k8s环境搭建wordpress
创建一个test的名称空间
kubectl create ns test
准备一台服务器安装nfs服务为k8s集群提供PV
创建一个挂载目录
mkdir -pv /data/nfs
把/dev/sda1 挂载到/data/nfs 并写入/etc/fstab
echo ‘UUID=“5d70ecf0-a278-4f7a-87db-12e7d0f8651a” /data/nfs ext4 defaults 0 0’ >>/etc/fstab
mount -a
查看挂载情况
df -Th
df -Th
文件系统 类型 容量 已用 可用 已用% 挂载点
devtmpfs devtmpfs 4.0M 0 4.0M 0% /dev
tmpfs tmpfs 886M 0 886M 0% /dev/shm
tmpfs tmpfs 355M 5.2M 350M 2% /run
/dev/mapper/rl_192-root xfs 47G 1.6G 46G 4% /
/dev/sdb1 xfs 1014M 217M 798M 22% /boot
tmpfs tmpfs 178M 0 178M 0% /run/user/0
/dev/sda1 ext4 49G 24K 47G 1% /data/nfs
安装nfs
yum -y install nfs-utils
进入/data/nfs 创建wordpress-mysql 和wordpress-front目录用于为k8s集群中的wordpress项目提供PV
mkdir wordpress-front wordpress-mysql
为了安全创建一个匿名用户,和组
groupadd -g 222 xiao
useradd -u 222 -g 222 -s /sbin/nologin -d /home/userdir xiao
创建mysql的用户和组
groupadd -g 27 mysql
useradd -u 27 -g 27 -s /sbin/nologin mysql
编写nfs的挂载配置文件
vim /etc/exports
/data/nfs/wordpress-front 192.168.0.0/24(rw,anonuid=222,all_squash)
/data/nfs/wordpress-mysql 192.168.0.0/24(rw,no_root_squash)
修改/data/nfs/wordpress 的属主和属组
chown -R 222:222 /data/nfs/wordpress-front
chown -R 27:27 /data/nfs/wordpress-mysql
重启nfs服务
systemctl restart nfs-server.service
查看nfs共享目录
showmount -e
类似如下输出
Export list for nfs:
/data/nfs/wordpress-mysql 192.168.0.0/24
/data/nfs/wordpress-front 192.168.0.0/24
在k8s集群的各个节点安装nfs-utils 不用启动,用于获取nfs驱动
yum -y install nfs-utils
编写PV的yaml文件
vim volume-pv.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: wordpress-mysql
spec:
capacity:
storage: 30Gi
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Retain
nfs:
path: /data/nfs/wordpress-mysql
server: 192.168.0.28
apiVersion: v1
kind: PersistentVolume
metadata:
name: wordpress-front
spec:
capacity:
storage: 20Gi
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Retain
nfs:
path: /data/nfs/wordpress-front
server: 192.168.0.28
创建PV
kubectl apply -f volume-pv.yaml
查看PV
kubectl get pv
类似如下输出
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE
wordpress-front 20Gi RWX Retain Available 49s
wordpress-mysql 30Gi RWX Retain Available 49s
创建PVC的yaml
vim wordpress-pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: wordpress-mysql-pvc
namespace: test
labels:
app: wordpress
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 30Gi
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: wordpress-front-pvc
namespace: test
labels:
app: wordpress
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 20Gi
创建wordpress-pvc
kubectl apply -f wordpress-pvc.yaml
查看PV,PVC
kubectl get pvc,pv -n test
类似如下输出
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
wordpress-front Bound wordpress-front 20Gi RWX 48s
wordpress-mysql Bound wordpress-mysql 30Gi RWX 48s
用Opaque类型的数据加密
echo -n ‘root’ |base64
cm9vdA==
echo -n “Huangxiang@123” |base64
SHVhbmd4aWFuZ0AxMjM=
echo -n “wordpress” |base64
d29yZHByZXNz
编写secrets.yaml
vim secrets.yaml
apiVersion: v1
kind: Secret
metadata:
name: mysecret
namespace: test
type: Opaque
data:
password: SHVhbmd4aWFuZ0AxMjM=
username: cm9vdA==
databaseName: d29yZHByZXNz
创建secret
kubectl apply -f secret.yaml
查看是否创建成功
kubectl get secret -n test
类似如下输出
NAME TYPE DATA AGE
mysecret Opaque 3 58m
创建wordpress-service.yaml ,wordpress-deploy.yaml,和mysql-deploy.yaml
vim wordpress-servcie.yaml
apiVersion: v1
kind: Service
metadata:
name: wordpress
labels:
app: wordpress
namespace: test
spec:
ports:
- port: 80
nodePort: 31001
targetPort: 80
selector:
app: wordpress
tier: frontend
type: NodePort
apiVersion: v1
kind: Service
metadata:
name: wordpress-mysql
labels:
app: wordpress
namespace: test
spec:
ports:
- port: 3306
selector:
app: wordpress
tier: mysql
clusterIP: None
vim wordpress-deploy.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: wordpress
labels:
app: wordpress
namespace: test
spec:
selector:
matchLabels:
app: wordpress
tier: frontend
strategy:
type: Recreate
template:
metadata:
labels:
app: wordpress
tier: frontend
spec:
containers:
- image: wordpress:6-php8.0
name: wordpress
env:
- name: WORDPRESS_DB_HOST
value: wordpress-mysql
- name: WORDPRESS_DB_PASSWORD
valueFrom:
secretKeyRef:
name: mysecret
key: password
- name: WORDPRESS_DB_USER
valueFrom:
secretKeyRef:
name: mysecret
key: username
ports:
- containerPort: 80
name: wordpress
volumeMounts:
- name: wordpress-front-pvc
mountPath: /var/www/html
volumes:
- name: wordpress-front-pvc
persistentVolumeClaim:
claimName: wordpress-front-pvc
vim mysql-deploy.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: wordpress-mysql
labels:
app: wordpress
namespace: test
spec:
selector:
matchLabels:
app: wordpress
tier: mysql
strategy:
type: Recreate
template:
metadata:
labels:
app: wordpress
tier: mysql
spec:
containers:
- image: mysql:8.0
name: mysql
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mysecret
key: password
- name: MYSQL_DATABASE
valueFrom:
secretKeyRef:
name: mysecret
key: databaseName
- name: MYSQL_USER
valueFrom:
secretKeyRef:
name: mysecret
key: databaseName
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
name: mysecret
key: password
ports:
- containerPort: 3306
name: mysql
volumeMounts:
- name: wordpress-mysql-pvc
mountPath: /var/lib/mysql
volumes:
- name: wordpress-mysql-pvc
persistentVolumeClaim:
claimName: wordpress-mysql-pvc
创建wordpress前端pod
kubectl apply -f wordpress-deploy.yaml
创建wordpress数据库
kubectl apply -f mysql-deploy.yaml
为wordpress暴露服务
kubectl apply -f wordpress-servcie.yaml
查看状态
kubectl get svc,secret,pod -n test
类似如下输出
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/wordpress NodePort 10.109.177.163 80:31001/TCP 61m
service/wordpress-mysql ClusterIP None 3306/TCP 61m
NAME TYPE DATA AGE
secret/mysecret Opaque 3 62m
NAME READY STATUS RESTARTS AGE
pod/wordpress-fb6595949-6bjx4 1/1 Running 1 (43m ago) 43m
pod/wordpress-mysql-599c67b857-xg4vx 1/1 Running 0 61m