【发布时间】:2019-09-03 17:04:10
【问题描述】:
我想使用 sonar-qube 并将其部署在 AKS (Azure Kubernetes) 上。我想在持久卷上存储声纳日志、数据、conf 和扩展。但是,AKS 似乎由于超时而无法装载卷。
我已经构建了一个创建卷 + 服务 + 部署和入口的脚本。 --> 没有成功
我试图将卷创建与应用程序创建和卷附件分开-->没有成功
但是,卷是在 AZURE 上创建并可用的
配置:
- AKS 版本:1.14.5
- 硬件类型:标准 DS2 v2(2 vcpus,7 GiB 内存)
这是我用来创建卷的脚本:
#Namespace creation
apiVersion: v1
kind: Namespace
metadata:
name: cicd
labels:
name: cicd
---
#PVC for Sonar’s data directory creation
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: sonar-data
namespace: cicd
spec:
accessModes:
- ReadWriteOnce
storageClassName: default
resources:
requests:
storage: 5G
---
#PVC for Sonar’s conf directory
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: sonar-conf
namespace: cicd
spec:
accessModes:
- ReadWriteOnce
storageClassName: default
resources:
requests:
storage: 5Gi
---
#PVC for Sonar’s logs directory
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: sonar-logs
namespace: cicd
spec:
accessModes:
- ReadWriteOnce
storageClassName: default
resources:
requests:
storage: 10Gi
---
#PVC for Sonar’s extensions directory
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: sonar-extensions
namespace: cicd
spec:
accessModes:
- ReadWriteOnce
storageClassName: default
resources:
requests:
storage: 5Gi
---
#Create secretKeyRef
apiVersion: v1
kind: Secret
metadata:
name: sonar-secret
namespace: cicd
type: Opaque
data:
password: *****************
这是我用来创建声纳的脚本:
#SonarQube deployment
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
labels:
app: sonarqube
name: sonarqube
namespace: cicd
spec:
replicas: 1
template:
metadata:
labels:
app: sonarqube
spec:
securityContext:
runAsUser: 0
fsGroup: 0
containers:
- name: sonarqube
image: sonarqube:latest
resources:
requests:
cpu: 500m
memory: 1024Mi
limits:
cpu: 2000m
memory: 2048Mi
volumeMounts:
- mountPath: "/opt/sonarqube/data/"
name: sonar-data
- mountPath: "/opt/sonarqube/extensions/"
name: sonar-extensions
- mountPath: "/opt/sonarqube/logs/"
name: sonar-logs
- mountPath: "/opt/sonarqube/conf/"
name: sonar-conf
env:
- name: "SONARQUBE_JDBC_USERNAME"
value: "sonar"
- name: "SONARQUBE_JDBC_URL"
value: "jdbc:sqlserver://internal-sql-az-westeurope.database.windows.net:1433;databaseName=Sonar;user=SONARQUBE_JDBC_USERNAME;password=SONAR_SQL_LOGIN_PASSWORD"
- name: "SONARQUBE_JDBC_PASSWORD"
valueFrom:
secretKeyRef:
name: sonar-secret
key: password
ports:
- containerPort: 9000
protocol: TCP
volumes:
- name: sonar-data
persistentVolumeClaim:
claimName: sonar-data
- name: sonar-extensions
persistentVolumeClaim:
claimName: sonar-extensions
- name: sonar-logs
persistentVolumeClaim:
claimName: sonar-logs
- name: sonar-conf
persistentVolumeClaim:
claimName: sonar-conf
---
# --------------
# Service Object
# --------------
apiVersion: v1
kind: Service
metadata:
labels:
name: sonarqube
name: sonarqube-service
namespace: cicd
spec:
ports:
- port: 80 # Default port for image
protocol: TCP
selector:
name: sonarqube
# -----------------
# Ingress object
# -----------------
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: sonarqube-api-ingress
namespace: cicd
annotations:
kubernetes.io/ingress.class: nginx
#Default is 'true'
#nginx.ingress.kubernetes.io/ssl-redirect: "false"
nginx.ingress.kubernetes.io/rewrite-target: /$1
#https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md#whitelist-source-range
nginx.ingress.kubernetes.io/whitelist-source-range: "******"
spec:
tls:
- hosts:
- sonar.traceparts.com
secretName: aks-ingress-tls-star-traceparts-com
rules:
- host: sonar.traceparts.com
http:
paths:
- backend:
serviceName: sonarqube-service
servicePort: 80
path: /(.*)
有人可以帮我理解这个问题吗?
【问题讨论】:
-
您是否连接了其他磁盘?你的 SP 有足够的权限吗?
-
在包含我的 AKS 群集的天蓝色资源组上,我有三个磁盘,其中包含 AKS 使用的代理池(3 个实例)。其他磁盘已由卷创建脚本创建。如何查看权限?