已存在的Pod访问PVC子目录

时间:2020-01-30 10:34:52

标签: kubernetes amazon-eks kubernetes-pvc

我有一个使用git-sync映像的部署创建的Pod,并将该卷安装到PVC 

kind: Deployment
metadata:
  name: config
  namespace: test
spec:
  replicas: 1
  selector:
    matchLabels:
      demo: config
  template:
    metadata:
      labels:
        demo: config
    spec:
      containers:
        - args:
            - '-ssh'
            - '-repo=git@domain.com:org/repo.git'
            - '-dest=conf'
            - '-branch=master'
            - '-depth=1'
          image: 'k8s.gcr.io/git-sync:v3.1.1'
          name: git-sync
          securityContext:
            runAsUser: 65533
          volumeMounts:
            - mountPath: /etc/git-secret
              name: git-secret
              readOnly: true
            - mountPath: /config
              name: cus-config
      securityContext:
        fsGroup: 65533
      volumes:
        - name: git-secret
          secret:
            defaultMode: 256
            secretName: git-creds
        - name: cus-config
          persistentVolumeClaim:
            claimName: cus-config

部署后,我检查了pod并得到了这样的文件路径。
/tmp/git/conf/subdirA/some.Files
然后,我从另一个部署中创建了第二个容器,并想将tmp/git/conf/subdirA安装在第二个容器上。这是第二个部署脚本的示例。 

kind: Deployment
metadata:
  name: test-mount-config
  namespace: test
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
        - image: 'nginx:1.7.9'
          name: nginx
          ports:
            - containerPort: 80
          volumeMounts:
            - mountPath: /root/conf
              name: config
              subPath: tmp/git/conf/subdirA
      volumes:
        - name: config
          persistentVolumeClaim:
            claimName: cus-config

这是我的PVC 

kind: PersistentVolumeClaim
metadata:
  annotations:
    volume.beta.kubernetes.io/storage-class: conf
  name: config
  namespace: test
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 10Mi
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: conf
  namespace: test
provisioner: spdbyz
reclaimPolicy: Retain

我已经了解了PVC上的子路径,但是每次检查第二个容器上的文件夹/root/conf时,里面都没有任何东西。
关于如何在另一个Pod上安装特定PVC子目录的任何想法?

1 个答案:

答案 0 :(得分:2)

关于如何使用PV / PVC在POD之间共享文件内容的非常基本的示例

首先创建一个持久卷,请参阅下面带有hostPath配置的yaml示例

apiVersion: v1
kind: PersistentVolume
metadata:
  name: my-pv-1
  labels:
    pv: my-pv-1
spec:
  capacity:
    storage: 1Gi
  volumeMode: Filesystem
  accessModes:
    - ReadWriteMany
  persistentVolumeReclaimPolicy: Retain
  hostPath:
    path: /var/log/mypath

$ kubectl create -f pv.yaml
persistentvolume/my-pv-1 created

第二个使用下面的yaml示例创建持久性批量声明 

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: my-pvc-claim-1
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 1Gi
  selector:
    matchLabels:
      pv: my-pv-1


$ kubectl create -f pvc.yaml
persistentvolumeclaim/my-pvc-claim-1 created

验证pv和pvc STATUS设置为BOUND 

$ kubectl get persistentvolume
NAME      CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM                  STORAGECLASS   REASON   AGE
my-pv-1   1Gi        RWX            Retain           Bound    default/my-pvc-claim-1                         62s

$ kubectl get persistentvolumeclaims
NAME             STATUS   VOLUME    CAPACITY   ACCESS MODES   STORAGECLASS   AGE
my-pvc-claim-1   Bound    my-pv-1   1Gi        RWX                           58

第三项在必需的POD中使用pvc ,请参见下面的示例yaml,其中将卷安装在两个容器nginx-1和nginx-2上。

apiVersion: v1
kind: Pod
metadata:
  name: nginx-1
spec:
  containers:
  - image: nginx
    name: nginx-1
    volumeMounts:
    - mountPath: /var/log/mypath
      name: test-vol
      subPath: TestSubPath
  volumes:
  - name: test-vol
    persistentVolumeClaim:
        claimName: my-pvc-claim-1


$ kubectl create -f nginx-1.yaml
pod/nginx-1 created


$ kubectl get pods -o wide
NAME             READY   STATUS    RESTARTS   AGE   IP            NODE         NOMINATED NODE   READINESS GATES
nginx-1   1/1     Running   0          35s   10.244.3.53   k8s-node-3   <none>           <none>

创建第二个POD并使用相同的PVC 

apiVersion: v1
kind: Pod
metadata:
  name: nginx-2
spec:
  containers:
  - image: nginx
    name: nginx-2
    volumeMounts:
    - mountPath: /var/log/mypath
      name: test-vol
      subPath: TestSubPath
  volumes:
  - name: test-vol
    persistentVolumeClaim:
        claimName: my-pvc-claim-1


$ kubectl create -f nginx-2.yaml
pod/nginx-2 created


$ kubectl get pods -o wide
NAME             READY   STATUS    RESTARTS   AGE   IP            NODE         NOMINATED NODE   READINESS GATES
nginx-1   1/1     Running   0          55s   10.244.3.53   k8s-node-3   <none>           <none>
nginx-2   1/1     Running   0          35s   10.244.3.54   k8s-node-3   <none>           <none>

通过连接到容器1进行测试,然后将其写入安装路径上的文件。

root@nginx-1:/# df -kh
Filesystem      Size  Used Avail Use% Mounted on
overlay          12G  7.3G  4.4G  63% /
tmpfs            64M     0   64M   0% /dev
tmpfs           3.9G     0  3.9G   0% /sys/fs/cgroup
/dev/vda1        12G  7.3G  4.4G  63% /etc/hosts
shm              64M     0   64M   0% /dev/shm
tmpfs           3.9G   12K  3.9G   1% /run/secrets/kubernetes.io/serviceaccount
tmpfs           3.9G     0  3.9G   0% /proc/acpi
tmpfs           3.9G     0  3.9G   0% /proc/scsi
tmpfs           3.9G     0  3.9G   0% /sys/firmware
root@nginx-1:/# cd /var/log/mypath/
root@nginx-1:/var/log/mypath# date >> date.txt
root@nginx-1:/var/log/mypath# date >> date.txt
root@nginx-1:/var/log/mypath# cat date.txt
Thu Jan 30 10:44:42 UTC 2020
Thu Jan 30 10:44:43 UTC 2020

现在连接到第二个POD /容器,它将从下面的第一个开始查看文件

$ kubectl exec -it nginx-2 -- /bin/bash
root@nginx-2:/# cat /var/log/mypath/date.txt
Thu Jan 30 10:44:42 UTC 2020
Thu Jan 30 10:44:43 UTC 2020
相关问题
最新问题