1、创建ebs卷

也可以aws命令创建

# aws ec2 create-volume --availability-zone ap-east-1a --size 100 --volume-type gp3
{
    "AvailabilityZone": "ap-east-1a",
    "Encrypted": false,
    "VolumeType": "gp3",
    "VolumeId": "vol-04db7b8331034440d",
    "State": "creating",
    "Iops": 3000,
    "SnapshotId": "",
    "CreateTime": "2017-01-04T03:53:00.298Z",
    "Size": 100
}

记住VolumeId：vol-04db7b8331034440d
2、创建K8S 存储类
存储类yaml文件

# cat storgeclass2.yaml 
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: ebs3
provisioner: ebs.csi.aws.com
volumeBindingMode: WaitForFirstConsumer
parameters:
  type: gp3
  fsType: ext4

创建并查询存储类

[root@ip-10-0-7-211 ~]# kubectl apply -f storgeclass2.yaml 
storageclass.storage.k8s.io/ebs3 created
[root@ip-10-0-7-211 ~]# kubectl get StorageClass
NAME            PROVISIONER             RECLAIMPOLICY   VOLUMEBINDINGMODE      ALLOWVOLUMEEXPANSION   AGE
ebs3            ebs.csi.aws.com         Delete          Immediate              false                  39s

3、创建 K8S 中的 Persistent Volume (PV)
编写yaml文件

cat aws-pv3.yaml 
apiVersion: "v1"
kind: "PersistentVolume"
metadata:
  name: "aws-pv3" 
  labels:
    type: amazonEBS
spec:
  capacity:
    storage: "10Gi" 
  accessModes:
    - ReadWriteOnce
  storageClassName: ebs3
  awsElasticBlockStore: 
    fsType: "ext4" 
    volumeID: "vol-02902e667e038a442"

创建pv

# kubectl apply -f aws-pv3.yaml 
persistentvolume/aws-pv3 created

查看创建状态

[root@ip-10-0-7-211 ~]# kubectl get PersistentVolume
NAME      CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS      CLAIM              STORAGECLASS   VOLUMEATTRIBUTESCLASS   REASON   AGE                        51m
aws-pv3   10Gi       RWO            Retain           Available                      ebs3           <unset>                          25s

3、创建 Persistent Volume Claim

# cat pvc3.yaml 
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: aws-pvc3
  labels:
    type: amazonEBS
spec:
  accessModes:
    - ReadWriteOnce
  storageClassName: ebs3      
  resources:
    requests:
      storage: 10Gi

通过 kubectl 创建 PVC ：

# kubectl apply -f pvc3.yaml
persistentvolumeclaim/aws-pvc created

查看创建的 PVC

# kubectl get pvc
NAME       STATUS   VOLUME    CAPACITY   ACCESS MODES   STORAGECLASS   VOLUMEATTRIBUTESCLASS   AGE
aws-pvc3   Bound    aws-pv3   10Gi       RWO            ebs3           <unset>                 4m40s

出现报错

AttachVolume.Attach failed for volume "aws-pv2" : rpc error: code = Internal desc = Could not attach volume "vol-07b297f1ae13f164a" to node "i-0900340d8108b7fe8": could not attach volume "vol-07b297f1ae13f164a" to node "i-0900340d8108b7fe8": operation error EC2: AttachVolume, https response error StatusCode: 400, RequestID: ecab32b9-1bb5-45df-b669-1ad61836d792, api error InvalidVolume.ZoneMismatch: The volume 'vol-07b297f1ae13f164a' is not in the same availability zone as instance 'i-0900340d8108b7fe8'

在eksnode角色中添加以下策略

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
				"ec2:DescribeVolumes",
				"ec2:DescribeVolumeAttachment",            
                "ec2:AttachVolume",
                "ec2:DetachVolume"
            ],
            "Resource": "*"
        }
    ]
}

nginx pod测试
上述操作还是不能实现多挂载，只能配置成读写many，其中storgeclass的volumeBindingMode: Immediate代表多个ec2的pod共同挂载
而且只能改成io1 或者 io2类型的卷

apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: io2
provisioner: ebs.csi.aws.com
volumeBindingMode: Immediate
parameters:
  type: io2
  fsType: ext4
apiVersion: v1
kind: PersistentVolume
metadata:
  name: aws-pvio2
  labels:
    type: amazonEBS
spec:
  capacity:
    storage: 10Gi
  accessModes:
    - ReadWriteMany
  storageClassName: io2
  awsElasticBlockStore:
    fsType: ext4
    volumeID: vol-09df79d629291e203
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: aws-pvcio2
  labels:
    type: amazonEBS
spec:
  accessModes:
    - ReadWriteMany
  storageClassName: io2
  resources:
    requests:
      storage: 10Gi

以下是gp2格式的

1、创建存储类
存储类文件

apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  annotations:
    storageclass.kubernetes.io/is-default-class: 'true'
  name: ebs
parameters:
  fsType: ext4
provisioner: ebs.csi.aws.com
reclaimPolicy: Delete
volumeBindingMode: WaitForFirstConsumer

创建存储类

kubectl apply -f storageclass.yaml

查询存储类

# kubectl get StorageClass 
NAME            PROVISIONER             RECLAIMPOLICY   VOLUMEBINDINGMODE      ALLOWVOLUMEEXPANSION   AGE
ebs (default)   ebs.csi.aws.com         Delete          WaitForFirstConsumer   false                  34m

2、创建 K8S 中的 Persistent Volume (PV)
pv文件

apiVersion: "v1"
kind: "PersistentVolume"
metadata:
  name: "aws-pv2" 
  labels:
    type: amazonEBS
spec:
  capacity:
    storage: "100Gi" 
  accessModes:
    - ReadWriteOnce
  storageClassName: ebs      
  awsElasticBlockStore: 
    fsType: "ext4" 
    volumeID: "vol-07b297f1ae13f164a"

创建pv

kubectl apply -f aws-pv.yaml

查询pv

# kubectl get PersistentVolume
NAME      CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM              STORAGECLASS   VOLUMEATTRIBUTESCLASS   REASON   AGE
aws-pv2   100Gi      RWO            Retain           Bound    default/aws-pvc2   ebs            <unset>                          31m

3、创建pvc
pvc文件

apiVersion: v1
metadata:
  name: aws-pvc2
  labels:
    type: amazonEBS
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 100Gi

创建pvc

kubectl apply -f pvc.yaml

查询pvc

# kubectl get pvc
NAME       STATUS   VOLUME    CAPACITY   ACCESS MODES   STORAGECLASS   VOLUMEATTRIBUTESCLASS   AGE
aws-pvc2   Bound    aws-pv2   100Gi      RWO            ebs            <unset>                 31m

4、在nginx pod实例测试

          volumeMounts:
            - mountPath: /usr/share/nginx/html/
              name: volume-87it6
              subPath: html/
      terminationGracePeriodSeconds: 30
      volumes:
        - name: volume-87it6
          persistentVolumeClaim:
            claimName: aws-pvc2

全文如下

---
apiVersion: apps/v1
kind: Deployment
metadata:
  annotations:
    k8s.kuboard.cn/displayName: nginx
  name: nginx
  namespace: default
spec:
  progressDeadlineSeconds: 600
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      k8s.kuboard.cn/name: nginx
  template:
    metadata:
      creationTimestamp: null
      labels:
        k8s.kuboard.cn/name: nginx
        pod-template-hash: fd5bc6ffb
    spec:
      containers:
        - image: 'nginx:1.24'
          imagePullPolicy: IfNotPresent
          name: nginx
          ports:
            - containerPort: 80
              name: dfr
              protocol: TCP
          volumeMounts:
            - mountPath: /usr/share/nginx/html/
              name: volume-87it6
              subPath: html/
      dnsPolicy: ClusterFirst
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext: {}
      terminationGracePeriodSeconds: 30
      volumes:
        - name: volume-87it6
          persistentVolumeClaim:
            claimName: aws-pvc2
---
apiVersion: v1
kind: Service
metadata:
  annotations: {}
  labels:
    k8s.kuboard.cn/name: nginx
  name: nginx
  namespace: default
  resourceVersion: '9882'
spec:
  ports:
    - name: dhey2i
      nodePort: 30000
      port: 80
      protocol: TCP
      targetPort: 80
  selector:
    k8s.kuboard.cn/name: nginx
  sessionAffinity: None
  type: NodePort

我们启动nginx对应的deployment所在的pod主机，找到对应的路径的文件，添加测试内容pvc-ebs-test

[root@ip-10-0-128-90 ~]# cd /var/lib/kubelet/pods/f8f08bd2-8945-49eb-804b-dd98569f5fde/volumes/kubernetes.io~csi/aws-pv2/mount/html/
[root@ip-10-0-128-90 html]# vim index.html
pvc-ebs-test

远程测试

# curl http://10.0.142.42
pvc-ebs-test