前提
所有的worker节点都需要安装nfs的客户端,安装方法见 NFS服务配置
https://www.cnblogs.com/cerberus43/p/15880234.htmlK8s的与NFS
Kubernetes的原生内部并不包含nfs的StorageClass的提供者,所以需要挂载外部的提供者来实现,我们使用nfs提供者如下:
NFS subdir external provisioner
配置汇总
1、下载最新版本的nfs-subdir-external-provisioner
https://github.com/kubernetes-sigs/nfs-subdir-external-provisioner/releases2、配置helm
curl -L https://get.helm.sh/helm-v3.12.0-linux-amd64.tar.gz -O
tar zxvf helm-v3.12.0-linux-amd64.tar.gz
mv helm /usr/bin/
helm --help3、解压nfs-subdir-external-provisioner并使用修改values.yaml
cd /root/nfs-storage-class
tar zxvf nfs-subdir-external-provisioner-4.0.18.tgz
ls /root/nfs-storage-class/nfs-subdir-external-provisioner/
Chart.yaml ci README.md templates values.yaml#修改镜像地址,原有的镜像国内无法下载,可以修改为自己的镜像地址
image:
repository: registry.cn-hangzhou.aliyuncs.com/xxxx/nfs-subdir-external-provisioner
#配置nfs
nfs:
server: 192.168.2.2
path: /volume1/k8s-sc-data
mountOptions:
volumeName: nfs-subdir-external-provisioner-root
# Reclaim policy for the main nfs volume
reclaimPolicy: Retain
#配置sc
storageClass:
create: true
defaultClass: true
name: k8s-sc-data-nfsimage.repository:nfs-subdir-external-provisioner的下载镜像
nfs.server:nfs的地址
nfs.path:nfs的路径
storageClass.defaultClass:指定为默认sc
storageClass.name:sc的名称
使用下面命令创建storage class
#执行此命令时,请确保/root/nfs-storage-class/nfs-subdir-external-provisioner目录下没有其他文件,否则会导致请求体过大而无法创建
helm install nfs-provisioner /root/nfs-storage-class/nfs-subdir-external-provisioner -f /root/nfs-storage-class/nfs-subdir-external-provisioner/values.yaml
#删除storageclass
helm uninstall nfs-provisioner也可以使用【-n】参数指定在某个命令空间内创建。
可以使用下面命令查看创建的相关对象:
kubectl get pods
kubectl get sc
#查看所有charts
helm list
#删除charts
helm delete xxx4、创建pvc
vim pvc-nexus.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: nexus-pvc
annotations:
volume.beta.kubernetes.io/storage-class: "second-nfs-client"
spec:
storageClassName: second-nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 40Gi5、创建pod测试
这个测试实例是使用k8s运行nexus的私服,整个实例经过多次验证,成功运行
vim nexus.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nexus
spec:
replicas: 1
selector:
matchLabels:
app: nexus-server
template:
metadata:
labels:
app: nexus-server
spec:
containers:
- name: nexus
image: sonatype/nexus3:latest
resources:
limits:
memory: "4Gi"
cpu: "1000m"
requests:
memory: "2Gi"
cpu: "500m"
ports:
- containerPort: 8081
volumeMounts:
- name: nexus-data
mountPath: /nexus-data
volumes:
- name: nexus-data
persistentVolumeClaim:
claimName: nexus-pvc
---
apiVersion: v1
kind: Service
metadata:
name: svc-nexus
labels: #可以没有
app: svc-nexus
spec:
#type: ClusterIP 默认就是ClusterIP
type: NodePort
selector:
app: nexus-server #一定要一致
ports:
- targetPort: 8081 #service访问目标容器的Port; 1.如果没用,那么默认用port,那么port与容器port需一致;
# name: nexus 2.容器ports可写name,这样targetPort直接用其name即可;
port: 8081 #service 自身暴露的端口;通过暴露service端口 --> 映射容器端口,使得容器服务可以对外访问
nodePort: 30081
#protocol: 默认TCP6、执行命令
kubectl apply -f .
kubectl delete -f .7、测试nexus能否正常访问
首次运行会有很点慢,需要等上两分钟
http://192.168.3.31:30081/#admin/repository
获取nexus的默认密码:
kubectl exec --stdin --tty nexus-6669fcf544-g6p2d /bin/bash
cat /nexus-data/admin.password