NODE_IP:32091"
echo " 内部服务: rustfs-service.default.svc.cluster.local:9000"
echo ""
echo "📁 数据目录:"
echo " 数据存储: $RUSTFS_DATA_DIR/data"
echo " 配置存储: $RUSTFS_DATA_DIR/config"
echo " 密钥文件: $RUSTFS_KEYS_FILE"
echo ""
echo "🔧 管理命令:"
echo " 查看状态: kubectl get deployment rustfs-deployment"
echo " 查看服务: kubectl get service rustfs-service"
echo " 查看日志: kubectl logs -f deployment/rustfs-deployment"
echo " 进入容器: kubectl exec -it deployment/rustfs-deployment -- sh"
echo " 重启服务: kubectl rollout restart deployment rustfs-deployment"
echo ""
echo "🗑️ 卸载命令:"
echo " kubectl delete -f rustfs-deployment.yaml"
echo " kubectl delete secret rustfs-secrets"
echo ""
echo "⚠️ 重要提示:"
echo " 1. 请妥善保管密钥文件: $RUSTFS_KEYS_FILE"
echo " 2. 确保防火墙允许端口 32090 和 32091"
echo " 3. 数据存储在: $RUSTFS_DATA_DIR/data"
bash
# 1. 保存文件
vim rustfs-deployment.yaml
vim deploy-rustfs.sh
chmod +x deploy-rustfs.sh
# 2. 执行部署
./deploy-rustfs.sh
# 3. 验证部署
kubectl get all -l app=rustfs
# 4. 测试连接
curl http://<节点IP>:32090
