本篇主要记录创建企业版 JuiceFS PVC 的脚本,方便快速配置。
1. 设置环境变量
1.1 基础配置
1
2
3
| export NAMESPACE=
export PVC_NAME=
export JUICEFS_VOLUME=
|
1.2 JuiceFS 认证信息
1
2
3
| export TOKEN=
export ACCESS_KEY=
export SECRET_KEY=
|
1.3 JuiceFS 服务配置
1
2
| export BASE_URL=http://x.x.x.x:8080/static
export CFG_URL=http://x.x.x.x:8080/volume/%s/mount
|
1.4 镜像配置
1
2
3
4
| export JUICEFS_IMAGE=juicedata/mount
export JUICEFS_IMAGE_TAG=ee-5.2.13-7a0eb79
export DEMO_IMAGE=ubuntu
|
1.5 Worker 配置
1
2
3
| export WORKER_REPLICAS=1
export NODE_SELECTOR_KEY=
export NODE_SELECTOR_VALUE="true"
|
1.6 缓存配置
1
2
3
| export CACHE_GROUP="${PVC_NAME}-cache-group"
export CACHE_PATH=/data/jfs-cache
export CACHE_QUOTA=2Ti
|
不同网络分区的集群,CACHE_GROUP 应该设置为不同的值,禁止共享缓存数据。
2. 创建 Secret
创建包含 JuiceFS 认证信息和配置的 Secret。
1
2
3
4
5
6
| kubectl -n $NAMESPACE create secret generic ${PVC_NAME} \
--from-literal=name=$PVC_NAME \
--from-literal=token="$TOKEN" \
--from-literal=accesskey=$ACCESS_KEY \
--from-literal=secretkey=$SECRET_KEY \
--from-literal=envs="{\"BASE_URL\": \"$BASE_URL\", \"CFG_URL\": \"$CFG_URL\"}"
|
3. 创建 Dataset
创建 Dataset 资源,配置挂载点和加密选项。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
| kubectl apply -f - <<EOF
apiVersion: data.fluid.io/v1alpha1
kind: Dataset
metadata:
name: $PVC_NAME
namespace: $NAMESPACE
spec:
accessModes:
- ReadWriteMany
mounts:
- name: $JUICEFS_VOLUME
mountPoint: juicefs:///
options:
max-uploads: "200"
max-cached-inodes: "10000000"
cache-size: "2048000"
opencache: ""
buffer-size: "2048"
cache-group: "$CACHE_GROUP"
encryptOptions:
- name: access-key
valueFrom:
secretKeyRef:
name: ${PVC_NAME}
key: accesskey
- name: secret-key
valueFrom:
secretKeyRef:
name: ${PVC_NAME}
key: secretkey
- name: token
valueFrom:
secretKeyRef:
name: ${PVC_NAME}
key: token
EOF
|
4. 创建 JuiceFSRuntime
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
| kubectl apply -f - <<EOF
apiVersion: data.fluid.io/v1alpha1
kind: JuiceFSRuntime
metadata:
name: $PVC_NAME
namespace: $NAMESPACE
spec:
replicas: $WORKER_REPLICAS
juicefsVersion:
image: $JUICEFS_IMAGE
imageTag: $JUICEFS_IMAGE_TAG
fuse:
image: $JUICEFS_IMAGE
imageTag: $JUICEFS_IMAGE_TAG
env:
- name: BASE_URL
value: $BASE_URL
- name: CFG_URL
value: $CFG_URL
cleanPolicy: OnDemand
options:
cache-size: "0"
worker:
env:
- name: BASE_URL
value: $BASE_URL
- name: CFG_URL
value: $CFG_URL
nodeSelector:
$NODE_SELECTOR_KEY: "$NODE_SELECTOR_VALUE"
resources:
requests:
cpu: 1
memory: 5Gi
tieredstore:
levels:
- mediumtype: SSD
path: $CACHE_PATH
quota: $CACHE_QUOTA
low: "0.2"
EOF
|
5. 创建测试 Pod
创建测试 Pod 验证 PVC 是否正常工作。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
| kubectl apply -f - <<EOF
apiVersion: v1
kind: Pod
metadata:
name: ${PVC_NAME}
namespace: $NAMESPACE
spec:
containers:
- name: demo
image: $DEMO_IMAGE
command: ["sleep", "infinity"]
volumeMounts:
- mountPath: /data/jfs
name: data
volumes:
- name: data
persistentVolumeClaim:
claimName: $PVC_NAME
EOF
|
6. 清理资源
1
2
3
4
| kubectl -n $NAMESPACE delete pod ${PVC_NAME}
kubectl -n $NAMESPACE delete juicefsruntime $PVC_NAME
kubectl -n $NAMESPACE delete dataset $PVC_NAME
kubectl -n $NAMESPACE delete secret ${PVC_NAME}
|
7. 其他配置
worker 和 fuse 会使用 /root/.juicefs 目录下的配置文件,这个配置文件是通过 juicefs auth 命令生成的。如果需要自定义配置文件,可以创建一个 Secret,然后在 JuiceFSRuntime 中挂载这个 Secret。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
| apiVersion: v1
kind: Secret
metadata:
name: ${PVC_NAME}-conf
namespace: $NAMESPACE
type: Opaque
stringData:
${JUICEFS_VOLUME}.conf: |
{
"master": "cn-beijing-1.local:9420",
"master_ip": [
],
"storage": "ks3",
"region": "cn-beijing",
"bucket": "http://my-bucket.ks3.my-domain.com"
}
|
这里的 bucket 完成域名是 JuiceFS 根据环境探测所得,如果内网域名能联通会优先使用内网域名。如果需要自定义,可以在配置文件中指定完整的域名。
1
2
3
4
5
6
7
8
9
10
11
12
13
| apiVersion: data.fluid.io/v1alpha1
kind: JuiceFSRuntime
metadata:
name: jfsdemo-ee
spec:
fuse:
volumeMounts:
- name: auth-config
mountPath: "/root/.juicefs"
volumes:
- name: auth-config
secret:
secretName: ${PVC_NAME}-conf
|
