最近更新时间:2024-11-14 22:28:41
您可以在金山云容器服务Kubernetes集群中使用金山云对象存储卷(KS3)。
csi-driver组件版本需升级至2.1.0及以上。
挂载对象存储卷(KS3)的前提是您有创建好的存储空间(Bucket)。如果没有,您需要先创建存储空间。
采用静态存储卷形式,通过kubectl命令方式使用。
获取AccessKey ID和AccessKey Secret,用于KS3的授权访问,具体操作参考获取AK/SK。
在集群中创建Secret凭证。需将AccessKey ID和AccessKey Secret转换为base64编码。可使用命令 echo -n "***" |ase64
帮助转换。
apiVersion: v1
kind: Secret
type: Opaque
metadata:
# Replaced by your secret name.
name: "****"
# Replaced by your secret namespace.
namespace: "*****"
data:
# Replaced by your temporary secret file content. You can generate a temporary secret key with these docs:
# Note: The value must be encoded by base64.
akId: **************
akSecret: **************
apiVersion: v1
kind: PersistentVolume
metadata:
name: "pv-ks3"
spec:
accessModes:
- ReadWriteMany
capacity:
storage: 1Gi
csi:
driver: com.ksc.csi.ks3plugin
volumeHandle: pv-ks3
volumeAttributes:
# Replaced by the url of your region.
url: "http://ks3-cn-beijing.ksyuncs.com"
# Replaced by the bucket name you want to use.
bucket: "****"
# Replaced by the subPath in bucket you want to use.
path: /test
# You can specify any other options used by the s3fs command in here.
additional_args: "-oensure_diskfree=2048 -osigv2"
nodePublishSecretRef:
# Replaced by the name and namespace of your secret.
name: *****
namespace: *****
其中spec.csi.volumeAttributes.url字段可从ks3控制台存储空间->目标存储空间详情页中的访问域名处获取。
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: csi-ks3-pvc
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
# You can specify the pv name manually or just let kubernetes to bind the pv and pvc.
volumeName: pv-ks3
# Currently ks3 only supports static provisioning, the StorageClass name should be empty.
storageClassName: ""
apiVersion: apps/v1
kind: Deployment
metadata:
name: test-ks3
labels:
app: nginx
spec:
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: ks3-test
image: nginx
command:
- "/bin/bash"
- "-c"
- set -euo pipefail; while true; do echo $(hostname) $(date) >> /data/$(hostname); sleep 1; done
volumeMounts:
- mountPath: "/data"
name: pvc-ks3
volumes:
- name: pvc-ks3
persistentVolumeClaim:
claimName: pvc-ks3
查看pod信息。
kubectl get pod | grep test-ks3
选择其中一个pod,创建文件。以test-ks3-69c67b88d8-9zq87为例。
kubectl exec test-ks3-69c67b88d8-9zq87 -- touch /data/test-ks3.txt
可在控制台对应目录下看到test-ks3文件已创建成功。
验证共享存储:
在另一个pod test-ks3-69c67b88d8-vs695中查看文件。
kubectl exec test-ks3-69c67b88d8-vs695 -- ls /data
从返回的结果可看到已共享了先前创建的文件。
纯净模式
鼠标选中内容,快速反馈问题