在 Azure Kubernetes Service (AKS) 中以動態方式建立和使用 Azure 磁碟的永續性磁碟區Dynamically create and use a persistent volume with Azure disks in Azure Kubernetes Service (AKS)

永續性磁碟區代表一塊已佈建來與 Kubernetes Pod 搭配使用的儲存體。A persistent volume represents a piece of storage that has been provisioned for use with Kubernetes pods. 永續性磁碟區可供一個或多個 Pod 使用,且可以動態或靜態方式佈建。A persistent volume can be used by one or many pods, and can be dynamically or statically provisioned. 本文示範如何在 Azure Kubernetes Service (AKS) 叢集中以動態方式建立 Azure 磁碟的永續性磁碟區,以供單一 Pod 使用。This article shows you how to dynamically create persistent volumes with Azure disks for use by a single pod in an Azure Kubernetes Service (AKS) cluster.

注意

您只能使用存取模式類型 ReadWriteOnce 來掛接 Azure 磁碟,以讓它僅供 AKS 中單一 Pod 使用。An Azure disk can only be mounted with Access mode type ReadWriteOnce, which makes it available to only a single pod in AKS. 如果您需要在多個 Pod 之間共用永續性磁碟區,請使用 Azure 檔案服務If you need to share a persistent volume across multiple pods, use Azure Files.

如需有關 Kubernetes 磁碟區的詳細資訊,請參閱 < AKS 中的應用程式的儲存體選項For more information on Kubernetes volumes, see Storage options for applications in AKS.

開始之前Before you begin

此文章假設您目前具有 AKS 叢集。This article assumes that you have an existing AKS cluster. 如果您需要 AKS 叢集,請參閱使用 Azure CLI使用 Azure 入口網站的 AKS 快速入門。If you need an AKS cluster, see the AKS quickstart using the Azure CLI or using the Azure portal.

您也需要 Azure CLI 2.0.59 版或更新版本安裝並設定。You also need the Azure CLI version 2.0.59 or later installed and configured. 執行  az --version 以尋找版本。Run az --version to find the version. 如果您需要安裝或升級,請參閱 安裝 Azure CLIIf you need to install or upgrade, see Install Azure CLI.

內建儲存體類別Built in storage classes

儲存體類別可用來定義如何搭配永續性磁碟區動態建立儲存體單位。A storage class is used to define how a unit of storage is dynamically created with a persistent volume. 如需有關 Kubernetes 儲存體類別的詳細資訊,請參閱 Kubernetes 儲存體類別For more information on Kubernetes storage classes, see Kubernetes Storage Classes.

每個 AKS 叢集都包含兩個預先建立的儲存體類別,而且這兩個類別都設定為可搭配 Azure 磁碟使用:Each AKS cluster includes two pre-created storage classes, both configured to work with Azure disks:

  • default 儲存體類別會佈建標準 Azure 磁碟。The default storage class provisions a standard Azure disk.
    • 標準儲存體由 HDD 所支援,並提供符合成本效益的儲存體,同時仍保有效能。Standard storage is backed by HDDs, and delivers cost-effective storage while still being performant. 標準磁碟適合用於具成本效益的開發和測試工作負載。Standard disks are ideal for a cost effective dev and test workload.
  • managed-premium 儲存體類別會佈建進階 Azure 磁碟。The managed-premium storage class provisions a premium Azure disk.
    • 進階磁碟是以 SSD 為基礎的高效能、低延遲磁碟為後盾。Premium disks are backed by SSD-based high-performance, low-latency disk. 最適合用於執行生產工作負載的 VM。Perfect for VMs running production workload. 如果您叢集內的 AKS 節點使用進階儲存體,請選取 managed-premium 類別。If the AKS nodes in your cluster use premium storage, select the managed-premium class.

使用 kubectl get sc 命令來查看預先建立的儲存體類別。Use the kubectl get sc command to see the pre-created storage classes. 以下範例顯示 AKS 叢集中可用的預先建立儲存體類別:The following example shows the pre-create storage classes available within an AKS cluster:

$ kubectl get sc

NAME                PROVISIONER                AGE
default (default)   kubernetes.io/azure-disk   1h
managed-premium     kubernetes.io/azure-disk   1h

注意

GiB 中會指定持續性磁碟區宣告,但 SKU 會針對特定的大小向 Azure 受控磁碟收費。Persistent volume claims are specified in GiB but Azure managed disks are billed by SKU for a specific size. 這些 Sku 範圍 32GiB S4 P4 磁碟到 32TiB S80 或 P80 磁碟 (處於預覽狀態)。These SKUs range from 32GiB for S4 or P4 disks to 32TiB for S80 or P80 disks (in preview). 進階受控磁碟的輸送量和 IOPS 效能,取決於 SKU 和 AKS 叢集中節點的執行個體大小。The throughput and IOPS performance of a Premium managed disk depends on the both the SKU and the instance size of the nodes in the AKS cluster. 如需詳細資訊,請參閱受控磁碟的定價和效能For more information, see Pricing and Performance of Managed Disks.

建立永續性磁碟區宣告Create a persistent volume claim

永續性磁碟區宣告 (PVC) 可用來根據儲存體類別,動態佈建儲存體。A persistent volume claim (PVC) is used to automatically provision storage based on a storage class. 在此情況下,PVC 可以使用其中一個預先建立的儲存體類別,來建立標準或進階 Azure 受控磁碟。In this case, a PVC can use one of the pre-created storage classes to create a standard or premium Azure managed disk.

建立名為 azure-premium.yaml 的檔案,然後將下列資訊清單複製進來。Create a file named azure-premium.yaml, and copy in the following manifest. 宣告要求名為 azure-managed-disk 的磁碟,其大小為 5 GB 且具備 ReadWriteOnce 存取權。The claim requests a disk named azure-managed-disk that is 5GB in size with ReadWriteOnce access. 系統會將儲存體類別指定為 managed-premium 儲存體類別。The managed-premium storage class is specified as the storage class.

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: azure-managed-disk
spec:
  accessModes:
  - ReadWriteOnce
  storageClassName: managed-premium
  resources:
    requests:
      storage: 5Gi

提示

若要建立使用標準儲存體的磁碟,請使用 storageClassName: default 而非 managed-premiumTo create a disk that uses standard storage, use storageClassName: default rather than managed-premium.

使用 kubectl apply 命令來建立並指定您的 azure-premium.yaml 檔案:Create the persistent volume claim with the kubectl apply command and specify your azure-premium.yaml file:

$ kubectl apply -f azure-premium.yaml

persistentvolumeclaim/azure-managed-disk created

使用永續性磁碟區Use the persistent volume

建立永續性磁碟區宣告,並成功佈建磁碟之後,就能建立可存取磁碟的 Pod。Once the persistent volume claim has been created and the disk successfully provisioned, a pod can be created with access to the disk. 下列資訊清單所建立的基本 NGINX Pod,會使用名為 azure-managed-disk 的永續性磁碟區宣告,在 /mnt/azure 路徑上掛接 Azure 磁碟。The following manifest creates a basic NGINX pod that uses the persistent volume claim named azure-managed-disk to mount the Azure disk at the path /mnt/azure.

建立名為 azure-pvc-disk.yaml 的檔案,然後將下列資訊清單複製進來。Create a file named azure-pvc-disk.yaml, and copy in the following manifest.

kind: Pod
apiVersion: v1
metadata:
  name: mypod
spec:
  containers:
  - name: mypod
    image: nginx:1.15.5
    resources:
      requests:
        cpu: 100m
        memory: 128Mi
      limits:
        cpu: 250m
        memory: 256Mi
    volumeMounts:
    - mountPath: "/mnt/azure"
      name: volume
  volumes:
    - name: volume
      persistentVolumeClaim:
        claimName: azure-managed-disk

使用 kubectl apply 命令建立 Pod,如下列範例所示:Create the pod with the kubectl apply command, as shown in the following example:

$ kubectl apply -f azure-pvc-disk.yaml

pod/mypod created

您現在已有一個 Azure 磁碟掛接在 /mnt/azure 目錄中的執行中 Pod。You now have a running pod with your Azure disk mounted in the /mnt/azure directory. 此設定會在透過 kubectl describe pod mypod 檢查您的 Pod 時顯示,如下列精簡範例所示:This configuration can be seen when inspecting your pod via kubectl describe pod mypod, as shown in the following condensed example:

$ kubectl describe pod mypod

[...]
Volumes:
  volume:
    Type:       PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
    ClaimName:  azure-managed-disk
    ReadOnly:   false
  default-token-smm2n:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  default-token-smm2n
    Optional:    false
[...]
Events:
  Type    Reason                 Age   From                               Message
  ----    ------                 ----  ----                               -------
  Normal  Scheduled              2m    default-scheduler                  Successfully assigned mypod to aks-nodepool1-79590246-0
  Normal  SuccessfulMountVolume  2m    kubelet, aks-nodepool1-79590246-0  MountVolume.SetUp succeeded for volume "default-token-smm2n"
  Normal  SuccessfulMountVolume  1m    kubelet, aks-nodepool1-79590246-0  MountVolume.SetUp succeeded for volume "pvc-faf0f176-8b8d-11e8-923b-deb28c58d242"
[...]

備份永續性磁碟區Back up a persistent volume

若要備份永續性磁碟區中的資料,請取得該磁碟區之受控磁碟的快照集。To back up the data in your persistent volume, take a snapshot of the managed disk for the volume. 您接著可以使用此快照集來建立已還原的磁碟並連接至 Pod,以作為還原資料的方式。You can then use this snapshot to create a restored disk and attach to pods as a means of restoring the data.

首先,使用 kubectl get pvc 命令來取得磁碟區名稱,例如,針對名為 azure-managed-disk 的 PVC:First, get the volume name with the kubectl get pvc command, such as for the PVC named azure-managed-disk:

$ kubectl get pvc azure-managed-disk

NAME                 STATUS    VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS      AGE
azure-managed-disk   Bound     pvc-faf0f176-8b8d-11e8-923b-deb28c58d242   5Gi        RWO            managed-premium   3m

此磁碟區名稱會形成基礎的 Azure 磁碟名稱。This volume name forms the underlying Azure disk name. 使用 az disk list 查詢磁碟識別碼,並提供您的 PVC 磁碟區名稱,如下列範例所示:Query for the disk ID with az disk list and provide your PVC volume name, as shown in the following example:

$ az disk list --query '[].id | [?contains(@,`pvc-faf0f176-8b8d-11e8-923b-deb28c58d242`)]' -o tsv

/subscriptions/<guid>/resourceGroups/MC_MYRESOURCEGROUP_MYAKSCLUSTER_EASTUS/providers/MicrosoftCompute/disks/kubernetes-dynamic-pvc-faf0f176-8b8d-11e8-923b-deb28c58d242

使用磁碟識別碼,利用 az snapshot create 來建立快照集磁碟。Use the disk ID to create a snapshot disk with az snapshot create. 下列範例會在與 AKS 叢集相同的資源群組 (MC_myResourceGroup_myAKSCluster_eastus) 中,建立名為 pvcSnapshot 的快照集。The following example creates a snapshot named pvcSnapshot in the same resource group as the AKS cluster (MC_myResourceGroup_myAKSCluster_eastus). 如果您在 AKS 叢集沒有存取權的資源群組中建立快照集並還原磁碟,則您可能會遇到權限問題。You may encounter permission issues if you create snapshots and restore disks in resource groups that the AKS cluster does not have access to.

$ az snapshot create \
    --resource-group MC_myResourceGroup_myAKSCluster_eastus \
    --name pvcSnapshot \
    --source /subscriptions/<guid>/resourceGroups/MC_myResourceGroup_myAKSCluster_eastus/providers/MicrosoftCompute/disks/kubernetes-dynamic-pvc-faf0f176-8b8d-11e8-923b-deb28c58d242

根據您磁碟上的資料量而定,可能需要幾分鐘才能建立快照集。Depending on the amount of data on your disk, it may take a few minutes to create the snapshot.

還原並使用快照集Restore and use a snapshot

若要還原磁碟並將它與 Kubernetes Pod 搭配使用,當您使用 az disk create 建立磁碟時,請使用該快照集作為來源。To restore the disk and use it with a Kubernetes pod, use the snapshot as a source when you create a disk with az disk create. 如果您接著需要存取原始資料快照集,此作業會保留原始資源。This operation preserves the original resource if you then need to access the original data snapshot. 下列範例會從名為 pvcSnapshot 的快照集建立名為 pvcRestored 的磁碟:The following example creates a disk named pvcRestored from the snapshot named pvcSnapshot:

az disk create --resource-group MC_myResourceGroup_myAKSCluster_eastus --name pvcRestored --source pvcSnapshot

若要將已還原的磁碟與 Pod 搭配使用,請在資訊清單中指定磁碟的識別碼。To use the restored disk with a pod, specify the ID of the disk in the manifest. 使用 az disk show 命令來取得磁碟識別碼。Get the disk ID with the az disk show command. 下列範例會針對上一個步驟中建立的 pvcRestored 取得磁碟識別碼:The following example gets the disk ID for pvcRestored created in the previous step:

az disk show --resource-group MC_myResourceGroup_myAKSCluster_eastus --name pvcRestored --query id -o tsv

建立名為 azure-restored.yaml 的 Pod 資訊清單,並指定在上一個步驟中取得的磁碟 URI。Create a pod manifest named azure-restored.yaml and specify the disk URI obtained in the previous step. 下列範例會建立基本的 NGINX Web 伺服器,其中已還原的磁碟已在 /mnt/azure 上掛接為磁碟區:The following example creates a basic NGINX web server, with the restored disk mounted as a volume at /mnt/azure:

kind: Pod
apiVersion: v1
metadata:
  name: mypodrestored
spec:
  containers:
  - name: mypodrestored
    image: nginx:1.15.5
    resources:
      requests:
        cpu: 100m
        memory: 128Mi
      limits:
        cpu: 250m
        memory: 256Mi
    volumeMounts:
    - mountPath: "/mnt/azure"
      name: volume
  volumes:
    - name: volume
      azureDisk:
        kind: Managed
        diskName: pvcRestored
        diskURI: /subscriptions/<guid>/resourceGroups/MC_myResourceGroupAKS_myAKSCluster_eastus/providers/Microsoft.Compute/disks/pvcRestored

使用 kubectl apply 命令建立 Pod,如下列範例所示:Create the pod with the kubectl apply command, as shown in the following example:

$ kubectl apply -f azure-restored.yaml

pod/mypodrestored created

您可以使用 kubectl describe pod mypodrestored 來檢視 Pod 的詳細資料,例如下列顯示磁碟區資訊的精簡範例:You can use kubectl describe pod mypodrestored to view details of the pod, such as the following condensed example that shows the volume information:

$ kubectl describe pod mypodrestored

[...]
Volumes:
  volume:
    Type:         AzureDisk (an Azure Data Disk mount on the host and bind mount to the pod)
    DiskName:     pvcRestored
    DiskURI:      /subscriptions/19da35d3-9a1a-4f3b-9b9c-3c56ef409565/resourceGroups/MC_myResourceGroupAKS_myAKSCluster_eastus/providers/Microsoft.Compute/disks/pvcRestored
    Kind:         Managed
    FSType:       ext4
    CachingMode:  ReadWrite
    ReadOnly:     false
[...]

後續步驟Next steps

如需相關聯的最佳作法,請參閱儲存體和 AKS 中的備份的最佳做法For associated best practices, see Best practices for storage and backups in AKS.

深入了解使用 Azure 磁碟的 Kubernetes 永續性磁碟區。Learn more about Kubernetes persistent volumes using Azure disks.