kubernetes部署Discuz
本文将介绍在kubernetes环境中部署一套php应用系统。前端web采用nginx、中间件php以fastcgi的方式运行,后台数据库由mysql提供支撑。
各服务组件之间的调用采用dns解析服务名的方式进行,数据库/应用包/配置文件使用nfs做后端存储,注:k8s版本v1.19.0
一、安装NFS
由于服务器有限,计划NFS服务端安装在k8s-master节点,NFS客户端安装在k8s-node节点
1)所有机器操作
# 所需安装包 yum install nfs-utils rpcbind -y
2)创建web和DB目录
##/nfsdata/k8s下的两个目录用于集群中运行LNMP环境存放的数据,web目录为nginx网站的根目录,DB为数据库存放的数据目录
[root@k8s-master ~]# mkdir -p /nfsdata/k8s/{web,db} [root@k8s-master ~]# chown -R nfsnobody.nfsnobody /nfsdata/ [root@k8s-master ~]# vim /etc/exports /nfsdata/k8s 10.3.104.0/21(sync,rw,no_root_squash) ### 启动NFS服务 [root@k8s-master ~]# systemctl start rpcbind.service [root@k8s-master ~]# systemctl start nfs.service ### 检查NFS服务 , 其中 10.3.104.51 为服务端IP [root@k8s-master ~]# showmount -e 10.3.104.51 Export list for 10.3.104.51: /nfsdata/k8s 10.3.104.0/21
3)NFS客户端验证
在k8s-node1机器验证
# rpcbind服务启动并加入开机自启动 [root@k8s-node1 ~]# systemctl start rpcbind.service && systemctl enable rpcbind.service # 查看NFS服务信息 [root@k8s-node1 ~]# showmount -e 10.3.104.51 Export list for 10.3.104.51: /nfsdata/k8s 10.3.104.0/21 # 挂载,并进行读写验证 [root@k8s-node1 ~]# mount -t nfs 10.3.104.51:/nfsdata/k8s /mnt [root@k8s-node1 ~]# df -h | grep mnt 10.3.104.51:/nfsdata/k8s 40G 13G 25G 34% /mnt # 验证完毕,去掉NFS挂载 [root@k8s-node1 ~]# umount -lf 10.3.104.51:/nfsdata/k8s
二、安装Mysql服务
1)创建存放mysql服务的yaml文件目录
[root@k8s-master ~]# mkdir -p /home/k8s/lnmp/mysql
2)创建secret,将mysql数据库的密码存放到secret中
[root@k8s-master mysql]# kubectl create secret generic mysql-pass --from-literal=password=abc123
3)创建mysql-pv
[root@k8s-master mysql]# vim mysql-pv.yaml apiVersion: v1 kind: PersistentVolume metadata: name: mysql-pv spec: capacity: storage: 10Gi accessModes: - ReadWriteMany nfs: path: /nfsdata/k8s/db ##该参数指定你的NFS端的共享目录 server: 10.3.104.51 ##指定nfs端的IP [root@k8s-master mysql]# kubectl create -f mysql-pv.yaml persistentvolume/mysql-pv created
4)创建mysql-pvc
[root@k8s-master mysql]# vim mysql-pvc.yaml apiVersion: v1 kind: PersistentVolumeClaim metadata: name: mysql-claim labels: app: discuz spec: accessModes: - ReadWriteMany resources: requests: storage: 10Gi [root@k8s-master mysql]# kubectl create -f mysql-pvc.yaml persistentvolumeclaim/mysql-claim created
5)查看pv,pvc信息
##下面可以看出状态Bound(绑定)正常,pv中的CLAIM列绑定的信息为pvc定义的name,pvc中VOLUME列的信息显示绑定了mysql-pv的name
[root@k8s-master mysql]# kubectl get pv,pvc NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE persistentvolume/mysql-pv 10Gi RWX Retain Bound default/mysql-claim 71s NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE persistentvolumeclaim/mysql-claim Bound mysql-pv 10Gi RWX 15s
6)创建mysql-deploy
[root@k8s-master mysql]# vim mysql-dp.yaml apiVersion: apps/v1 kind: Deployment metadata: name: dz-mysql labels: app: discuz spec: selector: matchLabels: app: discuz tier: mysql strategy: type: Recreate template: metadata: labels: app: discuz tier: mysql spec: imagePullSecrets: - name: my-secret containers: - image: mysql:5.7 ##此处指定你的harbor需要拉取的镜像,我这里是直接线上拉取了 name: mysql env: - name: MYSQL_ROOT_PASSWORD valueFrom: secretKeyRef: name: mysql-pass ##此模块是调用secret中存放的mysql密码 key: password ports: - containerPort: 3306 name: dz-mysql volumeMounts: - name: mysql-persistent-storage mountPath: /var/lib/mysql volumes: - name: mysql-persistent-storage persistentVolumeClaim: ##此模块参数调用定义创建的pvc名称 claimName: mysql-claim [root@k8s-master mysql]# kubectl create -f mysql-dp.yaml deployment.apps/dz-mysql created
7)创建mysql-service
[root@k8s-master mysql]# vim mysql-svc.yaml apiVersion: v1 kind: Service metadata: name: dz-mysql labels: app: discuz spec: ports: - port: 3306 selector: app: discuz tier: mysql [root@k8s-master mysql]# kubectl create -f mysql-svc.yaml service/dz-mysql created
8)查看mysql服务的pod和svc信息
##下面信息可以看出,dz-mysql状态Running(运行)正常,分配的cluster-ip=10.98.13.175,该IP在集群中可以访问,外部无法访问该IP
[root@k8s-master mysql]# kubectl get pod,svc -o wide | grep mysql pod/dz-mysql-79cd646bf7-fxnbf 1/1 Running 0 4d19h 10.244.1.62 k8s-node1 <none> <none> service/dz-mysql ClusterIP 10.98.13.175 <none> 3306/TCP 4d19h app=discuz,tier=mysql
三、安装php-fm
1)创建存放php-fm服务的yaml文件目录
[root@k8s-master ~]# mkdir -p /home/k8s/lnmp/php-fm
2)创建php-pv
[root@master php-fm]# vim php-pv.yaml apiVersion: v1 kind: PersistentVolume metadata: name: web-pv spec: capacity: storage: 10Gi accessModes: - ReadWriteMany nfs: path: /nfsdata/k8s/web server: 10.3.104.51 [root@master php-fm]# kubectl create -f php-pv.yaml persistentvolume/web-pv created
3)创建php-pvc
[root@master php-fm]# vim php-pvc.yaml apiVersion: v1 kind: PersistentVolumeClaim metadata: name: web-claim labels: app: discuz spec: accessModes: - ReadWriteMany resources: requests: storage: 10Gi [root@master php-fm]# kubectl create -f php-pvc.yaml persistentvolumeclaim/web-claim created
4)查看pv,pvc绑定状态
[root@master php-fm]# kubectl get pv,pvc NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE persistentvolume/mysql-pv 10Gi RWX Retain Bound default/mysql-claim 34m persistentvolume/web-pv 10Gi RWX Retain Bound default/web-claim 114s NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE persistentvolumeclaim/mysql-claim Bound mysql-pv 10Gi RWX 33m persistentvolumeclaim/web-claim Bound web-pv 10Gi RWX 108s
5)通过dockerfile创建php镜像文件
[root@k8s-master php-fm]# cat dockerfile FROM docker.io/openshift/base-centos7:latest MAINTAINER feiyu "akwangj@126.com" RUN yum makecache RUN yum -y install php-fpm php php-gd php-mysql php-mbstring php-xml php-mcrypt php-imap php-odbc php-pear php-xmlrpc RUN sed -i 's/listen = 127.0.0.1:9000/listen = 0.0.0.0:9000/' /etc/php-fpm.d/www.conf RUN sed -i 's/listen.allowed_clients = 127.0.0.1/;listen.allowed_clients = 127.0.0.1/' /etc/php-fpm.d/www.conf EXPOSE 9000 CMD ["/sbin/php-fpm"] [root@k8s-master php-fm]# docker build -t php:0.1 .
6)部署php-deploy
[root@k8s-master php-fm]# cat php-dp.yaml apiVersion: apps/v1 kind: Deployment metadata: name: dz-php labels: app: discuz spec: replicas: 1 selector: matchLabels: app: discuz tier: php-fm template: metadata: labels: app: discuz tier: php-fm spec: imagePullSecrets: - name: my-secret containers: - name: dz-php image: php:0.1 ## 如果harbor仓库有填仓库地址,如果没harbor仓库,每个Node都制作下该镜像 imagePullPolicy: IfNotPresent ports: - containerPort: 9000 volumeMounts: - name: php-persistent-storage mountPath: /var/www/html/ volumes: - name: php-persistent-storage persistentVolumeClaim: claimName: web-claim [root@master php-fm]# kubectl create -f php-dp.yaml deployment.apps/dz-web created
7)部署php-svc
[root@k8s-master php-fm]# cat php-svc.yaml apiVersion: v1 kind: Service metadata: name: php labels: app: discuz spec: ports: - name: php port: 9000 protocol: TCP targetPort: 9000 selector: app: discuz tier: php-fm [root@k8s-master php-fm]# kubectl create -f php-svc.yaml service/dz-web created
8)查看php的pod,svc信息
[root@k8s-master php-fm]# kubectl get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE dz-mysql ClusterIP 10.98.13.175 <none> 3306/TCP 4d20h php ClusterIP 10.110.59.41 <none> 9000/TCP 4s [root@k8s-master php-fm]# kubectl get pod,svc NAME READY STATUS RESTARTS AGE pod/dz-mysql-79cd646bf7-fxnbf 1/1 Running 0 4d20h pod/dz-php-857b6bdf68-kt6lt 1/1 Running 0 101s NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/dz-mysql ClusterIP 10.98.13.175 <none> 3306/TCP 4d20h service/php ClusterIP 10.110.59.41 <none> 9000/TCP 36s
四、安装nginx
1)创建存放php-fm服务的yaml文件目录
[root@k8s-master ~]# mkdir -p /home/k8s/lnmp/nginx
2)部署nginx.conf(以configmap形式存储)
[root@k8s-master nginx]# cat nginx-configmap.yaml apiVersion: v1 kind: ConfigMap metadata: name: nginx-configmap data: nginx_conf: |- worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; server { listen 80; server_name localhost; location / { root /usr/share/nginx/html; autoindex on; index index.php index.html index.htm; } error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } location ~ \.php$ { root /var/www/html; fastcgi_pass php:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /var/www/html/$fastcgi_script_name; include fastcgi_params; } } } [root@k8s-master nginx]# kubectl apply -f nginx-configmap.yaml configmap/nginx-configmap created [root@k8s-master nginx]# kubectl get cm NAME DATA AGE nginx-configmap 1 7s
3)部署nginx-deploy
[root@k8s-master nginx]# cat nginx-deploy.yaml apiVersion: apps/v1 kind: Deployment metadata: name: nginx-php spec: selector: matchLabels: app: nginx-php replicas: 1 template: metadata: labels: app: nginx-php spec: containers: - name: nginx-php image: nginx:latest ## 在线拉取了最新nginx镜像 ports: - containerPort: 80 volumeMounts: - name: nginx-data mountPath: /usr/share/nginx/html - name: nginx-conf mountPath: /etc/nginx/nginx.conf subPath: nginx.conf volumes: - name: nginx-data persistentVolumeClaim: claimName: web-claim ##将nfsdata/k8s/web映射到/usr/share/nginx/html目录 - name: nginx-conf configMap: name: nginx-configmap ## 将nginx-cofigmap映射到/etc/nginx/nginx.conf items: - key: nginx_conf path: nginx.conf
4)部署nginx-svc
[root@k8s-master nginx]# cat nginx-svc.yaml apiVersion: v1 kind: Service metadata: name: nginx-php spec: type: NodePort ports: - name: nginx port: 80 protocol: TCP targetPort: 80 nodePort: 30004 selector: app: nginx-php [root@k8s-master nginx]# kubectl apply -f nginx-svc.yaml service/nginx-php created
5)查看nginx的pod,svc信息
[root@k8s-master nginx]# kubectl get pod,svc NAME READY STATUS RESTARTS AGE pod/dz-mysql-79cd646bf7-fxnbf 1/1 Running 0 4d21h pod/dz-php-857b6bdf68-kt6lt 1/1 Running 0 13m pod/nfs-client-provisioner-677fc9c97c-9cj92 1/1 Running 2 93d NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/dz-mysql ClusterIP 10.98.13.175 <none> 3306/TCP 4d21h service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 100d service/nginx-php NodePort 10.97.61.182 <none> 80:30004/TCP 28s service/php ClusterIP 10.110.59.41 <none> 9000/TCP 12m
五、安装Discuz【NFS上操作】
1)下载Discuz
[root@k8s-master ~]# cd /data/ [root@k8s-master data]# git clone https://gitee.com/ComsenzDiscuz/DiscuzX.git 正克隆到 'DiscuzX'... remote: Counting objects: 9085, done. remote: Compressing objects: 100% (5400/5400), done. remote: Total 9085 (delta 3895), reused 8535 (delta 3632) 接收对象中: 100% (9085/9085), 12.96 MiB | 166.00 KiB/s, done. 处理 delta 中: 100% (3895/3895), done.
2)将Discuz项目中upload目录下所有文件,放到web中
[root@k8s-master data]# mv DiscuzX/upload/* /nfsdata/k8s/web/ [root@k8s-master data]# cd /nfsdata/k8s/web/ [root@k8s-master web]# chmod 100 data uc_server/data uc_client/data config
3)进入mysql,创建dz库和授权用户
[root@k8s-master ~]# kubectl exec -it dz-mysql-787586b8d6-9kl5b -- mysql -u root -p Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 4 Server version: 5.7.28 MySQL Community Server (GPL) Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> create database dz; Query OK, 1 row affected (0.19 sec) mysql> grant all on dz.* to 'dz'@'%' identified by 'abc123'; Query OK, 0 rows affected, 1 warning (0.11 sec
4)浏览器访问web安装页面
补充:通过ingress访问,可参考:https://www.cnblogs.com/wuxinchun/p/15239536.html
1)ingress资源文件
[root@k8s-master php]# cat ingress-http.yaml apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: name: nginx-http namespace: default spec: rules: - host: www.cuztest.com http: paths: - path: / backend: serviceName: nginx-php servicePort: 80 [root@k8s-master php]# kubectl apply -f ingress-http.yaml Warning: networking.k8s.io/v1beta1 Ingress is deprecated in v1.19+, unavailable in v1.22+; use networking.k8s.io/v1 Ingress ingress.networking.k8s.io/nginx-http created [root@k8s-master php]# kubectl get ingress Warning: extensions/v1beta1 Ingress is deprecated in v1.14+, unavailable in v1.22+; use networking.k8s.io/v1 Ingress NAME CLASS HOSTS ADDRESS PORTS AGE nginx-http <none> www.cuztest.com 80 15s
2)本地hosts添加域名解析
3)域名访问http://www.cuztest.com/
注:上述代表ingress通过域名代理访问成功
作者:杰宏唯一
本文版权归作者和博客园共有,欢迎转载,但未经作者同意必须保留此段声明,且在文章页面明显位置给出原文连接,否则保留追究法律责任的权利.
浙公网安备 33010602011771号