hello ~ Hello, everyone , Let's continue with the explanation of the previous article and the previous article （ I feel like I'm in Hydrology , This is the last article in this series , Tell you in secret , There are surprises in the next article ~）, ok , Don't talk nonsense , Let's start our class ！

 

  Personal home page ： Personal home page ​​​​​             

  Series column ：【 Cloud native series 】

Articles related to this article ：            

2.2【 Cloud native 】 kubeadm Create clusters	【 Cloud native 】2.2 kubeadm Create clusters _ Program ape chase blog -CSDN Blog
2.3【 Cloud native 】2.3 Kubernetes Core combat （ On ）	【 Cloud native 】2.3 Kubernetes Core combat （ On ）_ Program ape chase blog -CSDN Blog
2.4【 Cloud native 】Kubernetes Core combat （ in ）	【 Cloud native 】2.4 Kubernetes Core combat （ in ）_ Program ape chase blog -CSDN Blog

Catalog

One 、 Basic concepts and NFS Environment building

1、 Build a network file system

2、Deplryment Use NFS Mount

  Two 、PV And PVC Use

1、 establish pv pool

3、 ... and 、 Use SConfigMap Extract configuration

Four 、Secret Examples of scenarios

One 、 Basic concepts and NFS Environment building

Look at the picture , some time , We have all kinds of Pod, There are some data that you want to modify outside , such as ： We will Pod Of / data, Hang on to / a Inside , So are the others .

When an application of our unit 3 breaks down , This is how he will fail over , etc. 5 Minutes later, the self-healing has not been successful , This will be transferred to  2 On plane number , But the data of unit 3 will be in 2 Flight number one ？ The answer is no . We will call the outside —— Storage layer .

1、 Build a network file system

To build , Everyone must install nfs

All machine installations

yum install -y nfs-utils

Then set up in the master node  nfs Master node

echo "/nfs/data/ *(insecure,rw,sync,no_root_squash)" > /etc/exports

mkdir -p /nfs/data
systemctl enable rpcbind --now
systemctl enable nfs-server --now

Check if the configuration works

exportfs -r

  Execute the command to mount nfs Shared directory on the server to the local path /root/nfsmount

mkdir -p /nfs/data

mount -t nfs 172.31.0.4:/nfs/data /nfs/data

Write test file

echo "hello nfs server" > /nfs/data/test.txt

2、Deplryment Use NFS Mount

Enter the code to test

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: nginx-pv-demo
  name: nginx-pv-demo
spec:
  replicas: 2
  selector:
    matchLabels:
      app: nginx-pv-demo
  template:
    metadata:
      labels:
        app: nginx-pv-demo
    spec:
      containers:
      - image: nginx
        name: nginx
        volumeMounts:
        - name: html
          mountPath: /usr/share/nginx/html
      volumes:
        - name: html
          nfs:
            server: 172.31.0.4
            path: /nfs/data/nginx-pv

  Two 、PV And PVC Use

What is PV？ What is it PVC ？

PV： Persistent volume （Persistent Volume）, Save the data that the application needs to persist to the specified location

PVC： Persistent volume declaration （Persistent Volume Claim）, State the persistent volume specifications to be used

for instance , Suppose we need 1GB The persistent volume of （PV）, that PVC It's us Pod An application to apply for , Application and PV After the volume of matches , Then determine the location .

 1、 establish pv pool

nfs Master node

mkdir -p /nfs/data/01
mkdir -p /nfs/data/02
mkdir -p /nfs/data/03

establish PV

（ notes ： Remember to change server The address of ）

apiVersion: v1
kind: PersistentVolume
metadata:
  name: pv01-10m
spec:
  capacity:
    storage: 10M
  accessModes:
    - ReadWriteMany
  storageClassName: nfs
  nfs:
    path: /nfs/data/01
    server: 172.31.0.4
---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: pv02-1gi
spec:
  capacity:
    storage: 1Gi
  accessModes:
    - ReadWriteMany
  storageClassName: nfs
  nfs:
    path: /nfs/data/02
    server: 172.31.0.4
---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: pv03-3gi
spec:
  capacity:
    storage: 3Gi
  accessModes:
    - ReadWriteMany
  storageClassName: nfs
  nfs:
    path: /nfs/data/03
    server: 172.31.0.4

 PV Create it after it is created PVC

establish Pod binding PVC

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: nginx-deploy-pvc
  name: nginx-deploy-pvc
spec:
  replicas: 2
  selector:
    matchLabels:
      app: nginx-deploy-pvc
  template:
    metadata:
      labels:
        app: nginx-deploy-pvc
    spec:
      containers:
      - image: nginx
        name: nginx
        volumeMounts:
        - name: html
          mountPath: /usr/share/nginx/html
      volumes:
        - name: html
          persistentVolumeClaim:
            claimName: nginx-pvc

3、 ... and 、 Use SConfigMap Extract configuration

Hang it in the file here  ConfigMap

effect ： Extract application configuration , And can be automatically updated

Create a configuration ,redis Save to k8s Of etcd;

kubectl create cm redis-conf --from-file=redis.conf

data Is all the real data ,key： The default is file name   value： Content of profile  

apiVersion: v1
data:    
  redis.conf: |
    appendonly yes
kind: ConfigMap
metadata:
  name: redis-conf
  namespace: default

establish Pod

apiVersion: v1
kind: Pod
metadata:
  name: redis
spec:
  containers:
  - name: redis
    image: redis
    command:
      - redis-server
      - "/redis-master/redis.conf"  # refer to redis Position inside the container 
    ports:
    - containerPort: 6379
    volumeMounts:
    - mountPath: /data
      name: data
    - mountPath: /redis-master
      name: config
  volumes:
    - name: data
      emptyDir: {}
    - name: config
      configMap:
        name: redis-conf
        items:
        - key: redis.conf
          path: redis.conf

Check the default configuration

kubectl exec -it redis -- redis-cli

127.0.0.1:6379> CONFIG GET appendonly
127.0.0.1:6379> CONFIG GET requirepass

modify ConfigMap

apiVersion: v1
kind: ConfigMap
metadata:
  name: example-redis-config
data:
  redis-config: |
    maxmemory 2mb
    maxmemory-policy allkeys-lru 

Check whether the configuration is updated

kubectl exec -it redis -- redis-cli

127.0.0.1:6379> CONFIG GET maxmemory
127.0.0.1:6379> CONFIG GET maxmemory-policy

Check whether the contents of the specified file have been updated

Revised CM.Pod The configuration file inside will change

The configuration value has not changed , Because you need to restart Pod From the associated ConfigMap Get updated values from .

reason ： our Pod The deployed middleware has no hot update capability

Four 、Secret Examples of scenarios

Secret Object types are used to hold sensitive information , For example, password 、 Information such as tokens and keys . Put this information in secret Put the middle ratio in  Pod It is more secure and flexible in the definition or container image .

kubectl create secret docker-registry leifengyang-docker \
--docker-username=leifengyang \
--docker-password=Lfy123456 \
[email protected]

## Command format 
kubectl create secret docker-registry regcred \
  --docker-server=< Your mirror warehouse server > \
  --docker-username=< Your username > \
  --docker-password=< Your password > \
  --docker-email=< Your email address >

apiVersion: v1
kind: Pod
metadata:
  name: private-nginx
spec:
  containers:
  - name: private-nginx
    image: leifengyang/guignginx:v1.0
  imagePullSecrets:
  - name: leifengyang-docker

Well, let's make a speech k8s That's it , The next one comes KubeSphere piece .

 （ Please pay attention to ） Ongoing update ……