# 部署 NFS 动态存储卷
# 注释版
# rabc.yaml
# rbac.yml | |
apiVersion: v1 | |
kind: ServiceAccount | |
metadata: | |
name: nfs-client-provisioner | |
# replace with namespace where provisioner is deployed | |
namespace: kube-system | |
--- | |
kind: ClusterRole | |
apiVersion: rbac.authorization.k8s.io/v1 | |
metadata: | |
name: nfs-client-provisioner-runner | |
rules: | |
- apiGroups: [""] | |
resources: ["nodes"] | |
verbs: ["get", "list", "watch"] | |
- apiGroups: [""] | |
resources: ["persistentvolumes"] | |
verbs: ["get", "list", "watch", "create", "delete"] | |
- apiGroups: [""] | |
resources: ["persistentvolumeclaims"] | |
verbs: ["get", "list", "watch", "update"] | |
- apiGroups: ["storage.k8s.io"] | |
resources: ["storageclasses"] | |
verbs: ["get", "list", "watch"] | |
- apiGroups: [""] | |
resources: ["events"] | |
verbs: ["create", "update", "patch"] | |
--- | |
kind: ClusterRoleBinding | |
apiVersion: rbac.authorization.k8s.io/v1 | |
metadata: | |
name: run-nfs-client-provisioner | |
subjects: | |
- kind: ServiceAccount | |
name: nfs-client-provisioner | |
# replace with namespace where provisioner is deployed | |
namespace: kube-system | |
roleRef: | |
kind: ClusterRole | |
name: nfs-client-provisioner-runner | |
apiGroup: rbac.authorization.k8s.io | |
--- | |
kind: Role | |
apiVersion: rbac.authorization.k8s.io/v1 | |
metadata: | |
name: leader-locking-nfs-client-provisioner | |
# replace with namespace where provisioner is deployed | |
namespace: kube-system | |
rules: | |
- apiGroups: [""] | |
resources: ["endpoints"] | |
verbs: ["get", "list", "watch", "create", "update", "patch"] | |
--- | |
kind: RoleBinding | |
apiVersion: rbac.authorization.k8s.io/v1 | |
metadata: | |
name: leader-locking-nfs-client-provisioner | |
# replace with namespace where provisioner is deployed | |
namespace: kube-system | |
subjects: | |
- kind: ServiceAccount | |
name: nfs-client-provisioner | |
# replace with namespace where provisioner is deployed | |
namespace: kube-system | |
roleRef: | |
kind: Role | |
name: leader-locking-nfs-client-provisioner | |
apiGroup: rbac.authorization.k8s.io |
# deployment.yaml
# deployment.yml | |
apiVersion: apps/v1 | |
kind: Deployment | |
metadata: | |
name: nfs-client-provisioner | |
labels: | |
app: nfs-client-provisioner | |
# replace with namespace where provisioner is deployed | |
namespace: kube-system | |
spec: | |
replicas: 1 | |
strategy: | |
type: Recreate | |
selector: | |
matchLabels: | |
app: nfs-client-provisioner | |
template: | |
metadata: | |
labels: | |
app: nfs-client-provisioner | |
spec: | |
serviceAccountName: nfs-client-provisioner | |
containers: | |
- name: nfs-client-provisioner | |
# image: k8s.gcr.io/sig-storage/nfs-subdir-external-provisioner:v4.0.2 | |
image: chronolaw/nfs-subdir-external-provisioner:v4.0.2 | |
volumeMounts: | |
- name: nfs-client-root | |
mountPath: /persistentvolumes | |
env: | |
- name: PROVISIONER_NAME | |
value: k8s-sigs.io/nfs-subdir-external-provisioner | |
- name: NFS_SERVER | |
value: 172.16.19.54 | |
- name: NFS_PATH | |
value: /home/dev/multipass/k8s/data | |
volumes: | |
- name: nfs-client-root | |
nfs: # 记得改成自己 nfs 服务端的目录和 ip | |
server: 172.16.19.54 | |
path: /home/dev/multipass/k8s/data |
# class.yaml
# class.yml | |
apiVersion: storage.k8s.io/v1 | |
kind: StorageClass | |
metadata: | |
name: nfs-client | |
provisioner: k8s-sigs.io/nfs-subdir-external-provisioner # or choose another name, must match deployment's env PROVISIONER_NAME' | |
parameters: | |
archiveOnDelete: "false" |
# 删除注释版
# rbac.yaml
apiVersion: v1 | |
kind: ServiceAccount | |
metadata: | |
name: nfs-client-provisioner | |
namespace: kube-system | |
--- | |
kind: ClusterRole | |
apiVersion: rbac.authorization.k8s.io/v1 | |
metadata: | |
name: nfs-client-provisioner-runner | |
rules: | |
- apiGroups: [""] | |
resources: ["nodes"] | |
verbs: ["get", "list", "watch"] | |
- apiGroups: [""] | |
resources: ["persistentvolumes"] | |
verbs: ["get", "list", "watch", "create", "delete"] | |
- apiGroups: [""] | |
resources: ["persistentvolumeclaims"] | |
verbs: ["get", "list", "watch", "update"] | |
- apiGroups: ["storage.k8s.io"] | |
resources: ["storageclasses"] | |
verbs: ["get", "list", "watch"] | |
- apiGroups: [""] | |
resources: ["events"] | |
verbs: ["create", "update", "patch"] | |
--- | |
kind: ClusterRoleBinding | |
apiVersion: rbac.authorization.k8s.io/v1 | |
metadata: | |
name: run-nfs-client-provisioner | |
subjects: | |
- kind: ServiceAccount | |
name: nfs-client-provisioner | |
namespace: kube-system | |
roleRef: | |
kind: ClusterRole | |
name: nfs-client-provisioner-runner | |
apiGroup: rbac.authorization.k8s.io | |
--- | |
kind: Role | |
apiVersion: rbac.authorization.k8s.io/v1 | |
metadata: | |
name: leader-locking-nfs-client-provisioner | |
namespace: kube-system | |
rules: | |
- apiGroups: [""] | |
resources: ["endpoints"] | |
verbs: ["get", "list", "watch", "create", "update", "patch"] | |
--- | |
kind: RoleBinding | |
apiVersion: rbac.authorization.k8s.io/v1 | |
metadata: | |
name: leader-locking-nfs-client-provisioner | |
namespace: kube-system | |
subjects: | |
- kind: ServiceAccount | |
name: nfs-client-provisioner | |
namespace: kube-system | |
roleRef: | |
kind: Role | |
name: leader-locking-nfs-client-provisioner | |
apiGroup: rbac.authorization.k8s.io |
# deployment.yaml
apiVersion: apps/v1 | |
kind: Deployment | |
metadata: | |
name: nfs-client-provisioner | |
labels: | |
app: nfs-client-provisioner | |
namespace: kube-system | |
spec: | |
replicas: 1 | |
strategy: | |
type: Recreate | |
selector: | |
matchLabels: | |
app: nfs-client-provisioner | |
template: | |
metadata: | |
labels: | |
app: nfs-client-provisioner | |
spec: | |
serviceAccountName: nfs-client-provisioner | |
containers: | |
- name: nfs-client-provisioner | |
image: chronolaw/nfs-subdir-external-provisioner:v4.0.2 | |
volumeMounts: | |
- name: nfs-client-root | |
mountPath: /persistentvolumes | |
env: | |
- name: PROVISIONER_NAME | |
value: k8s-sigs.io/nfs-subdir-external-provisioner | |
- name: NFS_SERVER | |
value: 192.168.10.104 | |
- name: NFS_PATH | |
value: /data/nfs | |
volumes: | |
- name: nfs-client-root | |
nfs: | |
server: 192.168.10.104 | |
path: /data/nfs |
# class.yaml
apiVersion: storage.k8s.io/v1 | |
kind: StorageClass | |
metadata: | |
name: nfs-client | |
provisioner: k8s-sigs.io/nfs-subdir-external-provisioner | |
parameters: | |
archiveOnDelete: "false" |
