私有化部署中,有一个比较耗时的操作是地图数据的上传。每次都需要手动将地图数据拷贝到k8s的PVC中。为了解决这个问题,通过pod部署一个rsyncd守护进程,并通过NodePort类型Service将服务暴露出来以方便同事上传。
镜像来源"https://hub.docker.com/r/servercontainers/rsync"。
创建配置文件和凭据文件,
配置文件rsyncd.conf:
use chroot = false
strict modes = false
hosts allow = *
log file = /data/rsyncd.log
auth users = rsyncuser
secrets file = /etc/rsyncd.secrets
[map]
path = /data/map
read only = false
transfer logging = yes
hosts allow = *
uid = 0 #实际使用按照要求修改
gid = 0 #实际使用按照要求修改凭据文件rsyncd.secrets:
rsyncuser:longlongpassword命令行方式创建configmap,
kubectl create configmap cmrsyncd --from-file=rsyncd.secrets --from-file=rsyncd.confrsyncd的yaml文件,
apiVersion: v1
kind: Service
metadata:
name: rsyncd
spec:
type: NodePort
ports:
- name: rsyncd
port: 873
targetPort: 873
protocol: TCP
nodePort: 30010
selector:
app: rsyncd
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: rsyncd
labels:
app: rsyncd
spec:
replicas: 1
selector:
matchLabels:
app: rsyncd
template:
metadata:
labels:
app: rsyncd
spec:
containers:
- name: rsyncd
image: servercontainers/rsync:latest
ports:
- containerPort: 873
volumeMounts:
- name: data-volume
mountPath: /data
- name: cmrsyncd
mountPath: /etc/rsyncd.conf
subPath: rsyncd.conf
readOnly: true
- name: cmrsyncd
mountPath: /etc/rsyncd.secrets
subPath: rsyncd.secrets
readOnly: true
resources:
limits:
cpu: 200m
memory: 512Mi
requests:
cpu: 100m
memory: 128Mi
volumes:
- name: cmrsyncd
configMap:
name: cmrsyncd
- name: data-volume
persistentVolumeClaim:
claimName: data-pvc上传命令如下,
# 上传文件map.data
rsync -avz map.data rsyncuser@192.168.1.1::map --port 30010如果不想每次手动输入密码,可以将密码写入文件rsync.pass中,并将文件权限改为"600",
# 修改文件权限
chmod 600 rsync.pass
# 上传文件map.data
rsync -avz map.data rsyncuser@192.168.1.1::map --password-file=./rsync.pass --port 30010这样文件就会上传到容器目录"/data/map"中,也即上传到PVC中。