k8s 目录和文件挂载到宿主机

k8s生产中常用的volumes挂载方式有：hostPath、pv，pvc、nfs

1.hostPath挂载
hostPath是将主机节点文件系统上的文件或目录挂载到Pod 中，同时pod中的目录或者文件也会实时存在宿主机上，如果pod删除，hostpath中的文件不会被删除。（生成的pod只能在同一个节点上，调度到其他节点就不会挂载）

配置文件：

[root@master1 k8s-nginx]# cat nginx-test.yaml 

apiVersion: v1
kind: Service
metadata:
  labels:
    app: nginx-service
  name: nginx-service
  namespace: default
spec:
  ports:
    #对外暴露端口30003
  - nodePort: 30003
    port: 8010
    protocol: TCP
    targetPort: 8010
  selector:
    app: nginx-web
  #NodePort对外暴露端口
  type: NodePort
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: nginx-web
  name: nginx-web
  namespace: default
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx-web
  template:
    metadata:
      labels:
        app: nginx-web
      namespace: default
    spec:
      imagePullSecrets:
      - name: secret-key
      containers:
      - image: registry.cn-zhangjiakou.aliyuncs.com/ymku/nginx:v2
        name: nginx
        env:  
        - name: TZ  
          value: Asia/Shanghai
        imagePullPolicy: Always
        ports:
        - containerPort: 8010
        resources:
          requests:
            cpu: 100m
            memory: 512Mi
          limits:
            cpu: 1000m
            memory: 1Gi
        volumeMounts:
        - name: nginx-volume-dir
          mountPath: /var/log/nginx
        - name: nginx-volume-file
          mountPath: /var/log/nginx/access2.log
      volumes:
      - name: nginx-volume-dir
        hostPath:
          path: /root/k8s-nginx/nginx/log
          type: DirectoryOrCreate #如果目录不存在就创建
      - name: nginx-volume-file
        hostPath:
          path: /root/k8s-nginx/nginx/log/access2.log
          type: FileOrCreate ## 如果文件不存在则创建

这个是master1节点创建的，pod是在node1节点上运行的，所以日志是存储在node1节点上
需要登录到node1节点上查看挂载的情况：

在node1节点上查看是否目录和日志文件：

2.nfs挂载

nfs挂载是hostPath挂载的升级版，优点是在不同的node节点上的日志，文件都可以挂载到nfs的机器上，只需要配置上nfs挂载的机器ip和挂载的路径就行。

安装nfs，建立共享服务器（单独服务器安装nfs挂载，ip：10.10.10.25）
[root@localhost ~]# yum -y install nfs-utils
...
创建存储目录：
[root@localhost ~]# mkdir -p /data/nfs/{conf,dist,log}   #可以创建多个存储目录
[root@localhost ~]# vim /etc/exports
/data/nfs 10.10.10.24(rw,no_root_squash)  #可以添加多个存储目录
#将共享目录以读写权限给node1机器，因为pod是跑在node1节点上：10.10.10.24
启动nfs应用：
[root@localhost ~]# systemctl start nfs
查看进程：
[root@localhost ~]# ps -ef |grep nfs
root     104715      2  0 15:56 ?        00:00:00 [nfsd4_callbacks]
root     104721      2  0 15:56 ?        00:00:00 [nfsd]
root     104722      2  0 15:56 ?        00:00:00 [nfsd]
root     104723      2  0 15:56 ?        00:00:00 [nfsd]
root     104724      2  0 15:56 ?        00:00:00 [nfsd]
root     104725      2  0 15:56 ?        00:00:00 [nfsd]
root     104726      2  0 15:56 ?        00:00:00 [nfsd]
root     104727      2  0 15:56 ?        00:00:00 [nfsd]
root     104728      2  0 15:56 ?        00:00:00 [nfsd]
root     104750 103971  0 15:56 pts/0    00:00:00 grep --color=auto nfs
修改/etc/exports后，使文件生效：
[root@localhost ~]# exportfs -r
/data/nfs    10.10.10.24
查看挂载目录：
[root@localhost nfs]# exportfs
/data/nfs/conf    10.10.10.24
/data/nfs/log     10.10.10.24
/data/nfs/dist    10.10.10.24
[root@localhost nfs]# exportfs -v
/data/nfs/conf    10.10.10.24(sync,wdelay,hide,no_subtree_check,sec=sys,rw,secure,no_root_squash,no_all_squash)
/data/nfs/log     10.10.10.24(sync,wdelay,hide,no_subtree_check,sec=sys,rw,secure,no_root_squash,no_all_squash)
/data/nfs/dist    10.10.10.24(sync,wdelay,hide,no_subtree_check,sec=sys,rw,secure,no_root_squash,no_all_squash)

** 编写pod的yaml文件：**

vim nginx-nfs.yaml

apiVersion: v1
kind: Service
metadata:
  labels:
    app: nginx-service
  name: nginx-service
  namespace: default
spec:
  ports:
    #对外暴露端口30003
  - nodePort: 30003
    port: 8010
    protocol: TCP
    targetPort: 8010
  selector:
    app: nginx-web
  #NodePort对外暴露端口
  type: NodePort
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: nginx-web
  name: nginx-web
  namespace: default
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx-web
  template:
    metadata:
      labels:
        app: nginx-web
      namespace: default
    spec:
      imagePullSecrets:
      - name: secret-key
      containers:
      - image: registry.cn-zhangjiakou.aliyuncs.com/ymku/nginx:v2
        name: nginx
        env:  
        - name: TZ 
          value: Asia/Shanghai
        imagePullPolicy: Always
        ports:
        - containerPort: 8010
        resources:
          requests:
            cpu: 100m
            memory: 512Mi
          limits:
            cpu: 1000m
            memory: 1Gi
        volumeMounts:
        - name: nginx-volume-dir
          mountPath: /var/log/nginx
        #- name: nginx-volume-file
        #  mountPath: /var/log/nginx/access2.log
        #- name: nginx-config
        #  mountPath: /etc/nginx/conf.d
      volumes:
      - name: nginx-volume-dir
        nfs:
          server: 10.10.10.25
          path: /data/nfs 
      #- name: nginx-volume-file
      #    server: 10.10.10.25
      #    path: /data/nfs
      #- name: nginx-config
      #  nfs:
      #    server: 10.10.10.25
      #    path: /data/nfs

验证：到安装nfs机器上的/data/nfs/log目录查看是否有文件

问题：单独nfs挂载好像只能挂载一个目录，挂载多个目录不生效并且导致部分文件消失？

/etc/exports 配置：

yaml配置：

        volumeMounts:
        - name: nginx-dir
          mountPath: /etc/nginx/dist
        - name: nginx-log
          mountPath: /var/log/nginx
        - name: nginx-config
          mountPath: /etc/nginx/conf.d
      volumes:
      - name: nginx-dir
        nfs:
          server: 10.10.10.25
          path: /data/nfs/dist
      - name: nginx-log
        nfs:
          server: 10.10.10.25
          path: /data/nfs/log
      - name: nginx-config
        nfs:
          server: 10.10.10.25
          path: /data/nfs/conf

待续...

3.pv、pvc挂载

 pv，pvc挂载是基于nfs挂载的高级方式（如果不搭配nfs使用，侧配置的pv，pvc默认是pod所在node节点上），通过PV和PVC，Kubernetes可以实现存储资源的动态供给、自动扩展和缩减，以及共享和负载均衡等高级特性。PV和PVC的出现使得应用容器可以随时地挂载或卸载存储资源，而无需手动管理存储卷的创建、挂载和卸载等操作。

1.创建pv（相当于存储设备）

vim pv.yaml

apiVersion: v1
kind: PersistentVolume
metadata:
  name: pv
  labels:
    pv: pv-nfs
spec:
  capacity:
    storage: 10Gi
  accessModes:
    - ReadWriteMany
  volumeMode: Filesystem
  persistentVolumeReclaimPolicy: Retain
  storageClassName: nfs
  nfs:
    server: 10.10.10.25
    path: /data/nfs

kubectl apply -f pv.yaml

2.创建pvc（相当于调度存储设备资源的）

vim nginx-pvc.yaml

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: pvc
spec:
  accessModes:
    - ReadWriteMany
  volumeMode: Filesystem
  resources:
    requests:
      storage: 2Gi
  storageClassName: nfs
  selector:
    matchLabels:
      pv: pv-nfs

kubectl apply -f pvc.yaml

3.创建pod（去请求pvc的）

vim nginx-pod.yaml

apiVersion: v1
kind: Service
metadata:
  labels:
    app: nginx-service
  name: nginx-service
  namespace: default
spec:
  ports:
    #对外暴露端口30003
  - nodePort: 30003
    port: 8010
    protocol: TCP
    targetPort: 8010
  selector:
    app: nginx-web
  #NodePort对外暴露端口
  type: NodePort
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: nginx-web
  name: nginx-web
  namespace: default
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx-web
  template:
    metadata:
      labels:
        app: nginx-web
      namespace: default
    spec:
      imagePullSecrets:
      - name: secret-key
      containers:
      - image: registry.cn-zhangjiakou.aliyuncs.com/ymku/nginx:v2
        name: nginx
        env:  
        - name: TZ 
          value: Asia/Shanghai
        imagePullPolicy: Always
        ports:
        - containerPort: 8010
        resources:
          requests:
            cpu: 100m
            memory: 512Mi
          limits:
            cpu: 1000m
            memory: 1Gi
        volumeMounts:
        - name: nginx-log
          mountPath: /var/log/nginx
        #- name: nginx-conf
        #  mountPath: /etc/nginx/conf.d
        #- name: nginx-dist
        #  mountPath: /etc/nginx/dist
      volumes:
      - name: nginx-log
        persistentVolumeClaim:
          claimName: pvc
      #- name: nginx-conf
      #  persistentVolumeClaim:
      #    claimName: pvc
      #- name: nginx-dist
      #  persistentVolumeClaim:
      #    claimName: pvc
        

kubectl apply -f nginx-pod.yaml

查看运行状态：

kubectl describe pod nginx-web-6665c66698-fxhzl

验证：

登录到nfs的服务器，进到挂载路径下看是否有文件