通过Kubernetes在Docker容器中挂载Azure文件存储 [英] Mounting Azure File Storage in Docker container via Kubernetes

问题描述

我正在尝试使用此处找到的方法将Azure文件存储安装到容器: https://github.com/kubernetes/kubernetes/tree/master/examples/volumes/azure_file

I am attempting to mount my Azure File Storage to a container using the method found here: https://github.com/kubernetes/kubernetes/tree/master/examples/volumes/azure_file

创建pod时出现错误:输出:安装错误:无法解析[我的文件存储的编码名称] .file.core.windows.net的地址:未知错误"

Upon pod creation I am getting the error: "Output: mount error: could not resolve address for [encoded name of my file storage].file.core.windows.net: Unknown error"

我已确认我的文件存储资源和托管Pod的VM位于同一Azure位置(美国东部).我可以使用上述错误中的相同地址在托管Pod的VM上手动安装此共享.是否有可能我的容器中缺少某种配置，而Git Hub教程中没有解释?

I have confirmed that my File Storage resource and the VM hosting the pod are in the same Azure location (East US). I am able to mount this share manually on the VM hosting the pod using the same address in the error above. Is it possible I am missing some sort of configuration in my container that is not explained in the Git Hub tutorial?

我尝试在不指定卷的情况下创建容器，并且能够从容器内部ping文件存储的地址，因此我不确定无法解析地址的错误来自何方.

I have tried creating my container without specifying the volume and was able to ping the address for the file storage from within the container so I am not sure where the cannot resolve address error is coming from.

推荐答案

我无法重现您的错误，但是我们可以按照以下步骤将Azure文件共享安装到k8s容器.
1.通过Azure新门户创建k8s.
2.SSH k8s master，创建secret，通过k8s文件创建密钥:

I can't reproduce your error, but we can follow those steps to mount Azure file share to k8s container.
1.create k8s via Azure new portal.
2.SSH k8s master, create secret, create secret by k8s file:

在此yaml文件中，我们应该编写存储帐户和密钥，并应该 base64 编码的Azure存储帐户和密钥，如下所示:

In this yaml file, we should write storage account and key in it, and we should base64 encoded Azure storage account and key, like this:

root@k8s-master-3CC6E803-0:~# echo -n jasonshare321 | base64
amFzb25zaGFyZTMyMQ==
root@k8s-master-3CC6E803-0:~# echo -n Bnbh0fjykD+b/EveNoR/elOp118+0vmLsbQqVGC3H0W23mSfbH9WfV1A60Qw3CAZ70Tm4Wgpse1LEtgSJF27cQ== | base64
Qm5iaDBmanlrRCtiL0V2ZU5vUi9lbE9wMTE4KzB2bUxzYlFxVkdDM0gwVzIzbVNmYkg5V2ZWMUE2MFF3M0NBWjcwVG00V2dwc2UxTEV0Z1NKRjI3Y1E9PQ==

然后创建azure-secret:

root@k8s-master-3CC6E803-0:~# mkdir /azure_file
root@k8s-master-3CC6E803-0:~# cd /azure_file/
root@k8s-master-3CC6E803-0:/azure_file# touch azure-secret.yaml
root@k8s-master-3CC6E803-0:/azure_file# vi azure-secret.yaml 

这是天蓝色的秘密:

root @ k8s-master-3CC6E803-0:/azure_file#cat azure-secret.yaml

root@k8s-master-3CC6E803-0:/azure_file# cat azure-secret.yaml

apiVersion: v1
kind: Secret
metadata:
  name: azure-secret
type: Opaque
data:
  azurestorageaccountname: amFzb25zaGFyZTMyMQ== 
  azurestorageaccountkey: Qm5iaDBmanlrRCtiL0V2ZU5vUi9lbE9wMTE4KzB2bUxzYlFxVkdDM0gwVzIzbVNmYkg5V2ZWMUE2MFF3M0NBWjcwVG00V2dwc2UxTEV0Z1NKRjI3Y1E9PQ==

然后使用kubectl创建秘密，就像这样:

Then use kubectl to create secret,like this:

root@k8s-master-3CC6E803-0:/azure_file# kubectl create -f /azure_file/azure-secret.yaml 
secret "azure-secret" created
root@k8s-master-3CC6E803-0:/azure_file# kubectl get secret
NAME                  TYPE                                  DATA      AGE
azure-secret          Opaque                                2         11s
default-token-07cd5   kubernetes.io/service-account-token   3         35m

3.创建pod: 创建azure.yaml:

3.Create pod: create azure.yaml:

root@k8s-master-3CC6E803-0:/azure_file# touch azure.yaml
root@k8s-master-3CC6E803-0:/azure_file# vi azure.yaml 
apiVersion: v1
kind: Pod
metadata:
 name: nginx
spec:
 containers:
  - image: nginx
    name: nginx
    volumeMounts:
      - name: azure
        mountPath: /mnt/azure
 volumes:
      - name: azure
        azureFile:
          secretName: azure-secret
          shareName: testfileshare
          readOnly: false

使用此文件创建广告连播:

Use this file to create pod:

root@k8s-master-3CC6E803-0:/azure_file# kubectl create -f /azure_file/azure.yaml 
pod "nginx" created
root@k8s-master-3CC6E803-0:/azure_file# kubectl get pods
NAME      READY     STATUS    RESTARTS   AGE
nginx     1/1       Running   0          17s

现在，pod创建完成，我们可以使用此脚本来检查文件，如下所示:

Now, pod create is completed, we can use this script to check file,like this:

root@k8s-master-3CC6E803-0:/azure_file# kubectl exec -it nginx bash
root@nginx:/# ls                                                                                                         
bin  boot  dev  etc  home  lib  lib32  lib64  libx32  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var
root@nginx:/# cd /mnt
root@nginx:/mnt# ls
azure
root@nginx:/mnt# cd azure
root@nginx:/mnt/azure# ls
root@nginx:/mnt/azure# df -Th
Filesystem                                          Type     Size  Used Avail Use% Mounted on
overlay                                             overlay   30G  3.3G   26G  12% /
tmpfs                                               tmpfs    1.7G     0  1.7G   0% /dev
tmpfs                                               tmpfs    1.7G     0  1.7G   0% /sys/fs/cgroup
/dev/sda1                                           ext4      30G  3.3G   26G  12% /etc/hosts
//jasonshare321.file.core.windows.net/testfileshare cifs      50G     0   50G   0% /mnt/azure
shm                                                 tmpfs     64M     0   64M   0% /dev/shm
tmpfs                                               tmpfs    1.7G   12K  1.7G   1% /run/secrets/kubernetes.io/serviceaccount

注意:
1.我们应该 base64 编码的Azure存储帐户和密钥.
2.将正确的文件共享名写到azure.yaml:

Note:
1.We should base64 encoded Azure storage account and key.
2.write the right file share name to azure.yaml:

这篇关于通过Kubernetes在Docker容器中挂载Azure文件存储的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！