this is for single node cluster:
local volumn有个坑,他是挂载设备,不是节点上面的目录,所以想用的话,先要想办法把节点上面用lvm搞出很多个设备来,然后用local volumn挂载。。。这个太傻了。。。还是需要有商业版本的云原生的存储解决方案比较好。
# on worker-0
mkdir -p /data/demo
# on helper
oc project demo
oc get sa
oc create serviceaccount -n demo demo-app
oc adm policy add-scc-to-user privileged -z demo-app
如果是local volume 在块设备的模式下,是可以被相同节点的pod共享的
video
- https://youtu.be/P33sxtR57u8
- https://www.ixigua.com/i6841022539582407180/
- https://www.bilibili.com/video/BV115411W7FV/
# on infra0 create a lv
lvcreate --type raid0 -L 40G --stripes 12 -n sharelv datavg
apiVersion: "local.storage.openshift.io/v1"
kind: "LocalVolume"
metadata:
name: "local-share-block-disks"
namespace: "local-storage"
spec:
nodeSelector:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- infra0.hsc.redhat.ren
storageClassDevices:
- storageClassName: "local-share-block-sc"
volumeMode: Block
devicePaths:
- /dev/datavg/sharelv
cat << EOF > storage.yaml
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: localpvc
spec:
accessModes:
- ReadWriteOnce
volumeMode: Block
resources:
requests:
storage: 40Gi
storageClassName: local-share-block-sc
EOF
oc apply -n demo -f storage.yaml
cat << EOF > demo1.yaml
---
kind: Pod
apiVersion: v1
metadata:
annotations:
name: demo1
namespace: demo
spec:
nodeSelector:
kubernetes.io/hostname: 'infra0.hsc.redhat.ren'
restartPolicy: Always
containers:
- name: demo1
image: >-
registry.redhat.ren:5443/docker.io/wangzheng422/centos:centos7-test
env:
- name: key
value: value
command: [ "/bin/bash", "-c", "--" ]
args: [ "while true; do sleep 300000; done;" ]
imagePullPolicy: Always
securityContext:
privileged: true
volumeDevices:
- devicePath: /mnt/block
name: demo
serviceAccount: demo-app
volumes:
- name: demo
persistentVolumeClaim:
claimName: localpvc
---
kind: Pod
apiVersion: v1
metadata:
annotations:
name: demo2
namespace: demo
spec:
nodeSelector:
kubernetes.io/hostname: 'infra0.hsc.redhat.ren'
restartPolicy: Always
containers:
- name: demo1
image: >-
registry.redhat.ren:5443/docker.io/wangzheng422/centos:centos7-test
env:
- name: key
value: value
command: [ "/bin/bash", "-c", "--" ]
args: [ "while true; do sleep 300000; done;" ]
imagePullPolicy: Always
securityContext:
privileged: true
volumeDevices:
- devicePath: /mnt/block
name: demo
serviceAccount: demo-app
volumes:
- name: demo
persistentVolumeClaim:
claimName: localpvc
EOF
oc apply -f demo1.yaml
# 向块设备写入
oc exec -it -n demo demo1 -- bash -c "echo 'test 1' > /mnt/block"
oc exec -it -n demo demo1 -- head -n 1 /mnt/block
oc exec -it -n demo demo2 -- head -n 2 /mnt/block
oc delete -f demo1.yaml
cat << EOF > demo1.yaml
---
apiVersion: "local.storage.openshift.io/v1"
kind: "LocalVolume"
metadata:
name: "local-disks"
namespace: "local-storage"
spec:
nodeSelector:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- worker-0
storageClassDevices:
- storageClassName: "local-sc"
volumeMode: Filesystem
fsType: xfs
devicePaths:
- /data/lv01
- /data/lv02
EOF
oc apply -f demo1.yaml
oc delete -f demo1.yaml
oc get all -n local-storage
oc get pv
cat << EOF > demo1.yaml
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: local-pvc-name
spec:
accessModes:
- ReadWriteOnce
volumeMode: Filesystem
resources:
requests:
storage: 100Gi
storageClassName: local-sc
---
kind: Pod
apiVersion: v1
metadata:
annotations:
name: demo1
namespace: demo
spec:
nodeSelector:
kubernetes.io/hostname: 'worker-0'
restartPolicy: Always
containers:
- name: demo1
image: >-
registry.redhat.ren:5443/docker.io/wangzheng422/centos:centos7-test
env:
- name: key
value: value
command: [ "/bin/bash", "-c", "--" ]
args: [ "while true; do sleep 300000; done;" ]
imagePullPolicy: Always
securityContext:
privileged: true
volumeMounts:
- mountPath: /data
name: demo
readOnly: false
serviceAccount: demo-app
volumes:
- name: demo
persistentVolumeClaim:
claimName: localpvc
EOF
oc apply -f demo1.yamlvideo
oc project demo
oc get sa
oc create serviceaccount -n demo demo-app
oc adm policy add-scc-to-user privileged -z demo-app
cat << EOF > demo1.yaml
---
kind: Deployment
apiVersion: apps/v1
metadata:
annotations:
name: demo1
namespace: demo
spec:
replicas: 1
selector:
matchLabels:
app: demo1
template:
metadata:
labels:
app: demo1
spec:
nodeSelector:
kubernetes.io/hostname: 'infra1.hsc.redhat.ren'
restartPolicy: Always
containers:
- name: demo1
image: >-
registry.redhat.ren:5443/docker.io/wangzheng422/centos:centos7-test
env:
- name: key
value: value
command: ["/bin/bash", "-c", "--" ]
args: [ "trap : TERM INT; sleep infinity & wait" ]
imagePullPolicy: Always
securityContext:
privileged: true
volumeMounts:
- mountPath: /data
name: demo
readOnly: false
serviceAccount: demo-app
volumes:
- name: demo
hostPath:
path: /data
type: Directory
EOF
oc apply -f demo1.yaml
oc delete -f demo1.yamlhttps://kubernetes.io/docs/concepts/storage/volumes/
cat << EOF > demo1.yaml
---
kind: Deployment
apiVersion: apps/v1
metadata:
annotations:
name: demo1
namespace: demo
spec:
replicas: 1
selector:
matchLabels:
app: demo1
template:
metadata:
labels:
app: demo1
spec:
nodeSelector:
kubernetes.io/hostname: 'infra1.hsc.redhat.ren'
restartPolicy: Always
containers:
- name: demo1
image: >-
registry.redhat.ren:5443/docker.io/wangzheng422/centos:centos7-test
env:
- name: key
value: value
command: ["/bin/bash", "-c", "--" ]
args: [ "trap : TERM INT; sleep infinity & wait" ]
imagePullPolicy: Always
volumeMounts:
- mountPath: /data
name: demo
readOnly: false
volumes:
- name: demo
emptyDir: {}
EOF
oc apply -f demo1.yaml
oc delete -f demo1.yaml
https://docs.openshift.com/container-platform/4.3/nodes/pods/nodes-pods-secrets.html
cat << EOF > demo1.yaml
---
apiVersion: v1
kind: Secret
metadata:
name: test-secret
namespace: demo
data:
username: dmFsdWUtMQ0K
password: dmFsdWUtMQ0KDQo=
stringData:
hostname: myapp.mydomain.com
secret.properties: |-
property1=valueA
property2=valueB
---
kind: Deployment
apiVersion: apps/v1
metadata:
annotations:
name: demo1
namespace: demo
spec:
replicas: 1
selector:
matchLabels:
app: demo1
template:
metadata:
labels:
app: demo1
spec:
nodeSelector:
kubernetes.io/hostname: 'infra1.hsc.redhat.ren'
restartPolicy: Always
containers:
- name: demo1
image: >-
registry.redhat.ren:5443/docker.io/wangzheng422/centos:centos7-test
env:
- name: key
value: value
command: ["/bin/bash", "-c", "--" ]
args: [ "trap : TERM INT; sleep infinity & wait" ]
imagePullPolicy: Always
volumeMounts:
- mountPath: /data
name: demo
readOnly: true
volumes:
- name: demo
secret:
secretName: test-secret
EOF
oc apply -f demo1.yaml
oc delete -f demo1.yaml
https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/
cat << EOF > demo1.yaml
---
apiVersion: v1
kind: ConfigMap
metadata:
name: special-config
namespace: demo
data:
SPECIAL_LEVEL: very
SPECIAL_TYPE: charm
---
kind: Deployment
apiVersion: apps/v1
metadata:
annotations:
name: demo1
namespace: demo
spec:
replicas: 1
selector:
matchLabels:
app: demo1
template:
metadata:
labels:
app: demo1
spec:
nodeSelector:
kubernetes.io/hostname: 'infra1.hsc.redhat.ren'
restartPolicy: Always
containers:
- name: demo1
image: >-
registry.redhat.ren:5443/docker.io/wangzheng422/centos:centos7-test
env:
- name: key
value: value
command: ["/bin/bash", "-c", "--" ]
args: [ "trap : TERM INT; sleep infinity & wait" ]
imagePullPolicy: Always
volumeMounts:
- mountPath: /data
name: demo
readOnly: true
volumes:
- name: demo
configMap:
name: special-config
EOF
oc apply -f demo1.yaml
oc delete -f demo1.yaml
video
# on helper
mkdir -p /data/export/lv01
mkdir -p /data/export/lv02
chown -R nfsnobody:nfsnobody /data/export/lv01
chown -R nfsnobody:nfsnobody /data/export/lv02
chmod 777 /data/export/lv01
chmod 777 /data/export/lv02
cat << EOF > /etc/exports
/data/export *(rw,sync,root_squash)
/data/export/lv01 *(rw,sync,root_squash)
/data/export/lv02 *(rw,sync,root_squash)
EOF
systemctl restart nfs-server
exportfs -s
cat << EOF > demo.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: pv0001
labels:
storage-purpose: demo
spec:
capacity:
storage: 5Gi
accessModes:
- ReadWriteOnce
nfs:
path: /data/export/lv01
server: 117.177.241.16
persistentVolumeReclaimPolicy: Retain
EOF
oc create -n demo -f demo.yaml
oc get pv
cat << EOF > demo.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: nfs-claim1
spec:
storageClassName: ""
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
selector:
matchLabels:
storage-purpose: demo
EOF
oc create -n demo -f demo.yaml
cat << EOF > demo.yaml
---
kind: Deployment
apiVersion: apps/v1
metadata:
annotations:
name: demo
spec:
replicas: 1
selector:
matchLabels:
app: demo
template:
metadata:
labels:
app: demo
spec:
nodeSelector:
kubernetes.io/hostname: 'infra1.hsc.redhat.ren'
restartPolicy: Always
containers:
- name: demo1
image: >-
registry.redhat.ren:5443/docker.io/wangzheng422/centos:centos7-test
env:
- name: key
value: value
command: ["/bin/bash", "-c", "--" ]
args: [ "trap : TERM INT; sleep infinity & wait" ]
imagePullPolicy: Always
volumeMounts:
- mountPath: /data
name: demo
volumes:
- name: demo
persistentVolumeClaim:
claimName: nfs-claim1
EOF
oc apply -n demo -f demo.yaml
video
cat << EOF > demo.yaml
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: pvc-demo
annotations:
volume.beta.kubernetes.io/storage-class: nfs-storage-provisioner
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 10Gi
EOF
oc create -n demo -f demo.yaml
cat << EOF > demo.yaml
---
kind: Deployment
apiVersion: apps/v1
metadata:
annotations:
name: demo
spec:
replicas: 1
selector:
matchLabels:
app: demo
template:
metadata:
labels:
app: demo
spec:
nodeSelector:
kubernetes.io/hostname: 'infra1.hsc.redhat.ren'
restartPolicy: Always
containers:
- name: demo1
image: >-
registry.redhat.ren:5443/docker.io/wangzheng422/centos:centos7-test
env:
- name: key
value: value
command: ["/bin/bash", "-c", "--" ]
args: [ "trap : TERM INT; sleep infinity & wait" ]
imagePullPolicy: Always
volumeMounts:
- mountPath: /data
name: demo
volumes:
- name: demo
persistentVolumeClaim:
claimName: pvc-demo
EOF
oc apply -n demo -f demo.yaml
oc delete -n demo -f demo.yaml