#作者:任少近
1 Ceph环境准备
提前准备一块50G祼盘
版本
2 rook部署ceph群集
下载rook
https://rook.io/docs/rook
git clone --single-branch --branch v1.11.5 https://github.com/rook/rook.git
# verify the rook-ceph-operator is in the `Running` state before proceeding
kubectl -n rook-ceph get pod
2.1 Rook 帮助地址
https://rook.io/docs/rook/v1.9/ceph-filesystem.html
2.2 安装ceph
cd /root/rook/deploy/examples
kubectl create -f crds.yaml -f common.yaml -f operator.yaml
2.3 获取csi镜像
成功后,执行cluster.yaml后,插件未启,修改operater.yaml中地址
# ROOK_CSI_REGISTRAR_IMAGE: "registry.aliyuncs.com/google_containers/csi-node-driver-registrar:v2.7.0"
# ROOK_CSI_RESIZER_IMAGE: "registry.aliyuncs.com/google_containers/csi-resizer:v1.7.0"
# ROOK_CSI_PROVISIONER_IMAGE: "registry.aliyuncs.com/google_containers/csi-provisioner:v3.4.0"
# ROOK_CSI_SNAPSHOTTER_IMAGE: "registry.aliyuncs.com/google_containers/csi-snapshotter:v6.2.1"
# ROOK_CSI_ATTACHER_IMAGE: "registry.aliyuncs.com/google_containers/csi-attacher:v4.1.0"
可以使用如下脚本修改以上
#!/bin/bash
Image_list=(
#csi-node-driver-registrar:v2.7.0
csi-resizer:v1.7.0
csi-provisioner:v3.4.0
csi-snapshotter:v6.2.1
csi-attacher:v4.1.0
)
Aliyuncs="registry.aliyuncs.com/google_containers"
Google_gcr="registry.k8s.io/sig-storage"
for image in ${Image_list[*]}
do
crictl pull ${Aliyuncs}/${image}
#crictl没有tag功能,ctr打tag必须指定namespace,命令:ctr namespace ls查看
ctr -n k8s.io i tag ${Aliyuncs}/${image} ${Google_gcr}/{imag:q!e}
crictl rmi ${Aliyuncs}/${image}
echo "${Aliyuncs}/${image} ${Google_gcr}/${image} download."
done
再执行kubectl apply -f cluster.yaml
2.4 Master参加到osd
去掉污点
#查看污点
kubectl -n rook-ceph describe nodes k8s-master
#去掉污点
kubectl taint node k8s-master node-role.kubernetes.io/k8s-master:NoSchedule-
(#恢复污点:
kubectl taint node k8s-master node-role.kubernetes.io/k8s-master:NoSchedule
Cluster.yaml修改磁盘扫描时间,默认是60s,可以调整60分钟
592 # The duration between discovering devices in the rook-discover daemonset.
593 - name: ROOK_DISCOVER_DEVICES_INTERVAL
594 value: "60m"
2.5 设置默认存储
[root@k8s-master1 ~]# kubectl patch storageclass rook-ceph-block -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'
3 Rook部署云原生RBD块存储
前面通过rook部署ceph集群运行在kubernetes上,ceph集群支持rbd块存储。使用rook部署rbd块服务与kubernetes容器对接。ceph与kubernetes对接会涉及到pool池、ceph认证信息,配置文件,CSI驱动部署等。storageclass创建过程涉及配置较多,而Rook则将这些配置过程简化,以云原生的方式实现对接,默认已继承好相关驱动。通过kubernetes创建storageclass即可对接使用。
3.1 部署storageclass资源
Cd /root/rook/deploy/examples/csi/rbd
[root@k8s-master rbd]# kubectl apply -f storageclass.yaml
cephblockpool.ceph.rook.io/replicapool created
storageclass.storage.k8s.io/rook-ceph-block created
#查看storageclass资源
[root@k8s-master rbd]# kubectl -n rook-ceph get sc
NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE
rook-ceph-block rook-ceph.rbd.csi.ceph.com Delete Immediate true 3m42s
rook-ceph-delete-bucket rook-ceph.ceph.rook.io/bucket Delete Immediate false 122d
3.2 部署WordPress使用RBD
部署mysql和WordPress资源文件
# kubectl create -f mysql.yaml
# kubectl create -f wordpress.yaml
注:修改wordpress.yaml中的loadbalance为NodePort
注:资源文件在deploy/examples文件夹下
查看mysql和WordPress pod状态
查看mysql和wordPress SVC
3.3 WordPress访问
Wordpress svc更改为NodePort形式对外暴露服务访问
WordPress访问地址 http://node_ip:31028
注:第一次访问需要进行完善信息,完善后跟进自己使用情况进行后台修改或者默认直接使用即可
4 Rook部署云原生RGW对象存储
rook能够在kubernetes中部署对象存储提供rgw服务。
4.1 部署objectstore资源
创建object资源文件
# kubectl create -f object.yaml
查看rgw pod状况
查看rgw svc状况
4.2 pod访问rgw服务
root@csicephfs-demo-pod:/# curl 10.104.123.1
4.3创建rgw用户
[root@k8s-master examples]# cat object-user.yaml
####Create an object store user for access to the s3 endpoint.
kubectl create -f object-user.yaml
####################################
apiVersion: ceph.rook.io/v1
kind: CephObjectStoreUser
metadata:
name: my-user
namespace: rook-ceph # namespace:cluster
spec:
store: my-store
displayName: "my display name"
# Quotas set on the user
# quotas:
# maxBuckets: 100
# maxSize: 10G
# maxObjects: 10000
# Additional permissions given to the user
# capabilities:
# user: "*"
# bucket: "*"
# metadata: "*"
# usage: "*"
# zone: "*"
[root@k8s-master examples]# kubectl create -f object-user.yaml
4.4创建buckets桶
注:使用dashboard web界面管理操作查看即可,rgw对象存储操作使用参考文档:https://docs.ceph.com/en/quincy/radosgw/index.html
5 DeRook部署云原生CephFS文件系统
5.1 部署cephfs storageclass
cephfs文件系统与RBD服务类似,要想在kubernetes pod里使用cephfs,需要创建一个cephfs-provisioner storageclass服务,在rook代码里已有资源文件,单独部署即可
Storageclass.yaml文件如下:
kubectl create -f deploy/examples/csi/cephfs/storageclass.yaml
查看cephfs storageclass名称:rook-cephfs
5.2 创建容器所需cephfs文件系统
创建容器所需pvc指定rook部署rook-cephfs存储类名称
[root@node1 cephfs]# cat pvc.yaml
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: cephfs-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
storageClassName: rook-cephfs
[root@node1 cephfs]#
[root@node1 cephfs]# kubectl apply -f pvc.yaml
查看pvc所提供是rook-cephfs
[root@node1 cephfs]# kubectl get pvc | grep cephfs-pvc
cephfs-pvc Bound pvc-da18c8f9-00c1-4c39-8c53-68a628fa8bdd 1Gi RWO rook-cephfs 21d
rook-cephfs 7d23h
[root@node1 cephfs]#
5.3创建容器pod使用rook-cephfs提供pvc
[root@node1 cephfs]# cat pod.yaml
---
apiVersion: v1
kind: Pod
metadata:
name: csicephfs-demo-pod
spec:
containers:
- name: web-server
image: nginx:latest
volumeMounts:
- name: mypvc
mountPath: /var/lib/www/html
volumes:
- name: mypvc
persistentVolumeClaim:
claimName: cephfs-pvc
readOnly: false
[root@node1 cephfs]#
[root@node1 cephfs]# kubectl apply -f pod.yaml
查看pod运行状况
[root@node1 cephfs]# kubectl get pod | grep cephfs
csicephfs-demo-pod 1/1 Running 0 21d
[root@node1 cephfs]#
5.4 查看pod是否使用rook-cephfs
[root@node1 cephfs]# kubectl exec -it csicephfs-demo-pod -- bash
root@csicephfs-demo-pod:/# df -hT | grep csi-vol
10.68.91.46:6789,10.68.110.0:6789,10.68.225.251:6789:/volumes/csi/csi-vol-50d5c216-3e2a-11ed-9773-9a6110af61d6/f4e696bf-757d-4793-b2c2-3091d38ccec5 ceph 1.0G 0 1.0G 0% /var/lib/www/html
root@csicephfs-demo-pod:/#
root@csicephfs-demo-pod:/# echo "cephfs" > /var/lib/www/html/index.html
root@csicephfs-demo-pod:/# cat /var/lib/www/html/index.html
cephfs
root@csicephfs-demo-pod:/#
注:登录相应pod容器可以看到pod已经挂载cephfs文件系统地址,可以在相应挂载目录创建内容。