WordPress 网站持久化部署
要持久化MariaDB 可以把 Deployment 改成了 StatefulSet,修改 YAML添加“serviceName”“volumeClaimTemplates”这两个字段,定义网络标识和 NFS 动态存储卷,然后在容器部分用“volumeMounts”挂载到容器里的数据目录“/var/lib/mysql”
MariaDB
marial-cm.yml 【db配置】
apiVersion: v1
kind: ConfigMap
metadata:name: maria-cmdata:DATABASE: 'db'USER: 'wp'PASSWORD: '123'ROOT_PASSWORD: '123'marial-sts.yml【db pod】
apiVersion: apps/v1
kind: StatefulSet
metadata:labels:app: maria-stsname: maria-stsspec:# headless svcserviceName: maria-svc# pvcvolumeClaimTemplates:- metadata:name: maria-100m-pvcspec:storageClassName: nfs-clientaccessModes:- ReadWriteManyresources:requests:storage: 100Mireplicas: 1selector:matchLabels:app: maria-ststemplate:metadata:labels:app: maria-stsspec:containers:- image: mariadb:10name: mariadbimagePullPolicy: IfNotPresentports:- containerPort: 3306envFrom:- prefix: 'MARIADB_'configMapRef:name: maria-cmvolumeMounts:- name: maria-100m-pvcmountPath: /var/lib/mysqlmarial-sts-svc.yml【db service】
apiVersion: v1
kind: Service
metadata:labels:app: maria-stsname: maria-svcspec:ports:- port: 3306protocol: TCPtargetPort: 3306selector:app: maria-sts执行命令
kubectl apply -f marial-cm.ymlkubectl apply -f marial-sts.ymlkubectl apply -f marial-sts-svc.yml
WordPress
wp-sts-cm.yml【wp连接db配置】
apiVersion: v1
kind: ConfigMap
metadata:name: wp-cmdata:HOST: 'maria-sts-0.maria-svc' #注意这里USER: 'wp'PASSWORD: '123'NAME: 'db'wp-deploy.yml【wp pod】
apiVersion: apps/v1
kind: Deployment
metadata:labels:app: wp-depname: wp-depspec:replicas: 2selector:matchLabels:app: wp-deptemplate:metadata:labels:app: wp-depspec:containers:- image: wordpress:5name: wordpressports:- containerPort: 80envFrom:- prefix: 'WORDPRESS_DB_'configMapRef:name: wp-cmwp-svc.yml【wp service】
apiVersion: v1
kind: Service
metadata:labels:app: wp-depname: wp-svcspec:ports:- name: http80port: 80protocol: TCPtargetPort: 80nodePort: 30088selector:app: wp-deptype: NodePort执行命令
kubectl apply -f wp-sts-cm.ymlkubectl apply -f wp-deploy.ymlkubectl apply -f wp-svc.yml
svc端口访问测试
Nginx Ingress Controller
1、部署Ingress Class
apiVersion: networking.k8s.io/v1
kind: IngressClass
metadata:name: wp-inkspec:controller: nginx.org/ingress-controller
执行命令
vim wp-ingress-class.yml
kubectl apply -f wp-ingress-class.yml
2、部署Ingress
用 kubectl create 命令生成 Ingress 的样板文件,指定域名是“wp.test”,后端 Service 是“wp-svc:80”,Ingress Class 就是刚定义的“wp-ink”:
kubectl create ing wp-ing --rule="wp.test/=wp-svc:80" --class=wp-ink $out
Ingress YAML 就是这样,注意路径类型我还是用的前缀匹配“Prefix”:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:name: wp-ingspec:ingressClassName: wp-inkrules:- host: wp.testhttp:paths:- path: /pathType: Prefixbackend:service:name: wp-svcport:number: 80
执行命令
vim wp-ingress.yml
kubectl apply -f wp-ingress.yml
3、部署Ingress Controller
Ingress Controller 不使用 Service
给它的 Pod 加上一个特殊字段 hostNetwork,让 Pod 能够使用宿主机的网络,相当于另一种形式的 NodePort:
wp-kic.yml
apiVersion: apps/v1
kind: DaemonSet
metadata:name: wp-kic-depnamespace: nginx-ingress
spec:selector:matchLabels:app: wp-kic-deptemplate:metadata:labels:app: wp-kic-depapp.kubernetes.io/name: nginx-ingressspec:serviceAccountName: nginx-ingresshostNetwork: trueautomountServiceAccountToken: truesecurityContext:seccompProfile:type: RuntimeDefaultcontainers:- image: nginx/nginx-ingress:2.2-alpineimagePullPolicy: IfNotPresentname: nginx-ingressports:- name: httpcontainerPort: 80- name: httpscontainerPort: 443- name: readiness-portcontainerPort: 8081- name: prometheuscontainerPort: 9113readinessProbe:httpGet:path: /nginx-readyport: readiness-portperiodSeconds: 1resources:requests:cpu: "100m"memory: "128Mi"#limits:# cpu: "1"# memory: "1Gi"securityContext:allowPrivilegeEscalation: true
# readOnlyRootFilesystem: truerunAsUser: 101 #nginxrunAsNonRoot: truecapabilities:drop:- ALLadd:- NET_BIND_SERVICEenv:- name: POD_NAMESPACEvalueFrom:fieldRef:fieldPath: metadata.namespace- name: POD_NAMEvalueFrom:fieldRef:fieldPath: metadata.nameargs:- -nginx-configmaps=$(POD_NAMESPACE)/nginx-config- -ingress-class=wp-ink执行命令
vim wp-kic.yml
kubectl apply -f wp-kic.yml
4、访问测试
Ingress 使用的是 HTTP 路由规则,用 IP 地址访问是无效的,所以在集群外的主机上必须能够识别我们的“wp.test”域名,也就是说要把域名“wp.test”解析到 Ingress Controller 所在的节点上。
Mac,那就修改 /etc/hosts; Windows,就修改 C:\Windows\System32\Drivers\etc\hosts,添加一条解析规则就行:
自己服务器ip wp.test
直接用域名“wp.test”访问
查看nfs中的挂载数据
#在nfs sever中进入挂载目录
cd /tmp/nfs/
#查看挂载文件
ll
