CentOS 7
Sponsored Link

OpenShift Origin 3.6 : Use Persistent Storage2017/12/10

 
Use Persistent Storage in OpenShift Cluster.
On this example, Configure NFS backend storage.
This example is based on the environment like follows.
-----------+--------------+------------------------------------------+------------
           |10.0.0.30     |             |10.0.0.51                   |10.0.0.52
+----------+-----------+  |  +----------+-----------+     +----------+-----------+
|  [  dlp.srv.world ]  |  |  | [ node01.srv.world ] |     | [ node02.srv.world ] |
|     (Master Node)    |  |  |    (Compute Node)    |     |    (Compute Node)    |
|     (Compute Node)   |  |  |                      |     |                      |
+----------------------+  |  +----------------------+     +----------------------+
                          |
+----------------------+  |
|  [  nfs.srv.world ]  |  |
|      NFS Server      +--+
|                      |10.0.0.35
+----------------------+

[1]
Configure NFS Server, refer to here.
On this example, configure [/var/lib/nfs/share] directory on [nfs.srv.world] as a shared directory.
[2] Login as Cluster admin user and create PV (Persistent Volume) object.
And also add "anyuid" SCC (Security Context Constraints) to the authenticated users in Cluster.
# default SCC list

[origin@dlp ~]$
oc get scc

NAME             PRIV   CAPS  SELINUX     RUNASUSER        FSGROUP     SUPGROUP    PRIORITY   READONLYROOTFS
anyuid           false  []    MustRunAs   RunAsAny         RunAsAny    RunAsAny    10         false
hostaccess       false  []    MustRunAs   MustRunAsRange   MustRunAs   RunAsAny    <none>     false   ...
hostmount-anyuid false  []    MustRunAs   RunAsAny         RunAsAny    RunAsAny    <none>     false   ...
hostnetwork      false  []    MustRunAs   MustRunAsRange   MustRunAs   MustRunAs   <none>     false   ...
nonroot          false  []    MustRunAs   MustRunAsNonRoot RunAsAny    RunAsAny    <none>     false   ...
privileged       true   [*]   RunAsAny    RunAsAny         RunAsAny    RunAsAny    <none>     false   ...
restricted       false  []    MustRunAs   MustRunAsRange   MustRunAs   RunAsAny    <none>     false   ...

[origin@dlp ~]$
oc adm policy add-scc-to-group anyuid system:authenticated
# create PV setting file

[origin@dlp ~]$
vi nfs-pv.yml
apiVersion: v1
kind: PersistentVolume
metadata:
  # any PV name
  name: nfs-pv
spec:
  capacity:
    # storage size
    storage: 10Gi
  accessModes:
    # ReadWriteMany(RW from multi nodes), ReadWriteOnce(RW from a node), ReadOnlyMany(R from multi nodes)
    - ReadWriteMany
  persistentVolumeReclaimPolicy:
    # retain even if pods terminate
    Retain
  nfs:
    # NFS server's definition
    path: /var/lib/nfs/share
    server: 10.0.0.35
    readOnly: false

[origin@dlp ~]$
oc create -f nfs-pv.yml

persistentvolume "nfs-pv" created
[origin@dlp ~]$
oc get pv

NAME      CAPACITY   ACCESSMODES   RECLAIMPOLICY   STATUS      CLAIM     STORAGECLASS   REASON    AGE
nfs-pv    10Gi       RWX           Retain          Available                                      6s
[3] Login as any user in Cluster and create PVC (Persistent Volume Claim) object.
# create PVC setting file

[cent@dlp ~]$
vi nfs-pvc.yml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  # any PVC name
  name: nfs-pvc
spec:
  accessModes:
  # ReadWriteMany(RW from multi nodes), ReadWriteOnce(RW from a node), ReadOnlyMany(R from multi nodes)
  - ReadWriteMany
  resources:
     requests:
       # storage size to use
       storage: 1Gi

[cent@dlp ~]$
oc create -f nfs-pvc.yml

persistentvolumeclaim "nfs-pvc" created
[cent@dlp ~]$
oc get pvc

NAME      STATUS    VOLUME    CAPACITY   ACCESSMODES   STORAGECLASS   AGE
nfs-pvc   Bound     nfs-pv    10Gi       RWX                          15s
[4] On all Compute Nodes, Change SELinux boolean value.
[root@dlp ~]#
setsebool -P virt_use_nfs on

[5] Login as a user who created PVC (Persistent Volume Claim) object and create a Pod which mounts NFS share.
# create Pod setting file

[cent@dlp ~]$
vi nginx-nfs.yml
apiVersion: v1
kind: Pod
metadata:
  # any Pod name
  name: nginx-nfs
  labels:
    name: nginx-nfs
spec:
  containers:
    - name: nginx-nfs
      image: fedora/nginx
      ports:
        - name: web
          containerPort: 80
      volumeMounts:
        # mount point in container
        - name: nfs-share
          mountPath: /usr/share/nginx/html
  volumes:
    - name: nfs-share
      persistentVolumeClaim:
        # PVC name you created
        claimName: nfs-pvc

[cent@dlp ~]$
oc create -f nginx-nfs.yml

pod "nginx-nfs" created
[cent@dlp ~]$
oc get pods

NAME        READY     STATUS    RESTARTS   AGE
nginx-nfs   1/1       Running   0          48s

# shell access to container

[cent@dlp ~]$
oc exec -it nginx-nfs bash
# verify mounting

[root@nginx-nfs /]#
df /usr/share/nginx/html

Filesystem                   1K-blocks    Used Available Use% Mounted on
10.0.0.35:/var/lib/nfs/share  27246080 1541632  25704448   6% /usr/share/nginx/html

# create a test page

[root@nginx-nfs /]#
echo 'NFS Persistent Storage Test' > /usr/share/nginx/html/index.html

[root@nginx-nfs /]#
exit

exit
[cent@dlp ~]$
oc describe pod nginx-nfs | grep ^IP

IP:                     10.130.0.4

# verify accessing

[cent@dlp ~]$
curl 10.130.0.4

NFS Persistent Storage Test
Matched Content