无法安装到 Kubernetes 中的 nfs pod

Question

Community. I need help with my config for the NFS pod in Kubernetes. I can't connect to the NFS pod. Can't understand, what a problem. Need help. I tried connecting with the command:

mount --options port=2052 --types nfs 10.110.183.188:/upload /upload

and get a Connection timeout error on my computer. When I try connecting with this command from another pod to NFS I got

mount: /upload: cannot mount 10.110.183.188:/upload read-only.

kubectl describe to NFS pod write this:

Serving /exports
Serving /
rpcinfo: can't contact rpcbind: : RPC: Unable to receive; errno = Connection refused
Starting rpcbind
exportfs: / does not support NFS export
NFS started

This is my config for NFS pod

kind: PersistentVolume
apiVersion: v1
metadata:
  name: webpp-nfs
  labels:
    type: local
spec:
  storageClassName: manual
  capacity:
    storage: 3Gi
  accessModes:
    - ReadWriteMany
  hostPath:
    path: "/mnt/webpp-data/nfs"
    type: Directory
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: webpp-nfs
spec:
  storageClassName: manual
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 3Gi
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: webpp-upload-nfs-server
spec:
  replicas: 1
  selector:
    matchLabels:
      role: webpp-upload-nfs-server
  template:
    metadata:
      labels:
        role: webpp-upload-nfs-server
    spec:
      containers:
      - name: webpp-upload-nfs-server
        image: gcr.io/google_containers/volume-nfs:latest
        ports:
          - name: nfs
            containerPort: 2052
          - name: mountd
            containerPort: 32771
        securityContext:
          privileged: true
        volumeMounts:
          - mountPath: /exports
            name: storage
      nodeSelector:
        env: stateful
      volumes:
        - name: storage
          persistentVolumeClaim:
            claimName: webpp-nfs
---
apiVersion: v1
kind: Service
metadata:
  name: webpp-upload-nfs-server
spec:
  ports:
    - name: nfs
      port: 2052
      nodePort: 2052
    - name: mountd
      port: 32771
      nodePort: 32771
  type: NodePort
  selector:
    role: webpp-upload-nfs-server

This is a config for the pod to connect to NFS

apiVersion: apps/v1
kind: Deployment
metadata:
  name: $CI_ENVIRONMENT_SLUG-webpp-$CI_COMMIT_REF_SLUG
spec:
  selector:
    matchLabels:
      app: webpp-$CI_COMMIT_REF_SLUG
  replicas: 1
  template:
    metadata:
      labels:
        app: webpp-$CI_COMMIT_REF_SLUG
    spec:
      nodeSelector:
        env: apps
      containers:
      - name: nginx-$CI_COMMIT_REF_SLUG
        image: nginx:latest
        ports:
         - containerPort: 80
        volumeMounts:
        - name: shared-files
          mountPath: /app
        - mountPath: /etc/nginx/conf.d/default.conf
          name: nginx-config
          subPath: s1-kube.conf

      - name: app-$CI_COMMIT_REF_SLUG
        image: git.webpp.ru:4567/webpp/webpp:$CI_COMMIT_REF_SLUG
        ports:
        - containerPort: 9000
        imagePullPolicy: Always
        volumeMounts:
        - mountPath: /upload
          name: upload
        lifecycle:
          postStart:
            exec:
              command: ["bash", "/start.sh"]

      imagePullSecrets:
        - name: git.webpp.ru
      volumes:
        - name: shared-files
          emptyDir: {}
        - name: nginx-config
          configMap:
            name: nginx-$CI_COMMIT_REF_SLUG
        - name: upload
          persistentVolumeClaim:
            claimName: webpp-nfs
---
apiVersion: v1
kind: Service
metadata:
  name: webpp-$CI_COMMIT_REF_SLUG
  labels:
    app: webpp-$CI_COMMIT_REF_SLUG
spec:
  ports:
  - port: 80
    protocol: TCP
  selector:
    app: webpp-$CI_COMMIT_REF_SLUG
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: webpp-$CI_COMMIT_REF_SLUG
  annotations:
    nginx.ingress.kubernetes.io/proxy-buffers: "50m"
    nginx.ingress.kubernetes.io/proxy-buffer-size: "50m"
    nginx.ingress.kubernetes.io/proxy-body-size: "50m"
    nginx.ingress.kubernetes.io/proxy-busy-buffers-size: "50m"
spec:
  rules:
  - host: $CI_COMMIT_REF_SLUG.webpp.wpp.zone
    http:
      paths:
      - path: "/"
        backend:
          serviceName: webpp-$CI_COMMIT_REF_SLUG
          servicePort: 80

svc for pods look like this

NAME                      TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)                         AGE
webpp-db-service          NodePort    10.100.169.28    <none>        3306:3304/TCP                   347d
webpp-develop             ClusterIP   10.101.10.54     <none>        80/TCP                          8h
webpp-feature-2334        ClusterIP   10.102.208.56    <none>        80/TCP                          9h
webpp-upload-nfs-server   NodePort    10.110.183.188   <none>        2052:2052/TCP,32771:32771/TCP   255d

Pods seem like this

NAME                                                           READY   STATUS    RESTARTS   AGE
review-develop-3zknud-webpp-develop-754d56c654-v8hwx           0/2     Pending   0          8h
review-feature-23-3smwjk-webpp-feature-2334-695959494f-4hgfj   2/2     Running   0          7h43m
webpp-db-769757b69c-kh4c4                                      1/1     Running   6          41d
webpp-upload-nfs-server-594c6fbb6d-c2r22                       1/1     Running   0          7h45m

I tried connect from pod review-feature-23-3smwjk-webpp-feature-2334-695959494f-4hgfj to nfs pod webpp-upload-nfs-server-594c6fbb6d-c2r22 .

Answer 1

mount --options port=2052 --types nfs 10.110.183.188:/upload /upload

There might a firewall preventing you from reaching port 2052 . Just as an FYI if you are running NFSv4 the ports to be allowed are 111 and 2049

* mount: /upload: cannot mount 10.110.183.188:/upload read-only .

This is more of a misnomer:

rpcinfo: can't contact rpcbind: : RPC: Unable to receive; errno = Connection refused

It really looks like /upload is not exported in your webpp-upload-nfs-server container.

I checked the image and it looks good in its file system:

/exports *(rw,fsid=0,insecure,no_root_squash)
/ *(rw,fsid=0,insecure,no_root_squash)

You are trying the mount from NFS:/uploads but you are exporting NFS:/exports . So you can try:

mount --options port=2052 --types nfs 10.110.183.188:/exports /upload

✌️

Answer 2

I am not sure what you are trying to achieve. If you are trying to save some files to hostPath volume then you don't need PV or PVC. You can save files on the host with hostPath volume.

If you want to use PVC's to control assignment and access to the host volume then you don't need webpp-upload-nfs-server (Deployment and Service). Just create the PV and PVC objects and mount the PVC directly in the target pod.

What you are doing is pretty round about. You are creating PV and PVCs for host path. Then converting that host path to NFS Share. You are missing the piece where you have to create another PV and PVC to use NFS Share . Finally, mounting that PVC in the target deployment.