【玩转容器持久化存储】点我进入活动页面
前一篇容器文章《Windows容器使用阿里云NAS SMB文件系统做持久化存储目录》介绍了在Windows Docker容器中如何连接阿里云NAS SMB文件卷。本文则着重介绍如何使用K8S配置让阿里云ACK服务的Windows容器使用NAS SMB卷。
我们使用IIS应用作为演示应用,让IIS搭建的网站能够显示出NAS SMB卷的test目录下存储的index.html的内容。
用户可以举一反三,将自己的应用搭建在阿里云ACK上并使用NAS SMB卷。
步骤
1. 创建Kubernetes托管版集群
参考官网文章快速创建Kubernetes托管版集群。
2. 创建Windows节点池
参考官网文章创建Windows节点池。
3. 通过kubectl连接Kubernetes集群
参考官网文章通过kubectl连接Kubernetes集群。
4. 创建通用型NAS SMB文件系统
参考官网文章创建通用型NAS SMB文件系统。
5. 添加挂载点
参考官网文章添加挂载点。注意添加的是K8S集群所在VPC的挂载点。
6. 部署FlexVolume插件
NAS SMB需要用FlexVolume插件连接K8S集群。
保存下面模板到kubectl CloudShell,创建文件template.yaml。
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
name: alicloud-disk-common-windows
provisioner: alicloud/disk
parameters:
type: cloud
fstype: ntfs
---
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
name: alicloud-disk-efficiency-windows
provisioner: alicloud/disk
parameters:
type: cloud_efficiency
fstype: ntfs
---
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
name: alicloud-disk-ssd-windows
provisioner: alicloud/disk
parameters:
type: cloud_ssd
fstype: ntfs
---
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
name: alicloud-disk-available-windows
provisioner: alicloud/disk
parameters:
type: available
fstype: ntfs
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: alicloud-disk-controller
namespace: kube-system
spec:
selector:
matchLabels:
app: alicloud-disk-controller
template:
metadata:
labels:
app: alicloud-disk-controller
spec:
affinity:
nodeAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- preference:
matchExpressions:
- key: node-role.kubernetes.io/master
operator: Exists
weight: 1
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: type
operator: NotIn
values:
- virtual-kubelet
containers:
- env:
- name: OS_PLATFORM
value: windows
image: registry-vpc.cn-shenzhen.aliyuncs.com/acs/alicloud-disk-controller:v1.16.9.54-a6c644bd-aliyun
imagePullPolicy: IfNotPresent
livenessProbe:
exec:
command:
- sh
- -c
- ls /alicloud-disk-controller
failureThreshold: 8
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 15
name: alicloud-disk-controller
resources:
limits:
cpu: 100m
memory: 100Mi
requests:
cpu: 100m
memory: 100Mi
volumeMounts:
- mountPath: /etc/kubernetes/
name: cloud-config
- mountPath: /var/log/alicloud/
name: logdir
- mountPath: /var/addon
name: addon-token
readOnly: true
nodeSelector:
beta.kubernetes.io/os: linux
serviceAccount: admin
serviceAccountName: admin
volumes:
- hostPath:
path: /etc/kubernetes/
type: ""
name: cloud-config
- hostPath:
path: /var/log/alicloud/
type: ""
name: logdir
- name: addon-token
secret:
defaultMode: 420
items:
- key: addon.token.config
path: token-config
secretName: addon.csi.token
---
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
labels:
k8s-volume: flexvolume
name: flexvolume-windows
namespace: kube-system
spec:
selector:
matchLabels:
name: acs-flexvolume
template:
metadata:
labels:
name: acs-flexvolume
spec:
containers:
- args:
- -Command
- /entrypoint-windows.ps1
command:
- pwsh.exe
env:
- name: ACS_DISK
value: "true"
- name: ACS_NAS
value: "true"
- name: ACS_SMB
value: "true"
image: registry.cn-hangzhou.aliyuncs.com/acs/flexvolume:v1.16.9.7be0fa0-windows1809
imagePullPolicy: Always
name: acs-flexvolume
resources:
limits:
memory: 200Mi
requests:
cpu: 100m
memory: 200Mi
securityContext:
privileged: true
volumeMounts:
- mountPath: C:\host
name: usrdir
nodeSelector:
beta.kubernetes.io/os: windows
tolerations:
- effect: NoSchedule
key: os
operator: Equal
value: windows
volumes:
- hostPath:
path: C:\
type: ""
name: usrdir
updateStrategy:
rollingUpdate:
maxUnavailable: 1
type: RollingUpdate在kubectl CloudShell执行:
kubectl apply -f template.yaml7. 创建PV
准备yaml模板。参考Windows容器挂载SMB
apiVersion: v1
kind: PersistentVolume
metadata:
labels:
alicloud-pvname: pv-smb
name: pv-smb
spec:
accessModes:
- ReadWriteMany
capacity:
storage: 5Gi
flexVolume:
driver: alicloud/smb.exe
options:
path: \myshare\test
server: 25f3f4819c-eak52.cn-shenzhen.nas.aliyuncs.com
user: workgroup\administrator
password: ***
persistentVolumeReclaimPolicy: Retain将上面模板中的内容替换为以下内容:
driver: 配置挂载驱动,必须为alicloud/smb.exe;
server:SMB存储盘的挂载地址,所在网络需要和集群所在vpc相同;
path:SMB存储盘的挂载地址,必须以\myshare开头,后面可以为空或者子目录;
user:集群节点的登陆用户名,推荐使用 workgroup\administrator;
password:集群节点的登陆密码;使用kubectl create命令创建,或者在ACK控制台的 工作负载 页面中,点击 使用模板创建,创建PV。
8. 创建PVC
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: pvc-smb
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 5Gi
selector:
matchLabels:
alicloud-pvname: pv-smb使用kubectl create命令创建,或者在ACK控制台的 工作负载 页面中,点击 使用模板创建,创建PVC。
9. 验证PV、PVC创建成功
# kubectl get pvc |grep pvc-smb
pvc-smb Bound pv-smb 5Gi RWX 24h10. 在Windows节点修改注册表,打开SMB卷匿名访问
给节点 绑定EIP,添加本地客户端到 安全组,登录到Windows节点后打开cmd命令行,运行以下命令修改注册表,打开SMB卷匿名访问功能。如果不打开会出现New-SmbGlobalMapping挂载错误。
REG ADD HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters /f /v AllowInsecureGuestAuth /t REG_DWORD /d 111. 在NAS SMB卷的/myshare/test目录下创建index.html
在ECS或者ACK Windows节点上挂载PVC声明的NAS SMB卷,在/myshare/test目录下创建index.html,包含内容Hello World in test folder。
12. 创建IIS应用
IIS是Windows最常用的网站应用。我们启动容器化的IIS,让IIS显示NAS SMB内容,达到演示Windows ACK容器连接NAS SMB的目标。
apiVersion: v1
kind: Service
metadata:
name: iis-svc
spec:
ports:
- port: 8000
protocol: TCP
targetPort: 80
selector:
app: iis
type: LoadBalancer
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: iis
spec:
selector:
matchLabels:
app: iis
template:
metadata:
creationTimestamp: null
labels:
app: iis
spec:
containers:
- image: mcr.microsoft.com/windows/servercore/iis:windowsservercore-ltsc2019
imagePullPolicy: IfNotPresent
name: iis
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /inetpub/wwwroot/shared
name: pvc-nas
tolerations:
- key: os
value: windows
volumes:
- name: pvc-nas
persistentVolumeClaim:
claimName: pvc-smb使用kubectl create命令创建,或者在ACK控制台的 工作负载 页面中,点击 使用模板创建,创建IIS应用。
13. 验证IIS应用可以显示NAS SMB卷内容
等待几分钟,待IIS应用正常运行之后,查看IIS服务的外部端点,打开,然后找到shared路径,显示Hello World in test folder!
总结
综上我们使用IIS应用作为演示应用,让IIS搭建的网站能够显示出NAS SMB卷的test目录下存储的index.html的内容。
用户可以举一反三,将自己的应用搭建在阿里云ACK上并使用NAS SMB卷。
参考资料
1. 创建Windows节点池
https://help.aliyun.com/document_detail/162785.html
2. 创建Windows应用
https://help.aliyun.com/document_detail/173703.html
3. 通过kubectl连接Kubernetes集群
https://help.aliyun.com/document_detail/86494.html
4. Windows容器使用阿里云NAS SMB文件系统做持久化存储目录
https://developer.aliyun.com/article/772570
5. 阿里云ACK FlexVolume存储插件说明
https://help.aliyun.com/document_detail/157025.html
