K8S部署LNMP集羣訪問wordpress

部署k8s集羣架構：

192.168.175.128 k8s-master

192.168.175.130 k8s-node1

192.168.175.131 k8s-node2

192.168.175.132 harbor/glusterfs/nfs

一、構建底層鏡像Dockerfile
上傳至Harbor倉庫中，具體倉庫的搭建請看前面的博客

(1)nginx：需要有一個默認的nginx.conf，以及nginx1.12編譯安裝包

nginx.conf配置如下：

[root@glusterfs-master nginx]# cat nginx.conf
user  root;
worker_processes  auto;

error_log  logs/error.log  info;

pid        logs/nginx.pid;


events {
    use epoll;
}

http {

    include       mime.types;
    default_type  application/octet-stream;

    log_format  main '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log logs/access.log main;
    sendfile        on;
    keepalive_timeout  65;

   # server {
   #     listen 80;
   #     server_name localhost;
   #     root html;
   #     index index.html index.php;

   #     location  / {
   #         root html;
   #         index index.html;
   #     }
   # }
    include   vhost/*.conf;
}

nginx Dockerfile如下

[root@glusterfs-master nginx]# cat Dockerfile
FROM centos:7
MAINTAINER wujunqi
RUN rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
RUN yum install -y gcc gcc-c++ make openssl-devel pcre-devel
ADD nginx-1.12.1.tar.gz /tmp

RUN cd /tmp/nginx-1.12.1 && \
    ./configure --prefix=/usr/local/nginx && \
    make -j 2 && \
    make install

RUN rm -rf /tmp/nginx-1.12.1* && yum clean all

COPY nginx.conf /usr/local/nginx/conf

WORKDIR /usr/local/nginx
EXPOSE 80
CMD ["./sbin/nginx", "-g", "daemon off;"]

(2)php：php編譯版本爲php-5.6.31，需要有一個默認的php.ini文件

php Dockerfile如下

[root@glusterfs-master php]# cat Dockerfile
FROM 192.168.175.132/centos/centos7
MAINTAINER wujunqi

RUN yum install -y gcc gcc-c++ make gd-devel libxml2-devel libcurl-devel libjpeg-devel libpng-devel openssl-devel
ADD php-5.6.31.tar.gz /tmp/

RUN cd /tmp/php-5.6.31 && \
    ./configure --prefix=/usr/local/php \
    --with-config-file-path=/usr/local/php/etc \
    --with-mysql --with-mysqli \
    --with-openssl --with-zlib --with-curl --with-gd \
    --with-jpeg-dir --with-png-dir --with-iconv \
    --enable-fpm --enable-zip --enable-mbstring && \
    make -j 2 && \
    make install && \
    cp /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf && \
    sed -i "s/127.0.0.1/0.0.0.0/" /usr/local/php/etc/php-fpm.conf && \
    sed -i "21a \daemonize = no" /usr/local/php/etc/php-fpm.conf
COPY php.ini /usr/local/php/etc

RUN rm -rf /tmp/php-5.6.31* && yum clean all

WORKDIR /usr/local/php
EXPOSE 9000
CMD ["./sbin/php-fpm", "-c", "/usr/local/php/etc/php-fpm.conf"]

二、構建鏡像並上傳

# docker build -t 192.168.175.132/nginx/nginx-1.12.1 -f Dockerfile .

# docker build -t 192.168.175.132/php/php-5.6.31 -f Dockerfile .  （標記表示上傳到哪臺harbor主機，以及對應的項目下）

# docker login 192.168.175.132 （登錄harbor下的用戶，上傳的該用戶下的指定項目）

# docker push 192.168.175.132/nginx/nginx-1.12.1

# docker push 192.168.175.132/php/php-5.6.31

三、k8s-master上配置LNMP的yaml配置文件

①nginx：採用configMap對象，將需要的虛擬主機配置放置在指定位置下加載，指定nodePort讓外部網絡訪問，也可以使用ingress。需要注意的是nginx需要配置會話綁定，不然會話會飄。掛載點使用的是nfs以及configMap，因爲很簡單，看看就好。啓動deployment的時候需要先啓動php，要不然nginx會起不來，因爲配置文件裏需要解析php-server，另外爲了能夠讓集羣解析servicename，還需要配置kube-dns的，要不然會有問題。

Nginx Deployment yaml 如下

[root@k8s-master1 wjq]# cat nginx-wjq-deployment.yaml
apiVersion: v1
kind: ConfigMap
metadata:
  name: nginx-config
data:
  http.conf: |-
    server {
        listen 80;
        server_name localhost;
        root /usr/local/nginx/html;
        index index.html index.php;

        location ~ \.php$ {
            root /usr/local/nginx/html;
            fastcgi_pass php-server:9000;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            include /usr/local/nginx/conf/fastcgi_params;
            fastcgi_connect_timeout 60s;
            fastcgi_read_timeout 300s;
            fastcgi_send_timeout 300s;
        }
    }

---
apiVersion: v1
kind: Service
metadata:
  name: wordpress-nginx
  labels:
    app: wordpress
spec:
  ports:
    - port: 80
  selector:
    app: wordpress-nginx
  type: NodePort
  sessionAffinity: ClientIP
---
apiVersion: apps/v1beta2
kind: Deployment
metadata:
  name: wordpress-nginx
  labels:
    app: wordpress
spec:
  replicas: 1
  selector:
    matchLabels:
      app: wordpress-nginx
  template:
    metadata:
      labels:
        app: wordpress-nginx
    spec:
      containers:
      - name: nginx
        image: 192.168.175.132/nginx/nginx-1.12.1
        ports:
        - containerPort: 80
          name: wordpress
        volumeMounts:
        - name: wordpress-persistent-storage
          mountPath: /usr/local/nginx/html
        - name: config
          mountPath: /usr/local/nginx/conf/vhost/http.conf
          subPath: http.conf
      volumes:
      - name: wordpress-persistent-storage
        nfs:
          server: 192.168.175.132
          path: /opt/nfs/data
      - name: config
        configMap:
          name: nginx-config

②php

php Deployment yaml如下

[root@k8s-master1 wjq]# cat php-wjq-deployment.yaml
apiVersion: v1
kind: Service
metadata:
  name: php-server
  labels:
    app: lnmp-php
spec:
  ports:
  - port: 9000
  selector:
    app: lnmp-php

---
apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: php-wjq-deployment
  labels:
    app: lnmp-php
spec:
  replicas: 2
  template:
    metadata:
      labels:
        app: lnmp-php
    spec:
      containers:
      - name: php
        image: 192.168.175.132/php/php-5.6.31
        ports:
        - containerPort: 9000
        volumeMounts:
        - name: php-html
          mountPath: /usr/local/nginx/html
      volumes:
      - name: php-html
        nfs:
          server: 192.168.175.132
          path: /opt/nfs/data

③mysql：mysql使用glusterfs持久卷的方式掛載/var/lib/mysql，即數據庫目錄，保證數據庫文件不丟失，冗餘備份。mysql運行需要數據庫密碼，即root密碼，在這裏配置一個secret變量在配置文件中用於讀取mysql密碼，然後在k8s-master創建一個secret。設置密碼爲123456.

# kubectl create secret generic mysql-pass --from-literal=password=123456

env:
        - name: MYSQL_ROOT_PASSWORD
          valueFrom:
            secretKeyRef:
              name: mysql-pass
              key: password

pv-mysql.yaml：mysql持久卷設置，容量大小。

[root@k8s-master1 wjq]# cat pv-mysql.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
  name: mysql-pv
spec:
  capacity:
    storage: 10Gi
  accessModes:
  - ReadWriteMany
  persistentVolumeReclaimPolicy: Recycle
  glusterfs:
    endpoints: "glusterfs-cluster"
    path: "gv0"

pvc-mysql.yaml：持久卷申請。

[root@k8s-master1 wjq]# cat pvc-mysql.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: mysql-pvc
spec:
  resources:
    requests:
      storage: 10Gi
  accessModes:
  - ReadWriteMany

mysql Deployment yaml如下

[root@k8s-master1 wjq]# cat mysql-wjq-deployment.yaml
---
apiVersion: v1
kind: Service
metadata:
  name: mysql-service
  labels:
    app: lnmp-mysql
spec:
  ports:
  - port: 3306
  selector:
    app: lnmp-mysql

---
apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: mysql-deployment
  labels:
    app: lnmp-mysql
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: lnmp-mysql
    spec:
      containers:
      - image: mysql:5.6
        env:
        - name: MYSQL_ROOT_PASSWORD
          valueFrom:
            secretKeyRef:
              name: mysql-pass
              key: password
        name: mysql
        ports:
        - containerPort: 3306
        volumeMounts:
        - name: mysql
          mountPath: /var/lib/mysql
      volumes:
      - name: mysql
        #nfs:
          #server: 192.168.175.132
          #path: /opt/nfs/mysql
        persistentVolumeClaim:
          claimName: mysql-pvc

啓動deployment，nginx需在php後啓動

[root@k8s-master1 wjq]# kubectl create -f mysql-wjq-deployment.yaml

[root@k8s-master1 wjq]# kubectl create -f php-wjq-deployment.yaml
[root@k8s-master1 wjq]# kubectl create -f nginx-wjq-deployment.yaml

運行正常

四、訪問wordpress

數據庫主機填mysql-service即mysql deployment的serviceName