kubernetes容器集羣管理（11）- k8s集羣搭建lnmp環境

目錄

一、私有倉庫搭建

二、鏡像準備

三、提前創建PV

四、mysql部署工作

五、nginx部署工作

六、php部署工作

七、wordpress部署工作

---

一、私有倉庫搭建

#pull私有倉庫鏡像

[root@node01 ~]# docker pull registry

#創建用戶密碼本

[root@node01 ~]# mkdir auth
[root@node01 ~]# docker run --entrypoint htpasswd registry:latest -Bbn amusitelangpao 123456 >/root/auth/htpasswd
[root@node01 ~]# cat /root/auth/htpasswd

#主機/root/auth目錄掛載到鏡像的/auth目錄下，然後指定這個目錄下的htpasswd文件來進行認證

[root@node01 ~]# docker login 127.0.0.1:5000
Username: amusitelangpao
Password: 
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded

#打包鏡像到私有倉庫

[root@node01 ~]# docker pull hello-world
[root@node01 ~]# docker tag hello-world:latest 127.0.0.1:5000/hello-world:v1
[root@node01 ~]# docker push 127.0.0.1:5000/hello-world:v1
[root@node01 ~]# ls /opt/registry/docker/registry/v2/repositories/
hello-world
[root@node01 ~]# curl -u amusitelangpao:123456 127.0.0.1:5000/v2/_catalog          
{"repositories":["hello-world"]}

#集羣服務器全部配置信任私有倉庫節點地址   

[root@manage01 ~]# vi /etc/docker/daemon.json
{
  "insecure-registries": ["192.168.192.129:5000"]
}
[root@manage01 ~]# systemctl daemon-reload 
[root@manage01 ~]# systemctl restart docker

#其他節點機器下載鏡像成功

[root@manage01 ~]# docker images | grep hello
[root@manage01 ~]# docker pull 192.168.192.129:5000/hello-world:v1
v1: Pulling from hello-world
1b930d010525: Pull complete 
Digest: sha256:92c7f9c92844bbbb5d0a101b22f7c2a7949e40f8ea90c8b3bc396879d95e899a
Status: Downloaded newer image for 192.168.192.129:5000/hello-world:v1
192.168.192.129:5000/hello-world:v1
[root@manage01 ~]# docker images | grep hello                     
192.168.192.129:5000/hello-world   v1                  fce289e99eb9        14 months ago       1.84kB

二、鏡像準備

#環境配置
192.168.192.128  k8s集羣管理機manege01
192.168.192.129  k8s集羣節點node01、私有倉庫機器
192.168.192.130  k8s集羣節點node02、nfs服務機器

#本次lnmp搭建存在兩個問題：
1、node需提前準備好本地鏡像，可能還需添加私有庫權限配置
2、lnmp部署完畢，pod顯示running，一切正常，頁面無法訪問，進入容器發現nginx服務未啓動，手動啓動後正常

#nginx和php創建部署文件提前準備好了，mysql用docker hub上面的。
https://download.csdn.net/download/weixin_39855998/12252247

#目錄規劃

[root@node01 ~]# mkdir -p lnmp/{php,nginx}
[root@node01 ~]# ls /root/lnmp/nginx/
Dockerfile  nginx-1.12.1.tar.gz  nginx.conf
[root@node01 ~]# ls /root/lnmp/php/
Dockerfile  php-5.6.31.tar.gz  php.ini

#鏡像的構建、上傳私有庫、查看

[root@node01 lnmp]# docker login 192.168.192.129:5000
[root@node01 lnmp]# cd nginx
[root@node01 nginx]# docker build -t 192.168.192.129:5000/lnmp/nginx .
[root@node01 nginx]# docker push 192.168.192.129:5000/lnmp/nginx

[root@node01 lnmp]# cd php
[root@node01 nginx]# docker build -t 192.168.192.129:5000/lnmp/php .
[root@node01 nginx]# docker push 192.168.192.129:5000/lnmp/php

[root@node01 nginx]# docker pull mysql:5.6
[root@node01 nginx]# docker tag mysql:5.6 192.168.192.129:5000/lnmp/mysql
[root@node01 nginx]# docker push 192.168.192.129:5000/lnmp/mysql

[root@node01 nginx]# curl -u amusitelangpao:123456 192.168.192.129:5000/v2/_catalog          
{"repositories":["hello-world","lnmp/mysql","lnmp/nginx","lnmp/php"]}

#此時已經將mysql、nginx、php鏡像上傳私有庫，部署時直接pull就可以了

三、提前創建PV

#nfs服務器創建目錄用來掛載

[root@node02 ~]# mkdir -p /opt/nfs/wp-data  #存放nginx、php數據
[root@node02 ~]# mkdir -p /opt/nfs/wp-mysql  #存放mysql數據
[root@node02 ~]# cat  /etc/exports      #nfs策略  
/nfsdata *(rw,no_root_squash,no_all_squash,sync)
/opt/nfs/wp-mysql 192.168.192.0/24(rw,no_root_squash)
/opt/nfs/wp-data 192.168.192.0/24(rw,no_root_squash)

#master上創建pv

[root@manage01 lnmp]# cat pv.yaml 
apiVersion: v1
kind: PersistentVolume
metadata:
  name: mysql-pv
  labels:
    apps: mysql-pv
spec:
  capacity:
    storage: 10Gi
  accessModes:
    - ReadWriteMany
  nfs:
    path: /opt/nfs/wp-mysql
    server: 192.168.192.130

---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: wp-pv01
  labels:
    apps: wp-pv01
spec:
  capacity:
    storage: 5Gi
  accessModes:
    - ReadWriteMany
  nfs:
    path: /opt/nfs/wp-data
    server: 192.168.192.130

---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: wp-pv02
  labels:
    apps: wp-pv02
spec:
  capacity:
    storage: 5Gi
  accessModes:
    - ReadWriteMany
  nfs:
    path: /opt/nfs/wp-data
    server: 192.168.192.130

[root@manage01 lnmp]# kubectl create -f pv.yaml
persistentvolume/mysql-pv created
persistentvolume/wp-pv01 created
persistentvolume/wp-pv02 created

#每個節點提前裝好鏡像

[root@node01 ~]# docker pull 192.168.192.129:5000/lnmp/nginx
[root@node01 ~]# docker pull 192.168.192.129:5000/lnmp/mysql
[root@node01 ~]# docker pull 192.168.192.129:5000/lnmp/

四、mysql部署工作

1、提前安裝本地鏡像 2、一旦有問題刪除pv pvc 否則pengding狀態

#mysql密碼認證

[root@manage01 lnmp]# kubectl create secret generic mysql-pass --from-literal=password=123456

#mysql的service、pvc、deployment創建
pvc匹配標籤爲上面創建的標籤爲apps: mysql-pv的pv
指定secret爲上面創建的mysql-pass
拉取鏡像爲192.168.192.129:5000/lnmp/mysql
使用mysql-pv-claim這個pvc，把上面創建的mysql的pv掛載在容器的/var/lib/mysql目錄下。

[root@manage01 lnmp]# cat mysql-deployment.yaml 
apiVersion: v1
kind: Service
metadata:
  name: wordpress-mysql
  labels:
    app: wordpress
spec:
  ports:
    - port: 3306
  selector:
    app: wordpress
    tier: mysql

---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: mysql-pv-claim
  labels:
    app: wordpress
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 20Gi
  selector:
    matchLabels:
      apps: mysql-pv

---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: wordpress-mysql
  labels:
    app: wordpress
spec:
  selector:
    matchLabels:
      app: wordpress
      tier: mysql
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: wordpress
        tier: mysql
    spec:
      containers:
      - name: mysql
        image: 192.168.192.129:5000/lnmp/mysql
        imagePullPolicy: IfNotPresent
        env:
        - name: MYSQL_ROOT_PASSWORD
          valueFrom:
            secretKeyRef:
              name: mysql-pass
              key: password

        ports: 
        - containerPort: 3306
          name: mysql
        volumeMounts:
        - name: mysql-persistent-storage
          mountPath: /var/lib/mysql
      #imagePullSecrets:
       # - name: registrypullsecret
      volumes:
      - name: mysql-persistent-storage
        persistentVolumeClaim:
          claimName: mysql-pv-claim

[root@manage01 lnmp]# kubectl create -f  mysql-deployment.yaml

五、nginx部署工作

[root@manage01 lnmp]# cat nginx-deployment.yaml 
apiVersion: v1
kind: ConfigMap
metadata:
  name: nginx-wp-config
data:
  site.conf: |-
    server {
        listen 80;
        server_name localhost;
        root html;
        index index.html index.php;

        location ~ \.php$ {
            root html;
            fastcgi_pass wordpress-php:9000;
            fastcgi_param SCRIPT_FILENAME /var/www/html$fastcgi_script_name;
            include fastcgi_params;
            fastcgi_connect_timeout 60s;
            fastcgi_read_timeout 300s;
            fastcgi_send_timeout 300s;
        }
    }
---
apiVersion: v1
kind: Service
metadata:
  name: wordpress-nginx
  labels:
    app: wordpress
spec:
  ports:
    - port: 80
  selector:
    app: wordpress-nginx
    tier: frontend
  type: NodePort
  sessionAffinity: ClientIP
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: wp-pvc02
  labels:
    app: wordpress
spec: 
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 5Gi
  selector:
    matchLabels:
      apps: wp-pv02
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: wordpress-nginx
  labels:
    app: wordpress
spec:
  replicas: 3
  selector:
    matchLabels:
      app: wordpress-nginx
      tier: frontend
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: wordpress-nginx
        tier: frontend
    spec:
      containers:
      - name: nginx
        image: 192.168.192.129:5000/lnmp/nginx
        imagePullPolicy: IfNotPresent
        command: [ "/bin/bash", "-ce", "tail -f /dev/null" ]
        ports:
        - containerPort: 80
          name: wordpress
        volumeMounts:
        - name: wordpress-persistent-storage
          mountPath: /usr/local/nginx/html
        - name: config
          mountPath: /usr/local/nginx/conf/vhost/site.conf
          subPath: site.conf
        #imagePullSecrets:
        #- name: registrypullsecret
      volumes:
      - name: wordpress-persistent-storage
        persistentVolumeClaim:
          claimName: wp-pvc02
      - name: config
        configMap:
          name: nginx-wp-config

[root@manage01 lnmp]# kubectl create -f  nginx-deployment.yaml

六、php部署工作

[root@manage01 lnmp]# cat php-deployment.yaml 
apiVersion: v1
kind: Service
metadata:
  name: wordpress-php
  labels:
    app: wordpress
spec:
  ports:
    - port: 9000
  selector:
    app: wordpress-php
    tier: frontend
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: wp-pvc01
  labels:
    app: wordpress
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 5Gi
  selector:
    matchLabels:
      apps: wp-pv01
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: wordpress-php
  labels:
    app: wordpress
spec:
  replicas: 3
  selector:
    matchLabels:
      app: wordpress-php
      tier: frontend
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: wordpress-php
        tier: frontend
    spec:
      containers:
      - name: php
        image: 192.168.192.129:5000/lnmp/php
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 9000
          name: wordpress
        volumeMounts:
        - name: wordpress-persistent-storage
          mountPath: /var/www/html
        ##拉取鏡像時的用戶認證,沒有的時候註釋掉這2行
        #imagePullSecrets:
        #- name: registrypullsecret
      volumes:
      - name: wordpress-persistent-storage
        persistentVolumeClaim:
          claimName: wp-pvc01

[root@manage01 lnmp]# kubectl create -f  php-deployment.yaml

[root@manage01 lnmp]# kubectl get pod
NAME                               READY   STATUS    RESTARTS   AGE
wordpress-mysql-76d8c4456f-rznmk   1/1     Running   0          3h21m
wordpress-nginx-874bffd44-5ltwb    1/1     Running   0          178m
wordpress-nginx-874bffd44-d4mhw    1/1     Running   0          178m
wordpress-nginx-874bffd44-svwkp    1/1     Running   0          178m
wordpress-php-797977fb-q9cbt       1/1     Running   0          3h1m
wordpress-php-797977fb-vx79c       1/1     Running   0          3h1m
wordpress-php-797977fb-zjsqc       1/1     Running   0          3h1m

七、wordpress部署工作

#nfs服務器安裝wp並複製到存儲卷目錄

[root@node02 wordpress]# wget https://wordpress.org/latest.tar.gz
[root@node02 wordpress]# tar xf wordpress-5.3.2.tar.gz
[root@node02 wordpress]# cp -a wordpress/* /opt/nfs/wp-data/
[root@node02 wordpress]# chown -R nobody /opt/nfs/wp-data

#進入mysql容器爲wp創建數據庫

[root@manage01 lnmp]# kubectl exec -it wordpress-mysql-76d8c4456f-rznmk bash
root@wordpress-mysql-76d8c4456f-rznmk:/# mysql -uroot -p123456
mysql> CREATE DATABASE wordpressdb;
mysql> exit;

#查看server

[root@manage01 lnmp]# kubectl get svc
NAME              TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)        AGE
kubernetes        ClusterIP   10.10.10.1    <none>        443/TCP        16d
wordpress-mysql   ClusterIP   10.10.10.8    <none>        3306/TCP       3h26m
wordpress-nginx   NodePort    10.10.10.50   <none>        80:44802/TCP   3h2m
wordpress-php     ClusterIP   10.10.10.71   <none>        9000/TCP       3h5m

#創建ingress配置nginx-wp頁面域名訪問

[root@manage01 lnmp]# cat wp-ingress.yaml 
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: wp-ingress
spec:
  rules:
  - host: www.amu.blog
    http:
      paths:
      - backend:
          serviceName: wordpress-nginx
          servicePort: 80

[root@manage01 lnmp]# kubectl create -f wp-ingress.yaml

#查看ingress

[root@manage01 lnmp]#  kubectl get ingress
NAME         HOSTS                           ADDRESS   PORTS     AGE
wp-ingress   www.amu.blog                              80        63m

#主機hosts配置域名解析

#C:\Windows\System32\drivers\etc\hosts
192.168.192.129 www.amu.blog
192.168.192.130 www.amu.blog

#頁面訪問顯示如下