极客时间运维进阶训练营第十四周作业
1、wordpress 示例中:
使用 statefulset 编排运行 mysql,实例数为 1;
# 部署mysql root@k8s-master01:~/w3/mysql# cat 01-secret-mysql.yaml apiVersion: v1 kind: Secret metadata: creationTimestamp: null name: mysql-user-pass data: database.name: d3BkYg== root.password: TUBnZUVkdQ== user.name: d3B1c2Vy user.password: bWFnZURVLmMwbQ== root@k8s-master01:~/w3/mysql# cat 02-pvc-mysql-data.yaml apiVersion: v1 kind: PersistentVolumeClaim metadata: name: mysql-data spec: volumeMode: Filesystem accessModes: - ReadWriteOnce resources: requests: storage: 10Gi storageClassName: nfs-csi root@k8s-master01:~/w3/mysql# cat 03-service-mysql.yaml apiVersion: v1 kind: Service metadata: labels: app: mysql name: mysql spec: ports: - name: mysql port: 3306 protocol: TCP targetPort: 3306 selector: app: mysql type: ClusterIP root@k8s-master01:~/w3/mysql# cat 04-deploy-mysql.yaml piVersion: apps/v1 kind: StatefulSet metadata: labels: app: mysql name: mysql spec: replicas: 1 selector: matchLabels: app: mysql template: metadata: labels: app: mysql spec: containers: - image: mysql:8.0 name: mysql env: - name: MYSQL_ROOT_PASSWORD valueFrom: secretKeyRef: name: mysql-user-pass key: root.password - name: MYSQL_USER valueFrom: secretKeyRef: name: mysql-user-pass key: user.name - name: MYSQL_PASSWORD valueFrom: secretKeyRef: name: mysql-user-pass key: user.password - name: MYSQL_DATABASE valueFrom: secretKeyRef: name: mysql-user-pass key: database.name volumeMounts: - name: mysql-data mountPath: /var/lib/mysql/ volumes: - name: mysql-data persistentVolumeClaim: claimName: mysql-data root@k8s-master01:~/w3/mysql# kubectl apply -f . -n blog root@k8s-master01:~# kubectl get pods -n blog NAME READY STATUS RESTARTS AGE mysql-0 1/1 Running 0 9m33s # 部署wordpress root@k8s-master01:~/learning-k8s-master/wordpress/wordpress# cat 01-service-wordpress.yaml apiVersion: v1 kind: Service metadata: labels: app: wordpress name: wordpress spec: ports: - name: fpm port: 9000 protocol: TCP targetPort: 9000 selector: app: wordpress root@k8s-master01:~/learning-k8s-master/wordpress/wordpress# cat 02-pvc-wordpress-app-data.yaml apiVersion: v1 kind: PersistentVolumeClaim metadata: name: wordpress-app-data spec: volumeMode: Filesystem accessModes: - ReadWriteMany resources: requests: storage: 10Gi storageClassName: nfs-csi root@k8s-master01:~/learning-k8s-master/wordpress/wordpress# cat 03-deployment-wordpress.yaml apiVersion: apps/v1 kind: Deployment metadata: labels: app: wordpress name: wordpress spec: replicas: 1 selector: matchLabels: app: wordpress template: metadata: labels: app: wordpress spec: containers: - image: wordpress:5.8-fpm name: wordpress env: - name: WORDPRESS_DB_HOST value: mysql - name: WORDPRESS_DB_USER valueFrom: secretKeyRef: name: mysql-user-pass key: user.name - name: WORDPRESS_DB_PASSWORD valueFrom: secretKeyRef: name: mysql-user-pass key: user.password - name: WORDPRESS_DB_NAME valueFrom: secretKeyRef: name: mysql-user-pass key: database.name volumeMounts: - name: wordpress-app-data mountPath: /var/www/html/ volumes: - name: wordpress-app-data persistentVolumeClaim: claimName: wordpress-app-data root@k8s-master01:~/learning-k8s-master/wordpress/wordpress# kubectl apply -f . -n blog service/wordpress created persistentvolumeclaim/wordpress-app-data created deployment.apps/wordpress created root@k8s-master01:~/learning-k8s-master/wordpress/wordpress# kubectl get pods -n blog NAME READY STATUS RESTARTS AGE mysql-0 1/1 Running 0 13m wordpress-664cfb496b-hvmg6 1/1 Running 0 67s root@k8s-master01:~/learning-k8s-master/wordpress/wordpress# kubectl get svc -n blog NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE mysql ClusterIP 10.102.208.196 <none> 3306/TCP 19m wordpress ClusterIP 10.104.212.178 <none> 9000/TCP 79s # 部署nginx root@k8s-master01:~/learning-k8s-master/wordpress/nginx# cat 01-configmap-nginx-conf.yaml apiVersion: v1 data: nginx.conf: | server { listen 80; listen [::]:80; server_name magedu.com www.magedu.com; index index.php index.html index.htm; root /var/www/html; location ~ /.well-known/acme-challenge { allow all; root /var/www/html; } location / { try_files $uri $uri/ /index.php$is_args$args; } location ~ \.php$ { try_files $uri =404; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass wordpress:9000; fastcgi_index index.php; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; } location ~ /\.ht { deny all; } location = /favicon.ico { log_not_found off; access_log off; } location = /robots.txt { log_not_found off; access_log off; allow all; } location ~* \.(css|gif|ico|jpeg|jpg|js|png)$ { expires max; log_not_found off; } } kind: ConfigMap metadata: creationTimestamp: null name: nginx-conf root@k8s-master01:~/learning-k8s-master/wordpress/nginx# cat 02-service-nginx.yaml apiVersion: v1 kind: Service metadata: labels: app: nginx name: nginx spec: ports: - name: http-80 port: 80 protocol: TCP targetPort: 80 selector: app: nginx type: NodePort externalIPs: - 192.168.56.100 root@k8s-master01:~/learning-k8s-master/wordpress/nginx# cat 03-deployment-nginx.yaml apiVersion: apps/v1 kind: Deployment metadata: labels: app: nginx name: nginx spec: replicas: 1 selector: matchLabels: app: nginx strategy: rollingUpdate: maxSurge: 1 maxUnavailable: 0 template: metadata: labels: app: nginx spec: volumes: - name: ngxconf configMap: name: nginx-conf - name: wordpress-app-data persistentVolumeClaim: claimName: wordpress-app-data containers: - image: nginx:1.20-alpine name: nginx volumeMounts: - name: ngxconf mountPath: /etc/nginx/conf.d/ - name: wordpress-app-data mountPath: /var/www/html/ root@k8s-master01:~/learning-k8s-master/wordpress/nginx# kubectl apply -f . -n blog configmap/nginx-conf created service/nginx created deployment.apps/nginx created
换成使用 Operator 编排运行 mysql,实例数为 1+;
helm repo add bitnami https://charts.bitnami.com/bitnami helm repo list root@k8s-master01:~/learning-k8s-master# helm install mysql \ --set auth.rootPassword=MageEdu \ --set global.storageClass=nfs-csi \ --set architecture=replication \ --set auth.database=wpdb \ --set auth.username=wpuser \ --set auth.password='magedu.com' \ --set secondary.replicaCount=1 \ --set auth.replicationPassword='replpass' \ bitnami/mysql \ -n blog 1. Run a pod that you can use as a client: kubectl run mysql-client --rm --tty -i --restart='Never' --image docker.io/bitnami/mysql:8.0.32-debian-11-r14 --namespace blog --env MYSQL_ROOT_PASSWORD=$MYSQL_ROOT_PASSWORD --command -- bash 2. To connect to primary service (read/write): mysql -h mysql-primary.blog.svc.cluster.local -uroot -p"$MYSQL_ROOT_PASSWORD" 3. To connect to secondary service (read-only): mysql -h mysql-secondary.blog.svc.cluster.local -uroot -p"$MYSQL_ROOT_PASSWORD" root@k8s-master01:~/w3/mysql# cat 01-secret-mysql.yaml apiVersion: v1 kind: Secret metadata: creationTimestamp: null name: mysql-user-pass data: database.name: d3BkYg== root.password: TUBnZUVkdQ== user.name: d3B1c2Vy user.password: bWFnZWR1LmNvbQo= root@k8s-master01:~/w3/mysql# kubectl apply -f 01-secret-mysql.yaml -n blog secret/mysql-user-pass created root@k8s-master01:~/learning-k8s-master# kubectl get svc -n blog NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE mysql-primary ClusterIP 10.96.35.151 <none> 3306/TCP 2m27s mysql-primary-headless ClusterIP None <none> 3306/TCP 2m27s mysql-secondary ClusterIP 10.108.128.170 <none> 3306/TCP 2m27s mysql-secondary-headless ClusterIP None <none> 3306/TCP 2m27s root@k8s-master01:~/w3/mysql# echo 'magedu.com'|base64 bWFnZWR1LmNvbQo= root@k8s-master01:~/learning-k8s-master/wordpress# kubectl apply -f nginx/ -n blog configmap/nginx-conf created service/nginx created deployment.apps/nginx created root@k8s-master01:~/learning-k8s-master/wordpress# kubectl apply -f wordpress/ -n blog service/wordpress created persistentvolumeclaim/wordpress-app-data created deployment.apps/wordpress created
将 mysql 以传统模型的主从复制的形式运行于 Kubernetes 外部,让运行在 Kubernetes 集群上的 wordpress 去访问外部的 MySQL 服务。
# 安装数据库 单数据库模拟 root@template-ubuntun2004:~# hostname template-ubuntun2004.iclinux.com root@template-ubuntun2004:~# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:a0:2b:23 brd ff:ff:ff:ff:ff:ff inet 192.168.56.169/24 brd 192.168.56.255 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fea0:2b23/64 scope link valid_lft forever preferred_lft forever root@template-ubuntun2004:~# apt install mysql-server -y root@template-ubuntun2004:~# mysql mysql> create user 'wordpress'@'%' identified with mysql_native_password BY 'Wordpress@1234'; Query OK, 0 rows affected (0.02 sec) mysql> CREATE DATABASE wordpress; Query OK, 1 row affected (0.00 sec) mysql> grant all privileges on wordpress.* to 'wordpress'@'%' with grant option; Query OK, 0 rows affected (0.00 sec) # ## root@template-ubuntun2004:/etc/mysql/mysql.conf.d# vim mysqld.cnf # localhost which is more compatible and is not less secure. bind-address = 0.0.0.0 mysqlx-bind-address = 0.0.0.0 # # 验证通过 root@template-ubuntun2004:/etc/mysql/mysql.conf.d# mysql -h 192.168.56.169 -u wordpress -p'Wordpress@1234' mysql: [Warning] Using a password on the command line interface can be insecure. Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 8 Server version: 8.0.32-0ubuntu0.20.04.2 (Ubuntu) Copyright (c) 2000, 2023, Oracle and/or its affiliates. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. root@k8s-master01:~/w3/mysql# echo "Wordpress@1234" |base64 V29yZHByZXNzQDEyMzQK root@k8s-master01:~/w3/mysql# cat 01-secret-mysql.yaml apiVersion: v1 kind: Secret metadata: creationTimestamp: null name: mysql-user-pass data: database.name: d3BkYg== root.password: TUBnZUVkdQ== user.name: d3B1c2Vy user.password: V29yZHByZXNzQDEyMzQK root@k8s-master01:~/w3/mysql# kubectl apply -f 01-secret-mysql.yaml -n blog secret/mysql-user-pass created root@k8s-master01:~/learning-k8s-master/wordpress# kubectl apply -f nginx/ -n blog configmap/nginx-conf created service/nginx created deployment.apps/nginx created root@k8s-master01:~/learning-k8s-master/wordpress# kubectl apply -f wordpress/ -n blog service/wordpress created persistentvolumeclaim/wordpress-app-data created deployment.apps/wordpress created
2、wordpress 实例扩展至多个,测试应用是否工作正常。
root@k8s-master01:~/learning-k8s-master/wordpress/wordpress# cat 03-deployment-wordpress.yaml apiVersion: apps/v1 kind: Deployment metadata: labels: app: wordpress name: wordpress spec: replicas: 5 selector: matchLabels: app: wordpress template: metadata: labels: app: wordpress spec: containers: - image: wordpress:5.8-fpm name: wordpress env: - name: WORDPRESS_DB_HOST value: mysql - name: WORDPRESS_DB_USER valueFrom: secretKeyRef: name: mysql-user-pass key: user.name - name: WORDPRESS_DB_PASSWORD valueFrom: secretKeyRef: name: mysql-user-pass key: user.password - name: WORDPRESS_DB_NAME valueFrom: secretKeyRef: name: mysql-user-pass key: database.name volumeMounts: - name: wordpress-app-data mountPath: /var/www/html/ volumes: - name: wordpress-app-data persistentVolumeClaim: claimName: wordpress-app-data root@k8s-master01:~/learning-k8s-master/wordpress/wordpress# kubectl apply -f 03-deployment-wordpress.yaml -n blog deployment.apps/wordpress configured root@k8s-master01:~/learning-k8s-master/wordpress/wordpress# kubectl get pods -n blog NAME READY STATUS RESTARTS AGE mysql-0 1/1 Running 0 26m nginx-5b9c7b4c8f-vv5gq 1/1 Running 0 9m24s wordpress-664cfb496b-66ctx 1/1 Running 0 2m16s wordpress-664cfb496b-94zsb 1/1 Running 0 2m16s wordpress-664cfb496b-hvmg6 1/1 Running 0 13m wordpress-664cfb496b-sl54v 1/1 Running 0 2m16s wordpress-664cfb496b-z285b 1/1 Running 0 2m16s
3、Nginx 实例扩展至多个,测试应用是否工作正常;额外为 nginx 添加 https 虚拟主机。
root@k8s-master01:~/learning-k8s-master/wordpress/nginx# cat 03-deployment-nginx.yaml apiVersion: apps/v1 kind: Deployment metadata: labels: app: nginx name: nginx spec: replicas: 6 selector: matchLabels: app: nginx strategy: rollingUpdate: maxSurge: 1 maxUnavailable: 0 template: metadata: labels: app: nginx spec: volumes: - name: ngxconf configMap: name: nginx-conf - name: wordpress-app-data persistentVolumeClaim: claimName: wordpress-app-data containers: - image: nginx:1.20-alpine name: nginx volumeMounts: - name: ngxconf mountPath: /etc/nginx/conf.d/ - name: wordpress-app-data mountPath: /var/www/html/ root@k8s-master01:~/learning-k8s-master/wordpress/nginx# kubectl apply -f 03-deployment-nginx.yaml -n blog deployment.apps/nginx configured root@k8s-master01:~/learning-k8s-master/wordpress/nginx# kubectl get pods -n blog NAME READY STATUS RESTARTS AGE mysql-0 1/1 Running 0 30m nginx-5b9c7b4c8f-789xq 1/1 Running 0 2m51s nginx-5b9c7b4c8f-85knc 1/1 Running 0 2m51s nginx-5b9c7b4c8f-dsp77 1/1 Running 0 2m51s nginx-5b9c7b4c8f-frq24 1/1 Running 0 2m51s nginx-5b9c7b4c8f-vv5gq 1/1 Running 0 14m nginx-5b9c7b4c8f-zz888 1/1 Running 0 2m51s wordpress-664cfb496b-66ctx 1/1 Running 0 7m5s wordpress-664cfb496b-94zsb 1/1 Running 0 7m5s wordpress-664cfb496b-hvmg6 1/1 Running 0 18m wordpress-664cfb496b-sl54v 1/1 Running 0 7m5s wordpress-664cfb496b-z285b 1/1 Running 0 7m5s
