十三

沉淀自我,厚积薄发。

0%

k8s-pv-nfs-for-aig-plugin

发表于 更新于 分类于
本文字数: 1.7k 阅读时长 ≈ 2 分钟

apt install

apt update
apt install nfs-common nfs-kernel-server
echo ‘/data/nfs-data *(rw,sync,no_root_squash,no_subtree_check)’ >> /etc/exports
exportfs -a
systemctl restart nfs-kernel-server

test
showmount -e 10.10.2.228

sftp

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
groupadd sftp
useradd -g sftp -s /sbin/nologin -M nfs-sftpuser
passwd nfs-sftpuser

cd /data/nfs-data
mkdir aig-plugin aog-plugin
chown -R nfs-sftpuser:sftp aig-plugin aog-plugin

vim /etc/ssh/sshd_config
Subsystem       sftp    internal-sftp
Match User nfs-sftpuser          # 这行用来匹配sftp组的用户,如果要匹配多个组,多个组之间用逗号分割   匹配用户的话用 Match User sftpuser
  ChrootDirectory /data/nfs-data   # 用chroot将用户的根目录指定到/data/sftp/%u,%u代表用户名,这样用户就只能在/data/sftp/%u下活动
  ForceCommand    internal-sftp   # 指定sftp命令
  AllowTcpForwarding no   # 以下这两行,限制该用户使用端口转发
  X11Forwarding no

systemctl restart sshd.service

test
sftp nfs-sftpuser@10.10.2.228

pv/pvc

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
ip=10.10.8.100
pvc_namespace=ev000026scbbssu01-01
name=for-han

cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: PersistentVolume
metadata:
  name: pv-nfs-$name
spec:
  capacity:
    storage: 40Gi
  accessModes:
    - ReadWriteMany
  nfs:
    path: /data/nfs-data/aig-plugin/scb_poc
    server: $ip
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: pvc-nfs-$name
  namespace: $pvc_namespace
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 40Gi
  volumeName: pv-nfs-$name
EOF

Usage example

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
apiVersion: v1
kind: Pod
metadata:
  name: nfs-client-pod
spec:
  containers:
  - name: app-container
    image: your-container-image
    volumeMounts:
      - name: nfs-storage #与下面相同即可
        mountPath: "/mnt/nfs" #挂载到容器内的路径
  volumes:
    - name: nfs-storage #定义volume名字
      persistentVolumeClaim:
        claimName: nfs-pvc #要改这个