20210902 (목) kubernetes Persistent Volume, 정적 동적 volume provisioning

9:33 review

 

  Kubernetes 스토리지

 

  Volume 종류

  - emptyDir, gitRepo, hostPath network based storage volume( NFS, iSCSI, Ceph, Cinder, Glusterfs )

  - Cloud storage volume ( awsElasticBlockStore, azureDisk, azureFile, gcePersistentDisk 등 )

 

  - PersistentVolume(PV), PersistentVolumeClaim(PVC)

      Kubernetes Cluster에서 외부 스토리지와의 연결을 담당하는 오브젝트

      PV와 PVC는 1:1로 연결될 수 있음

  - PersistentVolumeClaim(PVC)

      사용자가 pod에 스토리지를 연결하기 위한 오브젝트. 저장공간을 요청하는 역할.

      Pod에서 연결할 볼륨 이름과 PVC 지정하여 Pod와 연결함

 

   

     ※ PersistentVolume Status

      - Available: PV가 생성된 이후 다른 PVC에 연결되지 않은 상태. Available 상태에서만 PVC에 연결될 수 있음

      - Bound : PVC와 연결된 상태

      - Released : PVC와 연결이 해제되었으며 리소스를 회수하지 않은 상태 - 이 상태로는 pvc에 연결할 수 없다

      - Failed : 회수 실패

     ※ accessModes:

      - ReadWriteOnce : 한번에 하나의 pod만 read, write가 가능

      - ReadWriteMany : 복수의 pod가 read, write

      - ReadOnlyMany : 복수의 pod가 read만 가능

     ※ retain policy (회수정책)                          

      - retain

      - delete

      - recycle

728x90

 

 

  Static Volume Provisioning 

- NFS를 이용한 정적 프로비저닝      1) NFS 스토리지 구성 (Control Plane)       vagrant@kube-control1:~$ sudo apt-get install nfs-kernel-server -y       vagrant@kube-control1:~$ vim /etc/exports         /EXPORT_DIR TARGET(option)       vagrant@kube-control1:~$ mkdir /EXPORT_DIR       vagrant@kube-control1:~$ sudo chown -R nobody:nogroup /EXPORT_DIR       vagrant@kube-control1:~$ sudo chmod -R 777 /EXPORT_DIR       vagrant@kube-control1:~$ sudo systemctl restart nfs-kernel-server       vagrant@kube-control1:~$ sudo iptables -A  INPUT -p tcp --dport 2049 -j ACCEPT       vagrant@kube-control1:~$ sudo iptables -A  INPUT -p udp --dport 2049 -j ACCEPT       2) NFS Client 구성 (nodes)       vagrant@kube-node1:~$ sudo apt-get install nfs-common -y      3) PersistentVolume manifests 작성       vagrant@kube-control1:~/work/20210902$ cat myapp-pv-nfs.yaml       apiVersion: v1       kind: PersistentVolume       metadata:        name: myapp-pv-nfs       spec:        capacity:           storage: 3Gi  → 용량        sccessModes:        - ReadyWriteMany → 접근방식        persistentVolumeReclaimPolicy: Retain        nfs:           path: /nfs-volume           server: 192.168.200.11 → nfs 서버 (control plane으로 설정함)       vagrant@kube-control1:~$ kubectl create -f myapp-pv-nfs.yaml

 

  Dynamic Volume Provisioning

    Rook Ceph 설치 (git hub 주소 : 깃허브/rook/rook)

vagrant@kube-control1:~$ git clone --single-branch --branch release-1.6 http깃허브/rook/rook vagrant@kube-control1:~$ cd rook/cluster/examples/kubernetes/ceph  vagrant@kube-control1:~/rook/cluster/examples/kubernetes/ceph$ kubectl create -f crds.yaml -f common.yaml -f operator.yaml vagrant@kube-control1:~/rook/cluster/examples/kubernetes/ceph$ kubectl create -f crds.yaml -f common.yaml -f operator.yaml vagrant@kube-control1:~/rook/cluster/examples/kubernetes/ceph$ kubectl create -f cluster.yaml vagrant@kube-control1:~/rook/cluster/examples/kubernetes/ceph$ kubectl create -f csi/rbd/storageclass.yaml vagrant@kube-control1:~/rook/cluster/examples/kubernetes/ceph$ kubectl get storageclasses.storage.k8s.io NAME              PROVISIONER                  RECLAIMPOLICY   VOLUMEBINDINGMODE   ALLOWVOLUMEEXPANSION   AGE rook-ceph-block   rook-ceph.rbd.csi.ceph.com   Delete          Immediate           true                   28s vagrant@kube-control1:~/rook/cluster/examples/kubernetes/ceph$ kubectl create -f filesystem.yaml cephfilesystem.ceph.rook.io/myfs created vagrant@kube-control1:~/rook/cluster/examples/kubernetes/ceph$ kubectl get pods -n rook-ceph -l app=rook-ceph-mds NAME                                    READY   STATUS    RESTARTS   AGE rook-ceph-mds-myfs-a-cddbbf8d5-rqv7r    1/1     Running   0          24s rook-ceph-mds-myfs-b-5544885555-np5wv   1/1     Running   0          21s vagrant@kube-control1:~/rook/cluster/examples/kubernetes/ceph$ kubectl create -f csi/cephfs/storageclass.yaml storageclass.storage.k8s.io/rook-cephfs created vagrant@kube-control1:~/rook/cluster/examples/kubernetes/ceph$ kubectl get storageclasses.storage.k8s.io NAME              PROVISIONER                     RECLAIMPOLICY   VOLUMEBINDINGMODE   ALLOWVOLUMEEXPANSION   AGE rook-ceph-block   rook-ceph.rbd.csi.ceph.com      Delete          Immediate           true                   2m48s rook-cephfs       rook-ceph.cephfs.csi.ceph.com   Delete          Immediate           true                   39s vagrant@kube-control1:~/rook/cluster/examples/kubernetes/ceph$ kubectl patch storageclasses.storage.k8s.io rook-ceph-block \ > -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}' storageclass.storage.k8s.io/rook-ceph-block patched vagrant@kube-control1:~/rook/cluster/examples/kubernetes/ceph$ kubectl get storageclasses.storage.k8s.io NAME                        PROVISIONER                     RECLAIMPOLICY   VOLUMEBINDINGMODE   ALLOWVOLUMEEXPANSION   AGE rook-ceph-block (default)   rook-ceph.rbd.csi.ceph.com      Delete          Immediate           true                   25m rook-cephfs                 rook-ceph.cephfs.csi.ceph.com   Delete          Immediate           true                   22m vagrant@kube-control1:~/rook/cluster/examples/kubernetes/ceph$ ---  vagrant@kube-control1:~/work/20210903$ cat test-pvc-dynamic.yaml apiVersion: v1 kind: PersistentVolumeClaim metadata:   name: test-pvc-dynamic spec:   accessModes:   - ReadWriteOnce   resources:     requests:       storage: 2Gi   storageClassName: rook-ceph-block vagrant@kube-control1:~/work/20210903$ cat test-pod-dynamic.yaml apiVersion: v1 kind: Pod metadata:   name: test-pod-dynamic spec:   containers:   - name: nginx     image: nginx:latest     volumeMounts:     - name: nginx-pvc-dynamic       mountPath: /proj     ports:     - containerPort: 80       protocol: TCP   volumes:   - name: nginx-dynamic     persistentVolumeClaim:       claimName: test-pvc-dynamic → pvc 실행시, pv자동 생성 및 확인가능

 

 

--------

  Application Customizing

 

    Container Application Customizing

    Container Image Customizing : 

    Environment Variable

    Configmap

    Secret

 

##### Container Application Customizing ##### → 기존 웹서비스 default 8080포트로 받는 이미지를 customizing을 통해 8088로 변경한다.  vagrant@kube-control1:~/work/20210902$ cat myapp-pod-arg.yaml apiVersion: v1 kind: Pod metadata:   name: myapp-pod-arg spec:   containers:   - name: myapp     image: devops2341/go-myweb:latest     args:     - -port=8088     ports:     - containerPort: 8088       protocol: TCP vagrant@kube-control1:~/work/20210902$ kubectl get pods -o wide NAME            READY   STATUS    RESTARTS   AGE   IP                NODE         NOMINATED NODE   READINESS GATES myapp-pod-arg   1/1     Running   0          13m   192.168.233.252   kube-node2   <none>           <none> vagrant@kube-control1:~/work/20210902$ curl 192.168.233.252:8088  → 8088포트로 요청 Hello World! myapp-pod-arg → 정상 출력확인