全部產品
Search

搜尋本產品

    Container Service for Kubernetes:將Flexvolume類型的NAS靜態儲存卷遷移至CSI

    文件中心

    Container Service for Kubernetes:將Flexvolume類型的NAS靜態儲存卷遷移至CSI

    更新時間:Jun 19, 2024

    由於Flexvolume儲存外掛程式已棄用,建立叢集已不再支援Flexvolume儲存外掛程式。對於現有使用Flexvolume外掛程式的叢集,建議遷移改用CSI外掛程式。本文介紹如何將Flexvolume類型的NAS靜態儲存卷遷移至CSI。

    索引

    外掛程式區別

    CSI和Flexvolume儲存外掛程式的區別如下表所示。

    外掛程式

    組成

    Kubelet參數

    相關文檔

    CSI

    • CSI-Provisioner(Deployment)

      實現儲存卷、快照自動建立的能力。支援儲存誤刪除後的恢複功能、CNFS儲存等功能。

    • CSI-Plugin(DaemonSet)

      實現儲存卷的自動掛載和卸載能力。支援多種儲存類型,預設支援雲端硬碟、NAS、OSS三種儲存類型。

    外掛程式運行依賴的Kubelet參數不同。

    配置Kubelet的enable-controller-attach-detachtrue

    儲存CSI概述

    Flexvolume

    • Disk-Controller(Deployment)

      實現雲端硬碟卷的自動建立能力。

    • Flexvolume(DaemonSet)

      實現資料卷的掛載、卸載功能。ACK預設提供雲端硬碟、NAS、OSS三種儲存卷的掛載能力。

    外掛程式運行依賴的Kubelet參數不同。

    配置Kubelet的enable-controller-attach-detachfalse

    儲存Flexvolume概述

    使用情境

    叢集已使用Flexvolume掛載NAS靜態儲存卷,即當前叢集中包含Flexvolume類型的NAS靜態儲存卷。

    注意事項

    外掛程式遷移時,PVC重建將導致Pod重建和業務中斷。您需要選擇合適時間對叢集進行外掛程式遷移、PVC重建、應用變更等一系列的重啟操作。

    準備工作

    手動安裝CSI外掛程式

    1. 使用以下內容,分別建立csi-plugin.yamlcsi-provisioner.yaml檔案。

      展開查看csi-plugin.yaml檔案

      ---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: csi-admin
  namespace: kube-system
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: alicloud-csi-plugin
rules:
  - apiGroups: [""]
    resources: ["secrets"]
    verbs: ["get", "create", "list"]
  - apiGroups: [""]
    resources: ["persistentvolumes"]
    verbs: ["get", "list", "watch", "update", "create", "delete", "patch"]
  - apiGroups: [""]
    resources: ["persistentvolumeclaims"]
    verbs: ["get", "list", "watch", "update"]
  - apiGroups: [""]
    resources: ["persistentvolumeclaims/status"]
    verbs: ["get", "list", "watch", "update", "patch"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["storageclasses"]
    verbs: ["get", "list", "watch"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["csinodes"]
    verbs: ["get", "list", "watch"]
  - apiGroups: [""]
    resources: ["events"]
    verbs: ["get", "list", "watch", "create", "update", "patch"]
  - apiGroups: [""]
    resources: ["endpoints"]
    verbs: ["get", "watch", "list", "delete", "update", "create"]
  - apiGroups: [""]
    resources: ["configmaps"]
    verbs: ["get", "watch", "list", "delete", "update", "create"]
  - apiGroups: [""]
    resources: ["nodes"]
    verbs: ["get", "list", "watch", "update"]
  - apiGroups: ["csi.storage.k8s.io"]
    resources: ["csinodeinfos"]
    verbs: ["get", "list", "watch"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["volumeattachments"]
    verbs: ["get", "list", "watch", "update", "patch"]
  - apiGroups: ["snapshot.storage.k8s.io"]
    resources: ["volumesnapshotclasses"]
    verbs: ["get", "list", "watch", "create"]
  - apiGroups: ["snapshot.storage.k8s.io"]
    resources: ["volumesnapshotcontents"]
    verbs: ["create", "get", "list", "watch", "update", "delete"]
  - apiGroups: ["snapshot.storage.k8s.io"]
    resources: ["volumesnapshots"]
    verbs: ["get", "list", "watch", "update", "create"]
  - apiGroups: ["apiextensions.k8s.io"]
    resources: ["customresourcedefinitions"]
    verbs: ["create", "list", "watch", "delete", "get", "update", "patch"]
  - apiGroups: ["coordination.k8s.io"]
    resources: ["leases"]
    verbs: ["get", "create", "list", "watch", "delete", "update"]
  - apiGroups: ["snapshot.storage.k8s.io"]
    resources: ["volumesnapshotcontents/status"]
    verbs: ["update"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["volumeattachments/status"]
    verbs: ["patch"]
  - apiGroups: ["snapshot.storage.k8s.io"]
    resources: ["volumesnapshots/status"]
    verbs: ["update"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["storageclasses"]
    verbs: ["get", "list", "watch"]
  - apiGroups: [""]
    resources: ["namespaces"]
    verbs: ["get", "list"]
  - apiGroups: [""]
    resources: ["pods","pods/exec"]
    verbs: ["create", "delete", "get", "post", "list", "watch", "patch", "udpate"]
  - apiGroups: ["storage.alibabacloud.com"]
    resources: ["rules"]
    verbs: ["get"]
  - apiGroups: ["storage.alibabacloud.com"]
    resources: ["containernetworkfilesystems"]
    verbs: ["get","list", "watch"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: alicloud-csi-plugin
subjects:
  - kind: ServiceAccount
    name: csi-admin
    namespace: kube-system
roleRef:
  kind: ClusterRole
  name: alicloud-csi-plugin
  apiGroup: rbac.authorization.k8s.io
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
  name: diskplugin.csi.alibabacloud.com
spec:
  attachRequired: true
  podInfoOnMount: true
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
  name: nasplugin.csi.alibabacloud.com
spec:
  attachRequired: false
  podInfoOnMount: true
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
  name: ossplugin.csi.alibabacloud.com
spec:
  attachRequired: false
  podInfoOnMount: true
---
kind: DaemonSet
apiVersion: apps/v1
metadata:
  name: csi-plugin
  namespace: kube-system
spec:
  selector:
    matchLabels:
      app: csi-plugin
  template:
    metadata:
      labels:
        app: csi-plugin
    spec:
      tolerations:
        - operator: Exists
      affinity:
        nodeAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
            nodeSelectorTerms:
            - matchExpressions:
              - key: type
                operator: NotIn
                values:
                - virtual-kubelet
      nodeSelector:
        kubernetes.io/os: linux
      serviceAccount: csi-admin
      priorityClassName: system-node-critical
      hostNetwork: true
      hostPID: true
      dnsPolicy: ClusterFirst
      containers:
        - name: disk-driver-registrar
          image: registry.cn-hangzhou.aliyuncs.com/acs/csi-node-driver-registrar:v2.3.1-038aeb6-aliyun
          resources:
            requests:
              cpu: 10m
              memory: 16Mi
            limits:
              cpu: 500m
              memory: 1024Mi
          args:
            - "--v=5"
            - "--csi-address=/var/lib/kubelet/csi-plugins/diskplugin.csi.alibabacloud.com/csi.sock"
            - "--kubelet-registration-path=/var/lib/kubelet/csi-plugins/diskplugin.csi.alibabacloud.com/csi.sock"
          volumeMounts:
            - name: kubelet-dir
              mountPath: /var/lib/kubelet
            - name: registration-dir
              mountPath: /registration
        - name: nas-driver-registrar
          image: registry.cn-hangzhou.aliyuncs.com/acs/csi-node-driver-registrar:v2.3.1-038aeb6-aliyun
          resources:
            requests:
              cpu: 10m
              memory: 16Mi
            limits:
              cpu: 500m
              memory: 1024Mi
          args:
            - "--v=5"
            - "--csi-address=/var/lib/kubelet/csi-plugins/nasplugin.csi.alibabacloud.com/csi.sock"
            - "--kubelet-registration-path=/var/lib/kubelet/csi-plugins/nasplugin.csi.alibabacloud.com/csi.sock"
          volumeMounts:
            - name: kubelet-dir
              mountPath: /var/lib/kubelet/
            - name: registration-dir
              mountPath: /registration
        - name: oss-driver-registrar
          image: registry.cn-hangzhou.aliyuncs.com/acs/csi-node-driver-registrar:v2.3.1-038aeb6-aliyun
          resources:
            requests:
              cpu: 10m
              memory: 16Mi
            limits:
              cpu: 500m
              memory: 1024Mi
          args:
            - "--v=5"
            - "--csi-address=/var/lib/kubelet/csi-plugins/ossplugin.csi.alibabacloud.com/csi.sock"
            - "--kubelet-registration-path=/var/lib/kubelet/csi-plugins/ossplugin.csi.alibabacloud.com/csi.sock"
          volumeMounts:
            - name: kubelet-dir
              mountPath: /var/lib/kubelet/
            - name: registration-dir
              mountPath: /registration
        - name: csi-plugin
          securityContext:
            privileged: true
            allowPrivilegeEscalation: true
          image: registry.cn-hangzhou.aliyuncs.com/acs/csi-plugin:v1.24.6-55c95dd-aliyun
          args:
            - "--endpoint=$(CSI_ENDPOINT)"
            - "--v=2"
            - "--driver=oss,nas,disk"
          env:
            - name: KUBE_NODE_NAME
              valueFrom:
                fieldRef:
                  apiVersion: v1
                  fieldPath: spec.nodeName
            - name: CSI_ENDPOINT
              value: unix://var/lib/kubelet/csi-plugins/driverplugin.csi.alibabacloud.com-replace/csi.sock
            - name: MAX_VOLUMES_PERNODE
              value: "15"
            - name: SERVICE_TYPE
              value: "plugin"
          resources:
            requests:
              cpu: 100m
              memory: 128Mi
            limits:
              cpu: 500m
              memory: 1024Mi
          livenessProbe:
            httpGet:
              path: /healthz
              port: healthz
              scheme: HTTP
            initialDelaySeconds: 10
            periodSeconds: 30
            timeoutSeconds: 5
            failureThreshold: 5
          readinessProbe:
            httpGet:
              path: /healthz
              port: healthz
            initialDelaySeconds: 10
            periodSeconds: 30
            timeoutSeconds: 5
            failureThreshold: 5
          ports:
            - name: healthz
              containerPort: 11260
          volumeMounts:
            - name: kubelet-dir
              mountPath: /var/lib/kubelet/
              mountPropagation: "Bidirectional"
            - name: etc
              mountPath: /host/etc
            - name: host-log
              mountPath: /var/log/
            - name: ossconnectordir
              mountPath: /host/usr/
            - name: container-dir
              mountPath: /var/lib/container
              mountPropagation: "Bidirectional"
            - name: host-dev
              mountPath: /dev
              mountPropagation: "HostToContainer"
            - mountPath: /var/addon
              name: addon-token
              readOnly: true
            - mountPath: /host/var/run/
              name: fuse-metrics-dir
      volumes:
        - name: fuse-metrics-dir
          hostPath:
            path: /var/run/
            type: DirectoryOrCreate
        - name: registration-dir
          hostPath:
            path: /var/lib/kubelet/plugins_registry
            type: DirectoryOrCreate
        - name: container-dir
          hostPath:
            path: /var/lib/container
            type: DirectoryOrCreate
        - name: kubelet-dir
          hostPath:
            path: /var/lib/kubelet
            type: Directory
        - name: host-dev
          hostPath:
            path: /dev
        - name: host-log
          hostPath:
            path: /var/log/
        - name: etc
          hostPath:
            path: /etc
        - name: ossconnectordir
          hostPath:
            path: /usr/
        - name: addon-token
          secret:
            defaultMode: 420
            optional: true
            items:
            - key: addon.token.config
              path: token-config
            secretName: addon.csi.token
  updateStrategy:
    rollingUpdate:
      maxUnavailable: 30%
    type: RollingUpdate

      展開查看csi-provisioner.yaml檔案

      apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: alicloud-disk-topology-alltype
parameters:
  type: cloud_essd,cloud_ssd,cloud_efficiency
provisioner: diskplugin.csi.alibabacloud.com
reclaimPolicy: Delete
allowVolumeExpansion: true
volumeBindingMode: WaitForFirstConsumer
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
   name: alicloud-disk-available
provisioner: diskplugin.csi.alibabacloud.com
parameters:
    type: available
reclaimPolicy: Delete
allowVolumeExpansion: true
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
   name: alicloud-disk-essd
provisioner: diskplugin.csi.alibabacloud.com
parameters:
    type: cloud_essd
reclaimPolicy: Delete
allowVolumeExpansion: true
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
   name: alicloud-disk-ssd
provisioner: diskplugin.csi.alibabacloud.com
parameters:
    type: cloud_ssd
reclaimPolicy: Delete
allowVolumeExpansion: true
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
   name: alicloud-disk-efficiency
provisioner: diskplugin.csi.alibabacloud.com
parameters:
    type: cloud_efficiency
reclaimPolicy: Delete
allowVolumeExpansion: true
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
   name: alicloud-disk-topology
provisioner: diskplugin.csi.alibabacloud.com
parameters:
    type: available
reclaimPolicy: Delete
volumeBindingMode: WaitForFirstConsumer
allowVolumeExpansion: true
---
kind: Deployment
apiVersion: apps/v1
metadata:
  name: csi-provisioner
  namespace: kube-system
spec:
  selector:
    matchLabels:
      app: csi-provisioner
  strategy:
    rollingUpdate:
      maxSurge: 0
      maxUnavailable: 1
    type: RollingUpdate
  replicas: 2
  template:
    metadata:
      labels:
        app: csi-provisioner
    spec:
      affinity:
        nodeAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
          - weight: 1
            preference:
              matchExpressions:
              - key: node-role.kubernetes.io/master
                operator: Exists
          requiredDuringSchedulingIgnoredDuringExecution:
            nodeSelectorTerms:
            - matchExpressions:
              - key: type
                operator: NotIn
                values:
                - virtual-kubelet
        podAntiAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
          - weight: 100
            podAffinityTerm:
              labelSelector:
                matchExpressions:
                - key: app
                  operator: In
                  values:
                  - csi-provisioner
              topologyKey: kubernetes.io/hostname
      tolerations:
      - effect: NoSchedule
        operator: Exists
        key: node-role.kubernetes.io/master
      - effect: NoSchedule
        operator: Exists
        key: node.cloudprovider.kubernetes.io/uninitialized
      serviceAccount: csi-admin
      hostPID: true
      priorityClassName: system-node-critical
      containers:
        - name: external-disk-provisioner
          image: registry.cn-hangzhou.aliyuncs.com/acs/csi-provisioner:v3.0.0-080f01e64-aliyun
          resources:
            requests:
              cpu: 10m
              memory: 16Mi
            limits:
              cpu: 500m
              memory: 1024Mi
          args:
            - "--csi-address=$(ADDRESS)"
            - "--feature-gates=Topology=True"
            - "--volume-name-prefix=disk"
            - "--strict-topology=true"
            - "--timeout=150s"
            - "--leader-election=true"
            - "--retry-interval-start=500ms"
            - "--extra-create-metadata=true"
            - "--default-fstype=ext4"
            - "--v=5"
          env:
            - name: ADDRESS
              value: /var/lib/kubelet/csi-provisioner/diskplugin.csi.alibabacloud.com/csi.sock
          volumeMounts:
            - name: disk-provisioner-dir
              mountPath: /var/lib/kubelet/csi-provisioner/diskplugin.csi.alibabacloud.com
        - name: external-disk-attacher
          image: registry.cn-hangzhou.aliyuncs.com/acs/csi-attacher:v3.3-72dd428b-aliyun
          resources:
            requests:
              cpu: 10m
              memory: 16Mi
            limits:
              cpu: 500m
              memory: 1024Mi
          args:
            - "--v=5"
            - "--csi-address=$(ADDRESS)"
            - "--leader-election=true"
          env:
            - name: ADDRESS
              value: /var/lib/kubelet/csi-provisioner/diskplugin.csi.alibabacloud.com/csi.sock
          volumeMounts:
            - name: disk-provisioner-dir
              mountPath: /var/lib/kubelet/csi-provisioner/diskplugin.csi.alibabacloud.com
        - name: external-disk-resizer
          image: registry.cn-hangzhou.aliyuncs.com/acs/csi-resizer:v1.3-ca84e84-aliyun
          resources:
            requests:
              cpu: 10m
              memory: 16Mi
            limits:
              cpu: 500m
              memory: 8Gi
          args:
            - "--v=5"
            - "--csi-address=$(ADDRESS)"
            - "--leader-election"
          env:
            - name: ADDRESS
              value: /var/lib/kubelet/csi-provisioner/diskplugin.csi.alibabacloud.com/csi.sock
          volumeMounts:
            - name: disk-provisioner-dir
              mountPath: /var/lib/kubelet/csi-provisioner/diskplugin.csi.alibabacloud.com
        - name: external-nas-provisioner
          image: registry.cn-hangzhou.aliyuncs.com/acs/csi-provisioner:v3.0.0-080f01e64-aliyun
          resources:
            requests:
              cpu: 10m
              memory: 16Mi
            limits:
              cpu: 500m
              memory: 1024Mi
          args:
            - "--csi-address=$(ADDRESS)"
            - "--volume-name-prefix=nas"
            - "--timeout=150s"
            - "--leader-election=true"
            - "--retry-interval-start=500ms"
            - "--default-fstype=nfs"
            - "--v=5"
          env:
            - name: ADDRESS
              value: /var/lib/kubelet/csi-provisioner/nasplugin.csi.alibabacloud.com/csi.sock
          volumeMounts:
            - name: nas-provisioner-dir
              mountPath: /var/lib/kubelet/csi-provisioner/nasplugin.csi.alibabacloud.com
        - name: external-nas-resizer
          image: registry.cn-hangzhou.aliyuncs.com/acs/csi-resizer:v1.3-ca84e84-aliyun
          resources:
            requests:
              cpu: 10m
              memory: 16Mi
            limits:
              cpu: 500m
              memory: 8Gi
          args:
            - "--v=5"
            - "--csi-address=$(ADDRESS)"
            - "--leader-election"
          env:
            - name: ADDRESS
              value: /var/lib/kubelet/csi-provisioner/nasplugin.csi.alibabacloud.com/csi.sock
          volumeMounts:
            - name: nas-provisioner-dir
              mountPath: /var/lib/kubelet/csi-provisioner/nasplugin.csi.alibabacloud.com
        - name: external-oss-provisioner
          args:
            - --csi-address=$(ADDRESS)
            - --volume-name-prefix=oss
            - --timeout=150s
            - --leader-election=true
            - --retry-interval-start=500ms
            - --default-fstype=ossfs
            - --v=5
          env:
          - name: ADDRESS
            value: /var/lib/kubelet/csi-provisioner/ossplugin.csi.alibabacloud.com/csi.sock
          image: registry.cn-hangzhou.aliyuncs.com/acs/csi-provisioner:v3.0.0-080f01e64-aliyun
          resources:
            limits:
              cpu: 500m
              memory: 1Gi
            requests:
              cpu: 10m
              memory: 16Mi
          volumeMounts:
          - mountPath: /var/lib/kubelet/csi-provisioner/ossplugin.csi.alibabacloud.com
            name: oss-provisioner-dir
        - name: external-csi-snapshotter
          image: registry.cn-hangzhou.aliyuncs.com/acs/csi-snapshotter:v4.0.0-a230d5b3-aliyun
          resources:
            requests:
              cpu: 10m
              memory: 16Mi
            limits:
              cpu: 500m
              memory: 1024Mi
          args:
            - "--v=5"
            - "--csi-address=$(ADDRESS)"
            - "--leader-election=true"
            - "--extra-create-metadata=true"
          env:
            - name: ADDRESS
              value: /csi/csi.sock
          volumeMounts:
            - name: disk-provisioner-dir
              mountPath: /csi
        - name: external-snapshot-controller
          image: registry.cn-hangzhou.aliyuncs.com/acs/snapshot-controller:v4.0.0-a230d5b3-aliyun
          resources:
            requests:
              cpu: 10m
              memory: 16Mi
            limits:
              cpu: 500m
              memory: 1024Mi
          args:
            - "--v=5"
            - "--leader-election=true"
        - name: csi-provisioner
          securityContext:
            privileged: true
          image: registry.cn-hangzhou.aliyuncs.com/acs/csi-plugin:v1.24.6-55c95dd-aliyun
          args:
            - "--endpoint=$(CSI_ENDPOINT)"
            - "--v=2"
            - "--driver=nas,disk,oss"
          env:
            - name: CSI_ENDPOINT
              value: unix://var/lib/kubelet/csi-provisioner/driverplugin.csi.alibabacloud.com-replace/csi.sock
            - name: MAX_VOLUMES_PERNODE
              value: "15"
            - name: SERVICE_TYPE
              value: "provisioner"
            - name: "CLUSTER_ID"
              value: "CLUSTER_ID"
          livenessProbe:
            httpGet:
              path: /healthz
              port: healthz
              scheme: HTTP
            initialDelaySeconds: 10
            periodSeconds: 30
            timeoutSeconds: 5
            failureThreshold: 5
          readinessProbe:
            httpGet:
              path: /healthz
              port: healthz
            initialDelaySeconds: 5
            periodSeconds: 20
          ports:
            - name: healthz
              containerPort: 11270
          volumeMounts:
            - name: host-log
              mountPath: /var/log/
            - name: disk-provisioner-dir
              mountPath: /var/lib/kubelet/csi-provisioner/diskplugin.csi.alibabacloud.com
            - name: nas-provisioner-dir
              mountPath: /var/lib/kubelet/csi-provisioner/nasplugin.csi.alibabacloud.com
            - name: oss-provisioner-dir
              mountPath: /var/lib/kubelet/csi-provisioner/ossplugin.csi.alibabacloud.com
            - mountPath: /var/addon
              name: addon-token
              readOnly: true
            - mountPath: /mnt
              mountPropagation: Bidirectional
              name: host-dev
            - mountPath: /host/etc
              name: etc
          resources:
            limits:
              cpu: 500m
              memory: 1024Mi
            requests:
              cpu: 100m
              memory: 128Mi
      volumes:
        - name: disk-provisioner-dir
          emptyDir: {}
        - name: nas-provisioner-dir
          emptyDir: {}
        - name: oss-provisioner-dir
          emptyDir: {}
        - name: host-log
          hostPath:
            path: /var/log/
        - name: etc
          hostPath:
            path: /etc
            type: ""
        - name: host-dev
          hostPath:
            path: /mnt
            type: ""
        - name: addon-token
          secret:
            defaultMode: 420
            optional: true
            items:
            - key: addon.token.config
              path: token-config
            secretName: addon.csi.token

    2. 執行以下命令,在ACK叢集中部署csi-plugin和csi-provisioner。

      kubectl apply -f csi-plugin.yaml -f csi-provisioner.yaml

    3. 執行以下命令,查看CSI外掛程式是否正常。

      kubectl get pods -nkube-system | grep csi

      預期輸出:

      csi-plugin-577mm                              4/4     Running   0          3d20h
csi-plugin-k9mzt                              4/4     Running   0          41d
csi-provisioner-6b58f46989-8wwl5              9/9     Running   0          41d
csi-provisioner-6b58f46989-qzh8l              9/9     Running   0          6d20h

      存在以上預期輸出,說明叢集中CSI外掛程式正常運行。

    本文以1個StatefulSet使用Flexvolume類型的NAS靜態儲存卷為例,介紹如何將Flexvolume類型的NAS靜態儲存卷遷移至CSI。流程如下圖所示。nas

    步驟一:查看叢集儲存情況

    1. 執行以下命令,查看Pod狀態。

      kubectl get pod

      預期輸出:

      NAME           READY   STATUS    RESTARTS   AGE
nas-static-1   1/1     Running   0          11m

    2. 執行以下命令,查看Pod使用的PVC。

      kubectl describe pod nas-static-1 |grep ClaimName

      預期輸出:

      ClaimName:  nas-pvc

    3. 執行以下命令,查看當前PVC狀態。

      kubectl get pvc

      預期輸出:

      NAME      STATUS   VOLUME   CAPACITY   ACCESS MODES   STORAGECLASS   AGE
nas-pvc   Bound    nax-pv   512Gi        RWX                         7m23s

    步驟二:建立CSI類型NAS靜態儲存的PVC和PV

    方式一:通過Flexvolume2CSI命令列工具轉換

    1. 將Flexvolume類型的PVC和PV轉換為CSI類型的PVC和PV。具體操作,請參見使用Flexvolume2CSI命令列工具批量轉換YAML

    2. 執行以下命令,建立CSI類型NAS靜態儲存的PVC和PV對象。

      其中,nas-pv-pvc-csi.yaml檔案為通過Flexvolume2CSI命令列工具轉換得到的CSI類型的PVC和PV的YAML檔案。

      kubectl apply -f nas-pv-pvc-csi.yaml

    3. 執行以下命令,查看當前PVC狀態。

      kubectl get pvc

      預期輸出:

      NAME          STATUS   VOLUME       CAPACITY   ACCESS MODES   STORAGECLASS   AGE
nas-pvc       Bound    nas-pv       512Gi      RWX            nas            30m
nas-pvc-csi   Bound    nas-pv-csi   512Gi      RWX            nas            2s

    方式二:通過手動儲存Flexvolume類型PVC和PV並修改儲存驅動的方式轉換

    1. 儲存Flexvolume類型NAS靜態儲存的PVC和PV模板。

      1. 執行以下命令,儲存Flexvolume類型的PVC對象。

        kubectl get pvc nas-pvc -oyaml > nas-pvc-flexvolume.yaml
cat nas-pvc-flexvolume.yaml

        預期輸出:

        apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: nas-pvc
  namespace: default
spec:
  accessModes:
  - ReadWriteMany
  resources:
    requests:
      storage: 512Gi
  selector:
    matchLabels:
      alicloud-pvname: nas-pv
  storageClassName: nas

      2. 執行以下命令,儲存Flexvolume類型的PV對象。

        kubectl get pv nas-pv -oyaml > nas-pv-flexvolume.yaml
cat nas-pv-flexvolume.yaml

        預期輸出:

        apiVersion: v1
kind: PersistentVolume
metadata:
  labels:
    alicloud-pvname: nas-pv
  name: nas-pv
spec:
  accessModes:
  - ReadWriteMany
  capacity:
    storage: 512Gi
  flexVolume:
    driver: alicloud/nas
    options:
      path: /aliyun
      server: ***.***.nas.aliyuncs.com
      vers: "3"
  persistentVolumeReclaimPolicy: Retain
  storageClassName: nas

    2. 建立CSI類型NAS靜態儲存的PVC和PV。

      1. 使用以下YAML內容,建立CSI類型NAS靜態儲存的nas-pv-pvc-csi.yaml檔案。

        apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: nas-pvc-csi
  namespace: default
spec:
  accessModes:
  - ReadWriteMany
  resources:
    requests:
      storage: 512Gi
  selector:
    matchLabels:
      alicloud-pvname: nas-pv-csi
  storageClassName: nas
---
apiVersion: v1
kind: PersistentVolume
metadata:
  labels:
    alicloud-pvname: nas-pv-csi
  name: nas-pv-csi
spec:
  accessModes:
  - ReadWriteMany
  capacity:
    storage: 512Gi
  csi:
    driver: nasplugin.csi.alibabacloud.com
    volumeHandle: nas-pv-csi
    volumeAttributes:
      server: "***.***.nas.aliyuncs.com"  
      path: "/aliyun"
  mountOptions:
  - nolock,tcp,noresvport
  - vers=3
  persistentVolumeReclaimPolicy: Retain
  storageClassName: nas

      2. 執行以下命令,建立CSI類型NAS靜態儲存的PVC和PV對象。

        kubectl apply -f nas-pv-pvc-csi.yaml

      3. 執行以下命令,查看當前PVC狀態。

        kubectl get pvc

        預期輸出:

        NAME      STATUS   VOLUME   CAPACITY   ACCESS MODES   STORAGECLASS   AGE
nas-pvc   Bound    nax-pv   512Gi        RWX                         7m23s

    步驟三:更新應用關聯的PVC

    1. 執行以下命令,編輯應用設定檔。

      kubectl edit sts nas-static

    2. 修改PVC配置內容,將資料卷配置改為CSI類型的PVC。

            volumes:
      - name: pvc-nas
        persistentVolumeClaim:
          claimName: nas-pvc-csi

    3. 執行以下命令,查看Pod是否重啟成功。

      kubectl get pod

      預期輸出:

      NAME           READY   STATUS    RESTARTS   AGE
nas-static-1   1/1     Running   0          70s

    4. 執行以下命令,查看掛載資訊。

      kubectl exec nas-static-1 -- mount |grep nas

      預期輸出:

      # 查看掛載資訊。
***.***.nas.aliyuncs.com:/aliyun on /var/lib/kubelet/pods/ac02ea3f-125f-4b38-9bcf-9b117f62***/volumes/kubernetes.io~csi/nas-pv-csi/mount type nfs (rw,relatime,vers=3,rsize=1048576,wsize=1048576,namlen=255,hard,nolock,noresvport,proto=tcp,timeo=600,retrans=2,sec=sys,mountaddr=192.168.XX.XX,mountvers=3,mountport=2049,mountproto=tcp,local_lock=all,addr=192.168.XX.XX)

      存在以上預期輸出,表示Pod遷移成功。

    步驟四:卸載Flexvolume外掛程式

    1. 登入OpenAPI平台,調用UnInstallClusterAddons卸載Flexvolume外掛程式。

      • ClusterId:您的叢集ID。您可以通過叢集的基本資料頁面,查看叢集ID。

      • name:Flexvolume。

      具體操作,請參見卸載叢集組件

    2. 執行以下命令,刪除alicloud-disk-controlleralicloud-nas-controller

      kubectl delete deploy -nkube-system alicloud-disk-controller alicloud-nas-controller

    3. 執行以下命令,檢查叢集中Flexvolume外掛程式是否卸載完成。

      kubectl get pods -n kube-system | grep 'flexvolume\|alicloud-disk-controller\|alicloud-nas-controller'

      輸出為空白,說明叢集中Flexvolume外掛程式已卸載完成。

    4. 執行以下命令,刪除叢集中Flexvolume類型的StorageClass,Flexvolume類型的StorageClass PROVISIONER類型為alicloud/disk。

      kubectl delete storageclass alicloud-disk-available alicloud-disk-efficiency alicloud-disk-essd alicloud-disk-ssd

      預期輸出:

      storageclass.storage.k8s.io "alicloud-disk-available" deleted
storageclass.storage.k8s.io "alicloud-disk-efficiency" deleted
storageclass.storage.k8s.io "alicloud-disk-essd" deleted
storageclass.storage.k8s.io "alicloud-disk-ssd" deleted

      存在以上輸出,說明StorageClass刪除成功。

    步驟五:使用OpenAPI安裝CSI外掛程式

    1. 登入OpenAPI平台,調用InstallClusterAddons安裝CSI外掛程式。

      • ClusterId:您的叢集ID。

      • name:csi-provisioner。

      • version:最新CSI外掛程式版本。關於CSI版本資訊,請參見csi-provisioner

      具體操作,請參見安裝叢集組件

    2. 執行以下命令,檢查叢集中CSI外掛程式是否正常運行。

      kubectl get pods -nkube-system | grep csi

      預期輸出:

      csi-plugin-577mm                              4/4     Running   0          3d20h
csi-plugin-k9mzt                              4/4     Running   0          41d
csi-provisioner-6b58f46989-8wwl5              9/9     Running   0          41d
csi-provisioner-6b58f46989-qzh8l              9/9     Running   0          6d20h

      存在以上預期輸出,說明叢集中CSI外掛程式正常運行。

    步驟六:修改現有節點配置

    執行以下YAML內容,修改外掛程式運行依賴的Kubelet參數,使其匹配CSI外掛程式的運行要求。 該DaemonSet有將現有節點的Kubelet參數--enable-controller-attach-detach修改為true的能力,當本步驟操作執行完成後,可以將該DaemonSet刪除。

    重要

    執行以下YAML檔案時,會重啟Kubelet,請評估對現有應用的影響。

    kind: DaemonSet
apiVersion: apps/v1
metadata:
  name: kubelet-set
spec:
  selector:
    matchLabels:
      app: kubelet-set
  template:
    metadata:
      labels:
        app: kubelet-set
    spec:
      tolerations:
        - operator: "Exists"
      hostNetwork: true
      hostPID: true
      containers:
        - name: kubelet-set
          securityContext:
            privileged: true
            capabilities:
              add: ["SYS_ADMIN"]
            allowPrivilegeEscalation: true
          image: registry.cn-hangzhou.aliyuncs.com/acs/csi-plugin:v1.26.5-56d1e30-aliyun
          imagePullPolicy: "Always"
          env:
          - name: enableADController
            value: "true"
          command: ["sh", "-c"]
          args:
          - echo "Starting kubelet flag set to $enableADController";
            ifFlagTrueNum=`cat /host/etc/systemd/system/kubelet.service.d/10-kubeadm.conf | grep enable-controller-attach-detach=$enableADController | grep -v grep | wc -l`;
            echo "ifFlagTrueNum is $ifFlagTrueNum";
            if [ "$ifFlagTrueNum" = "0" ]; then
                curValue="true";
                if [ "$enableADController" = "true" ]; then
                    curValue="false";
                fi;
                sed -i "s/enable-controller-attach-detach=$curValue/enable-controller-attach-detach=$enableADController/" /host/etc/systemd/system/kubelet.service.d/10-kubeadm.conf;
                restartKubelet="true";
                echo "current value is $curValue, change to expect "$enableADController;
            fi;
            if [ "$restartKubelet" = "true" ]; then
                /nsenter --mount=/proc/1/ns/mnt systemctl daemon-reload;
                /nsenter --mount=/proc/1/ns/mnt service kubelet restart;
                echo "restart kubelet";
            fi;
            while true;
            do
                sleep 5;
            done;
          volumeMounts:
          - name: etc
            mountPath: /host/etc
      volumes:
        - name: etc
          hostPath:
            path: /etc