通过下面的 yaml 配置部署阿里云 Kubernetes 存储插件。

说明 CSI 插件需要您的集群版本大于1.14,且初始化集群的时候选择使用CSI插件。或者自行配置节点kubelet参数,确保enable-controller-attach-detach为true。

使用限制

目前支持 CentOS 7 操作系统。

注意事项

  • 使用 flexvolume 需要 kubelet 关闭 --enable-controller-attach-detach 选项。默认阿里云 Kubernetes 集群已经关闭此选项。
  • 在 kube-system 命名空间部署 CSI。

验证安装完成

在 Master 节点上:

  • 执行如下命令,输出若干(节点个数)Running 状态的 Pod 列表。
    kubectl get pod -n kube-system | grep csi-plugin
  • 执行如下命令,输出一个 Running 状态的 Pod 列表。
    kubectl get pod -n kube-system | csi-provisioner

安装 CSI-Plugin

CSI-Plugin 在Kubernetes集群中已经默认安装。

如果您的集群中没有安装该插件 ,可以通过以下yaml文件手动安装。
apiVersion: storage.k8s.io/v1beta1
kind: CSIDriver
metadata:
  name: diskplugin.csi.alibabacloud.com
spec:
  attachRequired: false
---
apiVersion: storage.k8s.io/v1beta1
kind: CSIDriver
metadata:
  name: nasplugin.csi.alibabacloud.com
spec:
  attachRequired: false
---
apiVersion: storage.k8s.io/v1beta1
kind: CSIDriver
metadata:
  name: ossplugin.csi.alibabacloud.com
spec:
  attachRequired: false
---
kind: DaemonSet
apiVersion: apps/v1beta2
metadata:
  name: csi-plugin
  namespace: kube-system
spec:
  selector:
    matchLabels:
      app: csi-plugin
  template:
    metadata:
      labels:
        app: csi-plugin
    spec:
      tolerations:
        - operator: "Exists"
      priorityClassName: system-node-critical
      serviceAccount: admin
      hostNetwork: true
      hostPID: true
      containers:
        - name: disk-driver-registrar
          image: registry.cn-hangzhou.aliyuncs.com/acs/csi-node-driver-registrar:v1.1.0
          imagePullPolicy: Always
          args:
            - "--v=5"
            - "--csi-address=/var/lib/kubelet/plugins/diskplugin.csi.alibabacloud.com/csi.sock"
            - "--kubelet-registration-path=/var/lib/kubelet/plugins/diskplugin.csi.alibabacloud.com/csi.sock"
          volumeMounts:
            - name: kubelet-dir
              mountPath: /var/lib/kubelet/
            - name: registration-dir
              mountPath: /registration

        - name: csi-diskplugin
          securityContext:
            privileged: true
            capabilities:
              add: ["SYS_ADMIN"]
            allowPrivilegeEscalation: true
          image: registry.cn-hangzhou.aliyuncs.com/acs/csi-plugin:v1.14.5.47-5577bcb-aliyun
          imagePullPolicy: "Always"
          args:
            - "--endpoint=$(CSI_ENDPOINT)"
            - "--v=5"
            - "--driver=diskplugin.csi.alibabacloud.com"
          env:
            - name: CSI_ENDPOINT
              value: unix://var/lib/kubelet/plugins/diskplugin.csi.alibabacloud.com/csi.sock
            - name: ACCESS_KEY_ID
              value: ""
            - name: ACCESS_KEY_SECRET
              value: ""
            - name: MAX_VOLUMES_PERNODE
              value: "15"
            - name: DISK_TAGED_BY_PLUGIN
              value: "true"
          volumeMounts:
            - name: kubelet-dir
              mountPath: /var/lib/kubelet
              mountPropagation: "Bidirectional"
            - name: container-dir
              mountPath: /var/lib/container
              mountPropagation: "Bidirectional"
            - mountPath: /dev
              mountPropagation: "HostToContainer"
              name: host-dev
            - mountPath: /var/log/
              name: host-log
            - name: etc
              mountPath: /host/etc

        - name: nas-driver-registrar
          image: registry.cn-hangzhou.aliyuncs.com/acs/csi-node-driver-registrar:v1.1.0
          imagePullPolicy: Always
          args:
          - "--v=5"
          - "--csi-address=/var/lib/kubelet/plugins/nasplugin.csi.alibabacloud.com/csi.sock"
          - "--kubelet-registration-path=/var/lib/kubelet/plugins/nasplugin.csi.alibabacloud.com/csi.sock"
          volumeMounts:
          - name: kubelet-dir
            mountPath: /var/lib/kubelet
          - name: registration-dir
            mountPath: /registration

        - name: csi-nasplugin
          securityContext:
            privileged: true
            capabilities:
              add: ["SYS_ADMIN"]
            allowPrivilegeEscalation: true
          image: registry.cn-hangzhou.aliyuncs.com/acs/csi-plugin:v1.14.5.47-5577bcb-aliyun
          imagePullPolicy: "Always"
          args:
          - "--endpoint=$(CSI_ENDPOINT)"
          - "--v=5"
          - "--driver=nasplugin.csi.alibabacloud.com"
          env:
          - name: CSI_ENDPOINT
            value: unix://var/lib/kubelet/plugins/nasplugin.csi.alibabacloud.com/csi.sock
          volumeMounts:
          - name: kubelet-dir
            mountPath: /var/lib/kubelet/
            mountPropagation: "Bidirectional"
          - mountPath: /var/log/
            name: host-log

        - name: oss-driver-registrar
          image: registry.cn-hangzhou.aliyuncs.com/acs/csi-node-driver-registrar:v1.1.0
          imagePullPolicy: Always
          args:
          - "--v=5"
          - "--csi-address=/var/lib/kubelet/plugins/ossplugin.csi.alibabacloud.com/csi.sock"
          - "--kubelet-registration-path=/var/lib/kubelet/plugins/ossplugin.csi.alibabacloud.com/csi.sock"
          volumeMounts:
          - name: kubelet-dir
            mountPath: /var/lib/kubelet/
          - name: registration-dir
            mountPath: /registration

        - name: csi-ossplugin
          securityContext:
            privileged: true
            capabilities:
              add: ["SYS_ADMIN"]
            allowPrivilegeEscalation: true
          image: registry.cn-hangzhou.aliyuncs.com/acs/csi-plugin:v1.14.5.47-5577bcb-aliyun
          imagePullPolicy: "Always"
          args:
          - "--endpoint=$(CSI_ENDPOINT)"
          - "--v=5"
          - "--driver=ossplugin.csi.alibabacloud.com"
          env:
          - name: CSI_ENDPOINT
            value: unix://var/lib/kubelet/plugins/ossplugin.csi.alibabacloud.com/csi.sock
          volumeMounts:
          - name: kubelet-dir
            mountPath: /var/lib/kubelet/
            mountPropagation: "Bidirectional"
          - name: etc
            mountPath: /host/etc
          - mountPath: /var/log/
            name: host-log
          - mountPath: /host/usr/
            name: ossconnectordir
      volumes:
        - name: registration-dir
          hostPath:
            path: /var/lib/kubelet/plugins_registry
            type: DirectoryOrCreate
        - name: container-dir
          hostPath:
            path: /var/lib/container
            type: DirectoryOrCreate
        - name: kubelet-dir
          hostPath:
            path: /var/lib/kubelet
            type: Directory
        - name: host-dev
          hostPath:
            path: /dev
        - name: host-log
          hostPath:
            path: /var/log/
        - name: etc
          hostPath:
            path: /etc
        - name: ossconnectordir
          hostPath:
            path: /usr/
  updateStrategy:
    type: RollingUpdate

部署 CSI-Provisioner

CSI-Provisioner 在Kubernetes集群中已经默认安装。

如果您的集群中没有安装该插件 ,可以通过以下yaml文件手动安装。
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
   name: alicloud-disk-available
provisioner: diskplugin.csi.alibabacloud.com
parameters:
    type: available
reclaimPolicy: Delete
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
   name: alicloud-disk-essd
provisioner: diskplugin.csi.alibabacloud.com
parameters:
    type: cloud_essd
reclaimPolicy: Delete
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
   name: alicloud-disk-ssd
provisioner: diskplugin.csi.alibabacloud.com
parameters:
    type: cloud_ssd
reclaimPolicy: Delete
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
   name: alicloud-disk-efficiency
provisioner: diskplugin.csi.alibabacloud.com
parameters:
    type: cloud_efficiency
reclaimPolicy: Delete
---
kind: Service
apiVersion: v1
metadata:
  name: csi-provisioner
  namespace: kube-system
  labels:
    app: csi-provisioner
spec:
  selector:
    app: csi-provisioner
  ports:
    - name: dummy
      port: 12345

---
kind: StatefulSet
apiVersion: apps/v1beta1
metadata:
  name: csi-provisioner
  namespace: kube-system
spec:
  serviceName: "csi-provisioner"
  replicas: 1
  template:
    metadata:
      labels:
        app: csi-provisioner
    spec:
      tolerations:
      - operator: "Exists"
      affinity:
        nodeAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
          - weight: 1
            preference:
              matchExpressions:
              - key: node-role.kubernetes.io/master
                operator: Exists
      priorityClassName: system-node-critical
      serviceAccount: admin
      hostNetwork: true
      containers:
        - name: csi-external-provisioner
          image: registry.cn-hangzhou.aliyuncs.com/acs/csi-provisioner:v1.2.0
          args:
            - "--provisioner=diskplugin.csi.alibabacloud.com"
            - "--csi-address=$(ADDRESS)"
            - "--feature-gates=Topology=True"
            - "--volume-name-prefix=disk"
            - "--v=5"
          env:
            - name: ADDRESS
              value: /socketDir/csi.sock
          imagePullPolicy: "Always"
          volumeMounts:
            - name: disk-provisioner-dir
              mountPath: /socketDir
        - name: csi-diskprovisioner
          securityContext:
            privileged: true
            capabilities:
              add: ["SYS_ADMIN"]
            allowPrivilegeEscalation: true
          image: registry.cn-hangzhou.aliyuncs.com/acs/csi-plugin:v1.14.5.47-5577bcb-aliyun
          imagePullPolicy: "Always"
          args:
            - "--endpoint=$(CSI_ENDPOINT)"
            - "--v=5"
            - "--driver=diskplugin.csi.alibabacloud.com"
          env:
            - name: CSI_ENDPOINT
              value: unix://socketDir/csi.sock
            - name: ACCESS_KEY_ID
              value: ""
            - name: ACCESS_KEY_SECRET
              value: ""
            - name: MAX_VOLUMES_PERNODE
              value: "15"
          volumeMounts:
            - mountPath: /var/log/
              name: host-log
            - mountPath: /socketDir/
              name: disk-provisioner-dir
            - name: etc
              mountPath: /host/etc
          resources:
            limits:
              cpu: 100m
              memory: 100Mi
            requests:
              cpu: 100m
              memory: 100Mi
          livenessProbe:
            exec:
              command:
              - sh
              - -c
              - ps -ef | grep plugin.csi.alibabacloud.com | grep diskplugin.csi.alibabacloud.com | grep -v grep
            failureThreshold: 8
            initialDelaySeconds: 15
            periodSeconds: 10
            successThreshold: 1
            timeoutSeconds: 15
      volumes:
        - name: disk-provisioner-dir
          emptyDir: {}
        - name: host-log
          hostPath:
            path: /var/log/
        - name: etc
          hostPath:
            path: /etc
  updateStrategy:
    type: RollingUpdate