vSphere With Tanzu内置了容器注册表功能,只需要在Cluster的Namespace下enable此功能。有关开启和push/pull的内容请参考vSphere with K8S下使用Harbor
对于vSphere with Tanzu集群来说,在开启内置容器注册表功能的时候,已经把证书写入了Namespace中的secret。而用户在Namespace中自建的Tanzu Cluster 却没有相应的证书。要在Tanzu Cluster中使用内置容器注册表,必须想办法在集群内加入证书。
环境
项目 | 描述 | 备注 |
---|---|---|
vSphere | vSphere7.0u2 | K8S 1.19 |
WCP Ingress | 172.80.0.0/16 | |
WCP Engress | 172.60.0.0/16 | |
NSX-T | NSX-T3.1.2 | |
Tanzu Cluster version | 1.19.7 | |
Tanzu Cluster CNI | Antrea |
环境已经做好了Workload 启用,建立了Namespace:ns-dev,并在此namespace上建立了Tanzu Cluster:tkg-cluster-antrea.
思路
前面已经提到,在vSphere with Tanzu集群中已经绑定了证书,我们可以将这个证书导入到Tanzu Cluster里,以达到使用内置容器注册表的目的。
在配置之前,我们使用前面使用过的MyQSL配置yaml,试着从内置Harbor下拉镜像。
[root@hop Downloads]# kubectl config get-contexts
CURRENT NAME CLUSTER AUTHINFO NAMESPACE
172.80.0.1 172.80.0.1 wcp:172.80.0.1:administrator@vsphere.local
ns-dev 172.80.0.1 wcp:172.80.0.1:administrator@vsphere.local ns-dev
* tkg-cluster-antrea 172.80.0.3 wcp:172.80.0.3:administrator@vsphere.local
生成存储所需的Secret
kubectl create secret generic mysql-pass --from-literal=password=VMware1!
Yaml:
apiVersion: v1
kind: Service
metadata:
name: wordpress-mysql
labels:
app: wordpress
spec:
ports:
- port: 3306
selector:
app: wordpress
tier: mysql
clusterIP: None
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: mysql-pv-claim
labels:
app: wordpress
spec:
accessModes:
- ReadWriteOnce
storageClassName: tanzu-policy #增加本环境的存储类
resources:
requests:
storage: 20Gi
---
apiVersion: apps/v1 # for versions before 1.9.0 use apps/v1beta2
kind: Deployment
metadata:
name: wordpress-mysql
labels:
app: wordpress
spec:
selector:
matchLabels:
app: wordpress
tier: mysql
strategy:
type: Recreate
template:
metadata:
labels:
app: wordpress
tier: mysql
spec:
containers:
- image: 172.80.0.2/ns-dev/mysql:5.7 #内置Harbor地址172.80.0.2
name: mysql
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-pass
key: password
ports:
- containerPort: 3306
name: mysql
volumeMounts:
- name: mysql-persistent-storage
mountPath: /var/lib/mysql
volumes:
- name: mysql-persistent-storage
persistentVolumeClaim:
claimName: mysql-pv-claim
Pod拿不到image
[root@hop yaml]# kubectl get po wordpress-mysql-6c496c78d6-tgff8
NAME READY STATUS RESTARTS AGE
wordpress-mysql-6c496c78d6-tgff8 0/1 ImagePullBackOff 0 3m32s
[root@hop yaml]# kubectl describe po wordpress-mysql-6c496c78d6-tgff8
Name: wordpress-mysql-6c496c78d6-tgff8
Namespace: default
Priority: 0
Node: tkg-cluster-antrea-workers-kcmnf-cb4c6468c-m8jnh/10.211.0.67
Start Time: Fri, 21 May 2021 23:38:30 -0400
Labels: app=wordpress
pod-template-hash=6c496c78d6
tier=mysql
Annotations: kubernetes.io/psp: vmware-system-privileged
Status: Pending
IP: 193.0.2.3
IPs:
IP: 193.0.2.3
Controlled By: ReplicaSet/wordpress-mysql-6c496c78d6
Containers:
mysql:
Container ID:
Image: 172.80.0.2/ns-dev/mysql:5.7
Image ID:
Port: 3306/TCP
Host Port: 0/TCP
State: Waiting
Reason: ImagePullBackOff
Ready: False
Restart Count: 0
Environment:
MYSQL_ROOT_PASSWORD: <set to the key 'password' in secret 'mysql-pass'> Optional: false
Mounts:
/var/lib/mysql from mysql-persistent-storage (rw)
/var/run/secrets/kubernetes.io/serviceaccount from default-token-j7q7q (ro)
Conditions:
Type Status
Initialized True
Ready False
ContainersReady False
PodScheduled True
Volumes:
mysql-persistent-storage:
Type: PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
ClaimName: mysql-pv-claim
ReadOnly: false
default-token-j7q7q:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-j7q7q
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning FailedScheduling 4m2s 0/4 nodes ar e available: 4 pod has unbound immediate PersistentVolumeClaims.
Warning FailedScheduling 4m2s 0/4 nodes ar e available: 4 pod has unbound immediate PersistentVolumeClaims.
Normal Scheduled 3m43s Successfully assigned default/wordpress-mysql-6c496c78d6-tgff8 to tkg-cluster-antrea-workers-kcmnf-cb4c6468c-m8jnh
Normal SuccessfulAttachVolume 3m40s attachdetach-controller AttachVolume .Attach succeeded for volume "pvc-53230be5-0e59-4138-b1d2-b80c3b07105e"
Normal Pulling 2m (x4 over 3m27s) kubelet, tkg-cluster-antrea-workers-kcmnf-cb4c6468c-m8jnh Pulling imag e "172.80.0.2/ns-dev/mysql:5.7"
Warning Failed 2m (x4 over 3m26s) kubelet, tkg-cluster-antrea-workers-kcmnf-cb4c6468c-m8jnh Failed to pu ll image "172.80.0.2/ns-dev/mysql:5.7": rpc error: code = Unknown desc = failed to pull and unpack image "172.80.0.2/ns-dev/mysq l:5.7": failed to resolve reference "172.80.0.2/ns-dev/mysql:5.7": pull access denied, repository does not exist or may require authorization: server message: insufficient_scope: authorization failed
Warning Failed 2m (x4 over 3m26s) kubelet, tkg-cluster-antrea-workers-kcmnf-cb4c6468c-m8jnh Error: ErrIm agePull
Warning Failed 105s (x6 over 3m26s) kubelet, tkg-cluster-antrea-workers-kcmnf-cb4c6468c-m8jnh Error: Image PullBackOff
Normal BackOff 91s (x7 over 3m26s) kubelet, tkg-cluster-antrea-workers-kcmnf-cb4c6468c-m8jnh Back-off pul ling image "172.80.0.2/ns-dev/mysql:5.7"
实验步骤
为Tanzu Cluster创建Secret
- 切换到主管集群的Namespace-ns-dev中
[root@hop Downloads]# kubectl config use-context ns-dev
Switched to context "ns-dev".
- 获取此namespace的映像提取密钥,并将其存储在一个文件中
[root@hop Downloads]# kubectl get secrets -n ns-dev
NAME TYPE DATA AGE
default-token-nf98m kubernetes.io/service-account-token 3 2d
mysql-pass Opaque 1 14h
ns-dev-default-image-pull-secret kubernetes.io/dockerconfigjson 1 14h
ns-dev-default-image-push-secret kubernetes.io/dockerconfigjson 1 14h
[root@hop Downloads]# kubectl get secrets -n ns-dev ns-dev-default-image-pull-secret -o yaml > ~/yaml/image-pull-secret.yaml
[root@hop yaml]# ls
*image-pull-secret.yaml* mysql-deployment.yaml tkg-cluster.yaml
- 编辑image-pull-secret.yaml 文件
更改 namespace 的值,使其与集群中相应的命名空间匹配,这里我们选用 default(必须);
将 name 的值更改为将 name 的值更改为harbor-registry-secret(推荐)
apiVersion: v1
data:
.dockerconfigjson: ewoJCQkJImF1dGhzIjogewoJCQkJCSIxNzIuODAuMC4yIjogewoJCQkJCQkiYXV0aCI6ICJjbTlpYjNRa2JuTXRaR1YyTFdSbFptRjFiSFF0Y0hWc2JDMXliMkp2ZERwbGVVcG9Za2RqYVU5cFNsTlZla2t4VG1sSmMwbHVValZqUTBrMlNXdHdXRlpEU2prdVpYbEtiR1ZJUVdsUGFrVXpUVVJuZDAxRVRUVk5lazF6U1cxc2FHUkRTVFpOVkZsNVRWUlpkMDE2YTNwTmVYZHBZVmhPZWtscWIybGhSMFo1V1cwNWVVeFlVblpoTWxaMVRGZFNiRnB0UmpGaVNGSktZek5PTVZwWVNXbE1RMHB3V2tOSk5rMVRkMmxqUjJ4clNXcHZlVXhEU21oWk1rNXNZek5OYVU5c2REZEpiRXBzWXpJNU1XTnRUbXhKYW05cFRETkNlV0l5Y0d4Wk0xRjJUV2s1ZVZwWVFuWmpNbXd3WWpOS05VbHBkMmxSVjA0d1lWYzVkVWxxYjJsalNGWnpZa05KYzBsclZtMWFiVlpxWkVOSk5rbHBTamxZV0RBdWMyZDBVa3RDYkZoUlFVUk1UUzExWkd4d2RGSm9TRWhETmt3MU1WWk9YMVJzT1ZSblpsVkJSV1o1YmpoNFNIZGZTazgxWVdKQ1IyUnRNRzU1U2pCbWFFRkJPRFowYTBVeVFXcG5Sa0p4V2pKYU9VMTJlbTVEZVdocVRHaGlibHBDUW1GVlZ6TkRlVTF5VVhCTmVHNUtRbmhsVG5CS1J6VmxSRUk1Um1kVVlUWndXalJtTjNCMFlqSmtTRU5UU2xwelNIRnpSblpwVW01T1NUUTJYM1JMUVdZd1kxWkNOM0ZGYWpVek9XWlBkSFF5YjBWTGVraEdlbnBPYkhsTFIyRXdiakJaWWpSaFZYSllXVzVJTlhKVk9VNXlkRzk2YVVjNVJXZHpka3hOZERSTmMwUnNVRlIzZDNkRGEyaEJNVzV0VGxCbldteENaMFJXTVY5UFJXcE1VMHRVU0VSR1p6aExjVFE1UkdOTVJEUnJkREF6U2xsRlYyVmpYMWxDV0Y5a01XNUJkemhuTTJGaFRFSkJPWEJWYTI1cVdrY3phak5HVEhaWGFGaENkbUYxZEVKZmNIUjROVXMyUWtFeE0yaFNOVTA1Y1hVMVoxcHljVEZ3VjNGVGJqWmlURjlmWTIwdE5WOXliM2x3TlVkdFZuaE5YemwwZDJOZlJYUk9kRFEyVm1SNFptcDNkRFU1YlhWcWNGcHRUbFpUTjJwb1oxbFRRVWxqZUcxVWFFOUZORFExWDFSSmVEWmtMV0pNVWpKMVYxSlNURUU1VURGUlUwVjNZa2RuY0RRM05EUndaVXRoVmpkU05tcHlZVTlHUzJ4NVNGTlFTWGhOWlVnd1VteGtSbE00T0dKa1lsQmhSR0ZUVDA5UE1sZEZiV1ZoVjFSSE1IUjVVbTAxVEdkMFpXaHVXRll4Um5KaFNGRkhjRXBOT1dKbVZtVlFNM2N0VEhsM1VtVmpPR1o0YW1wM01UaGpXblJPVG1ob2VGSm5iVzF3V25Ca1IwRnhSMEUzTkdSNVgzcDBSVnBSU0c5dFVHWm9UVTVpV1ZaSVNUWTRXRkU1T0dnelNtdGpkMnBSVmpBM2JWUmFhMnhoTVZOcFNtOXpWR05yVFZSNGNWWjFhMGhZVm5SQlh6SkZWelIxYldGMlpIQTRPVFI1YjBGWGQwUlRaMlozZWtNNVRuVmhNVlp0UTIxUllWSjNiamxUTnpRPSIKCQkJCQl9CgkJCQl9CgkJCX0=
kind: Secret
metadata:
creationTimestamp: "2021-05-21T13:33:25Z"
managedFields:
4. apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
f:data:
.: {}
f:.dockerconfigjson: {}
f:metadata:
f:ownerReferences:
.: {}
k:{"uid":"b84c52d8-61f0-4d7c-9bab-d40838cb3c48"}:
.: {}
f:apiVersion: {}
f:blockOwnerDeletion: {}
f:controller: {}
f:kind: {}
f:name: {}
f:uid: {}
f:type: {}
manager: registry-agent
operation: Update
time: "2021-05-21T13:33:25Z"
name: harbor-registry-secret # Change the name
namespace: default # Change to default
ownerReferences:
5. apiVersion: registryagent.vmware.com/v1alpha1
blockOwnerDeletion: true
controller: true
kind: Project
name: ns-dev
uid: b84c52d8-61f0-4d7c-9bab-d40838cb3c48
resourceVersion: "1093714"
selfLink: /api/v1/namespaces/ns-dev/secrets/ns-dev-default-image-pull-secret
uid: 4671a4ba-3155-4736-83df-5a951cc10737
type: kubernetes.io/dockerconfigjson
- 创建可用于访问 Tanzu 集群(tkg-cluster-antrea)的 kubeconfig 文件
[root@hop yaml]# kubectl get secret -n ns-dev tkg-cluster-antrea-kubeconfig -o jsonpath='{.data.value}' | base64 -d > cluster-kubeconfig
- 转到 Tanzu 集群中,创建注册表服务密钥,引用刚才在本地保存和更新的映像提取密钥文件。
[root@hop yaml]# kubectl --kubeconfig=cluster-kubeconfig apply -f image-pull-secret.yaml
secret/harbor-registry-secret created
注册表服务密钥已成功创建。
修改Deployment的yaml
添加需要使用的Secret,在spec定义内,与containers对齐
imagePullSecrets:
- name: harbor-registry-secret
apiVersion: apps/v1 # for versions before 1.9.0 use apps/v1beta2
kind: Deployment
metadata:
name: wordpress-mysql
labels:
app: wordpress
spec:
selector:
matchLabels:
app: wordpress
tier: mysql
strategy:
type: Recreate
template:
metadata:
labels:
app: wordpress
tier: mysql
spec:
containers:
- image: 172.80.0.2/ns-dev/mysql:5.7
name: mysql
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-pass
key: password
ports:
- containerPort: 3306
name: mysql
volumeMounts:
- name: mysql-persistent-storage
mountPath: /var/lib/mysql
imagePullSecrets: # Add Secrec
- name: harbor-registry-secret
volumes:
- name: mysql-persistent-storage
persistentVolumeClaim:
claimName: mysql-pv-claim
重新应用yaml文件
[root@hop yaml]# kubectl delete -f mysql-deployment.yaml
service "wordpress-mysql" deleted
persistentvolumeclaim "mysql-pv-claim" deleted
deployment.apps "wordpress-mysql" deleted
[root@hop yaml]# vim mysql-deployment.yaml
[root@hop yaml]# kubectl apply -f mysql-deployment.yaml
service/wordpress-mysql created
persistentvolumeclaim/mysql-pv-claim created
deployment.apps/wordpress-mysql created
[root@hop yaml]# kubectl get po -w
NAME READY STATUS RESTARTS AGE
wordpress-mysql-678bff6df9-hz44t 0/1 Pending 0 5s
wordpress-mysql-678bff6df9-hz44t 0/1 Pending 0 7s
wordpress-mysql-678bff6df9-hz44t 0/1 ContainerCreating 0 7s
wordpress-mysql-678bff6df9-hz44t 0/1 Error 0 89s
wordpress-mysql-678bff6df9-hz44t 1/1 Running 1 92s
wordpress-mysql-678bff6df9-hz44t 0/1 Error 1 92s
wordpress-mysql-678bff6df9-hz44t 0/1 CrashLoopBackOff 1 93s
wordpress-mysql-678bff6df9-hz44t 1/1 Running 2 109s
wordpress-mysql-678bff6df9-hz44t 0/1 Error 2 110s
[root@hop yaml]# kubectl describe po wordpress-mysql-678bff6df9-hz44t
Name: wordpress-mysql-678bff6df9-hz44t
Namespace: default
Priority: 0
Node: tkg-cluster-antrea-workers-kcmnf-cb4c6468c-7wzg7/10.211.0.68
Start Time: Sat, 22 May 2021 08:07:34 -0400
Labels: app=wordpress
pod-template-hash=678bff6df9
tier=mysql
Annotations: kubernetes.io/psp: vmware-system-privileged
Status: Running
IP: 193.0.3.3
IPs:
IP: 193.0.3.3
Controlled By: ReplicaSet/wordpress-mysql-678bff6df9
Containers:
mysql:
Container ID: containerd://a0f956c3e99680e8723bd4e2ef56fc2ae72d05922080cb948e66d075ac9a3ccc
Image: 172.80.0.2/ns-dev/mysql:5.7
Image ID: 172.80.0.2/ns-dev/mysql@sha256:92ad1d7e3f8eb7e67d35bf251912fb7cd12676a601dc90b6beb1aece7c1f5073
Port: 3306/TCP
Host Port: 0/TCP
State: Terminated
Reason: Error
Exit Code: 1
Started: Sat, 22 May 2021 08:09:43 -0400
Finished: Sat, 22 May 2021 08:09:43 -0400
Last State: Terminated
Reason: Error
Exit Code: 1
Started: Sat, 22 May 2021 08:09:15 -0400
Finished: Sat, 22 May 2021 08:09:15 -0400
Ready: False
Restart Count: 3
Environment:
MYSQL_ROOT_PASSWORD: <set to the key 'password' in secret 'mysql-pass'> Optional: false
Mounts:
/var/lib/mysql from mysql-persistent-storage (rw)
/var/run/secrets/kubernetes.io/serviceaccount from default-token-j7q7q (ro)
Conditions:
Type Status
Initialized True
Ready False
ContainersReady False
PodScheduled True
Volumes:
mysql-persistent-storage:
Type: PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
ClaimName: mysql-pv-claim
ReadOnly: false
default-token-j7q7q:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-j7q7q
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning FailedScheduling 73s 0/4 nodes are availa ble: 4 pod has unbound immediate PersistentVolumeClaims.
Warning FailedScheduling 73s 0/4 nodes are availa ble: 4 pod has unbound immediate PersistentVolumeClaims.
Normal Scheduled 66s Successfully assigne d default/wordpress-mysql-678bff6df9-hz44t to tkg-cluster-antrea-workers-kcmnf-cb4c6468c-7wzg7
Normal SuccessfulAttachVolume 57s attachdetach-controller AttachVolume.Attach succeeded for volume "pvc-18b35c2a-76f5-4468-815f-36bfe467d52b"
Normal Pulling 41s kubelet, tkg-cluster-antrea-workers-kcmnf-cb4c6468c-7wzg7 Pulling image "172.8 0.0.2/ns-dev/mysql:5.7"
Normal Pulled 12s kubelet, tkg-cluster-antrea-workers-kcmnf-cb4c6468c-7wzg7 Successfully pulled image "172.80.0.2/ns-dev/mysql:5.7" in 29.705267736s
Normal Pulled <invalid> (x3 over <invalid>) kubelet, tkg-cluster-antrea-workers-kcmnf-cb4c6468c-7wzg7 Container image "172 .80.0.2/ns-dev/mysql:5.7" already present on machine
Normal Created <invalid> (x4 over <invalid>) kubelet, tkg-cluster-antrea-workers-kcmnf-cb4c6468c-7wzg7 Created container my sql
Normal Started <invalid> (x4 over <invalid>) kubelet, tkg-cluster-antrea-workers-kcmnf-cb4c6468c-7wzg7 Started container my sql
Warning BackOff <invalid> (x5 over <invalid>) kubelet, tkg-cluster-antrea-workers-kcmnf-cb4c6468c-7wzg7 Back-off restarting failed container
我们发现已经可以下拉image了
Normal Pulled 12s kubelet, tkg-cluster-antrea-workers-kcmnf-cb4c6468c-7wzg7 Successfully pulled image "172.80.0.2/ns-dev/mysql:5.7" in 29.705267736s
但是,Pod还是没起来啊
[root@hop yaml]# kubectl get po
NAME READY STATUS RESTARTS AGE
wordpress-mysql-678bff6df9-hz44t 0/1 Error 4 3m13s
Troubleshooting MySQL pod
查看log信息
[root@hop yaml]# kubectl logs mysql
Error from server (NotFound): pods "mysql" not found
[root@hop yaml]# kubectl logs wordpress-mysql-678bff6df9-hz44t
2021-05-22 12:25:21+00:00 [Note] [Entrypoint]: Entrypoint script for MySQL Server 5.7.34-1debian10 started.
2021-05-22 12:25:21+00:00 [Note] [Entrypoint]: Switching to dedicated user 'mysql'
2021-05-22 12:25:21+00:00 [Note] [Entrypoint]: Entrypoint script for MySQL Server 5.7.34-1debian10 started.
2021-05-22 12:25:21+00:00 [Note] [Entrypoint]: Initializing database files
2021-05-22T12:25:21.466281Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details).
2021-05-22T12:25:21.468098Z 0 [ERROR] --initialize specified but the data directory has files in it. Aborting.
2021-05-22T12:25:21.468340Z 0 [ERROR] Aborting
注意:–initialize specified but the data directory has files in it. Aborting.
问题应该出在我们使用的文件夹:/var/lib/mysql
Google一下报错,发现原因如下:
A new ext4 disk partition is not usually empty; there is a lost+found directory, which mysql is known to choke on.
即在Mysql初始检查的时候,会要求存储目录为空,而ext4 的分区会在初始目录下加一个 lost+found的文件夹,Mysql会认为此文件夹不可用。
Mysql官方也对此做了解决方式的推荐:即Starting the server with --ignore-db-dir=lost+found ,此问题仅在5.7版本。
我们在yaml文件中增加:
image: 172.80.0.2/ns-dev/mysql:5.7
args:
- "--ignore-db-dir=lost+found"
Yaml全文如下:
apiVersion: v1
kind: Service
metadata:
name: wordpress-mysql
labels:
app: wordpress
spec:
ports:
- port: 3306
selector:
app: wordpress
tier: mysql
clusterIP: None
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: mysql-pv-claim
labels:
app: wordpress
spec:
accessModes:
- ReadWriteOnce
storageClassName: tanzu-policy #增加本环境的存储类
resources:
requests:
storage: 20Gi
---
apiVersion: apps/v1 # for versions before 1.9.0 use apps/v1beta2
kind: Deployment
metadata:
name: wordpress-mysql
labels:
app: wordpress
spec:
selector:
matchLabels:
app: wordpress
tier: mysql
strategy:
type: Recreate
template:
metadata:
labels:
app: wordpress
tier: mysql
spec:
containers:
- image: 172.80.0.2/ns-dev/mysql:5.7
args:
- "--ignore-db-dir=lost+found" # 增加初始化忽略字段
name: mysql
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-pass
key: password
ports:
- containerPort: 3306
name: mysql
volumeMounts:
- name: mysql-persistent-storage
mountPath: /var/lib/mysql
imagePullSecrets: # 增加harbor的pull secret
- name: harbor-registry-secret
volumes:
- name: mysql-persistent-storage
persistentVolumeClaim:
claimName: mysql-pv-claim
最后看看效果:
[root@hop yaml]# kubectl delete -f mysql-deployment.yaml
service "wordpress-mysql" deleted
persistentvolumeclaim "mysql-pv-claim" deleted
deployment.apps "wordpress-mysql" deleted
[root@hop yaml]# kubectl apply -f mysql-deployment.yaml
service/wordpress-mysql created
persistentvolumeclaim/mysql-pv-claim created
deployment.apps/wordpress-mysql created
[root@hop yaml]# kubectl get po -w
NAME READY STATUS RESTARTS AGE
wordpress-mysql-8698c468d5-n8zfm 0/1 ContainerCreating 0 11s
wordpress-mysql-8698c468d5-n8zfm 1/1 Running 0 28s
以上