开启SelfLink

https://sre.ink/kubernetes-v1-22-enable-selflink-%e5%ad%97%e6%ae%b5/

安装

pv pvc 需要改成自己的nfs地址和路径

---
apiVersion: v1
kind: PersistentVolume
metadata:
  finalizers:
    - kubernetes.io/pv-protection
  name: nfs-pv-nfs
spec:
  accessModes:
    - ReadWriteMany
  capacity:
    storage: 1000Gi
  mountOptions:
    - vers=4
    - minorversion=0
    - 'noresvport '
  nfs:
    path: /data/nfs
    server: 172.16.0.13
  persistentVolumeReclaimPolicy: Retain
  storageClassName: nfs-storageclass-provisioner
  volumeMode: Filesystem

---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  finalizers:
    - kubernetes.io/pvc-protection
  name: nfs-pvc-nfs
  namespace: kube-system
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 1000Gi
  storageClassName: nfs-storageclass-provisioner
  volumeMode: Filesystem
  volumeName: nfs-pv-nfs

ServiceAccount ClusterRole ClusterRoleBinding Role

---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: eip-nfs-client-provisioner
  namespace: kube-system

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: eip-nfs-client-provisioner-runner
rules:
  - apiGroups:
      - ''
    resources:
      - persistentvolumes
    verbs:
      - get
      - list
      - watch
      - create
      - delete
  - apiGroups:
      - ''
    resources:
      - persistentvolumeclaims
    verbs:
      - get
      - list
      - watch
      - update
  - apiGroups:
      - storage.k8s.io
    resources:
      - storageclasses
    verbs:
      - get
      - list
      - watch
  - apiGroups:
      - ''
    resources:
      - events
    verbs:
      - create
      - update
      - patch

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: eip-run-nfs-client-provisioner
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: eip-nfs-client-provisioner-runner
  namespace: kube-system
subjects:
  - kind: ServiceAccount
    name: eip-nfs-client-provisioner
    namespace: kube-system

---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: eip-leader-locking-nfs-client-provisioner
  namespace: kube-system
rules:
  - apiGroups:
      - ''
    resources:
      - endpoints
    verbs:
      - get
      - list
      - watch
      - create
      - update
      - patch

---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: eip-leader-locking-nfs-client-provisioner
  namespace: kube-system
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: eip-leader-locking-nfs-client-provisioner
  namespace: kube-system
subjects:
  - kind: ServiceAccount
    name: eip-nfs-client-provisioner
    namespace: kube-system

---

Deployment

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: eip-nfs-nfs
  name: eip-nfs-nfs
  namespace: kube-system
spec:
  replicas: 1
  selector:
    matchLabels:
      app: eip-nfs-nfs
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: eip-nfs-nfs
    spec:
      containers:
        - env:
            - name: PROVISIONER_NAME
              value: nfs-nfs
            - name: NFS_SERVER
              value: 172.16.0.13
            - name: NFS_PATH
              value: /data/nfs
          image: >-
            swr.cn-east-2.myhuaweicloud.com/kuboard-dependency/nfs-client-provisioner:v3.1.0-k8s1.11
          name: nfs-client-provisioner
          volumeMounts:
            - mountPath: /persistentvolumes
              name: nfs-client-root
      serviceAccountName: eip-nfs-client-provisioner
      volumes:
        - name: nfs-client-root
          persistentVolumeClaim:
            claimName: nfs-pvc-nfs

---

StorageClass

apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  annotations:
    k8s.kuboard.cn/storageType: nfs_client_provisioner
  name: nfs
mountOptions:
  - vers=4
  - minorversion=0
  - 'noresvport '
parameters:
  archiveOnDelete: 'false'
provisioner: nfs-nfs
reclaimPolicy: Delete
volumeBindingMode: Immediate

发表评论

您的电子邮箱地址不会被公开。 必填项已用*标注

Captcha Code