Skip to content

Latest commit

 

History

History
96 lines (74 loc) · 4.02 KB

步骤5-配置使用EBS.md

File metadata and controls

96 lines (74 loc) · 4.02 KB

步骤5 配置使用EBS CSI

5.1 创建所需要的IAM policy , EKS OIDC provider, service account

5.1.1 创建所需要的IAM policy https://raw.githubusercontent.com/kubernetes-sigs/aws-ebs-csi-driver/v0.4.0/docs/example-iam-policy.json

#curl -O https://raw.githubusercontent.com/kubernetes-sigs/aws-ebs-csi-driver/v0.4.0/docs/example-iam-policy.json

#请使用EKS-Workshop-China/resource/aws-ebs-csi-driver/ebs-csi-iam-policy.json
aws iam create-policy --policy-name EKS_EBS_CSI_Driver_Policy 、
    --policy-document file://./ebs-csi-iam-policy.json --region ${AWS_REGION}
        
#返回示例,请记录返回的Plociy ARN
POLICY_NAME=$(aws iam list-policies --query 'Policies[?PolicyName==`EKS_EBS_CSI_Driver_Policy`].Arn'
    --output text --region ${AWS_REGION})

5.1.2 获取eks 工作节点的IAM role

# 注意这一步如果是多个nodegroup就会有多个role
kubectl -n kube-system describe configmap aws-auth

# Single node group
ROLE_NAME=Role-name-in-above-output
aws iam attach-role-policy --policy-arn ${POLICY_NAME} \
    --role-name ${ROLE_NAME} --region ${AWS_REGION}
  • For multiple node group, 这里准备了一个脚本updaterole.sh
cd KS-Workshop-China/resource/aws-ebs-csi-driver/
sh ./updaterole.sh ${POLICY_NAME}

5.1.3 部署EBS CSI 驱动到eks 集群

官方文档 https://docs.aws.amazon.com/zh_cn/eks/latest/userguide/ebs-csi.html

#因为中国区有些地方需要修改,所以我fork了一个官方的,并修改了相关image地址
# git clone https://github.com/kubernetes-sigs/aws-ebs-csi-driver.git

kubectl apply -k ./aws-ebs-csi-driver/deploy/kubernetes/overlays/stable

# 验证部署正确 
kubectl get pods -n kube-system
NAME                                      READY   STATUS             RESTARTS   AGE
alb-ingress-controller-649b854d75-m8c75   1/1     Running            0          2d
aws-node-ct6rz                            1/1     Running            0          4d
aws-node-sfjtn                            1/1     Running            0          3d2h
aws-node-xzfx9                            1/1     Running            0          4d
coredns-6565755d58-pd5nm                  1/1     Running            0          4d
coredns-6565755d58-v9nl7                  1/1     Running            0          4d
ebs-csi-controller-6dcc4dc6f4-6k4s5       4/4     Running            0          47h
ebs-csi-controller-6dcc4dc6f4-vtklz       4/4     Running            0          47h
ebs-csi-node-2zmct                        3/3     Running            0          47h
ebs-csi-node-plljf                        3/3     Running            0          47h
ebs-csi-node-s9lbz                        3/3     Running            0          47h
kube-proxy-g4mcw                          1/1     Running            0          4d
kube-proxy-mb88w                          1/1     Running            0          4d
kube-proxy-tpx4x                          1/1     Running            0          3d2h
kubernetes-dashboard-5f7b999d65-dcc6h     1/1     Running            0          2d4h
metrics-server-7fcf9cc98b-rntrh           1/1     Running            0          26h

5.2 部署动态卷实例应用

cd aws-ebs-csi-driver/examples/kubernetes/dynamic-provisioning/
kubectl apply -f specs/

#查看storageclass
kubectl describe storageclass ebs-sc

#查看示例app状态
kubectl get pods --watch
#查看是否有失败
kubectl get events

kubectl get pv
PV_NAME=$(kubectl get pv -o json | jq -r '.items[0].metadata.name')
kubectl describe persistentvolumes ${PV_NAME}

kubectl exec -it app cat /data/out.txt
# Thu Mar 5 14:19:43 UTC 2020
# Thu Mar 5 14:19:48 UTC 2020

#删除示例程序
kubectl delete -f specs/