Kubernetes高级存储
PV PVC
k8s支持的存储系统很多,全部掌握不现实。为了屏蔽底层存储实现的细节,方便用户使用,k8s引入PV和PVC两种资源对象。
PV(Persistent Volume)持久化卷,对底层共享存储的抽象,一般由k8s管理员进行创建配置,通过插件完成共享存储的对接。
PVC(Persistent Volume Claim)持久化声明,是用户对于存储需求的一种声明。PVC就是用户向k8s系统发出的一种资源需求申请。
PV
官方文档:
Kubernetes 文档
概念
存储
持久卷
资源清单:
apiVersion: v1
kind: PersistentVolume
metadata:
name: pv2
spec:
nfs: # 存储类型,与底层真正存储对应
capacity: # 存储能力,目前只支持存储空间的设置
storage: 2Gi
accessModes: # 访问模式
storageClassName: # 存储类别
persistentVolumeReclaimPolicy: # 回收策略
参数说明:
-
存储类型:
底层实际存储的类型,kubernetes支持多种存储类型,每种存储类型的配置都有所差异
-
存储能力
目前只支持存储空间的设置( storage=1Gi )
-
访问模式
ReadWriteOnce(RWO):读写权限,但是只能被单个节点挂载ReadOnlyMany(ROX): 只读权限,可以被多个节点挂载ReadWriteMany(RWX):读写权限,可以被多个节点挂载
-
回收策略
Retain (保留) 保留数据,需要管理员手工清理数据Recycle(回收) 清除 PV 中的数据,效果相当于执行 rm -rf /thevolume/* Delete (删除) 与 PV 相连的后端存储完成 volume 的删除操作
实验:
使用NFS作为存储,创建3个PV,对应三个暴露路径
-
准备环境
#创建目录 [root@master ~]# mkdir /root/data/{pv1,pv2,pv3} -pv mkdir: created directory ‘/root/data/pv1’ mkdir: created directory ‘/root/data/pv2’ mkdir: created directory ‘/root/data/pv3’ # 暴露服务 IP网段是你集群节点所在的网段 [root@master ~]# vim /etc/exports [root@master ~]# more /etc/exports /root/data/pv1 192.168.126.0/24(rw,no_root_squash) /root/data/pv2 192.168.126.0/24(rw,no_root_squash) /root/data/pv3 192.168.126.0/24(rw,no_root_squash) #重启服务 [root@master ~]# systemctl restart nfs -
创建pv.yaml
apiVersion: v1 kind: PersistentVolume metadata: name: pv1 spec: capacity: storage: 1Gi accessModes: - ReadWriteMany persistentVolumeReclaimPolicy: Retain nfs: path: /root/data/pv1 server: 192.168.126.132 --- apiVersion: v1 kind: PersistentVolume metadata: name: pv2 spec: capacity: storage: 2Gi accessModes: - ReadWriteMany persistentVolumeReclaimPolicy: Retain nfs: path: /root/data/pv2 server: 192.168.126.132 --- apiVersion: v1 kind: PersistentVolume metadata: name: pv3 spec: capacity: storage: 3Gi accessModes: - ReadWriteMany persistentVolumeReclaimPolicy: Retain nfs: path: /root/data/pv3 server: 192.168.126.132 -
操作
[root@master ~]# vim pv.yaml #创建pv [root@master ~]# kubectl create -f pv.yaml persistentvolume/pv1 created persistentvolume/pv2 created persistentvolume/pv3 created #查看pv [root@master ~]# kubectl get pv -o wide NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE VOLUMEMODE pv1 1Gi RWX Retain Available 44s Filesystem pv2 2Gi RWX Retain Available 44s Filesystem pv3 3Gi RWX Retain Available 44s Filesystem
PVC
PVC是资源申请,用来声明对存储空间,访问模式,存储类别需求信息
资源清单:
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: pvc
namespace: dev
spec:
accessModes: # 访问模式
selector: # 采用标签对PV选择
storageClassName: # 存储类别
resources: # 请求空间
requests:
storage: 5Gi
参数说明:
- 访问模式:描述用户应用对存储资源的访问权限
- 选择条件:通过Label Selector使PVC对于系统中已存在的PV进行筛选
- 存储类别:PVC定义时可设定需要的后端存储类别
- 资源请求:描述对存储资源的请求
实验:
-
创建pvc.yaml,申请pv
apiVersion: v1 kind: PersistentVolumeClaim metadata: name: pvc1 namespace: dev spec: accessModes: - ReadWriteMany resources: requests: storage: 1Gi --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: pvc2 namespace: dev spec: accessModes: - ReadWriteMany resources: requests: storage: 1Gi --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: pvc3 namespace: dev spec: accessModes: - ReadWriteMany resources: requests: storage: 1Gi#创建pvc [root@master ~]# kubectl create -f pvc.yaml persistentvolumeclaim/pvc1 created persistentvolumeclaim/pvc2 created persistentvolumeclaim/pvc3 created #查看pvc [root@master ~]# kubectl get pvc -n dev -o wide NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE VOLUMEMODE pvc1 Bound pv1 1Gi RWX 14s Filesystem pvc2 Bound pv2 2Gi RWX 14s Filesystem pvc3 Bound pv3 3Gi RWX 14s Filesystem #查看pv [root@master ~]# kubectl get pv -o wide NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE VOLUMEMODE pv1 1Gi RWX Retain Bound dev/pvc1 22m Filesystem pv2 2Gi RWX Retain Bound dev/pvc2 22m Filesystem pv3 3Gi RWX Retain Bound dev/pvc3 22m Filesystem -
创建pods.yaml,实验pv
apiVersion: v1 kind: Pod metadata: name: pod1 namespace: dev spec: containers: - name: busybox image: busybox:1.30 command: ["/bin/sh","-c","while true;do echo pod1 >> /root/out.txt; sleep 10; done;"] volumeMounts: - name: volume mountPath: /root/ volumes: - name: volume persistentVolumeClaim: claimName: pvc1 readOnly: false --- apiVersion: v1 kind: Pod metadata: name: pod2 namespace: dev spec: containers: - name: busybox image: busybox:1.30 command: ["/bin/sh","-c","while true;do echo pod2 >> /root/out.txt; sleep 10; done;"] volumeMounts: - name: volume mountPath: /root/ volumes: - name: volume persistentVolumeClaim: claimName: pvc2 readOnly: false#创建Pod [root@master ~]# kubectl create -f pods.yaml pod/pod1 created pod/pod2 created #查看Pod [root@master ~]# kubectl get pods -n dev -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES pod1 1/1 Running 0 103s 10.244.1.5 node1 <none> <none> pod2 1/1 Running 0 103s 10.244.2.11 node2 <none> <none> #查看PVC [root@master ~]# kubectl get pvc -n dev -o wide NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE VOLUMEMODE pvc1 Bound pv1 1Gi RWX 10m Filesystem pvc2 Bound pv2 2Gi RWX 10m Filesystem pvc3 Bound pv3 3Gi RWX 10m Filesystem #查看数据卷输出信息 [root@master ~]# more /root/data/pv1/out.txt pod1 pod1 pod1 pod1 pod1 [root@master ~]# more /root/data/pv2/out.txt pod2 pod2 pod2 pod2 pod2 #数据已经同步
生命周期
PV和PVC一一对应,类似于键值对,遵循以下生命周期:
- 资源供应:手动创建底层存储和PV
- 资源绑定:PV创建后,k8s负责根据PVC声明去寻找PV,并绑定(如果找不到,PVC会一直处于Pending状态,直到管理员创建了符合要求的PV),PV一旦绑定PVC,就会被这个PVC独占,不能再与其他PVC进行绑定
- 资源使用:可在Pod里像Volume使用数据卷
- 资源释放:用户删除PVC来释放PV
