42-在Kubernetes部署MinIO集群_数据丢失

高可用MinIO集群在Kubernetes中的完整部署指南

分布式对象存储的云原生实践

一、MinIO与Kubernetes的完美结合

MinIO作为高性能的S3兼容对象存储,结合Kubernetes的弹性管理能力,可构建企业级云原生存储方案。其核心优势包括:

横向扩展:通过StatefulSet实现节点动态扩容 数据持久化:PVC自动绑定持久化存储,避免数据丢失 安全隔离:Namespace实现租户级资源隔离

二、部署架构

创建Namespace

[root@master01 minio]# cat 1-ns.yaml 
apiVersion: v1
kind: Namespace
metadata:
  creationTimestamp: null
  name: minio-cluster

创建Secret存放密码

[root@master01 minio]# cat 2-secret.yaml 
apiVersion: v1
kind: Secret
metadata:
  name: minio-creds-secret
  namespace: minio-cluster
  labels:
    app: minio
type: Opaque
stringData:
  accesskey: minioadmin
  secretkey: minioadmin123

创建svc用于访问

[root@master01 minio]# cat 3-svc.yaml 
apiVersion: v1
kind: Service
metadata:
  name: minio
  namespace: minio-cluster
  labels:
    app: minio
spec:
  clusterIP: None  # 无头服务
  selector:
    app: minio
  ports:
    - name: http
      port: 9000
      targetPort: 9000
    - name: console
      port: 9001
      targetPort: 9001


---
apiVersion: v1
kind: Service
metadata:
  name: minio-server
  namespace: minio-cluster
  labels:
    app: minio
spec:
  type: NodePort
  ports:
    - port: 9001
      name: console
      targetPort: 9001
      nodePort: 30901
  selector:
    app: minio

创建有状态服务运行minio

[root@master01 minio]# cat 4-statefuset.yaml 
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: minio
  namespace: minio-cluster
  labels:
    app: minio
spec:
  serviceName: minio-server
  replicas: 4
  selector:
    matchLabels:
      app: minio
  template:
    metadata:
      labels:
        app: minio
    spec:
      containers:
        - name: minio
          image: registry.cn-hangzhou.aliyuncs.com/fengqichen/minio:RELEASE.2024-04-18T19-09-19Z
          imagePullPolicy: IfNotPresent
          args:
            - server
            - http://minio-{0...3}.minio-server.minio-cluster.svc.cluster.local/data  # 使用通配符简化
            - --console-address
            - ":9001"
          env:
          # 统一使用 Secret 管理凭证(删除硬编码密码)
          - name: MINIO_ROOT_USER
            valueFrom:
              secretKeyRef:
                name: minio-creds-secret
                key: accesskey
          - name: MINIO_ROOT_PASSWORD
            valueFrom:
              secretKeyRef:
                name: minio-creds-secret
                key: secretkey
          resources:
            limits:
              cpu: "1"
              memory: 2Gi
            requests:
              cpu: "1"
              memory: 2Gi
          ports:
            - containerPort: 9000
              name: api
            - containerPort: 9001
              name: console
          volumeMounts:
            - name: data
              mountPath: /data
      # 添加节点亲和性(解决 PVC 绑定问题)
      affinity:
        podAntiAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
            - labelSelector:
                matchExpressions:
                  - key: app
                    operator: In
                    values: ["minio"]
              topologyKey: "kubernetes.io/hostname"
  volumeClaimTemplates:
    - metadata:
        name: data
      spec:
        accessModes: ["ReadWriteOnce"]
        storageClassName: nfs-aqsc
        resources:
          requests:
            storage: 50Gi

如果对Minio不够熟悉,不建议生产上使用Minio尤其是k8s部署Minio

如果对Minio不够熟悉,不建议生产上使用Minio尤其是k8s部署Minio

如果对Minio不够熟悉,不建议生产上使用Minio尤其是k8s部署Minio

存储建议直接购买云存储!!!!!!!不要给自己挖坑!!!!