Kubernete部署新一代rustfs文件服务

# rustfs-deployment.yaml# RustFS Kubernetes 部署配置# 1. DeploymentapiVersion: apps/v1 kind: Deployment metadata: name: rustfs-deployment labels: app: rustfs spec: replicas:1selector: matchLabels: app: rustfs template: metadata: labels: app: rustfs spec: containers: - name: rustfs image: registry.cn-hangzhou.aliyuncs.com/qiluo-images/rustfs:latest imagePullPolicy: IfNotPresent ports: - containerPort:9000name: api protocol: TCP - containerPort:9001name: console protocol: TCP env: - name: RUSTFS_ACCESS_KEY valueFrom: secretKeyRef: name: rustfs-secrets key: RUSTFS_ACCESS_KEY - name: RUSTFS_SECRET_KEY valueFrom: secretKeyRef: name: rustfs-secrets key: RUSTFS_SECRET_KEY - name: TZ value:"Asia/Shanghai"- name: RUSTFS_SERVER_URL value:"http://rustfs-service:9000"volumeMounts: - name: rustfs-data mountPath: /data - name: rustfs-config mountPath: /root/.rustfs resources: limits: cpu:"1"memory:"2Gi"requests: cpu:"0.5"memory:"1Gi"readinessProbe: tcpSocket: port:9000initialDelaySeconds:30periodSeconds:10timeoutSeconds:5livenessProbe: tcpSocket: port:9000initialDelaySeconds:30periodSeconds:30timeoutSeconds:5securityContext: runAsUser:1000runAsGroup:1000volumes: - name: rustfs-data persistentVolumeClaim: claimName: rustfs-pvc - name: rustfs-config persistentVolumeClaim: claimName: rustfs-config-pvc restartPolicy: Always terminationGracePeriodSeconds:30---# 2. ServiceapiVersion: v1 kind: Service metadata: name: rustfs-service labels: app: rustfs spec: selector: app: rustfs ports: - name: api protocol: TCP port:9000targetPort:9000nodePort:32090- name: console protocol: TCP port:9001targetPort:9001nodePort:32091type: NodePort sessionAffinity: None externalTrafficPolicy: Cluster ---# 3. PersistentVolume - 数据存储apiVersion: v1 kind: PersistentVolume metadata: name: rustfs-pv spec: capacity: storage: 100Gi accessModes: - ReadWriteOnce hostPath: path: /data/rustfs/data type: DirectoryOrCreate persistentVolumeReclaimPolicy: Retain storageClassName: manual ---# 4. PersistentVolumeClaim - 数据存储apiVersion: v1 kind: PersistentVolumeClaim metadata: name: rustfs-pvc spec: accessModes: - ReadWriteOnce resources: requests: storage: 100Gi storageClassName: manual ---# 5. PersistentVolume - 配置存储apiVersion: v1 kind: PersistentVolume metadata: name: rustfs-config-pv spec: capacity: storage: 10Gi accessModes: - ReadWriteOnce hostPath: path: /data/rustfs/config type: DirectoryOrCreate persistentVolumeReclaimPolicy: Retain storageClassName: manual ---# 6. PersistentVolumeClaim - 配置存储apiVersion: v1 kind: PersistentVolumeClaim metadata: name: rustfs-config-pvc spec: accessModes: - ReadWriteOnce resources: requests: storage: 10Gi storageClassName: manual

#!/bin/bash# deploy-rustfs.shset-eecho"=== RustFS Kubernetes 部署 ==="# 配置参数RUSTFS_DATA_DIR="/data/rustfs"RUSTFS_KEYS_FILE="$RUSTFS_DATA_DIR/.rustfs-keys"# 1. 生成安全密钥echo"1. 生成安全密钥..."ACCESS_KEY=$(openssl rand -base6432|tr-dc'a-zA-Z0-9'|head-c20)SECRET_KEY=$(openssl rand -base6432|tr-dc'a-zA-Z0-9'|head-c40)echo"Access Key:$ACCESS_KEY"echo"Secret Key:$SECRET_KEY"# 保存密钥到文件echo"2. 保存密钥到文件..."mkdir-p"$RUSTFS_DATA_DIR"cat>"$RUSTFS_KEYS_FILE"<<EOF # RustFS 密钥文件 # 生成时间:$(date)RUSTFS_ACCESS_KEY=$ACCESS_KEYRUSTFS_SECRET_KEY=$SECRET_KEYEOFchmod600"$RUSTFS_KEYS_FILE"echo"密钥已保存到:$RUSTFS_KEYS_FILE"# 2. 创建 Kubernetes Secretecho"3. 创建 Kubernetes Secret..."kubectl create secret generic rustfs-secrets\--from-literal=RUSTFS_ACCESS_KEY="$ACCESS_KEY"\--from-literal=RUSTFS_SECRET_KEY="$SECRET_KEY"\--dry-run=client -o yaml|kubectl apply -f -echo"✅ Secret 创建成功"# 3. 创建数据目录并设置权限echo"4. 创建数据目录..."sudomkdir-p"$RUSTFS_DATA_DIR/data"sudomkdir-p"$RUSTFS_DATA_DIR/config"# 设置目录权限（容器内用户通常是 UID 1000）echo"设置目录权限..."sudochown-R1000:1000"$RUSTFS_DATA_DIR"sudochmod-R755"$RUSTFS_DATA_DIR"echo"目录结构:"ls-la"$RUSTFS_DATA_DIR/"# 4. 部署 YAML 文件echo"5. 部署 RustFS..."kubectl apply -f rustfs-deployment.yaml# 5. 等待并验证部署echo"6. 等待 Pod 启动..."foriin{1..30};doPOD_STATUS=$(kubectl get pods -lapp=rustfs -ojsonpath='{.items[0].status.phase}'2>/dev/null||echo"Unknown")if["$POD_STATUS"="Running"];thenecho"✅ Pod 已进入 Running 状态"breakfiif[$i-eq30];thenecho"⚠️ Pod 启动超时，当前状态:$POD_STATUS"elseecho"等待 Pod 启动... ($i/30) - 当前状态:$POD_STATUS"sleep5fidone# 6. 显示部署结果echo""echo"=== 部署结果 ==="echo"Deployment:"kubectl get deployment rustfs-deploymentecho""echo"Service:"kubectl getservicerustfs-serviceecho""echo"Pods:"kubectl get pods -lapp=rustfsecho""echo"PVC:"kubectl get pvc rustfs-pvc rustfs-config-pvcecho""echo"PV:"kubectl getpvrustfs-pv rustfs-config-pv# 获取 Pod 名称和日志POD_NAME=$(kubectl get pods -lapp=rustfs -ojsonpath='{.items[0].metadata.name}'2>/dev/null||echo"未找到")if["$POD_NAME"!="未找到"];thenecho""echo"Pod 日志 (最后10行):"kubectl logs --tail=10"$POD_NAME"fi# 获取节点 IPNODE_IP=$(kubectl get nodes -ojsonpath='{.items[0].status.addresses[?(@.type=="InternalIP")].address}'2>/dev/null)if[-z"$NODE_IP"];thenNODE_IP="<节点IP>"fiecho""echo"=== 部署完成 ==="echo"📊 服务信息:"echo" Access Key:$ACCESS_KEY"echo" Secret Key:$SECRET_KEY"echo" API端点: http://$NODE_IP:32090"echo" 控制台: http://$NODE_IP:32091"echo" 内部服务: rustfs-service.default.svc.cluster.local:9000"echo""echo"📁 数据目录:"echo" 数据存储:$RUSTFS_DATA_DIR/data"echo" 配置存储:$RUSTFS_DATA_DIR/config"echo" 密钥文件:$RUSTFS_KEYS_FILE"echo""echo"🔧 管理命令:"echo" 查看状态: kubectl get deployment rustfs-deployment"echo" 查看服务: kubectl get service rustfs-service"echo" 查看日志: kubectl logs -f deployment/rustfs-deployment"echo" 进入容器: kubectl exec -it deployment/rustfs-deployment -- sh"echo" 重启服务: kubectl rollout restart deployment rustfs-deployment"echo""echo"🗑️ 卸载命令:"echo" kubectl delete -f rustfs-deployment.yaml"echo" kubectl delete secret rustfs-secrets"echo""echo"⚠️ 重要提示:"echo" 1. 请妥善保管密钥文件:$RUSTFS_KEYS_FILE"echo" 2. 确保防火墙允许端口 32090 和 32091"echo" 3. 数据存储在:$RUSTFS_DATA_DIR/data"

# 1. 保存文件vimrustfs-deployment.yamlvimdeploy-rustfs.shchmod+x deploy-rustfs.sh# 2. 执行部署./deploy-rustfs.sh# 3. 验证部署kubectl get all -lapp=rustfs# 4. 测试连接curlhttp://<节点IP>:32090