使用StorageClass挂载ceph rbd需要用到2个cephx用户。一个用于创建和管理rbd,在这里我们使用admin;另一个用于将rbd映射到kubelet节点,我们可以在ceph中手动创建一个。
准备:
假设已有一套ceph集群,Monitor分别为192.168.1.1,192.168.1.2和192.168.1.3
需要保证Monitor的6379端口和OSD的6800端口对kubelet节点开放
为每个kubelet节点都事先安装ceph-common
一、创建一个k8s存储池,用于存放数据卷
ceph osd pool create k8s 64 64
二、创建cephx用户,用于映射rbd
ceph auth get-or-create client.k8s mon 'allow r' osd 'allow * pool=k8s'
三、获取k8s用户的key,以base64编码
ceph auth get-key client.k8s|base64
记录输出的内容,如:QVFEQjlmcFpjUE5lS0JBQU40NnZxZ2dIT0dRTEtaeUx1blNjR1E9PQ==
四、获取admin用户的key,以base64编码
ceph auth get-key client.admin|base64
记录输出的内容,如:QVFDUDNrQllRRVBJR0JBQXFuVXJQbHZQaC9xZEQ2ZGVZOXRoVXc9PQ==
五、创建storage-class-rbd.yaml
--- apiVersion: v1 data: key: QVFEQjlmcFpjUE5lS0JBQU40NnZxZ2dIT0dRTEtaeUx1blNjR1E9PQ== kind: Secret metadata: name: ceph-secret-user namespace: defaulttype: kubernetes.io/rbd --- apiVersion: v1 data: key: QVFDUDNrQllRRVBJR0JBQXFuVXJQbHZQaC9xZEQ2ZGVZOXRoVXc9PQ== kind: Secret metadata: name: ceph-secret-admin namespace: kube-system type: kubernetes.io/rbd --- apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: name: rbd provisioner: kubernetes.io/rbd parameters: monitors: 192.168.1.1:6789,192.168.1.2:6789,192.168.1.3:6789 adminId: admin adminSecretName: ceph-secret-admin adminSecretNamespace: kube-system pool: k8s userId: k8s userSecretName: ceph-secret-user fsType: xfs imageFormat: "2" imageFeatures: "layering"
六、创建StorageClass
kubectl create -f ./storage-class-rbd.yaml
七、创建nginx-statefulset.yaml, 通过StatefulSet动态挂载卷
--- apiVersion: apps/v1beta1 kind: StatefulSet metadata: name: web spec: serviceName: "nginx" replicas: 2 volumeClaimTemplates: - metadata: name: html annotations: volume.beta.kubernetes.io/storage-class: "rbd" # 这里配置 上面创建的 storageclass 的名称 spec: accessModes: [ "ReadWriteOnce" ] resources: requests: storage: 2Gi template: metadata: labels: app: nginx spec: containers: - name: nginx image: nginx:latest volumeMounts: - mountPath: "/usr/share/nginx/html/" name: html
StatefulSet会为每个Pod创建一个rbd数据卷,并挂载到/usr/share/nginx/html/目录中,数据卷会随着StatefulSet的伸缩而动态创建。
作者:361007018
链接:https://www.jianshu.com/p/9aa4224fd2e1