Warning: file_get_contents(/data/phpspider/zhask/data//catemap/7/kubernetes/5.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Kubernetes 启用ExpandPersistentVolumes_Kubernetes - Fatal编程技术网
Fatal编程技术网
  • kubernetes/
  • Kubernetes 启用ExpandPersistentVolumes

Kubernetes 启用ExpandPersistentVolumes

kubernetes

Kubernetes 启用ExpandPersistentVolumes,kubernetes,Kubernetes,我需要调整一堆PVC的大小。看来最简单的方法就是通过 ExpandPersistentVolumes功能。然而,我很难得到正确的答案 配置以进行合作 ExpandPersistentVolumes功能门设置在所有三个通道的kubelet中 如图所示: $ kubectl --namespace=kube-system get pod -o yaml | grep -i admission

我需要调整一堆PVC的大小。看来最简单的方法就是通过 ExpandPersistentVolumes功能。然而,我很难得到正确的答案 配置以进行合作

ExpandPersistentVolumes
功能门设置在所有三个通道的kubelet中 如图所示:

$ kubectl --namespace=kube-system get pod -o yaml | grep -i admission                                                                                                                                                           
    /usr/local/bin/kube-apiserver --admission-control=Initializers,NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,DefaultStorageClass,DefaultTolerationSeconds,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,NodeRestriction,PersistentVolumeClaimResize,ResourceQuota
    /usr/local/bin/kube-apiserver --admission-control=Initializers,NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,DefaultStorageClass,DefaultTolerationSeconds,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,NodeRestriction,PersistentVolumeClaimResize,ResourceQuota
    /usr/local/bin/kube-apiserver --admission-control=Initializers,NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,DefaultStorageClass,DefaultTolerationSeconds,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,NodeRestriction,PersistentVolumeClaimResize,ResourceQuota
(输出修剪为相关位,以保持正常)

apiserver具有
PersistentVolumeClaimResize
准入控制器,如图所示:

$ kubectl --namespace=kube-system get pod -o yaml | grep -i admission                                                                                                                                                           
    /usr/local/bin/kube-apiserver --admission-control=Initializers,NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,DefaultStorageClass,DefaultTolerationSeconds,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,NodeRestriction,PersistentVolumeClaimResize,ResourceQuota
    /usr/local/bin/kube-apiserver --admission-control=Initializers,NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,DefaultStorageClass,DefaultTolerationSeconds,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,NodeRestriction,PersistentVolumeClaimResize,ResourceQuota
    /usr/local/bin/kube-apiserver --admission-control=Initializers,NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,DefaultStorageClass,DefaultTolerationSeconds,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,NodeRestriction,PersistentVolumeClaimResize,ResourceQuota
但是,当我创建或编辑存储类以添加
allowVolumeExpansion
时, 保存时会将其删除。例如:

$ cat new-sc.yaml
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  creationTimestamp: null
  labels:
    k8s-addon: storage-aws.addons.k8s.io
  name: gp2-2
  selfLink: /apis/storage.k8s.io/v1/storageclasses/gp2
parameters:
  encrypted: "true"
  kmsKeyId: arn:aws:kms:us-west-2:<omitted>
  type: gp2
  zone: us-west-2a
provisioner: kubernetes.io/aws-ebs
reclaimPolicy: Delete
allowVolumeExpansion: true

$ kubectl create -f new-sc.yaml
storageclass "gp2-2" created

$ kubectl get sc gp2-2 -o yaml
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  creationTimestamp: 2018-05-22T20:00:17Z
  labels:
    k8s-addon: storage-aws.addons.k8s.io
  name: gp2-2
  resourceVersion: "2546166"
  selfLink: /apis/storage.k8s.io/v1/storageclasses/gp2-2
  uid: <omitted>
parameters:
  encrypted: "true"
  kmsKeyId: arn:aws:kms:us-west-2:<omitted>
  type: gp2
  zone: us-west-2a
provisioner: kubernetes.io/aws-ebs
reclaimPolicy: Delete

$cat new-sc.yaml
apiVersion:storage.k8s.io/v1
种类:StorageClass
元数据:
creationTimestamp:空
标签:
k8s插件:存储-aws.addons.k8s.io
姓名:gp2-2
selfLink:/api/storage.k8s.io/v1/storageclasses/gp2
参数:
加密:“真”
kmsKeyId:arn:aws:kms:us-west-2:
类型:gp2
分区:us-west-2a
供应人:kubernetes.io/aws-ebs
回收策略:删除
allowVolumeExpansion:真
$kubectl create-f new-sc.yaml
已创建storageclass“gp2-2”
$kubectl获得sc gp2-2-o yaml
apiVersion:storage.k8s.io/v1
种类:StorageClass
元数据:
creationTimestamp:2018-05-22T20:00:17Z
标签:
k8s插件:存储-aws.addons.k8s.io
姓名:gp2-2
资源版本:“2546166”
selfLink:/api/storage.k8s.io/v1/storageclasses/gp2-2
uid:
参数:
加密:“真”
kmsKeyId:arn:aws:kms:us-west-2:
类型:gp2
分区:us-west-2a
供应人:kubernetes.io/aws-ebs
回收策略:删除
我错过了什么?什么在从storageclass配置中删除此密钥

编辑:以下是kube apiserver pods使用的命令。它没有提到任何关于功能门的内容。集群是使用Kops启动的

- /bin/sh
    - -c
    - mkfifo /tmp/pipe; (tee -a /var/log/kube-apiserver.log < /tmp/pipe & ) ; exec
      /usr/local/bin/kube-apiserver --address=127.0.0.1 --admission-control=Initializers,NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,DefaultStorageClass,DefaultTolerationSeconds,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,NodeRestriction,PersistentVolumeClaimResize,ResourceQuota
      --allow-privileged=true --anonymous-auth=false --apiserver-count=3 --authorization-mode=RBAC
      --basic-auth-file=/srv/kubernetes/basic_auth.csv --client-ca-file=/srv/kubernetes/ca.crt
      --cloud-provider=aws --etcd-cafile=/srv/kubernetes/ca.crt --etcd-certfile=/srv/kubernetes/etcd-client.pem
      --etcd-keyfile=/srv/kubernetes/etcd-client-key.pem --etcd-servers-overrides=/events#https://127.0.0.1:4002
      --etcd-servers=https://127.0.0.1:4001 --insecure-port=8080 --kubelet-preferred-address-types=InternalIP,Hostname,ExternalIP
      --proxy-client-cert-file=/srv/kubernetes/apiserver-aggregator.cert --proxy-client-key-file=/srv/kubernetes/apiserver-aggregator.key
      --requestheader-allowed-names=aggregator --requestheader-client-ca-file=/srv/kubernetes/apiserver-aggregator-ca.cert
      --requestheader-extra-headers-prefix=X-Remote-Extra- --requestheader-group-headers=X-Remote-Group
      --requestheader-username-headers=X-Remote-User --secure-port=443 --service-cluster-ip-range=100.64.0.0/13
      --storage-backend=etcd3 --tls-cert-file=/srv/kubernetes/server.cert --tls-private-key-file=/srv/kubernetes/server.key
      --token-auth-file=/srv/kubernetes/known_tokens.csv --v=1 > /tmp/pipe 2>&1

-/bin/sh
--c
-mkfifo/tmp/管道;(tee-a/var/log/kube-apiserver.log/tmp/pipe 2>&1
如果您没有为该选项启用alpha功能门,则可能会发生这种情况

您是否为设置了功能门的
-feature gates
选项

更新:如果在命令行参数中没有看到此选项,则需要添加它(
--feature gates=expandpersistentcolumes=true

如果以pod形式运行kube apiserver,则应编辑/
etc/kubernetes/manifests/kube apiserver.yaml
,并将功能门选项添加到其他参数中。kube apiserver将自动重新启动

如果将kube apiserver作为systemd维护的进程运行,则应在单独的文件中编辑
kube apiserver.service
或service options
$kube\u API\u ARGS
,并在其中附加功能门选项。使用
systemctl Restart kube apiserver.service
命令重新启动服务

启用后,可以使用allowVolumeExpansion选项创建StorageClass对象:

# kubectl get sc -o yaml --export
apiVersion: v1
items:
- allowVolumeExpansion: true
  apiVersion: storage.k8s.io/v1
  kind: StorageClass
  metadata:
    creationTimestamp: 2018-05-23T14:38:43Z
    labels:
      k8s-addon: storage-aws.addons.k8s.io
    name: gp2-2
    namespace: ""
    resourceVersion: "1385"
    selfLink: /apis/storage.k8s.io/v1/storageclasses/gp2-2
    uid: fe516dcf-5e96-11e8-a86d-42010a9a0002
  parameters:
    encrypted: "true"
    kmsKeyId: arn:aws:kms:us-west-2:<omitted>
    type: gp2
    zone: us-west-2a
  provisioner: kubernetes.io/aws-ebs
  reclaimPolicy: Delete
  volumeBindingMode: Immediate
kind: List
metadata:
  resourceVersion: ""
  selfLink: ""

#kubectl获取sc-o yaml--导出
版本:v1
项目:
-allowVolumeExpansion:真
apiVersion:storage.k8s.io/v1
种类:StorageClass
元数据:
creationTimestamp:2018-05-23T14:38:43Z
标签:
k8s插件:存储-aws.addons.k8s.io
姓名:gp2-2
名称空间:“
资源版本:“1385”
selfLink:/api/storage.k8s.io/v1/storageclasses/gp2-2
uid:fe516dcf-5e96-11e8-a86d-42010a9a0002
参数:
加密:“真”
kmsKeyId:arn:aws:kms:us-west-2:
类型:gp2
分区:us-west-2a
供应人:kubernetes.io/aws-ebs
回收策略:删除
卷绑定模式:立即
种类:列表
元数据:
资源版本:“
自链接:“
我使用的是Kops,所以我猜如果有必要,它会在apiserver pod上设置feature gates参数。但从我的配置来看,似乎还没有完成。我用正在使用的参数更新了我的问题,并将研究如何获得该集合。我注意到,我在kubelet下的Kops配置中添加了featureGates部分,而我可能希望在kubeApiServer下添加它。现在正在测试。我已经更新了我的答案,并提供了一些如何添加功能门选项的建议。您知道在OpenShift 4中在哪里包括
--功能门
--准入控制
标志吗?是kube apiserver运营商而不是pods? 
# kubectl get sc -o yaml --export
apiVersion: v1
items:
- allowVolumeExpansion: true
  apiVersion: storage.k8s.io/v1
  kind: StorageClass
  metadata:
    creationTimestamp: 2018-05-23T14:38:43Z
    labels:
      k8s-addon: storage-aws.addons.k8s.io
    name: gp2-2
    namespace: ""
    resourceVersion: "1385"
    selfLink: /apis/storage.k8s.io/v1/storageclasses/gp2-2
    uid: fe516dcf-5e96-11e8-a86d-42010a9a0002
  parameters:
    encrypted: "true"
    kmsKeyId: arn:aws:kms:us-west-2:<omitted>
    type: gp2
    zone: us-west-2a
  provisioner: kubernetes.io/aws-ebs
  reclaimPolicy: Delete
  volumeBindingMode: Immediate
kind: List
metadata:
  resourceVersion: ""
  selfLink: ""