Tag: nfs

sealos + NFS deployment kubesphere 3.0

Background Use sealos + NFS to deploy a k8s1.18.17 with persistent storage, and deploy kubesphere on top of it. sealos Introduction https://github.com/fanux/sealos One command to install Kubernetes offline, ultra-full version, supports localization, stable as an old dog in the production environment, 99-year certificate, 0 dependencies, haproxy keepalived, v1.20 supports containerd! NFS Introduction Nothing to say […]

“Kubernetes Storage: Creating Dynamic Storage StorageClass Based on NFS”

Summary: Organizing is not easy. If it is helpful to you, can you like it and follow it? For more details, please refer to: Enterprise-level K8s cluster operation and maintenance practice 1. Environmental information IP address Operating system K8S version Cluster role NFS role 192.168.1.32 Ubuntu 20.04.6 LTS v1.24.17 master node< /strong> client 192.168.1.33 Ubuntu […]

14-k8s-Basic storage EmptyDir, HostPath, NFS

Article directory 1. Related concepts 2. EmptyDir storage 3. HostPath storage 4. NFS storage 1. Related concepts Overview Volume is defined on the Pod, and then mounted to specific file directories by multiple containers in the Pod. Realize data sharing between different containers in the same Pod and persistent storage of data. The life cycle […]

Linux and Windows implement mounting NFS

Article directory 1. Windows mount NFS 2. Mount NFS on linux Error reporting and resolution There are two main areas to check: 1. Whether the client is installed; 2. Whether the protocol is defined -o nfsvers=3/4 3. How to use NFS after successful connection 4. Unmount the NFS share 5. How to add clients to […]

Kubernetes deployment nfs-subdir-external-provisioner

Overview Official GitHub and reference documentation: GitHub – kubernetes-sigs/nfs-subdir-external-provisioner: Dynamic sub-dir volume provisioner on a remote NFS server. Deploy nfs-subdir-external-provisioner to provide StorageClass service Steps nfs server preparation /etc/exports # cat /etc/exports /nfsshare *(rw,no_root_squash,sync) install nfs-utils yum -y install nfs-utils systemctl enable –now nfs namespace apiVersion: v1 kind: Namespace metadata: labels: kubernetes.io/metadata.name: nfs-server name: nfs-server […]

U-Boot NFS RCE vulnerability (CVE-2019-14192)

U-Boot NFS RCE vulnerability (CVE-2019-14192) Original text: https://blog.semmle.com/uboot-rce-nfs-vulnerability/ Translation: Kanxue Translation Team – lipss Proofreading: Kanxue Translation Team – Nxe This article is about 13 remote code execution vulnerabilities in the U-Boot bootloader that my colleagues Pavel Avgustinov and Kevin Backhouse and I discovered. These vulnerabilities can be triggered when U-Boot is configured to use […]

4 Case Demonstration – Customized image to run Nginx and tomcat services and realize dynamic and static separation based on NFS

One Early Environment Instructions Prepare harbor and nfs server, nfs service: 172.31.7.122 The harbor service is harbor.magedu.com, and the project has been created in advance Two prepare docker image 2.1 Create 4 basic images, centos, nginx, tomcat, jdk 2.1.1 centos mirror dockfile [root@k8s-master1 centos]# cat Dockerfile #Customize Centos base image FROM centos:7.9.2009 MAINTAINER Jack.Zhang [email protected] […]

[Network Security] NFS service security reinforcement

Overview The insecurity of NFS is mainly reflected in the following four aspects: Lack of access control mechanism No real user authentication mechanism, only process authentication for RPC/Mount requests Older versions of NFS can allow unauthorized users to obtain valid file handles In RPC remote calls, SUID programs have superuser privileges Reinforcement plan To effectively […]