部署Mysql-基于dockerhub上的oci仓库部署
[root@ca-k8s-master01 linux-amd64]# kubectl create ns blog
namespace/blog created
[root@ca-k8s-master01 linux-amd64]# helm install mysql \
--set auth.rootPassword='sheca' \
--set global.storageClass=nfs-csi \
--set architecture=replication \
--set auth.database=wpdb \
--set auth.username=wpuser \
--set auth.password='sheca' \
--set secondary.replicaCount=1 \
--set auth.replicationPassword='replpass' \
oci://registry-1.docker.io/bitnamicharts/mysql \
-n blog --create-namespace
Pulled: registry-1.docker.io/bitnamicharts/mysql:9.18.0
Digest: sha256:464bb1d8027b7650472d363c234df2af9210410961c64b18753200367c794e5e
NAME: mysql
LAST DEPLOYED: Thu Jan 25 21:03:18 2024
NAMESPACE: blog
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
CHART NAME: mysql
CHART VERSION: 9.18.0
APP VERSION: 8.0.36
** Please be patient while the chart is being deployed **
Tip:
Watch the deployment status using the command: kubectl get pods -w --namespace blog
Services:
echo Primary: mysql-primary.blog.svc.cluster.local:3306
echo Secondary: mysql-secondary.blog.svc.cluster.local:3306
Execute the following to get the administrator credentials:
echo Username: root
MYSQL_ROOT_PASSWORD=$(kubectl get secret --namespace blog mysql -o jsonpath="{.data.mysql-root-password}" | base64 -d)
To connect to your database:
1. Run a pod that you can use as a client:
kubectl run mysql-client --rm --tty -i --restart='Never' --image docker.io/bitnami/mysql:8.0.36-debian-11-r0 --namespace blog --env MYSQL_ROOT_PASSWORD=$MYSQL_ROOT_PASSWORD --command -- bash
2. To connect to primary service (read/write):
mysql -h mysql-primary.blog.svc.cluster.local -uroot -p"$MYSQL_ROOT_PASSWORD"
3. To connect to secondary service (read-only):
mysql -h mysql-secondary.blog.svc.cluster.local -uroot -p"$MYSQL_ROOT_PASSWORD"
[root@ca-k8s-master01 linux-amd64]# helm list -n blog
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
mysql blog 1 2024-01-25 21:03:18.158470641 +0800 CST deployed mysql-9.18.0 8.0.36
##通过命令查看 资源 配置清单 通过模板渲染之后提供出来标准格式的Pod文件
[root@ca-k8s-master01 linux-amd64]# helm get manifest mysql -n blog #最后输出模板
#查看如何访问
[root@ca-k8s-master01 linux-amd64]# helm get notes mysql -n blog
NOTES:
CHART NAME: mysql
CHART VERSION: 9.18.0
APP VERSION: 8.0.36
** Please be patient while the chart is being deployed **
Tip:
Watch the deployment status using the command: kubectl get pods -w --namespace blog
Services:
echo Primary: mysql-primary.blog.svc.cluster.local:3306
echo Secondary: mysql-secondary.blog.svc.cluster.local:3306
Execute the following to get the administrator credentials:
echo Username: root
MYSQL_ROOT_PASSWORD=$(kubectl get secret --namespace blog mysql -o jsonpath="{.data.mysql-root-password}" | base64 -d)
To connect to your database:
1. Run a pod that you can use as a client:
kubectl run mysql-client --rm --tty -i --restart='Never' --image docker.io/bitnami/mysql:8.0.36-debian-11-r0 --namespace blog --env MYSQL_ROOT_PASSWORD=$MYSQL_ROOT_PASSWORD --command -- bash
2. To connect to primary service (read/write):
mysql -h mysql-primary.blog.svc.cluster.local -uroot -p"$MYSQL_ROOT_PASSWORD"
3. To connect to secondary service (read-only):
mysql -h mysql-secondary.blog.svc.cluster.local -uroot -p"$MYSQL_ROOT_PASSWORD"
#查看自定义的值 以后可以保存直接引用默认值
[root@ca-k8s-master01 linux-amd64]# helm get values mysql -n blog
USER-SUPPLIED VALUES:
architecture: replication
auth:
database: wpdb
password: sheca
replicationPassword: replpass
rootPassword: sheca
username: wpuser
global:
storageClass: nfs-csi
secondary:
replicaCount: 1
[root@ca-k8s-master01 linux-amd64]# helm get values mysql -n blog > mysql-values.yaml
[root@ca-k8s-master01 linux-amd64]# helm install mysql -f mysql-values.yaml -n blog
[root@ca-k8s-master01 linux-amd64]# kubectl get all -n blog
NAME READY STATUS RESTARTS AGE
pod/mysql-client 1/1 Running 0 31m
pod/mysql-primary-0 1/1 Running 0 49s
pod/mysql-secondary-0 1/1 Running 0 49s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/mysql-primary ClusterIP 10.100.55.97 <none> 3306/TCP 49s
service/mysql-primary-headless ClusterIP None <none> 3306/TCP 49s
service/mysql-secondary ClusterIP 10.103.62.103 <none> 3306/TCP 49s
service/mysql-secondary-headless ClusterIP None <none> 3306/TCP 49s
NAME READY AGE
statefulset.apps/mysql-primary 1/1 49s
statefulset.apps/mysql-secondary 1/1 49s
通过命令查看 资源 配置清单 通过模板渲染之后提供出来标准格式的Pod文件
helm get manifest mysql -n blog
#通过命令查看 资源 配置清单 通过模板渲染之后提供出来标准格式的Pod文件
[root@ca-k8s-master01 linux-amd64]# helm get manifest mysql -n blog
---
# Source: mysql/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: mysql
namespace: "blog"
labels:
app.kubernetes.io/instance: mysql
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: mysql
app.kubernetes.io/version: 8.0.36
helm.sh/chart: mysql-9.18.0
automountServiceAccountToken: false
secrets:
- name: mysql
---
# Source: mysql/templates/secrets.yaml
apiVersion: v1
kind: Secret
metadata:
name: mysql
namespace: "blog"
labels:
app.kubernetes.io/instance: mysql
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: mysql
app.kubernetes.io/version: 8.0.36
helm.sh/chart: mysql-9.18.0
type: Opaque
data:
mysql-root-password: "c2hlY2E="
mysql-password: "c2hlY2E="
mysql-replication-password: "cmVwbHBhc3M="
---
# Source: mysql/templates/primary/configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: mysql-primary
namespace: "blog"
labels:
app.kubernetes.io/instance: mysql
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: mysql
app.kubernetes.io/version: 8.0.36
helm.sh/chart: mysql-9.18.0
app.kubernetes.io/component: primary
data:
my.cnf: |-
[mysqld]
default_authentication_plugin=mysql_native_password
skip-name-resolve
explicit_defaults_for_timestamp
basedir=/opt/bitnami/mysql
plugin_dir=/opt/bitnami/mysql/lib/plugin
port=3306
socket=/opt/bitnami/mysql/tmp/mysql.sock
datadir=/bitnami/mysql/data
tmpdir=/opt/bitnami/mysql/tmp
max_allowed_packet=16M
bind-address=*
pid-file=/opt/bitnami/mysql/tmp/mysqld.pid
log-error=/opt/bitnami/mysql/logs/mysqld.log
character-set-server=UTF8
slow_query_log=0
long_query_time=10.0
[client]
port=3306
socket=/opt/bitnami/mysql/tmp/mysql.sock
default-character-set=UTF8
plugin_dir=/opt/bitnami/mysql/lib/plugin
[manager]
port=3306
socket=/opt/bitnami/mysql/tmp/mysql.sock
pid-file=/opt/bitnami/mysql/tmp/mysqld.pid
---
# Source: mysql/templates/secondary/configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: mysql-secondary
namespace: "blog"
labels:
app.kubernetes.io/instance: mysql
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: mysql
app.kubernetes.io/version: 8.0.36
helm.sh/chart: mysql-9.18.0
app.kubernetes.io/component: secondary
data:
my.cnf: |-
[mysqld]
default_authentication_plugin=mysql_native_password
skip-name-resolve
explicit_defaults_for_timestamp
basedir=/opt/bitnami/mysql
plugin_dir=/opt/bitnami/mysql/lib/plugin
port=3306
socket=/opt/bitnami/mysql/tmp/mysql.sock
datadir=/bitnami/mysql/data
tmpdir=/opt/bitnami/mysql/tmp
max_allowed_packet=16M
bind-address=*
pid-file=/opt/bitnami/mysql/tmp/mysqld.pid
log-error=/opt/bitnami/mysql/logs/mysqld.log
character-set-server=UTF8
slow_query_log=0
long_query_time=10.0
[client]
port=3306
socket=/opt/bitnami/mysql/tmp/mysql.sock
default-character-set=UTF8
plugin_dir=/opt/bitnami/mysql/lib/plugin
[manager]
port=3306
socket=/opt/bitnami/mysql/tmp/mysql.sock
pid-file=/opt/bitnami/mysql/tmp/mysqld.pid
---
# Source: mysql/templates/primary/svc-headless.yaml
apiVersion: v1
kind: Service
metadata:
name: mysql-primary-headless
namespace: "blog"
labels:
app.kubernetes.io/instance: mysql
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: mysql
app.kubernetes.io/version: 8.0.36
helm.sh/chart: mysql-9.18.0
app.kubernetes.io/component: primary
spec:
type: ClusterIP
clusterIP: None
publishNotReadyAddresses: true
ports:
- name: mysql
port: 3306
targetPort: mysql
selector:
app.kubernetes.io/instance: mysql
app.kubernetes.io/name: mysql
app.kubernetes.io/component: primary
---
# Source: mysql/templates/primary/svc.yaml
apiVersion: v1
kind: Service
metadata:
name: mysql-primary
namespace: "blog"
labels:
app.kubernetes.io/instance: mysql
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: mysql
app.kubernetes.io/version: 8.0.36
helm.sh/chart: mysql-9.18.0
app.kubernetes.io/component: primary
spec:
type: ClusterIP
sessionAffinity: None
ports:
- name: mysql
port: 3306
protocol: TCP
targetPort: mysql
nodePort: null
selector:
app.kubernetes.io/instance: mysql
app.kubernetes.io/name: mysql
app.kubernetes.io/component: primary
---
# Source: mysql/templates/secondary/svc-headless.yaml
apiVersion: v1
kind: Service
metadata:
name: mysql-secondary-headless
namespace: "blog"
labels:
app.kubernetes.io/instance: mysql
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: mysql
app.kubernetes.io/version: 8.0.36
helm.sh/chart: mysql-9.18.0
app.kubernetes.io/component: secondary
spec:
type: ClusterIP
clusterIP: None
publishNotReadyAddresses: true
ports:
- name: mysql
port: 3306
targetPort: mysql
selector:
app.kubernetes.io/instance: mysql
app.kubernetes.io/name: mysql
app.kubernetes.io/component: secondary
---
# Source: mysql/templates/secondary/svc.yaml
apiVersion: v1
kind: Service
metadata:
name: mysql-secondary
namespace: "blog"
labels:
app.kubernetes.io/instance: mysql
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: mysql
app.kubernetes.io/version: 8.0.36
helm.sh/chart: mysql-9.18.0
app.kubernetes.io/component: secondary
spec:
type: ClusterIP
sessionAffinity: None
ports:
- name: mysql
port: 3306
protocol: TCP
targetPort: mysql
nodePort: null
selector:
app.kubernetes.io/instance: mysql
app.kubernetes.io/name: mysql
app.kubernetes.io/component: secondary
---
# Source: mysql/templates/primary/statefulset.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: mysql-primary
namespace: "blog"
labels:
app.kubernetes.io/instance: mysql
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: mysql
app.kubernetes.io/version: 8.0.36
helm.sh/chart: mysql-9.18.0
app.kubernetes.io/component: primary
spec:
replicas: 1
podManagementPolicy: ""
selector:
matchLabels:
app.kubernetes.io/instance: mysql
app.kubernetes.io/name: mysql
app.kubernetes.io/component: primary
serviceName: mysql-primary
updateStrategy:
type: RollingUpdate
template:
metadata:
annotations:
checksum/configuration: ddee10c99bd3fa86703be4ce824e84eb2c889e7b3881d656dfa23fe61f22e877
labels:
app.kubernetes.io/instance: mysql
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: mysql
app.kubernetes.io/version: 8.0.36
helm.sh/chart: mysql-9.18.0
app.kubernetes.io/component: primary
spec:
serviceAccountName: mysql
automountServiceAccountToken: false
affinity:
podAffinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/instance: mysql
app.kubernetes.io/name: mysql
topologyKey: kubernetes.io/hostname
weight: 1
nodeAffinity:
securityContext:
fsGroup: 1001
fsGroupChangePolicy: Always
supplementalGroups: []
sysctls: []
initContainers:
containers:
- name: mysql
image: docker.io/bitnami/mysql:8.0.36-debian-11-r0
imagePullPolicy: "IfNotPresent"
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
runAsNonRoot: true
runAsUser: 1001
seLinuxOptions: {}
seccompProfile:
type: RuntimeDefault
env:
- name: BITNAMI_DEBUG
value: "false"
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mysql
key: mysql-root-password
- name: MYSQL_USER
value: "wpuser"
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
name: mysql
key: mysql-password
- name: MYSQL_DATABASE
value: "wpdb"
- name: MYSQL_REPLICATION_MODE
value: "master"
- name: MYSQL_REPLICATION_USER
value: "replicator"
- name: MYSQL_REPLICATION_PASSWORD
valueFrom:
secretKeyRef:
name: mysql
key: mysql-replication-password
envFrom:
ports:
- name: mysql
containerPort: 3306
livenessProbe:
failureThreshold: 3
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
exec:
command:
- /bin/bash
- -ec
- |
password_aux="${MYSQL_ROOT_PASSWORD:-}"
if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then
password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE")
fi
mysqladmin status -uroot -p"${password_aux}"
readinessProbe:
failureThreshold: 3
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
exec:
command:
- /bin/bash
- -ec
- |
password_aux="${MYSQL_ROOT_PASSWORD:-}"
if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then
password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE")
fi
mysqladmin status -uroot -p"${password_aux}"
startupProbe:
failureThreshold: 10
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
exec:
command:
- /bin/bash
- -ec
- |
password_aux="${MYSQL_ROOT_PASSWORD:-}"
if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then
password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE")
fi
mysqladmin status -uroot -p"${password_aux}"
resources:
limits: {}
requests: {}
volumeMounts:
- name: data
mountPath: /bitnami/mysql
- name: config
mountPath: /opt/bitnami/mysql/conf/my.cnf
subPath: my.cnf
volumes:
- name: config
configMap:
name: mysql-primary
volumeClaimTemplates:
- metadata:
name: data
labels:
app.kubernetes.io/instance: mysql
app.kubernetes.io/name: mysql
app.kubernetes.io/component: primary
spec:
accessModes:
- "ReadWriteOnce"
resources:
requests:
storage: "8Gi"
storageClassName: nfs-csi
---
# Source: mysql/templates/secondary/statefulset.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: mysql-secondary
namespace: "blog"
labels:
app.kubernetes.io/instance: mysql
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: mysql
app.kubernetes.io/version: 8.0.36
helm.sh/chart: mysql-9.18.0
app.kubernetes.io/component: secondary
spec:
replicas: 1
podManagementPolicy: ""
selector:
matchLabels:
app.kubernetes.io/instance: mysql
app.kubernetes.io/name: mysql
app.kubernetes.io/component: secondary
serviceName: mysql-secondary
updateStrategy:
type: RollingUpdate
template:
metadata:
annotations:
checksum/configuration: 20ce71c7f9482c92418cf479d03a596127c55953ee23ed5155772f7acfbcd97e
labels:
app.kubernetes.io/instance: mysql
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: mysql
app.kubernetes.io/version: 8.0.36
helm.sh/chart: mysql-9.18.0
app.kubernetes.io/component: secondary
spec:
serviceAccountName: mysql
automountServiceAccountToken: false
affinity:
podAffinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/instance: mysql
app.kubernetes.io/name: mysql
topologyKey: kubernetes.io/hostname
weight: 1
nodeAffinity:
securityContext:
fsGroup: 1001
fsGroupChangePolicy: Always
supplementalGroups: []
sysctls: []
initContainers:
containers:
- name: mysql
image: docker.io/bitnami/mysql:8.0.36-debian-11-r0
imagePullPolicy: "IfNotPresent"
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
runAsNonRoot: true
runAsUser: 1001
seLinuxOptions: {}
seccompProfile:
type: RuntimeDefault
env:
- name: BITNAMI_DEBUG
value: "false"
- name: MYSQL_REPLICATION_MODE
value: "slave"
- name: MYSQL_MASTER_HOST
value: mysql-primary
- name: MYSQL_MASTER_PORT_NUMBER
value: "3306"
- name: MYSQL_MASTER_ROOT_USER
value: "root"
- name: MYSQL_REPLICATION_USER
value: "replicator"
- name: MYSQL_MASTER_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mysql
key: mysql-root-password
- name: MYSQL_REPLICATION_PASSWORD
valueFrom:
secretKeyRef:
name: mysql
key: mysql-replication-password
envFrom:
ports:
- name: mysql
containerPort: 3306
livenessProbe:
failureThreshold: 3
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
exec:
command:
- /bin/bash
- -ec
- |
password_aux="${MYSQL_MASTER_ROOT_PASSWORD:-}"
if [[ -f "${MYSQL_MASTER_ROOT_PASSWORD_FILE:-}" ]]; then
password_aux=$(cat "$MYSQL_MASTER_ROOT_PASSWORD_FILE")
fi
mysqladmin status -uroot -p"${password_aux}"
readinessProbe:
failureThreshold: 3
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
exec:
command:
- /bin/bash
- -ec
- |
password_aux="${MYSQL_MASTER_ROOT_PASSWORD:-}"
if [[ -f "${MYSQL_MASTER_ROOT_PASSWORD_FILE:-}" ]]; then
password_aux=$(cat "$MYSQL_MASTER_ROOT_PASSWORD_FILE")
fi
mysqladmin status -uroot -p"${password_aux}"
startupProbe:
failureThreshold: 15
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
exec:
command:
- /bin/bash
- -ec
- |
password_aux="${MYSQL_MASTER_ROOT_PASSWORD:-}"
if [[ -f "${MYSQL_MASTER_ROOT_PASSWORD_FILE:-}" ]]; then
password_aux=$(cat "$MYSQL_MASTER_ROOT_PASSWORD_FILE")
fi
mysqladmin status -uroot -p"${password_aux}"
resources:
limits: {}
requests: {}
volumeMounts:
- name: data
mountPath: /bitnami/mysql
- name: config
mountPath: /opt/bitnami/mysql/conf/my.cnf
subPath: my.cnf
volumes:
- name: config
configMap:
name: mysql-secondary
volumeClaimTemplates:
- metadata:
name: data
labels:
app.kubernetes.io/instance: mysql
app.kubernetes.io/name: mysql
app.kubernetes.io/component: secondary
spec:
accessModes:
- "ReadWriteOnce"
resources:
requests:
storage: "8Gi"
storageClassName: nfs-csi
部署WordPress-基于dockerhub上的oci仓库部署
#Ingress 发布
helm install wordpress \
--set mariadb.enabled=false \
--set externalDatabase.host=mysql-primary.blog.svc.cluster.local \
--set externalDatabase.user=wpuser \
--set externalDatabase.password='sheca' \
--set externalDatabase.database=wpdb \
--set externalDatabase.port=3306 \
--set persistence.storageClass=nfs-csi \
--set ingress.enabled=true \
--set ingress.ingressClassName=nginx \
--set ingress.hostname=blog.magedu.com \
--set ingress.pathType=Prefix \
--set wordpressUsername=admin \
--set wordpressPassword='sheca' \
oci://registry-1.docker.io/bitnamicharts/wordpress \
-n blog --create-namespace
#Nodeport 发布
[root@ca-k8s-master01 linux-amd64]# helm install wordpress \
> --set mariadb.enabled=false \
> --set externalDatabase.host=mysql-primary.blog.svc.cluster.local \
> --set externalDatabase.user=wpuser \
> --set externalDatabase.password='sheca' \
> --set externalDatabase.database=wpdb \
> --set externalDatabase.port=3306 \
> --set persistence.storageClass=nfs-csi \
> --set service.type=NodePort \
> --set wordpressUsername=admin \
> --set wordpressPassword='sheca' \
> oci://registry-1.docker.io/bitnamicharts/wordpress \
> -n blog --create-namespace
Pulled: registry-1.docker.io/bitnamicharts/wordpress:19.2.1
Digest: sha256:d26042c8b4e3439885261b2b290a864e19f39694b29d57874c78a5951533e3ea
NAME: wordpress
LAST DEPLOYED: Thu Jan 25 22:13:55 2024
NAMESPACE: blog
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
CHART NAME: wordpress
CHART VERSION: 19.2.1
APP VERSION: 6.4.2
** Please be patient while the chart is being deployed **
Your WordPress site can be accessed through the following DNS name from within your cluster:
wordpress.blog.svc.cluster.local (port 80)
To access your WordPress site from outside the cluster follow the steps below:
1. Get the WordPress URL by running these commands:
export NODE_PORT=$(kubectl get --namespace blog -o jsonpath="{.spec.ports[0].nodePort}" services wordpress)
export NODE_IP=$(kubectl get nodes --namespace blog -o jsonpath="{.items[0].status.addresses[0].address}")
echo "WordPress URL: http://$NODE_IP:$NODE_PORT/"
echo "WordPress Admin URL: http://$NODE_IP:$NODE_PORT/admin"
2. Open a browser and access WordPress using the obtained URL.
3. Login with the following credentials below to see your blog:
echo Username: admin
echo Password: $(kubectl get secret --namespace blog wordpress -o jsonpath="{.data.wordpress-password}" | base64 -d)
[root@ca-k8s-master01 linux-amd64]# kubectl get svc -n blog
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
mysql-primary ClusterIP 10.100.55.97 <none> 3306/TCP 39m
mysql-primary-headless ClusterIP None <none> 3306/TCP 39m
mysql-secondary ClusterIP 10.103.62.103 <none> 3306/TCP 39m
mysql-secondary-headless ClusterIP None <none> 3306/TCP 39m
wordpress NodePort 10.104.17.238 <none> 80:31972/TCP,443:31722/TCP 6s
[root@ca-k8s-master01 linux-amd64]# kubectl get pods -n blog
NAME READY STATUS RESTARTS AGE
mysql-client 1/1 Running 0 71m
mysql-primary-0 1/1 Running 0 40m
mysql-secondary-0 1/1 Running 0 40m
wordpress-7958cb8b4-6vf8b 1/1 Running 0 48s
#https://192.168.40.120:31722/
#https://192.168.40.120:31722/wp-login.php
![]()
![]()
![]()
Harbor
#首先,运行如下命令,添加harbor的Chart仓库。
[root@ca-k8s-master01 linux-amd64]# helm repo add harbor https://helm.goharbor.io
[root@ca-k8s-master01 linux-amd64]# helm repo list
NAME URL
harbor https://helm.goharbor.io
[root@ca-k8s-master01 linux-amd64]# helm repo update
Hang tight while we grab the latest from your chart repositories...
...Successfully got an update from the "harbor" chart repository
Update Complete. ⎈Happy Helming!⎈
[root@ca-k8s-master01 linux-amd64]# helm search repo harbor
NAME CHART VERSION APP VERSION DESCRIPTION
harbor/harbor 1.14.0 2.10.0 An open source trusted cloud native registry th...
#而后,创建用于部署Harbor的名称空间,例如harbor。
kubectl create namespace harbor
#最后,运行如下命令,基于该仓库中的值文件“harbor-values.yaml”即可部署Harbor。
#使用Nodeport 方式 需要加 expose.tls.auto.commonName
#expose.tls.auto.commonName The common name used to generate the certificate, it's necessary when the type isn't ingress
[root@ca-k8s-master01 helm]# cat harbor-values.yml
expose:
type: ingress
tls:
enabled: true
certSource: auto
ingress:
hosts:
core: registry.magedu.com
notary: notary.magedu.com
controller: default
annotations:
kubernetes.io/ingress.class: "nginx"
ipFamily:
ipv4:
enabled: true
ipv6:
enabled: false
externalURL: https://registry.magedu.com
# 持久化存储配置部分
persistence:
enabled: true
resourcePolicy: "keep"
persistentVolumeClaim: # 定义Harbor各个组件的PVC持久卷
registry: # registry组件(持久卷)
storageClass: "nfs-csi" # 前面创建的StorageClass,其它组件同样配置
accessMode: ReadWriteMany # 卷的访问模式,需要修改为ReadWriteMany
size: 5Gi
chartmuseum: # chartmuseum组件(持久卷)
storageClass: "nfs-csi"
accessMode: ReadWriteMany
size: 5Gi
jobservice:
jobLog:
storageClass: "nfs-csi"
accessMode: ReadWriteOnce
size: 1Gi
#scanDataExports:
# storageClass: "nfs-csi"
# accessMode: ReadWriteOnce
# size: 1Gi
database: # PostgreSQl数据库组件
storageClass: "nfs-csi"
accessMode: ReadWriteMany
size: 2Gi
redis: # Redis缓存组件
storageClass: "nfs-csi"
accessMode: ReadWriteMany
size: 2Gi
trivy: # Trity漏洞扫描
storageClass: "nfs-csi"
accessMode: ReadWriteMany
size: 5Gi
harborAdminPassword: "sheca"
[root@ca-k8s-master01 helm]# helm install harbor -f harbor-values.yaml harbor/harbor -n harbor
NAME: harbor
LAST DEPLOYED: Thu Jan 25 22:45:32 2024
NAMESPACE: harbor
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
Please wait for several minutes for Harbor deployment to complete.
Then you should be able to visit the Harbor portal at https://registry.magedu.com
For more details, please visit https://github.com/goharbor/harbor
浙公网安备 33010602011771号