1
0
Fork 0
mirror of https://code.forgejo.org/infrastructure/documentation synced 2024-11-25 20:11:11 +00:00

use and create a NFS backed PVC

This commit is contained in:
Earl Warren 2024-10-05 12:37:54 +02:00
parent 184f9045d1
commit f76d6ea2a9
No known key found for this signature in database
GPG key ID: 0579CB2928A78A00

View file

@ -354,6 +354,10 @@ The IP address ends with the same number as the hardware (hetzner02 => .2).
The vSwitch on VLAN 4000 is for DRBD exclusively The vSwitch on VLAN 4000 is for DRBD exclusively
#### vSwitch NFS
The vSwitch on VLAN 4001 is for NFS
#### vSwitch k8s #### vSwitch k8s
The vSwitch on VLAN 4002 is for the k8s control plane The vSwitch on VLAN 4002 is for the k8s control plane
@ -818,6 +822,27 @@ curl -fL https://get.k3s.io | sh -s - server --cluster-init --disable=servicelb
curl -fsSL https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash - curl -fsSL https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash -
``` ```
Define the nfs storage class.
```sh
$ cat nfs.yml
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
name: nfs
namespace: default
spec:
chart: nfs-subdir-external-provisioner
repo: https://kubernetes-sigs.github.io/nfs-subdir-external-provisioner
targetNamespace: default
set:
nfs.server: 10.53.101.5
nfs.path: /precious
storageClass.name: nfs
$ kubectl apply --server-side=true -f nfs.yml
$ kubectl get storageclass nfs
```
### k8s second server node ### k8s second server node
The token is found on the first node in the `/var/lib/rancher/k3s/server/token` file. The token is found on the first node in the `/var/lib/rancher/k3s/server/token` file.
@ -831,6 +856,63 @@ curl -fL https://get.k3s.io | sh -s - server --token $token --server https://$ma
curl -fsSL https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash - curl -fsSL https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash -
``` ```
### k8s NFS storage creation
Create the directory to be used, with the expected permissions (assuing `/precious` is the directory exported via NFS).
```sh
sudo mkdir /precious/forgejo-data
sudo chmod 1000:1000 /precious/forgejo-data
```
Define the `forgejo-data` pvc.
```sh
$ cat pv.yml
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: forgejo-data
spec:
capacity:
storage: 20Gi
nfs:
server: 10.53.101.5
path: /precious/forgejo-data
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs
mountOptions:
- noatime
volumeMode: Filesystem
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: forgejo-data
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 20Gi
volumeName: forgejo-data
storageClassName: nfs
volumeMode: Filesystem
$ kubectl apply --server-side=true -f pv.yml
```
[Instruct the forgejo pod](https://code.forgejo.org/forgejo-helm/forgejo-helm#persistence) to use the `forgejo-data` pvc.
```yaml
persistence:
enabled: true
create: false
claimName: forgejo-data
```
### k8s dedicated etcd node ### k8s dedicated etcd node
[dedicated etcd node](https://docs.k3s.io/installation/server-roles#dedicated-etcd-nodes) [dedicated etcd node](https://docs.k3s.io/installation/server-roles#dedicated-etcd-nodes)