使用kubectl客户端安装Longhorn

Longhorn

Kubernetes云原生分布式块存储解决方案

安装前的准备

最低要求

在安装了 Longhorn 的 Kubernetes 集群中,每个节点都必须满足以下要求:

– 与 Kubernetes 兼容的容器运行时(Docker v1.13+、containerd v1.3.7+ 等)
– Kubernetes v1.18+
– open-iscsi已安装,并且守护程序正在所有节点上运行。这是必要的,因为 Longhorn 依赖于主机为 Kubernetes 提供持久卷
– RWX 支持要求每个节点都安装了 NFSv4 客户端
– 主机文件系统支持存储数据的功能。目前支持ext4xfs
– 必须安装bashcurlfindmntgrepawkblkidlsblk
– 必须启用Deploying CSI Driver on Kubernetes

Longhorn 工作负载必须能够以 root 用户身份运行,以便 Longhorn 能够正确部署和运行。

使用环境检查脚本

此脚本可用于检查 Longhorn 环境中是否存在潜在问题。

注意在运行环境检查脚本之前可能需要在本地安装jq

curl -sSfL https://raw.githubusercontent.com/longhorn/longhorn/v1.2.4/scripts/environment_check.sh | bash

示例结果:

[root@master01 ChiuYut]# bash environment_check.sh 
daemonset.apps/longhorn-environment-check created
waiting for pods to become ready (0/0)
waiting for pods to become ready (0/2)
waiting for pods to become ready (0/2)
waiting for pods to become ready (0/2)
waiting for pods to become ready (0/2)
waiting for pods to become ready (1/2)
waiting for pods to become ready (1/2)
waiting for pods to become ready (1/2)
waiting for pods to become ready (1/2)
waiting for pods to become ready (1/2)
waiting for pods to become ready (1/2)
waiting for pods to become ready (1/2)
waiting for pods to become ready (1/2)
all pods ready (2/2)

  MountPropagation is enabled!

cleaning up...
daemonset.apps "longhorn-environment-check" deleted
clean up complete

此外,Longhorn 使用命令在主机上执行命令。例如,该命令是检查主机的磁盘空间使用情况nsenter

stat /var/lib/longhorn/ -fc '{"path":"%n","fsid":"%i","type":"%T","freeBlock":%f,"totalBlock":%b,"blockSize":%s}'

安装open-iscsi

kubectl apply -f https://raw.githubusercontent.com/longhorn/longhorn/v1.2.4/deploy/prerequisite/longhorn-iscsi-installation.yaml

部署完成后,运行以下命令以检查容器的安装程序状态:

[root@master01 ChiuYut]# kubectl get pod | grep longhorn-iscsi-installation
longhorn-iscsi-installation-98fh8   1/1     Running   0          25s
longhorn-iscsi-installation-w7p56   1/1     Running   0          26s

并且还可以使用以下命令检查日志以查看安装结果:

[root@master01 ChiuYut]# kubectl logs longhorn-iscsi-installation-98fh8 -c iscsi-installation
Package iscsi-initiator-utils-6.2.0.874-22.el7_9.x86_64 already installed and latest version
iscsi install successfully

[root@master01 ChiuYut]# kubectl logs longhorn-iscsi-installation-w7p56 -c iscsi-installation
Package iscsi-initiator-utils-6.2.0.874-22.el7_9.x86_64 already installed and latest version
iscsi install successfully

安装 NFSv4 客户端

kubectl apply -f https://raw.githubusercontent.com/longhorn/longhorn/v1.2.4/deploy/prerequisite/longhorn-nfs-installation.yaml

部署完成后,运行以下命令以检查容器的安装程序状态:

[root@master01 ChiuYut]# kubectl get pod | grep longhorn-nfs-installation
longhorn-nfs-installation-6n8bb     1/1     Running   0          17s
longhorn-nfs-installation-hh5kl     1/1     Running   0          18s

并且还可以使用以下命令检查日志以查看安装结果:

[root@master01 ChiuYut]# kubectl logs longhorn-nfs-installation-6n8bb -c nfs-installation
Package 1:nfs-utils-1.3.0-0.68.el7.2.x86_64 already installed and latest version
nfs install successfully

[root@master01 ChiuYut]# kubectl logs longhorn-nfs-installation-hh5kl -c nfs-installation
Package 1:nfs-utils-1.3.0-0.68.el7.2.x86_64 already installed and latest version
nfs install successfully

使用 Kubectl 安装

将安装 Longhorn 的 Kubernetes 集群中的每个节点都必须满足上面的最低要求,并且执行了上述所有步骤。

安装Longhorn

1.使用以下命令在任何 Kubernetes 集群上安装 Longhorn:

kubectl apply -f https://raw.githubusercontent.com/longhorn/longhorn/v1.2.4/deploy/longhorn.yaml

监视安装进度的一种方法是观察在命名空间中创建的 Pod:longhorn-system

kubectl get pods \
--namespace longhorn-system \
--watch

2.检查部署是否成功:

[root@master01 ChiuYut]# kubectl -n longhorn-system get pod
NAME                                        READY   STATUS    RESTARTS   AGE
csi-attacher-f948665c5-fksjp                1/1     Running   0          5m9s
csi-attacher-f948665c5-hljqf                1/1     Running   0          5m9s
csi-attacher-f948665c5-kdnqm                1/1     Running   0          5m9s
csi-provisioner-7877cd48c9-lt6sd            1/1     Running   0          5m9s
csi-provisioner-7877cd48c9-nxrcd            1/1     Running   0          5m9s
csi-provisioner-7877cd48c9-rl6qw            1/1     Running   0          5m9s
csi-resizer-5f549cd7-5rhrm                  1/1     Running   0          5m8s
csi-resizer-5f549cd7-9bjln                  1/1     Running   0          5m8s
csi-resizer-5f549cd7-dtb8s                  1/1     Running   0          5m8s
csi-snapshotter-645cf6bd97-88cj7            1/1     Running   0          5m8s
csi-snapshotter-645cf6bd97-ll844            1/1     Running   0          5m8s
csi-snapshotter-645cf6bd97-sbft4            1/1     Running   0          5m8s
engine-image-ei-fa2dfbf0-dftlr              1/1     Running   0          5m30s
engine-image-ei-fa2dfbf0-vc22z              1/1     Running   0          5m30s
instance-manager-e-4dc7382f                 1/1     Running   0          5m30s
instance-manager-e-d36449da                 1/1     Running   0          5m25s
instance-manager-r-5f32ff8f                 1/1     Running   0          5m24s
instance-manager-r-c8e46cad                 1/1     Running   0          5m29s
longhorn-csi-plugin-gfzvj                   2/2     Running   0          5m8s
longhorn-csi-plugin-kl5z2                   2/2     Running   0          5m8s
longhorn-driver-deployer-784546d78d-gbfgd   1/1     Running   0          6m20s
longhorn-manager-jcdsf                      1/1     Running   1          6m22s
longhorn-manager-kr262                      1/1     Running   0          6m22s
longhorn-ui-9fdb94f9-h5xh9                  1/1     Running   0          6m21s

3.要启用对 Longhorn UI 的访问,您需要设置入口控制器。默认情况下,对 Longhorn UI 的身份验证处于未启用状态。

4.使用以下步骤访问 Longhorn UI。

使用基本身份验证创建入口 (nginx)

如果您在使用 kubectl 或 Helm 的 Kubernetes 集群上安装 Longhorn,则需要创建一个 Ingress 以允许外部流量到达 Longhorn UI。

默认情况下,不为 kubectl 和 Helm 安装启用身份验证。在这些步骤中,您将学习如何使用 nginx 入口控制器的注释创建具有基本身份验证的入口。

1. 创建基本身份验证文件 。重要的是生成的文件被命名为auth(实际上 – 机密有一个密钥),否则入口返回503。auth data.auth

USER=<USERNAME_HERE>; PASSWORD=<PASSWORD_HERE>; echo "${USER}:$(openssl passwd -stdin -apr1 <<< ${PASSWORD})" >> auth

例如:

USER=admin; PASSWORD=ChiuYut; echo "${USER}:$(openssl passwd -stdin -apr1 <<< ${PASSWORD})" >> auth

输出:

[root@master01 ChiuYut]# ll
总用量 52
-rw-r--r-- 1 root root    44 3月  17 15:44 auth
-rw-r--r-- 1 root root  2959 3月  17 14:25 environment_check.sh
-rw-r--r-- 1 root root  1561 3月  17 14:44 longhorn-iscsi-installation.yaml
-rw-r--r-- 1 root root  1259 3月  17 14:47 longhorn-nfs-installation.yaml
-rw-r--r-- 1 root root 32807 3月  17 14:52 longhorn.yaml
[root@master01 ChiuYut]# ll auth 
-rw-r--r-- 1 root root 44 3月  17 15:44 auth
[root@master01 ChiuYut]# cat auth 
admin:$apr1$XL6keOrW$9naVuwfgToYXuik2sTpbe/
[root@master01 ChiuYut]# 

2. 创建密钥:

kubectl -n longhorn-system create secret generic basic-auth --from-file=auth

输出:

[root@master01 ChiuYut]# kubectl -n longhorn-system create secret generic basic-auth --from-file=auth
secret/basic-auth created

3. 创建入口清单 :longhorn-ingress.yml

从 v1.2.0 开始,Longhorn 支持从 UI 上传支持图像,因此请按如下方式指定,以确保上传图像按预期工作。nginx.ingress.kubernetes.io/proxy-body-size: 10000m

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: longhorn-ingress
  namespace: longhorn-system
  annotations:
    # type of authentication
    nginx.ingress.kubernetes.io/auth-type: basic
    # prevent the controller from redirecting (308) to HTTPS
    nginx.ingress.kubernetes.io/ssl-redirect: 'false'
    # name of the secret that contains the user/password definitions
    nginx.ingress.kubernetes.io/auth-secret: basic-auth
    # message to display with an appropriate context why the authentication is required
    nginx.ingress.kubernetes.io/auth-realm: 'Authentication Required '
    # custom max body size for file uploading like backing image uploading
    nginx.ingress.kubernetes.io/proxy-body-size: 10000m
spec:
  rules:
  - http:
      paths:
      - pathType: Prefix
        path: "/"
        backend:
          service:
            name: longhorn-frontend
            port:
              number: 80

4. 创建入口:

kubectl -n longhorn-system apply -f longhorn-ingress.yml

查看:

[root@master01 ChiuYut]# kubectl -n longhorn-system get ingress
Warning: extensions/v1beta1 Ingress is deprecated in v1.14+, unavailable in v1.22+; use networking.k8s.io/v1 Ingress
NAME               CLASS    HOSTS   ADDRESS   PORTS   AGE
longhorn-ingress   <none>   *                 80      93s

访问用户界面

 

ChiuYut

2022年03月23日

发布者

ChiuYut

咦?我是谁?这是什么地方? Ya ha!我是ChiuYut!这里是我的小破站!