容器云项目-动态存储nfs平台部署

一、部署说明

在前面cicd部署配置各个组件是卷试通过静态存储绑定,手动创建pvc、pv并绑定二者来实现数据的持久化,但是有时候为了减少管理员对pv的管理和维护,可以创建动态存储来实现,即无须创建pv,pvc会根据配置自动创建pv并实现绑定

二、nfs-provisioner部署

node19上操作
cat nfs-rbac.yaml

apiVersion: v1
kind: ServiceAccount
metadata:
  name: nfs-provisioner
  namespace: monitor
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
   name: nfs-provisioner-runner
   namespace: monitor
rules:
   -  apiGroups: [""]
      resources: ["persistentvolumes"]
      verbs: ["get", "list", "watch", "create", "delete"]
   -  apiGroups: [""]
      resources: ["persistentvolumeclaims"]
      verbs: ["get", "list", "watch", "update"]
   -  apiGroups: ["storage.k8s.io"]
      resources: ["storageclasses"]
      verbs: ["get", "list", "watch"]
   -  apiGroups: [""]
      resources: ["events"]
      verbs: ["watch", "create", "update", "patch"]
   -  apiGroups: [""]
      resources: ["services", "endpoints"]
      verbs: ["get","create","list", "watch","update"]
   -  apiGroups: ["extensions"]
      resources: ["podsecuritypolicies"]
      resourceNames: ["nfs-provisioner"]
      verbs: ["use"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: run-nfs-provisioner
subjects:
  - kind: ServiceAccount
    name: nfs-provisioner
    namespace: monitor
roleRef:
  kind: ClusterRole
  name: nfs-provisioner-runner
  apiGroup: rbac.authorization.k8s.io

cat nfs-deploy.yaml

kind: Deployment
apiVersion: apps/v1
metadata:
   name: nfs-provisioner
   labels:
     app: nfs
   namespace: monitor
spec:
   replicas: 1
   strategy:
     type: Recreate
   selector:
     matchLabels:
       app: nfs
   template:
      metadata:
         labels:
            app: nfs
      spec:
         serviceAccount: nfs-provisioner
         containers:
            -  name: nfs-provisioner
               image: quay.io/external_storage/nfs-client-provisioner:latest
               volumeMounts:
                 -  name: nfs-root
                    mountPath: /persistentvolumes
               env:
                 -  name: PROVISIONER_NAME
                    value: fuseim.pri/ifs
                 -  name: NFS_SERVER
                    value: 10.0.0.18
                 -  name: NFS_PATH
                    value: /data/nfs
         volumes:
           - name: nfs-root
             nfs:
               server: 10.0.0.18
               path: /data/nfs

cat nfs-sc.yaml

apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: es-nfs
  namespace: monitor
provisioner: fuseim.pri/ifs
reclaimPolicy: Retain