一、存储类型对比
| 存储类型 |
说明 |
区别 |
使用场景 |
创建方式 |
| emptyDir |
Pod内的容器,需要共享数据卷的时候,使用的临时数据卷 |
如果Pod的被删除,那么数据也会被删除,不具备持计化 |
临时空间,保存内容管理器容器从Web服务器容器提供数据时所获取的文件 |
手动指定 |
| HostPath |
映射node文件系统中的文件或者目录到pod里,持久化功能较强 |
增加了Pod与host的耦合 |
通常关于docker或者k8s集群本身才会使用,多用于单机测试 |
手动指定 |
| PV |
是k8s集群的外部存储系统,一般是设定好的存储空间(文件系统中的一个目录) |
PV 卷是集群中的资源,无法直接使用 |
\ |
手动指定 |
| PVC |
是由用户进行存储的请求。 它类似于pod。 Pod消耗节点资源,PVC消耗PV资源 |
需要向PV申请空间,PVC 申领与 PV 卷之间的绑定是一种一对一的映射,如果找不到匹配的 PV 卷,PVC 申领会无限期地处于未绑定状态 |
业务量大,pod多 |
自动创建 |
| StatefulSet |
有状态的集合,管理所有有状态的服务,比如MySQL、MongoDB集群 |
后端生成的每一个Pod都具有自己的唯一性,不可随意被删除,每一个Pod都有自己独有的数据持久化存储目录 |
|
自动创建 |
| volumeClaimTemplate |
自动创建PVC,为后端的Pod提供专有的存储,为每个Pod生成不同的pvc,并绑定pv, 从而实现各pod有专用存储 |
每个pod拥有不同的数据 |
搭建MySQL、MongoDB集群 |
自动创建 |
二、emptyDir
[root@master ~]
kind: Pod
apiVersion: v1
metadata:
name: producer-consumer
spec:
containers:
- name: producer
image: busybox
volumeMounts:
- mountPath: /producer_dir //容器内的路径
name: shared-volume
args:
- /bin/sh
- -c
- echo "hello world" > /producer_dir/hello.txt ; sleep 30000
- name: consumer
image: busybox
volumeMounts:
- mountPath: /consumer_dir
name: shared-volume
args:
- /bin/sh
- -c
- cat /consumer_dir/hello.txt ;sleep 30000
volumes:
- name: shared-volume
emptyDir: {
}
三、HostPath
vim emptyDir.yaml
kind: Pod
apiVersion: v1
metadata:
name: producer-consumer
spec:
containers:
- name: producer
image: busybox
volumeMounts:
- mountPath: /producer_dir //容器内的路径
name: shared-volume
args:
- /bin/sh
- -c
- echo "hello world" > /producer_dir/hello.txt ; sleep 30000
- name: consumer
image: busybox
volumeMounts:
- mountPath: /consumer_dir
name: shared-volume
args:
- /bin/sh
- -c
- cat /consumer_dir/hello.txt ;sleep 30000
volumes:
- name: shared-volume
hostPath:
path: "/data/hostPath"
四、PV、PVC
1、基于NFS服务创建PV
1、搭建NFS服务
[root@master ~]
[root@master ~]
[root@master ~]
/nfsdata *(rw,sync,no_root_squash)
[root@master ~]
[root@master ~]
[root@master ~]
[root@master ~]
[root@master ~]
[root@master ~]
Export list for master:
/nfsdata *
2、搭建pv
[root@master ~]
kind: PersistentVolume
apiVersion: v1
metadata:
name: pv1
spec:
capacity: //PV的容量
storage: 1Gi
accessModes: //访问模式
- ReadWriteOnce //PV能以read-write的模式mount到单个节点
persistentVolumeReclaimPolicy: Recycle //PV空间的回收策略
storageClassName: nfs
nfs:
path: /nfsdata/pv1 //本地目录,需提前创建
server: 192.168.1.10
[root@master ~]
| 回收策略 |
说明 |
| Retain |
如果用户删除 PV,对应PV内的内容不会被删除,需要手动清理回收 |
3、搭建pvc
[root@master ~]
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: pvc1
spec:
accessModes: //访问模式,需要和pv相同
- ReadWriteOnce
resources:
requests:
storage: 200Mi //请求描述了所需的最少计算资源量
storageClassName: nfs //需要和pv相同
[root@master ~]
| 访问模式 |
说明 |
| ReadWriteOnce |
PV能以read-write的模式mount到单个节点 |
| ReadOnlyMany |
PV能以read-only 的模式mount到多个节点 |
| ReadWriteMan |
PV能以read-write的模式Mount到多个节点 |
4、 创建pod
[root@master ~]
kind: Pod
apiVersion: v1
metadata:
name: pod1
spec:
containers:
- name: pod1
image: busybox
args:
- /bin/sh
- -c
- sleep 30000
volumeMounts:
- mountPath: "/data"
name: mydata
volumes:
- name: mydata
persistentVolumeClaim:
claimName: pvc1
[root@master ~]
[root@master ~]
[root@master ~]
[root@master pv1]
[root@master pv1]
hello persistenVolume
五、MySQL的数据进行持久化存储
1、创建pv
[root@master ~]
kind: PersistentVolume
apiVersion: v1
metadata:
name: mysql-pv
spec:
accessModes:
- ReadWriteOnce
capacity:
storage: 1Gi
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs
nfs:
path: /nfsdata/mysql-pv
server: 192.168.1.10
[root@master ~]
2、创建pvc
[root@master ~]
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: mysql-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
storageClassName: nfs
[root@master ~]
3、部署MySQL
[root@master ~]
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
name: mysql
spec:
template:
metadata:
labels:
app: mysql
spec:
containers:
- name: mysql
image: mysql:5.7
env:
- name: MYSQL_ROOT_PASSWORD
value: 123.com
volumeMounts:
- name: mysql-storage
mountPath: /var/lib/mysql
volumes:
- name: mysql-storage
persistentVolumeClaim:
claimName: mysql-pvc
---
kind: Service
apiVersion: v1
metadata:
name: mysql
spec:
type: NodePort
selector:
app: mysql
ports:
- port: 3306
targetPort: 3306
[root@master ~]
4、查看创建情况
[root@master ~]
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
persistentvolumeclaim/mysql-pvc Bound mysql-pv 1Gi RWO nfs 24s
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE
persistentvolume/mysql-pv 1Gi RWO Retain Bound default/mysql-pvc nfs 26s
5、写入数据
[root@master ~]
mysql> SHOW DATABASES;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
+--------------------+
4 rows in set (0.01 sec)
mysql> CREATE DATABASE TEST;
Query OK, 1 row affected (0.00 sec)
mysql> USE TEST;
Database changed
mysql> SHOW TABLES;
Empty set (0.00 sec)
mysql> CREATE TABLE my_id(id int(4));
Query OK, 0 rows affected (0.02 sec)
mysql> INSERT my_id values (9527);
Query OK, 1 row affected (0.00 sec)
mysql> SELECT * FROM my_id;
+------+
| id |
+------+
| 9527 |
+------+
1 row in set (0.00 sec)
mysql> exit
Bye
六、storageclass(自动创建PV)
1、开启NFS
[root@master ~]
[root@master ~]
[root@master ~]
/nfsdata *(rw,sync,no_root_squash)
[root@master ~]
[root@master ~]
[root@master ~]
[root@master ~]
[root@master ~]
2、开启rbac权限(基于角色的访问控制)
[root@master ~]
kind: Namespace
apiVersion: v1
metadata:
name: nfs
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: nfs-provisioner
namespace: nfs
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: nfs-provisioner-runner
namespace: nfs
rules:
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "create", "delete"]
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "create", "delete"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list", "watch", "update"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["events"]
verbs: ["watch", "create", "update", "patch"]
- apiGroups: [""]
resources: ["services", "endpoints"]
verbs: ["get","create","list", "watch","update"]
- apiGroups: ["extensions"]
resources: ["podsecuritypolicies"]
resourceNames: ["nfs-provisioner"]
verbs: ["use"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: run-nfs-provisioner
subjects:
- kind: ServiceAccount
name: nfs-provisioner
namespace: nfs
roleRef:
kind: ClusterRole
name: nfs-provisioner-runner
apiGroup: rbac.authorization.k8s.io
[root@master ~]
3、创建nfs-deployment
nfs-client-provisioner:它通过k8s集群内置的NFS驱动,挂载远端的NFS服务器到本地目录,然后将自身作为storageprovisioner,关联到storageclass。
[root@master ~]
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: nfs-client-provisioner
namespace: nfs
spec:
replicas: 1
strategy:
type: Recreate
template:
metadata:
labels:
app: nfs-client-provisioner
spec:
serviceAccount: nfs-provisioner
containers:
- name: nfs-client-provisioner
image: registry.cn-hangzhou.aliyuncs.com/open-ali/nfs-client-provisioner
volumeMounts:
- name: nfs-client-root
mountPath: /persistentvolumes
env:
- name: PROVISIONER_NAME
value: test
- name: NFS_SERVER
value: 192.168.1.10
- name: NFS_PATH
value: /nfsdata
volumes:
- name: nfs-client-root
nfs:
server: 192.168.1.10
path: /nfsdata
[root@master ~]
4、创建storageclass资源
[root@master ~]
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: storageclass
namespace: nfs
provisioner: test
reclaimPolicy: Retain
[root@master ~]
5、创建PVC
[root@master ~]
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: test-pvc
namespace: nfs
spec:
storageClassName: storageclass
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 200Mi
[root@master ~]
6、查看创建情况
[root@master ~]
nfs-test-pvc-pvc-cacd4496-95eb-470d-8a6f-8d9120eed32d
[root@master ~]
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE
persistentvolume/pvc-cacd4496-95eb-470d-8a6f-8d9120eed32d 200Mi RWO Delete Bound nfs/test-pvc storageclass 8m22s
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
persistentvolumeclaim/test-pvc Bound pvc-cacd4496-95eb-470d-8a6f-8d9120eed32d 200Mi RWO storageclass 8m23s
[root@master ~]
archived-nfs-test-pvc-pvc-cacd4496-95eb-470d-8a6f-8d9120eed32d
nfs-test-pvc-pvc-6805ac67-8029-4a53-95fd-7b022af775c5
六、volumeClaimTemplate
作用:卷申请模板,它会为每个Pod生成不同的pvc,并绑定pv, 从而实现各pod有专用存储
[root@master ~]
apiVersion: v1
kind: Service
metadata:
name: headless-svc
labels:
app: headless-svc
spec:
ports:
- name: myweb
port: 80
selector:
app: headless-pod
clusterIP: None
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: statefulset
spec:
serviceName: headless-svc
replicas: 3
selector:
matchLabels:
app: headless-pod
template:
metadata:
labels:
app: headless-pod
spec:
containers:
- name: myweb
image: nginx
volumeMounts:
- name: test-storage
mountPath: /usr/share/nginx/html
volumeClaimTemplates:
- metadata:
name: test-storage
annotations:
volume.beta.kubernetes.io/storage-class: storageclass
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 100Mi
[root@master ~]
[root@master ~]
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE
persistentvolume/pvc-60565e5d-9f1f-4944-a037-4d142fb928af 100Mi RWO Delete Bound default/test-storage-statefulset-0 storageclass 75s
persistentvolume/pvc-bc63584c-0aad-4bb3-912f-dfb1f751b85e 100Mi RWO Delete Bound default/test-storage-statefulset-1 storageclass 58s
persistentvolume/pvc-d4d9261f-13dd-4b58-8e5a-cc41f79d5484 100Mi RWO Delete Bound default/test-storage-statefulset-2 storageclass 49s
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
persistentvolumeclaim/test-storage-statefulset-0 Bound pvc-60565e5d-9f1f-4944-a037-4d142fb928af 100Mi RWO storageclass 75s
persistentvolumeclaim/test-storage-statefulset-1 Bound pvc-bc63584c-0aad-4bb3-912f-dfb1f751b85e 100Mi RWO storageclass 58s
persistentvolumeclaim/test-storage-statefulset-2 Bound pvc-d4d9261f-13dd-4b58-8e5a-cc41f79d5484 100Mi RWO storageclass 49s