wordpress综合练习
## wordpress 要运行在k8s中
## MySQL
1.名称空间: blog
2.镜像mysql:5.7
3.环境变量
- root密码:123
- 数据库:wordpress
- 用户:wordpress
- 参数:字符集
4.数据持久化:在宿主机的/data/mysql/data
## mysql-svc需求
名称空间:blog
## wordpress需求
副本数为2
镜像:自己打(有坑),或者官方
数据库地址:cluster ip
数据库名称:wordpress
用户:wordpress
******** 使用NFS持久化数据,宿主机:/data/wordpress/data
1.创建 blog名称空间
kubectl create namespace blog
2.编写mysql的资源清单
vim mysql-dp.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-dp
namespace: blog
spec:
replicas: 1
selector:
matchLabels:
app: mysql
template:
metadata:
name: my-pod
labels:
app: mysql
spec:
volumes:
- name: hp
hostPath:
path: /data/mysql/data/
containers:
- name: mysql57
image: mysql:5.7
imagePullPolicy: IfNotPresent
env:
- name: MYSQL_ROOT_PASSWORD
value: "123"
- name: MYSQL_DATABASE
value: "wordpress"
- name: MYSQL_USER
value: "wordpress"
- name: MYSQL_PASSWORD
value: "123"
volumeMounts:
- name: hp
mountPath: /var/lib/mysql
args:
- --character-set-server=utf8
- --collation-server=utf8_bin
vim mysql-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: mysql-svc
namespace: blog
spec:
selector:
app: mysql
ports:
- port: 3306
targetPort: 3306
type: ClusterIP
3.编写worpress资源清单
vim wp-dp.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: wp-dp
namespace: blog
spec:
replicas: 2
selector:
matchLabels:
app: wp
template:
metadata:
name: wp-pod
labels:
app: wp
spec:
volumes:
- name: nfs-volume
nfs:
server: 172.16.1.31
path: /data/wordpress/data/
containers:
- name: wordpress
image: wordpress:latest
imagePullPolicy: IfNotPresent
volumeMounts:
- name: nfs-volume
mountPath: /var/www/html/
env:
- name: WORDPRESS_DB_HOST
value: 'mysql-svc'
- name: WORDPRESS_DB_NAME
value: 'wordpress'
- name: WORDPRESS_DB_USER
value: 'wordpress'
- name: WORDPRESS_DB_PASSWORD
value: '123'
vim wp-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: wp-svc
namespace: blog
spec:
selector:
app: wp
ports:
- port: 80
targetPort: 80
type: ClusterIP
4.编写WordPress的Ingress
vim wp-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: wp-ingress
namespace: blog
spec:
rules:
- host: www.mywp.com
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: wp-svc
port:
number: 80
5.配置nfs
[root@nfs ~]# cat /etc/exports
/data/wordpress/data/ *(rw,sync,no_root_squash)
启动h5小游戏 ingress
1.编写资源清单
vim game_dp.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: game-dp
spec:
replicas: 1
selector:
matchLabels:
app: game
template:
metadata:
name: game-pod
labels:
app: game
spec:
nodeName: node-2
volumes:
- name: hp
hostPath:
path: /data/h5_games/h5_games
containers:
- name: game
image: nginx:alpine
imagePullPolicy: IfNotPresent
volumeMounts:
- name: hp
mountPath: /usr/share/nginx/html/
vim game_svc.yaml
apiVersion: v1
kind: Service
metadata:
name: game-svc
spec:
selector:
app: game
ports:
- port: 80
targetPort: 80
type: ClusterIP
vim game_ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: game-ingress
spec:
rules:
- host: www.mygame.com
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: game-svc
port:
number: 80
启动gitlab和jenkins
注意事项:
1.映射宿主机的hosts文件,记得在所有hosts文件都做gitlab的域名解析
2.在使用jenkins之前,先在物理机上git clone远程仓库
3.添加插件,新加入公钥,都要重启jenkins才能生效
1)起在一个POD中
vim cicd-svc-ingress.yaml
apiVersion: v1
kind: Service
metadata:
name: git-svc
spec:
selector:
app: cicd
ports:
- name: port1
port: 80
targetPort: 80
nodePort: 30080
- name: port2
port: 443
targetPort: 443
nodePort: 30443
- name: port3
port: 22
targetPort: 22
nodePort: 30022
type: NodePort
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: git-ingress
spec:
rules:
- host: git01.com
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: git-svc
port:
number: 80
---
apiVersion: v1
kind: Service
metadata:
name: jen-svc
spec:
selector:
app: cicd
ports:
- name: port1
port: 8080
targetPort: 8080
- name: port2
port: 50000
targetPort: 50000
type: ClusterIP
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: jen-ingress
spec:
rules:
- host: jks.com
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: jen-svc
port:
number: 8080
gitlab和jenkins启在同一个pod会端口冲突,修改: puma['port'] = 8085
vim cicd-dp.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: git-cm
data:
git.rb: |
external_url 'http://git01.com'
gitlab_rails['gitlab_shell_ssh_port'] = 30022
prometheus['enable'] = false
prometheus['monitor_kubernetes'] = false
prometheus_monitoring['enable'] = false
alertmanager['enable'] = false
node_exporter['enable'] = false
redis_exporter['enable'] = false
postgres_exporter['enable'] = false
grafana['enable'] = false
puma['port'] = 8085
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: cicd-dp
spec:
replicas: 1
selector:
matchLabels:
app: cicd
template:
metadata:
name: cicd-pod
labels:
app: cicd
spec:
volumes:
- name: gitconfig-volum
configMap:
name: git-cm
items:
- key: git.rb
path: gitlab.rb
- name: cfg-volum
hostPath:
path: /tmp/gitlab/config
- name: log-volum
hostPath:
path: /tmp/gitlab/logs
- name: gitdata-volum
hostPath:
path: /tmp/gitlab/data
- name: jksdata-volum
hostPath:
path: /tmp/jenkins/data
- name: docker-bin-volum
hostPath:
path: /bin/docker
- name: docker-sock-volum
hostPath:
path: /var/run/docker.sock
- name: ssh-volum
hostPath:
path: /root/.ssh/
- name: hosts-volum
hostPath:
path: /etc/hosts
nodeSelector:
kubernetes.io/hostname: node-2
containers:
- name: gitlab
image: gitlab/gitlab-ce
imagePullPolicy: IfNotPresent
volumeMounts:
- name: gitconfig-volum
subPath: gitlab.rb
mountPath: /etc/gitlab/gitlab.rb
- name: cfg-volum
mountPath: /etc/gitlab
- name: log-volum
mountPath: /var/log/gitlab
- name: gitdata-volum
mountPath: /var/opt/gitlab
- name: jen
image: jenkins/jenkins
imagePullPolicy: IfNotPresent
securityContext:
runAsUser: 0
privileged: true
volumeMounts:
- name: jksdata-volum
mountPath: /var/jenkins_home
- name: docker-bin-volum
mountPath: /bin/docker
- name: docker-sock-volum
mountPath: /var/run/docker.sock
- name: ssh-volum
mountPath: /root/.ssh/
- name: hosts-volum
mountPath: /etc/hosts
可以拉代码
2)起两个POD
gitlab
vim git-svc-ingress.yaml
apiVersion: v1
kind: Service
metadata:
name: git-svc
spec:
selector:
app: git
ports:
- name: port1
port: 80
targetPort: 80
nodePort: 30080
- name: port2
port: 443
targetPort: 443
nodePort: 30443
- name: port3
port: 22
targetPort: 22
nodePort: 30022
type: NodePort
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: git-ingress
spec:
rules:
- host: git02.com
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: git-svc
port:
number: 80
vim git-dp.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: git-cm
data:
git.rb: |
external_url 'http://git02.com'
gitlab_rails['gitlab_shell_ssh_port'] = 30022
prometheus['enable'] = false
prometheus['monitor_kubernetes'] = false
prometheus_monitoring['enable'] = false
alertmanager['enable'] = false
node_exporter['enable'] = false
redis_exporter['enable'] = false
postgres_exporter['enable'] = false
grafana['enable'] = false
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: git-dp
spec:
replicas: 1
selector:
matchLabels:
app: git
template:
metadata:
name: git-pod
labels:
app: git
spec:
volumes:
- name: gitconfig-volum
configMap:
name: git-cm
items:
- key: git.rb
path: gitlab.rb
- name: cfg-volum
hostPath:
path: /data/gitlab/config
- name: log-volum
hostPath:
path: /data/gitlab/logs
- name: data-volum
hostPath:
path: /data/gitlab/data
containers:
- name: gitlab
image: gitlab/gitlab-ce
imagePullPolicy: IfNotPresent
volumeMounts:
- name: gitconfig-volum
mountPath: /etc/gitlab/gitlab.rb
subPath: gitlab.rb
- name: cfg-volum
mountPath: /etc/gitlab
- name: log-volum
mountPath: /var/log/gitlab
- name: data-volum
mountPath: /var/opt/gitlab
kubectl exec -it git-dp grep 'Password:' /etc/gitlab/initial_root_password
subPath:指定cm卷中名为gitlab.rb的子文件挂载到/etc/gitlab/gitlab.rb中
报错
删除/root/.ssh/known_hosts里的gitlab就行了
jenkins
vim jen-dp.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: jen-dp
spec:
replicas: 1
selector:
matchLabels:
app: jen
template:
metadata:
name: jen-pod
labels:
app: jen
spec:
volumes:
- name: data-volum
hostPath:
path: /data/jenkins/data
- name: docker-bin-volum
hostPath:
path: /bin/docker
- name: docker-sock-volum
hostPath:
path: /var/run/docker.sock
- name: ssh-volum
hostPath:
path: /root/.ssh/
- name: hosts-volum
hostPath:
path: /etc/hosts
containers:
- name: jen
image: jenkins/jenkins
imagePullPolicy: IfNotPresent
securityContext:
runAsUser: 0
privileged: true
volumeMounts:
- name: data-volum
mountPath: /var/jenkins_home
- name: docker-bin-volum
mountPath: /bin/docker
- name: docker-sock-volum
mountPath: /var/run/docker.sock
- name: ssh-volum
mountPath: /root/.ssh/
- name: hosts-volum
mountPath: /etc/hosts
vim jen-svc-ingress.yaml
apiVersion: v1
kind: Service
metadata:
name: jen-svc
spec:
selector:
app: jen
ports:
- name: port1
port: 8080
targetPort: 8080
- name: port2
port: 50000
targetPort: 50000
type: ClusterIP
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: jen-ingress
spec:
rules:
- host: myjks.com
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: jen-svc
port:
number: 8080
kubectl exec -it cat /var/jenkins_home/secrets/initialAdminPassword