备忘记录-20240404.构建服务的k8s资源清单
导读
记录一次搭建服务的成果
框架
graph TB
C(Client) --> ig(ingress)
ig --> np((nginx-php\nservice))
ig --> tc((tomcat\nservice))
np --> ng1(nginx)
np --> ng2(nginx)
ng2 -..-> ps((php\nservice))
ng1 -..-> ps
ps --> p1(PHP)
ps --> p2(PHP)
ps --> p3(PHP)
tc --> t1(tomcat)
tc --> t2(tomcat)
tc --> t3(tomcat)
ng1 -..-NFS
ng2 -..-NFS
p1 -..- NFS
p2 -..- NFS
p3 -..- NFS
t1 -..- NFS
t2 -..- NFS
t3 -..- NFS
style p2 stroke-dasharray: 5 5;
style p3 stroke-dasharray: 5 5;
style t2 stroke-dasharray: 5 5;
style t3 stroke-dasharray: 5 5;
资源清单
---
# www.conf
# php-fpm 服务的配置文件
apiVersion: v1
kind: ConfigMap
metadata:
name: php2listen
data:
www.conf: |
[www]
user = nobody
group = nobody
listen = 0.0.0.0:9000
pm = ondemand
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
pm.status_path = /status
slowlog = /var/log/php-fpm/www-slow.log
php_admin_value[error_log] = /var/log/php-fpm/www-error.log
php_admin_flag[log_errors] = on
php_value[session.save_handler] = files
php_value[session.save_path] = /var/lib/php/session
php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache
# end www.conf
# deleted `listen.acl_users=`, `listen.allowed_clients=`
# changed `listen=`
---
# nginx.conf
# nging的配置文件
apiVersion: v1
kind: ConfigMap
metadata:
name: nginx2php
data:
nginx.conf: |
worker_processes auto;
worker_cpu_affinity auto;
worker_rlimit_nofile 4096;
error_log /dev/stdout warn;
events {
use epoll;
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name localhost;
location / {
root html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location ~ \.php$ {
root html;
fastcgi_pass 10.245.1.81:9000; # php-fpm服务的地址
fastcgi_index index.php;
include fastcgi.conf;
}
}
}
# end nginx.conf
# changed location ~ \.php$ {...
---
## nginx service
kind: Service
apiVersion: v1
metadata:
name: nginxservice
spec:
type: NodePort
selector: { run: nginx, app: web }
ports:
- { protocol: TCP, port: 80, targetPort: 80 , nodePort: 31080}
# nodePort指定NodePort服务映射的节点端口,端口在30000-32767,一般不需要手动指定
---
## nginx deployment
kind: Deployment
apiVersion: apps/v1
metadata:
name: webnginx
spec:
replicas: 2
selector:
matchLabels: { run: nginx, app: web }
template:
metadata:
labels: { run: nginx, app: web }
spec:
volumes:
- name: website # 卷名称
nfs: # NFS 资源类型
server: 192.168.1.231 # NFS 服务器地址
path: /var/webroot # NFS 共享目录
- name: nginx2php
configMap:
name: nginx2php
restartPolicy: Always
containers:
- name: webnginx
image: "myos:nginx"
volumeMounts:
- name: website # 卷名称
mountPath: /usr/local/nginx/html # 路径
- name: nginx2php
subPath: nginx.conf
mountPath: /usr/local/nginx/conf/nginx.conf
---
# php
## php service
kind: Service
apiVersion: v1
metadata:
name: phpservice
spec:
type: ClusterIP
clusterIP: 10.245.1.81
selector: { run: php, app: web }
ports:
- { protocol: TCP, port: 9000, targetPort: 9000 }
---
## php deployment
kind: Deployment
apiVersion: apps/v1
metadata:
name: webphp
spec:
replicas: 1
selector:
matchLabels: { run: php, app: web }
template:
metadata:
labels: { run: php, app: web }
spec:
restartPolicy: Always
volumes:
- name: website # 卷名称
nfs: # NFS 资源类型
server: 192.168.1.231 # NFS 服务器地址
path: /var/webroot # NFS 共享目录
- name: php2listen
configMap:
name: php2listen
containers:
- name: phpfpm
image: myos:php-fpm
imagePullPolicy: Always
volumeMounts:
- name: website # 卷名称
mountPath: /usr/local/nginx/html # 路径
- name: php2listen
subPath: www.conf
mountPath: /etc/php-fpm.d/www.conf
resources:
requests:
cpu: 150m
---
## hpa for php 1~3
kind: HorizontalPodAutoscaler
apiVersion: autoscaling/v1
metadata:
name: php-hpa
spec:
minReplicas: 1
maxReplicas: 3
targetCPUUtilizationPercentage: 100
scaleTargetRef:
kind: Deployment
apiVersion: apps/v1
name: webphp
---
# tomcat
## tomcat service
kind: Service
apiVersion: v1
metadata:
name: tomcatservice
spec:
type: NodePort
selector: { run: tomcat, app: web }
ports:
- { protocol: TCP, port: 8080, targetPort: 8080, nodePort: 31088 }
---
## tomcat deployment
# tomcat:latest
kind: Deployment
apiVersion: apps/v1
metadata:
name: webtomcat
spec:
replicas: 1 # 因为随后会设置hpa动态调整pod数量,这里设置为1
selector:
matchLabels: { run: tomcat, app: web }
template:
metadata:
labels: { run: tomcat, app: web }
spec:
restartPolicy: Always
volumes:
- name: website # 卷名称
nfs: # NFS 资源类型
server: 192.168.1.231 # NFS 服务器地址
path: /var/webroot/ROOT # NFS 共享目录
containers:
- name: webtomcat
image: harbor:443/k8s/tomcat:latest
imagePullPolicy: Always
volumeMounts:
- name: website
mountPath: /usr/local/tomcat/webapps/ROOT
resources:
requests:
cpu: 200m # 指定最低需求是为了hpa的警戒线
---
## hpa for tomcat 1~3
kind: HorizontalPodAutoscaler
apiVersion: autoscaling/v1
metadata:
name: tomcat-hpa
spec:
minReplicas: 1
maxReplicas: 3
targetCPUUtilizationPercentage: 100 # 达到最低需求的100%则增加pod
scaleTargetRef:
kind: Deployment
apiVersion: apps/v1
name: webtomcat
---
# ingress
## jsp for tomcat
kind: Ingress
apiVersion: networking.k8s.io/v1
metadata:
name: mying
spec:
ingressClassName: nginx
rules:
- host: www.test.com
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: nginxservice
port:
number: 80
- pathType: Prefix
path: "/*.jsp" # jsp结尾的文件用tomcat服务
backend:
service:
name: tomcatservice
port:
number: 8080
浙公网安备 33010602011771号