526互联

k8s使用cifs手动创建pv

发布时间 2023-07-11 10:26:21作者: 潇潇暮鱼鱼

由于项目需要使用已有的cifs,需要手动创建cifs的pv

使用nfs需要安装插件,使用windows的共享文件系统cifs也需要安装驱动。kubernetes提供CSI驱动将外部存储提供给pod中使用,我们可以通过CSI驱动对接Samba/CIFS共享文件存储。

github地址https://github.com/kubernetes-csi/csi-driver-smb

1.安装驱动

curl -skSL https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/v1.9.0/deploy/install-driver.sh | bash -s v1.9.0 --

若镜像被由于墙拉不下来,可以docker search 相关的镜像拉取,然后打tag上传到自己的镜像仓库。安装驱动后就可以使用spec:csi:driver: smb.csi.k8s.io字段了。

2.创建cifs的密钥,widonws的共享存储需要认证

kubectl create secret generic smbcreds --from-literal username=USERNAME --from-literal password="PASSWORD"

3.创建pv/pvc

创建pv

apiVersion: v1
kind: PersistentVolume
metadata:
  annotations:
    pv.kubernetes.io/provisioned-by: smb.csi.k8s.io
  name: pv-smb
spec:
  capacity:
    storage: 100Gi
  accessModes:
    - ReadWriteMany
  persistentVolumeReclaimPolicy: Retain
  storageClassName: smb
  mountOptions:
    - dir_mode=0777
    - file_mode=0777
  csi:
    driver: smb.csi.k8s.io
    readOnly: false
    # volumeHandle format: {smb-server-address}#{sub-dir-name}#{share-name}
    # make sure this value is unique for every share in the cluster
    volumeHandle: smb-server.default.svc.cluster.local/share##
    volumeAttributes:
      source: "//smb-server-address/sharename"
    nodeStageSecretRef:
      name: smbcreds
      namespace: default

创建pvc

---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: pvc-smb
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 10Gi
  volumeName: pv-smb
  storageClassName: smb

4.若要使用storage class

apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: smb
provisioner: smb.csi.k8s.io
parameters:
  source: "//smb-server.xxx/share"
  # if csi.storage.k8s.io/provisioner-secret is provided, will create a sub directory
  # with PV name under source
  csi.storage.k8s.io/provisioner-secret-name: "smbcreds"
  csi.storage.k8s.io/provisioner-secret-namespace: "default"
  csi.storage.k8s.io/node-stage-secret-name: "smbcreds"
  csi.storage.k8s.io/node-stage-secret-namespace: "default"
reclaimPolicy: Retain  # available values: Delete, Retain
volumeBindingMode: Immediate
mountOptions:
  - dir_mode=0777
  - file_mode=0777
  - uid=1001
  - gid=1001

5.将pvc绑定到负载(deployment,pod,daemonset)上