nfs-client-provisioner,它可以使用现有的和已配置的NFS服务器来通过持久卷声明来动态供应Kubernetes持久卷
使用sig-storage-lib-external-provisioner的开发nfs-subdir-external-provisioner进行配置

安装nfs

每个slave节点安装nfs

# yum install -y nfs-utils

安装storage class

准备资源清单

  • rbac
apiVersion: v1
kind: ServiceAccount
metadata:
name: nfs-client-provisioner
namespace: kube-system
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: nfs-client-provisioner-runner
rules:
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "create", "delete"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list", "watch", "update"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["events"]
verbs: ["create", "update", "patch"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: run-nfs-client-provisioner
subjects:
- kind: ServiceAccount
name: nfs-client-provisioner
namespace: kube-system
roleRef:
kind: ClusterRole
name: nfs-client-provisioner-runner
apiGroup: rbac.authorization.k8s.io
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: leader-locking-nfs-client-provisioner
namespace: kube-system
rules:
- apiGroups: [""]
resources: ["endpoints"]
verbs: ["get", "list", "watch", "create", "update", "patch"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: leader-locking-nfs-client-provisioner
namespace: kube-system
subjects:
- kind: ServiceAccount
name: nfs-client-provisioner
namespace: kube-system
roleRef:
kind: Role
name: leader-locking-nfs-client-provisioner
apiGroup: rbac.authorization.k8s.io
  • deploy
apiVersion: apps/v1
kind: Deployment
metadata:
name: nfs-client-provisioner
labels:
app: nfs-client-provisioner
namespace: kube-system
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: nfs-client-provisioner
template:
metadata:
labels:
app: nfs-client-provisioner
spec:
serviceAccountName: nfs-client-provisioner
containers:
- name: nfs-client-provisioner
image: quay.io/external_storage/nfs-client-provisioner:latest
volumeMounts:
- name: nfs-client-root
mountPath: /persistentvolumes
env:
- name: PROVISIONER_NAME # provisioner的名字,需要和StorageClass对象中的provisioner字段一致
value: shisuyun/nfs
- name: NFS_SERVER
value: 192.168.28.17 # NFS服务器地址
- name: NFS_PATH
value: /nfs/volume # NFS服务器目录
volumes:
- name: nfs-client-root
nfs:
server: 192.168.28.17 # NFS服务器地址
path: /nfs/volume # NFS服务器目录
  • class
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: nfs
provisioner: shisuyun/nfs
parameters:
archiveOnDelete: "false"

创建资源清单

# kubectl apply -f rbac.yaml
serviceaccount/nfs-client-provisioner created
clusterrole.rbac.authorization.k8s.io/nfs-client-provisioner-runner created
clusterrolebinding.rbac.authorization.k8s.io/run-nfs-client-provisioner created
role.rbac.authorization.k8s.io/leader-locking-nfs-client-provisioner created
rolebinding.rbac.authorization.k8s.io/leader-locking-nfs-client-provisioner created
# kubectl apply -f deploy.yaml
deployment.apps/nfs-client-provisioner created
# kubectl apply -f class.yaml
storageclass.storage.k8s.io/nfs created

测试创建pv

# vim pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: nfs-test
namespace: demo
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 5Gi
storageClassName: nfs
# kubectl apply -f pvc.yaml
persistentvolumeclaim/nfs-test created
# kubectl get pv
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE
pvc-c702ccbb-eddd-445f-ab86-efb44769c1d4 5Gi RWX Delete Bound demo/nfs-test nfs 7s
# kubectl get pvc -ndemo
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
nfs-test Bound pvc-c702ccbb-eddd-445f-ab86-efb44769c1d4 5Gi RWX nfs 25s

1.20新版本问题

I0218 10:05:03.223179       1 leaderelection.go:194] successfully acquired lease kube-system/shisuyun-nfs
I0218 10:05:03.223336 1 controller.go:631] Starting provisioner controller shisuyun/nfs_nfs-client-provisioner-6db9db9dcf-c6phr_ba4b22b4-71d0-11eb-82ab-12d5aefc2432!
I0218 10:05:03.324107 1 controller.go:680] Started provisioner controller shisuyun/nfs_nfs-client-provisioner-6db9db9dcf-c6phr_ba4b22b4-71d0-11eb-82ab-12d5aefc2432!
I0218 10:05:03.324440 1 controller.go:987] provision "mysql/nfs-test" class "nfs": started
E0218 10:05:03.332013 1 controller.go:1004] provision "mysql/nfs-test" class "nfs": unexpected error getting claim reference: selfLink was empty, can't make reference

https://github.com/kubernetes-sigs/nfs-subdir-external-provisioner/issues/25

在/etc/kubernetes/manifests/kube-apiserver.yaml配置添加参数
—feature-gates = RemoveSelfLink = false
保存之后重新创建pvc