rpi4でも動的プロビジョニング (NFS)をしたい!
はじめに
raspberry pi 4 で Kubernetes : 動的プロビジョニング (NFS) をしようとしたけど、色々大変だったので備忘録
問題はhelm で入ってくる stable/nfs-client-provisioner のイメージがarm64に対応していないということ。
なのでKubernetes NFS-Client Provisionerをarm64にビルドする必要があります。ビルドしたものはこちらです。
なお、NFSサーバーは立っているものとし、 192.168.11.14のipに[/home/nfsshare] ディレクトリを共有ディレクトリとして設定します。
やり方
NFSサーバーの情報を変数に入れます。
NFS_SERVER=192.168.11.14 NFS_DIR=/home/nfsshare
nfs-client-provisionerのyamlを作成します。
これはhelm template nfs-client -n kube-system stable/nfs-client-provisionerから取得したものです
cat <<EOF | tee ./nfs-client-provisioner.yaml apiVersion: v1 kind: ServiceAccount metadata: labels: app: nfs-client-provisioner chart: nfs-client-provisioner-1.2.9 heritage: Helm release: nfs-client name: nfs-client-nfs-client-provisioner --- # Source: nfs-client-provisioner/templates/storageclass.yaml apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: labels: app: nfs-client-provisioner chart: nfs-client-provisioner-1.2.9 heritage: Helm release: nfs-client name: nfs-client provisioner: cluster.local/nfs-client-nfs-client-provisioner allowVolumeExpansion: true reclaimPolicy: Delete parameters: archiveOnDelete: "true" --- # Source: nfs-client-provisioner/templates/clusterrole.yaml kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: labels: app: nfs-client-provisioner chart: nfs-client-provisioner-1.2.9 heritage: Helm release: nfs-client name: nfs-client-nfs-client-provisioner-runner rules: - apiGroups: [""] resources: ["persistentvolumes"] verbs: ["get", "list", "watch", "create", "delete"] - apiGroups: [""] resources: ["persistentvolumeclaims"] verbs: ["get", "list", "watch", "update"] - apiGroups: ["storage.k8s.io"] resources: ["storageclasses"] verbs: ["get", "list", "watch"] - apiGroups: [""] resources: ["events"] verbs: ["create", "update", "patch"] --- # Source: nfs-client-provisioner/templates/clusterrolebinding.yaml kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: labels: app: nfs-client-provisioner chart: nfs-client-provisioner-1.2.9 heritage: Helm release: nfs-client name: run-nfs-client-nfs-client-provisioner subjects: - kind: ServiceAccount name: nfs-client-nfs-client-provisioner namespace: kube-system roleRef: kind: ClusterRole name: nfs-client-nfs-client-provisioner-runner apiGroup: rbac.authorization.k8s.io --- # Source: nfs-client-provisioner/templates/role.yaml kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata: labels: app: nfs-client-provisioner chart: nfs-client-provisioner-1.2.9 heritage: Helm release: nfs-client name: leader-locking-nfs-client-nfs-client-provisioner rules: - apiGroups: [""] resources: ["endpoints"] verbs: ["get", "list", "watch", "create", "update", "patch"] --- # Source: nfs-client-provisioner/templates/rolebinding.yaml kind: RoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: labels: app: nfs-client-provisioner chart: nfs-client-provisioner-1.2.9 heritage: Helm release: nfs-client name: leader-locking-nfs-client-nfs-client-provisioner subjects: - kind: ServiceAccount name: nfs-client-nfs-client-provisioner namespace: kube-system roleRef: kind: Role name: leader-locking-nfs-client-nfs-client-provisioner apiGroup: rbac.authorization.k8s.io --- # Source: nfs-client-provisioner/templates/deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: nfs-client-nfs-client-provisioner labels: app: nfs-client-provisioner chart: nfs-client-provisioner-1.2.9 heritage: Helm release: nfs-client spec: replicas: 1 strategy: type: Recreate selector: matchLabels: app: nfs-client-provisioner release: nfs-client template: metadata: annotations: labels: app: nfs-client-provisioner release: nfs-client spec: serviceAccountName: nfs-client-nfs-client-provisioner containers: - name: nfs-client-provisioner image: "penm000/nfs-client-provisioner-arm64" imagePullPolicy: IfNotPresent volumeMounts: - name: nfs-client-root mountPath: /persistentvolumes env: - name: PROVISIONER_NAME value: cluster.local/nfs-client-nfs-client-provisioner - name: NFS_SERVER value: ${NFS_SERVER} - name: NFS_PATH value: ${NFS_DIR} volumes: - name: nfs-client-root nfs: server: path: ${NFS_SERVER} path: ${NFS_DIR} EOF
次にnfs-client-provisionerを起動します。その際他のリソースにアクセスできる権限を与えます。
kubectl apply -f nfs-client-provisioner.yaml -n kube-system kubectl create clusterrolebinding dashboard-admin-sa --clusterrole=cluster-admin --serviceaccount=kube-system:nfs-client-nfs-client-provisioner
しばらくするとrunningになります。(x86の人は動かないので注意)
ubuntu@rpi4-node1:~/hoge$ kubectl get pods -n kube-system NAME READY STATUS RESTARTS AGE ・・・略・・・ nfs-client-nfs-client-provisioner-c45667c87-pgmv6 1/1 Running 0 13m
現在の状態では、pv pvcともにありません。
ubuntu@rpi4-node1:~/hoge$ kubectl get pv No resources found in default namespace. ubuntu@rpi4-node1:~/hoge$ kubectl get pvc No resources found in default namespace.
pvcのyamlを作成します。
cat <<EOF | tee my-pvc.yml apiVersion: v1 kind: PersistentVolumeClaim metadata: name: my-provisioner annotations: # StorageClass の名称を指定 volume.beta.kubernetes.io/storage-class: nfs-client spec: accessModes: - ReadWriteOnce resources: requests: # リクエストするボリュームサイズ5Mバイト storage: 5M EOF
mypvcを起動します。
kubectl apply -f my-pvc.yml
STATUSがboundになれば完了です。
ubuntu@rpi4-node1:~/hoge$ kubectl get pvc NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE my-provisioner Bound pvc-271840d5-0d55-46b4-833a-27419e5297a4 5M RWO nfs-client 4s
引き続きKubernetes : 動的プロビジョニング (NFS)をお楽しみください
ディスカッション
コメント一覧
まだ、コメントがありません