前言
某些特殊场景下应用日志无法通过elk、grafana等工具直接查看,需要将日志文件挂载出来再处理。本文以nfs作为远程存储,统一存放pod日志。
- 系统版本:CentOS 7 x86-64
- 宿主机IP网段:10.10.17.190/27,服务端IP:10.10.17.191
1. 安装配置nfs
- 挑一台宿主机作为nfs服务端,安装相关服务
yum install -y nfs-utils rpcbind
- 创建共享目录并设置权限
mkdir -p /home/apps/nfs chmod -R 755 /home/apps/nfs
- 编辑
/etc/exports,添加以下内容
/home/apps/nfs/ 10.10.17.190/27(rw,no_root_squash,no_all_squash,sync)
- 使配置生效
exportfs -r
- 启动服务。(如果有防火墙,需要先在防火墙开放相关端口)
systemctl start rpcbind systemctl start nfs systemctl enable rpcbind systemctl enable nfs
- 在服务端检查是否正常
# 查看端口是否生效 rpcinfo -p # 查看服务端是否可连接 showmount -e localhost
- 找另一台服务器作为客户端测试
# 查看端口是否生效 rpcinfo -p # 查看服务端是否可连接 showmount -e localhost # 安装客户端程序 yum install -y rpcbind nfs-utils # 查看远端是否可连接 showmount -e 10.10.17.191 # 建立挂载目录 mkdir -p /home/apps/nfs mount -t nfs 10.10.17.191:/home/apps/nfs /home/apps/nfs -o nolock,nfsvers=3,vers=3 # 解除挂载 umount /home/apps/nfs
2. 创建PV
创建pv,容量限制为60GiB。标签和容量根据实际情况调整。注意修改nfs相关配置为实际nfs地址。
apiVersion: v1 kind: PersistentVolume metadata: name: pv-nfs namespace: default labels: env: uat spec: capacity: storage: 60Gi volumeMode: Filesystem accessModes: - ReadWriteMany persistentVolumeReclaimPolicy: Retain storageClassName: "" nfs: path: /home/apps/nfs/ server: 10.10.17.191
3. 创建pvc
创建pvc,通过标签绑定到pv。
apiVersion: v1 kind: PersistentVolumeClaim metadata: name: pvc-nfs namespace: default spec: accessModes: # 访问模式 - ReadWriteMany volumeMode: Filesystem # 存储卷模式 resources: # 资源请求 requests: storage: 30Gi storageClassName: "" selector: matchLabels: env: "uat"
4. 配置pod使用pvc
下面的示例为创建deployment和相应的service,使用nodeAffinity优先调度到指定的服务器。从内网私有化部署的harbor拉取docker镜像,并配置harbor账号的secret。使用Downward API获取pod名称,以pod名称作为挂载子目录名称
--- apiVersion: apps/v1 kind: Deployment metadata: name: deploy-myapp spec: replicas: 3 selector: matchLabels: app: myapp template: metadata: labels: app: myapp spec: affinity: nodeAffinity: # pod调度 preferredDuringSchedulingIgnoredDuringExecution: - weight: 1 preference: matchExpressions: - key: type operator: In values: - "app" - key: env operator: In values: - "uat" containers: - name: myapp image: harbor.neiwang.com/demo/myapp:1.0.2 imagePullPolicy: IfNotPresent ports: - name: main-http containerPort: 8201 - name: main-dubbo containerPort: 28201 env: - name: POD_NAME # 使用Downward API获取POD名称 valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.name envFrom: # 引用configMap中的环境变量 - configMapRef: name: cm-common - configMapRef: name: cm-spring volumeMounts: - mountPath: /app/log name: logdir subPathExpr: myapp/$(POD_NAME) # 使用子目录, 便于定位指定pod的日志 volumes: - name: logdir persistentVolumeClaim: claimName: pvc-nfs imagePullSecrets: # 从私有harbor仓库拉取镜像需要配置账户信息的secret - name: registry-harbor --- apiVersion: v1 kind: Service metadata: name: svc-myapp spec: selector: app: myapp ports: - name: main-http protocol: TCP port: 8201 targetPort: 8201 - name: main-dubbo protocol: TCP port: 28201 targetPort: 28201
使用yaml文件创建deployment和service
kubectl create -f myapp.yaml
查看pod是否启动
kubectl get pods
到nfs服务端查看是否有新生成的pod文件
