阿里云Kubernetes CSI实践 - 静态OSS卷-阿里云开发者社区

开发者社区> 阿里云容器服务 ACK> 正文

阿里云Kubernetes CSI实践 - 静态OSS卷

简介: 环境准备 集群创建、依赖配置、CSI插件部署等请参考:CSI部署详解 创建OSS Bucket 到OSS控制台创建OSS Bucekt:参考文档 注意:相同region的OSS Bucket 可以使用内网地址进行挂载; 创建Secret、静态PV、PVC 本示例通过Secret来配置用户的AK信息...

环境准备

集群创建、依赖配置、CSI插件部署等请参考:CSI部署详解

创建OSS Bucket

到OSS控制台创建OSS Bucekt:参考文档

注意:相同region的OSS Bucket 可以使用内网地址进行挂载;

创建Secret、静态PV、PVC

本示例通过Secret来配置用户的AK信息:

apiVersion: v1
kind: Secret
metadata:
  name: oss-secret
  namespace: default
stringData:
  akId: ***
  akSecret: ***

通过上面模板创建secret,注意namespace需要和应用所在namespaces一致;

配置:akId、akSecret参数;

通过下面模板创建静态卷PV、PVC:

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: oss-pvc
spec:
  accessModes:
  - ReadWriteMany
  resources:
    requests:
      storage: 5Gi
---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: oss-csi-pv
spec:
  capacity:
    storage: 5Gi
  accessModes:
    - ReadWriteMany
  persistentVolumeReclaimPolicy: Retain
  csi:
    driver: ossplugin.csi.alibabacloud.com
    volumeHandle: data-id
    nodePublishSecretRef:
      name: oss-secret
      namespace: default
    volumeAttributes:
      bucket: "oss"
      url: "oss-cn-hangzhou.aliyuncs.com"
      otherOpts: "-o max_stat_cache_size=0 -o allow_other"

nodePublishSecretRef:定义挂载pv时通过secret对象来获取ak信息;

volumeHandle:PV Handler,可以配置为一个随机值;

bucket、url、otherOpts:分别表示OSS Bucket、挂载点、挂载可选参数;

# kubectl get pvc
NAME      STATUS   VOLUME       CAPACITY   ACCESS MODES   STORAGECLASS   AGE
oss-pvc   Bound    oss-csi-pv   5Gi        RWX                           20s

# kubectl get pv
NAME         CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM             STORAGECLASS   REASON   AGE
oss-csi-pv   5Gi        RWX            Retain           Bound    default/oss-pvc                           21s

直接配置PV、PVC的AK

上面步骤是通过secret为plugin提供ak信息,也可以直接在pv中配置AK信息。如下面模板所示:

apiVersion: v1
kind: PersistentVolume
metadata:
  name: oss-csi-pv
spec:
  capacity:
    storage: 5Gi
  accessModes:
    - ReadWriteOnce
  persistentVolumeReclaimPolicy: Retain
  csi:
    driver: ossplugin.csi.alibabacloud.com
    volumeHandle: data-id
    volumeAttributes:
      bucket: "oss"
      url: "oss-cn-hangzhou.aliyuncs.com"
      otherOpts: "-o max_stat_cache_size=0 -o allow_other"
      akId: "***"
      akSecret: "***"

创建应用

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
  labels:
    app: nginx
spec:
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:1.7.9
        ports:
        - containerPort: 80
        volumeMounts:
          - name: oss-pvc
            mountPath: "/data"
      volumes:
        - name: oss-pvc
          persistentVolumeClaim:
            claimName: oss-pvc

验证挂载、高可用

查看pod,验证OSS挂载成功,创建测试文件;
# kubectl get pod
NAME                               READY   STATUS    RESTARTS   AGE
nginx-deployment-f57ddc9b9-xthj8   1/1     Running   0          31s
# kubectl exec nginx-deployment-f57ddc9b9-xthj8 ls /data
hello
test
# kubectl exec nginx-deployment-f57ddc9b9-xthj8 mount | grep oss
ossfs on /data type fuse.ossfs (rw,nosuid,nodev,relatime,user_id=0,group_id=0,allow_other)

# kubectl exec nginx-deployment-f57ddc9b9-xthj8 touch /data/testnew
# kubectl exec nginx-deployment-f57ddc9b9-xthj8 ls /data
hello
test
testnew

删除Pod,查看重建Pod是否数据稳定;
# kubectl delete pod nginx-deployment-f57ddc9b9-xthj8
pod "nginx-deployment-f57ddc9b9-xthj8" deleted
# kubectl get pod
NAME                               READY   STATUS    RESTARTS   AGE
nginx-deployment-f57ddc9b9-pfqql   1/1     Running   0          6s
# kubectl exec nginx-deployment-f57ddc9b9-pfqql ls /data
hello
test
testnew

版权声明:本文内容由阿里云实名注册用户自发贡献,版权归原作者所有,阿里云开发者社区不拥有其著作权,亦不承担相应法律责任。具体规则请查看《阿里云开发者社区用户服务协议》和《阿里云开发者社区知识产权保护指引》。如果您发现本社区中有涉嫌抄袭的内容,填写侵权投诉表单进行举报,一经查实,本社区将立刻删除涉嫌侵权内容。

分享:
阿里云容器服务 ACK
使用钉钉扫一扫加入圈子
+ 订阅

云端最佳容器应用运行环境,安全、稳定、极致弹性

官方博客
官网链接