标签:k8s
一、创建相应的pool
ceph osd pool create k8s 4096 4096
二、创建ceph的对k8s pool的用户
ceph auth get-or-create client.k8s mon ‘allow r‘ osd ‘allow class-read object_prefix rbd_children, allow rwx pool=k8s‘
三、对k8s用户进行base64加密
echo "keyring " | base64
四、创建基于keyring 的secret资源
root@master:~# cat ceph-secret.yaml apiVersion: v1 kind: Secretmetadata: name: ceph-secret data: key: QVFBbW5SbFgyenJxRFJBQU9pdU9zMnNJSXRHaEFQNnRORGEzVmc9PQo= #base64后的key
kubectl create -f ceph-secret.yaml
kubectl get secret
五、编辑一个可用的ReplicationController 让rbdpod跑起来
apiVersion: v1
kind: PersistentVolume
metadata:
name: ceph-rbd-pv-onduty-redis-data
namespace: devops
labels:
onduty: redis-data
spec:
capacity:
storage: 50Gi
accessModes:
- ReadWriteOnce
rbd:
monitors:
- 10.0.0.4:6789
- 10.0.0.5:6789
- 10.0.0.6:6789
pool: k8s
image: onduty-redis-data
user: admin
secretRef:
name: ceph-secret
fsType: ext4
readOnly: false
persistentVolumeReclaimPolicy: Retain
本文出自 “让我men共同成长” 博客,请务必保留此出处http://wujingfeng.blog.51cto.com/5725921/1972906
标签:k8s
原文地址:http://wujingfeng.blog.51cto.com/5725921/1972906
