BigDataMining 2020-08-21
容器部署过程中一般有以下三种数据:
·启动时需要的初始数据,可以是配置文件
·启动过程中产生的临时数据,该临时数据需要多个容器间共享
·启动过程中产生的持久化数据
Kubernetes 中的 Volume提供了在容器中挂载外部存储的能力
Pod需要设置卷来源( spec.volume)和挂载点( spec.containers.volumeMounts)两个信息后才可以使用相应的 Volume
官方搜索查看支持的类型
awsElasticBlockStore azureDisk azureFile cephfs cinder configMap csi downwardAPI emptyDir fc (fibre channel) flexVolume flocker gcePersistentDisk gitRepo (deprecated) glusterfs hostPath iscsi local nfs persistentVolumeClaim projected portworxVolume quobyte rbd scaleIO secret storageos vsphereVolume
k8s支持的存储类型
简单的分类:
1、本地,例如emptyDir、hostPath
2、网络,例如nfs、cephfs、glusterfs
3、公有云,例如azureDisk、awsElasticBlockStore
4、k8s资源,例如secret、configMap
创建一个空卷,挂载到Pod中的容器。Pod删除该卷也会被删除。
应用场景:Pod中容器之间数据共享
emptydir默认工作目录:
/var/lib/kubelet/pods/<pod-id>/volumes/kubernetes.io~empty-dir
什么样的适合在pod中运行多个容器?
{} 空值
[ chp7]# cat emptyDir.yml apiVersion: v1 kind: Pod metadata: name: emptydir spec: containers: - name: write image: centos command: ["bash","-c","for i in {1..100};do echo $i >> /data/hello;sleep 1;done"] volumeMounts: - name: data mountPath: /data - name: read image: centos command: ["bash","-c","tail -f /data/hello"] volumeMounts: - name: data mountPath: /data volumes: - name: data emptyDir: {} [ chp7]# kubectl apply -f emptyDir.yml pod/emptydir created [ chp7]# kubectl get po -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES emptydir 2/2 Running 1 116s 10.244.111.203 k8s-n2 <none> <none> [ data]# docker ps |grep emptydir cbaf1b92b4a8 centos "bash -c ‘for i in {…" About a minute ago Up About a minute k8s_write_emptydir_default_df40c32a-9f0a-44b7-9c17-89c9e9725da2_3 bce0f2607620 centos "bash -c ‘tail -f /d…" 7 minutes ago Up 7 minutes k8s_read_emptydir_default_df40c32a-9f0a-44b7-9c17-89c9e9725da2_0 0b804b8db60f registry.aliyuncs.com/google_containers/pause:3.2 "/pause" 7 minutes ago Up 7 minutes k8s_POD_emptydir_default_df40c32a-9f0a-44b7-9c17-89c9e9725da2_0 [ data]# pwd /var/lib/kubelet/pods/df40c32a-9f0a-44b7-9c17-89c9e9725da2/volumes/kubernetes.io~empty-dir/data
挂载Node文件系统上文件或者目录到Pod中的容器。
应用场景:Pod中容器需要访问宿主机文件
[ chp7]# cat hostPath.yml apiVersion: v1 kind: Pod metadata: name: host-path spec: containers: - name: centos image: centos command: ["bash","-c","sleep 36000"] volumeMounts: - name: data mountPath: /data volumes: - name: data hostPath: path: /tmp type: Directory [ chp7]# kubectl apply -f hostPath.yml pod/host-path created [ chp7]# kubectl exec host-path -it bash kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl kubectl exec [POD] -- [COMMAND] instead. [path data]# pwd /data [path data]# touch test.txt [ ~]# ls -l /tmp/test.txt -rw-r--r--. 1 root root 5 8月 18 22:25 /tmp/test.txt
yum install nfs-utils -y [ ~]# mkdir /nfs/k8s -p [ ~]# vim /etc/exports [ ~]# cat /etc/exports /nfs/k8s 10.0.0.0/24(rw,no_root_squash) # no_root_squash:当登录NFS主机使用共享目录的使用者是root时,其权限将被转换成为匿名使用者,通常它的UID与GID都会变成nobody身份。 [ ~]# systemctl restart nfs [ ~]# systemctl enable nfs Created symlink from /etc/systemd/system/multi-user.target.wants/nfs-server.service to /usr/lib/systemd/system/nfs-server.service. [ ~]# # 测试 [ ~]# mount -t nfs 10.0.0.25:/nfs/k8s /mnt/ [ ~]# df -h |grep nfs 10.0.0.25:/nfs/k8s 26G 5.8G 21G 23% /mnt 查看nfs共享目录: [ ~]# showmount -e Export list for k8s-n2: /nfs/k8s 10.0.0.0/24 创建应用 [ chp7]# cat nfs-deploy.yml apiVersion: apps/v1 kind: Deployment metadata: name: nfs-nginx-deploy spec: selector: matchLabels: app: nfs-nginx replicas: 3 template: metadata: labels: app: nfs-nginx spec: containers: - name: nginx image: nginx volumeMounts: - name: wwwroot mountPath: /usr/share/nginx/html ports: - containerPort: 80 volumes: - name: wwwroot nfs: server: 10.0.0.25 path: /nfs/k8s [ chp7]# kubectl apply -f nfs-deploy.yml [ chp7]# kubectl get pod -o wide|grep nfs nfs-nginx-deploy-848f4597c9-658ws 1/1 Running 0 2m33s 10.244.111.205 k8s-n2 <none> <none> nfs-nginx-deploy-848f4597c9-bzl5w 1/1 Running 0 2m33s 10.244.111.207 k8s-n2 <none> <none> nfs-nginx-deploy-848f4597c9-wz422 1/1 Running 0 2m33s 10.244.111.208 k8s-n2 <none> <none> 在本地创建index 页面,然后在容器中也可以看到文件 [ ~]# echo "hello world" >/nfs/k8s/index.html [ chp7]# curl 10.244.111.205 hello world [ chp7]# kubectl exec nfs-nginx-deploy-848f4597c9-wz422 -it -- bash:/# mount|grep k8s 10.0.0.25:/nfs/k8s on /usr/share/nginx/html type nfs4 (rw,relatime,vers=4.1,rsize=524288,wsize=524288,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,clientaddr=10.0.0.25,local_lock=none,addr=10.0.0.25) 4.持久卷概述 [ chp7]# cat pv.yml apiVersion: v1 kind: PersistentVolume metadata: name: pv0001 spec: capacity: storage: 5Gi volumeMode: Filesystem accessModes: - ReadWriteMany persistentVolumeReclaimPolicy: Recycle nfs: path: /nfs/k8s/pv0001 server: 10.0.0.25 --- apiVersion: v1 kind: PersistentVolume metadata: name: pv0002 spec: capacity: storage: 15Gi volumeMode: Filesystem accessModes: - ReadWriteMany persistentVolumeReclaimPolicy: Recycle nfs: path: /nfs/k8s/pv0002 server: 10.0.0.25 --- apiVersion: v1 kind: PersistentVolume metadata: name: pv0003 spec: capacity: storage: 30Gi volumeMode: Filesystem accessModes: - ReadWriteMany persistentVolumeReclaimPolicy: Recycle nfs: path: /nfs/k8s/pv0003 server: 10.0.0.25创建pv卷
[ chp7]# kubectl apply -f pv.yml persistentvolume/pv0001 created persistentvolume/pv0002 created persistentvolume/pv0003 created [ chp7]# kubectl get pv NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE pv0001 5Gi RWX Recycle Available 53s pv0002 15Gi RWX Recycle Available 53s pv0003 30Gi RWX Recycle Available 53s
[ chp7]# cat pvc-deploy.yml apiVersion: apps/v1 kind: Deployment metadata: name: pvc-ngnix spec: selector: matchLabels: app: pvc-nginx replicas: 3 template: metadata: labels: app: pvc-nginx spec: containers: - name: nginx image: nginx volumeMounts: - name: wwwroot mountPath: /usr/share/nginx/html ports: - containerPort: 80 volumes: - name: wwwroot persistentVolumeClaim: claimName: my-pvc --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: my-pvc spec: accessModes: - ReadWriteMany resources: requests: storage: 5Gi
创建应用
[ chp7]# kubectl apply -f pvc-deploy.yml deployment.apps/pvc-ngnix unchanged persistentvolumeclaim/my-pvc created [ chp7]# kubectl get pvc NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE my-pvc Bound pv0001 5Gi RWX 12m [ pv0001]# echo "hello pvc" >index.html [ chp7]# curl 10.244.111.209 hello pvc
5.PV静态供给
6.PV动态供给
7.案例:应用程序使用持久卷存储数据
8.有状态应用部署:Statefulset控制器
9.应用程序配置文件存储:Config Ma
10.敏感数据存储:Secret