Jenkins on Kubernetes (NFS Dynamic PV)

Notice

About YJWANG

Recent Posts

Recent Comments

Link

« 2024/11 »
일	월	화	수	목	금	토
					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28	29	30

Tags more

Archives

Today

Total

관리 메뉴

YJWANG

Jenkins on Kubernetes (NFS Dynamic PV) 본문

60.Cloud/80.Kubernetes

Jenkins on Kubernetes (NFS Dynamic PV)

왕영주 2021. 1. 6. 15:51

PVC를 생성하면 지정한 Storage Class에서 provisioner 항목을 보고 provisioner를 통해 pv를 생성하고 매핑한다.
이후 해당 pvc를 pod 및 deployment에서 사용하면 된다.

물론 NFS-Server는 사전에 구성을 해두어야 한다. Ansible로 구성하는 방법도 포스팅 해두었으니 참고하길 바란다.

yjwang.tistory.com/entry/Ansible-NFS-%EC%84%9C%EB%B2%84-%EA%B5%AC%EC%B6%95

아래 yaml을 순서대로 실행하면 된다.

00-rbac.yaml

kind: ServiceAccount
apiVersion: v1
metadata:
  name: nfs-pod-provisioner-sa
---
kind: ClusterRole # Role of kubernetes
apiVersion: rbac.authorization.k8s.io/v1 # auth API
metadata:
  name: nfs-provisioner-clusterRole
rules:
  - apiGroups: [""] # rules on persistentvolumes
    resources: ["persistentvolumes"]
    verbs: ["get", "list", "watch", "create", "delete"]
  - apiGroups: [""]
    resources: ["persistentvolumeclaims"]
    verbs: ["get", "list", "watch", "update"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["storageclasses"]
    verbs: ["get", "list", "watch"]
  - apiGroups: [""]
    resources: ["events"]
    verbs: ["create", "update", "patch"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: nfs-provisioner-rolebinding
subjects:
  - kind: ServiceAccount
    name: nfs-pod-provisioner-sa # defined on top of file
    namespace: default
roleRef: # binding cluster role to service account
  kind: ClusterRole
  name: nfs-provisioner-clusterRole # name defined in clusterRole
  apiGroup: rbac.authorization.k8s.io
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: nfs-pod-provisioner-otherRoles
rules:
  - apiGroups: [""]
    resources: ["endpoints"]
    verbs: ["get", "list", "watch", "create", "update", "patch"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: nfs-pod-provisioner-otherRoles
subjects:
  - kind: ServiceAccount
    name: nfs-pod-provisioner-sa # same as top of the file
    # replace with namespace where provisioner is deployed
    namespace: default
roleRef:
  kind: Role
  name: nfs-pod-provisioner-otherRoles
  apiGroup: rbac.authorization.k8s.io

01-namespace.yaml

apiVersion: v1
kind: Namespace
metadata:
  name: jenkins

02-storageClass.yaml

---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: jenkins-nfs # IMPORTANT pvc needs to mention this name
provisioner: nfs-prov  # name can be anything
reclaimPolicy: Retain
parameters:
  archiveOnDelete: "false"

03-nfs-provisioner.yaml

---
kind: Deployment
apiVersion: apps/v1
metadata:
  name: nfs-pod-provisioner
  namespace: default
spec:
  selector:
    matchLabels:
      app: nfs-pod-provisioner
  replicas: 1
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: nfs-pod-provisioner
    spec:
      serviceAccountName: nfs-pod-provisioner-sa # name of service account created in rbac.yaml
      containers:
        - name: nfs-pod-provisioner
          image: quay.io/external_storage/nfs-client-provisioner:latest
          volumeMounts:
            - name: nfs-provisioner-v
              mountPath: /persistentvolumes
          env:
            - name: PROVISIONER_NAME # do not change
              value: nfs-prov # SAME AS PROVISONER NAME VALUE IN STORAGECLASS
            - name: NFS_SERVER # do not change
              value: 10.11.90.90 # Ip of the NFS SERVER
            - name: NFS_PATH # do not change
              value: /data # path to nfs directory setup
      volumes:
       - name: nfs-provisioner-v # same as volumemouts name
         nfs:
           server: 10.11.90.90
           path: /data

04-jenkins-pvc.yaml

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: jenkins
  namespace: jenkins
spec:
  storageClassName: jenkins-nfs
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 25Gi

05-deployment.yaml

---
    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: jenkins
      namespace: jenkins
    spec:
      replicas: 1
      selector:
        matchLabels:
          app: jenkins
      template:
        metadata:
          labels:
            app: jenkins
        spec:
          containers:
          - name: jenkins
            image: jenkins/jenkins:lts
            ports:
            - containerPort: 8080
            volumeMounts:
            - name: jenkins
              mountPath: /var/jenkins_home
          volumes:
            - name: jenkins
              persistentVolumeClaim:
                claimName: jenkins

06-service.yaml

apiVersion: v1
kind: Service
metadata:
  name: jenkins
  namespace: jenkins
spec:
  type: NodePort
  ports:
    - port: 8080
      targetPort: 8080
  selector:
    app: jenkins

배포 및 확인

[root@master01 pv-nfs-provisioner]# kubectl apply -f 00-rbac.yaml 
serviceaccount/nfs-pod-provisioner-sa created
clusterrole.rbac.authorization.k8s.io/nfs-provisioner-clusterRole created
clusterrolebinding.rbac.authorization.k8s.io/nfs-provisioner-rolebinding created
role.rbac.authorization.k8s.io/nfs-pod-provisioner-otherRoles created
rolebinding.rbac.authorization.k8s.io/nfs-pod-provisioner-otherRoles created

[root@master01 pv-nfs-provisioner]# kubectl apply -f 01-namespace.yaml 
namespace/jenkins created

[root@master01 pv-nfs-provisioner]# kubectl apply -f 02-storageClass.yaml 
storageclass.storage.k8s.io/jenkins-nfs created

[root@master01 pv-nfs-provisioner]# kubectl apply -f 03-nfs-provisioner.yaml 
deployment.apps/nfs-pod-provisioner created

[root@master01 pv-nfs-provisioner]# kubectl apply -f 04-jenkins-pvc.yaml 
persistentvolumeclaim/jenkins created

[root@master01 pv-nfs-provisioner]# kubectl apply -f 05-deployment.yaml 
deployment.apps/jenkins created

[root@master01 pv-nfs-provisioner]# kubectl apply -f 06-service.yaml 
service/jenkins created

[root@master01 pv-nfs-provisioner]# kubectl get all -n jenkins
NAME                           READY   STATUS    RESTARTS   AGE
pod/jenkins-84944445ff-dpw6t   1/1     Running   0          63s

NAME              TYPE       CLUSTER-IP     EXTERNAL-IP   PORT(S)          AGE
service/jenkins   NodePort   10.100.33.46   <none>        8080:30349/TCP   60s

NAME                      READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/jenkins   1/1     1            1           64s

NAME                                 DESIRED   CURRENT   READY   AGE
replicaset.apps/jenkins-84944445ff   1         1         1       63s

[root@master01 pv-nfs-provisioner]# kubectl get pv,pvc -n jenkins
NAME                                                        CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS     CLAIM                  STORAGECLASS   REASON   AGE
persistentvolume/pvc-98063bb6-a4af-44ed-816b-e08f7487883f   25Gi       RWX            Retain           Bound      jenkins/jenkins        jenkins-nfs             82s


NAME                            STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS   AGE
persistentvolumeclaim/jenkins   Bound    pvc-98063bb6-a4af-44ed-816b-e08f7487883f   25Gi       RWX            jenkins-nfs    102s

저작자표시

'60.Cloud/80.Kubernetes' Related Articles

YJWANG

Jenkins on Kubernetes (NFS Dynamic PV) 본문

Jenkins on Kubernetes (NFS Dynamic PV)

티스토리툴바