本篇博客使用kubernetes搭建wordpress,旨在理解kubernetes各组件以及协作关系。
创建数据库
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
| [root@k8s-master wordpress]# cat wordpress-database.yaml
apiVersion: v1
kind: Service
metadata:
name: wpdb
labels:
app: wpdb
spec:
type: ClusterIP
selector:
app: wpdb
ports:
- protocol: TCP
port: 3306
targetPort: 3306
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: wpdb
labels:
app: wpdb
spec:
replicas: 1
selector:
matchLabels:
app: wpdb
template:
metadata:
labels:
app: wpdb
spec:
containers:
- image: mysql:5.7.31
imagePullPolicy: IfNotPresent
name: wpdb
env:
- name: MYSQL_DATABASE
value: wpdb
- name: MYSQL_USER
value: wpuser
- name: MYSQL_PASSWORD
value: poipoi@098
|
使用Deployment控制器创建pod资源,使用mysql:5.7.31镜像。并且传入了MYSQL_DATABASE、MYSQL_USER及MYSQL_PASSWORD三个变量。创建Service对象,将容器内的3306映射到ClusterIP的3306端口以供wordpress主程序访问。
创建wordpress
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
| [root@k8s-master wordpress]# cat wordpress.yaml
apiVersion: v1
kind: Service
metadata:
labels:
app: wordpress
name: wordpress
spec:
selector:
app: wordpress
type: ClusterIP
ports:
- protocol: TCP
port: 80
targetPort: 80
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: wordpress
labels:
app: wordpress
spec:
replicas: 1
selector:
matchLabels:
app: wordpress
template:
metadata:
labels:
app: wordpress
spec:
containers:
- image: wordpress:5-php7.2
name: wordpress
env:
- name: WORDPRESS_DB_NAME
value: wpdb
- name: WORDPRESS_DB_USER
value: wpuser
- name: WORDPRESS_DB_PASSWORD
value: poipoi@098
- name: WORDPRESS_DB_HOST
value: wpdb.default.svc.cluster.local
|
依然采用Deployment控制器创建pod资源类型,使用wordpress:5-php7.2作为基础镜像。将连接数据库的变量传入。需要注意的是wpdb.default.svc.cluster.local为长格式域名,由于创建wordpress及数据库时未指明namespace,所以两个pod均在默认的namespace下创建,所以这里的域名可以直接用wpdb短格式域名。
上述deployment资源及service资源创建查看是否正常。
1
2
3
4
5
6
7
8
| [root@k8s-master wordpress]# kubectl get pods
NAME READY STATUS RESTARTS AGE
wordpress-cd68468cb-x8sx6 1/1 Running 0 116m
wpdb-9c65c8bdc-chm6s 1/1 Running 0 127m
[root@k8s-master wordpress]# kubectl get services
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
wordpress ClusterIP 10.110.1.27 <none> 80/TCP 126m
wpdb ClusterIP 10.102.111.102 <none> 3306/TCP 127m
|
这部分结束,那么wordpress就已经创建完成了,可以在服务器上直接curl+ClusterIP:[port]进行访问了。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
| [root@k8s-master wordpress]# curl 10.110.1.27:80
<!DOCTYPE html>
<html class="no-js" lang="zh-CN">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0" >
<link rel="profile" href="https://gmpg.org/xfn/11">
<title>雷探长博客 – Just another WordPress site</title>
<link rel='dns-prefetch' href='//www.test.com' />
<link rel='dns-prefetch' href='//s.w.org' />
|
创建Ingress Controller及默认的backend服务
上面创建的wordpress还只能在服务器内部访问,要想让外部用户访问必须创建ingress实现HTTP7层路由。使用Ingress创建负载分发时,ingress controller会基于ingress规则将客户端的请求直接转发到Service,跳过了kube-proxy组件的转发功能。
在定义ingress策略前,需要首先需要创建ingress controller及默认的backend服务。Ingress Controller为后端Service都提供了一个统一的入口。同时为了顺利启动Ingress Controller还需要配置默认的backend,用于客户端请求不存在的地址时,返回404应答。
创建Ingress Controller
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
| [root@k8s-master wordpress]# cat ingress-daemonset.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: nginx-ingress-lb
labels:
name: nginx-ingress-lb
namespace: kube-system
spec:
selector:
matchLabels:
name: nginx-ingress-lb
template:
metadata:
labels:
name: nginx-ingress-lb
spec:
containers:
- image: registry.aliyuncs.com/google_containers/nginx-ingress-controller:0.9.0-beta.2
name: nginx-ingress-lb
readinessProbe:
httpGet:
path: /healthz
port: 10254
scheme: HTTP
livenessProbe:
httpGet:
path: /healthz
port: 10254
scheme: HTTP
initialDelaySeconds: 10
timeoutSeconds: 1
ports:
- containerPort: 80
hostPort: 80
- containerPort: 443
hostPort: 443
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
args:
- /nginx-ingress-controller
- --default-backend-service=$(POD_NAMESPACE)/default-http-backend
|
这里为Nginx容器设置了hostPort,将容器的80和443分别映射到宿主机的80和443端口,这样客户端就可以通过访问http://物理机:80或https://物理机:443来访问该Ingress Controller。
创建backend服务
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
| [root@k8s-master wordpress]# cat default-http-backend.yaml
apiVersion: v1
kind: Service
metadata:
name: default-http-backend
namespace: kube-system
labels:
k8s-app: default-http-backend
spec:
ports:
- port: 80
targetPort: 8080
selector:
k8s-app: default-http-backend
disableToC: false
disableAutoCollapse: true
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: default-http-backend
labels:
k8s-app: default-http-backend
namespace: kube-system
spec:
selector:
matchLabels:
k8s-app: default-http-backend
replicas: 1
template:
metadata:
labels:
k8s-app: default-http-backend
spec:
containers:
- name: default-http-backend
image: registry.aliyuncs.com/google_containers/defaultbackend:1.0
livenessProbe:
httpGet:
path: /healthz
port: 8080
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 5
ports:
- containerPort: 8080
resources:
limits:
cpu: 10m
memory: 20Mi
requests:
cpu: 10m
memory: 20Mi
|
使用kubectl apply命令创建上述资源并查看是否正确运行
1
2
3
4
5
| [root@k8s-master wordpress]# kubectl apply -f default-http-backend.yaml
deployment.apps/default-http-backend created
service/default-http-backend created
[root@k8s-master wordpress]# kubectl apply -f ingress-daemonset.yaml
daemonset.apps/nginx-ingress-lb created
|
创建上述资源时指定了名称空间,查看容器时需要带上-n kube-system
参数
1
2
3
4
5
6
| [root@k8s-master wordpress]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
...
default-http-backend-797b95869d-4bl4k 1/1 Running 0 164m
nginx-ingress-lb-kcfws 1/1 Running 0 163m
...
|
这里的backend服务采用了Deployment构建,并且声明了数量为1。Ingress Controller采用了DaemonSet构建,每个工作节点运行一个pod,我这里的环境是1+1,所以是1个pod。
部署完Ingress Controller及backend服务后,就可以访问任一工作节点的80端口访问,得到404说明部署成功。
1
2
| [root@k8s-master wordpress]# curl k8s-node
default backend - 404
|
定义Ingress策略
这里使用www.test.com 来设置Ingress策略,定义对**/**的访问请求转发到后端的wordpress的规则。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
| [root@k8s-master wordpress]# cat ingress-wordpress.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: wordpress-ingress
spec:
rules:
- host: www.test.com
http:
paths:
- path: /
backend:
serviceName: wordpress
servicePort: 80
|
这里的ServiceName和ServicePort是之前创建的wordpress service对象的参数。
需要注意的是这里的80端口和Service对象的80一样是虚拟的,本机并不会监听80端口。
1
2
3
4
5
| [root@k8s-master wordpress]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
...
wordpress ClusterIP 10.110.1.27 <none> 80/TCP 171m
...
|
创建ingress策略
1
2
| [root@k8s-master wordpress]# kubectl apply -f ingress-wordpress.yaml
ingress.extensions/wordpress-ingress configured
|
到这里创建wordpress就结束了,要访问wordpress需要在你的电脑的host文件上做域名ip关联。将www.test.com关联到任一工作节点的ip,使用浏览器访问www.test.com即可。
1
2
| C:\Windows\System32\drivers\etc>more hosts
192.168.0.107 www.test.com
|
安装完成