微服務web集羣要求
1.實驗myos:php-fpm創建後臺應用php-app
2.創建php-service,爲後端應用提供內部clusterIP和負載均衡
3.使用myos:nginx創建應用,並使用php-service解析php文件
4,創建web-service,發佈nginx應用到nodePort
5.使用Ingress對外發布服務nginx應用
實戰構建解析:
一般用戶是通過雲平臺的負載均衡訪問的kube-node節點,在這裏的kube-node節點就是我們的k8s集羣,kube-node通過對外訪問的Ingress訪問到對應的web-nginx的服務上,服務在訪問對定的web-pod,此時是web-pod是提供解析的,當解析到動態頁面的時候,需要去調用php-fpm的服務,讓該服務提供給web-pod動態解析使用的php-fpm,此時web-pod和php-fpm容器需要固定的訪問一些文件,這些文件是需要持久化的,所有需要使用類似月NFS這種可以提高持久化存儲的軟件,存儲對應的文件.
步驟一:鏡像的製作
當將nginx+php-fpm服務製作在一起的時候,我們會遇見依賴包對,配置負載,需要編譯,多服務怎麼樣調用,文件如何共享的問題,爲了解決這類問題我們將容器服務進行了拆分,將nginx與php-fpm服務分開成nginx鏡像(只負責前端靜態頁面),php-fpm鏡像(通過內部網絡爲nginx提供解析服務).nginx鏡像和php-fpm鏡像通信方式採用共享網絡命令空間.
php-fpm鏡像創建思路:php-fpm是後端服務,需要前段nginx調用,nginx調用後端php-fpm,是通過php-fpm監聽網絡端口,從網絡把服務傳遞進來,針對php-fpm容器經常變化,我們可以使用service處理,讓他們共享網絡命令空間.service還可以起到負載均衡的作用.
[root@registry ~]# mkdir php-fpm
[root@registry ~]# cd php-fpm/
[root@registry php-fpm]# touch Dockerfile
FROM myos:latest
RUN yum install -y php-fpm && yum clean all
COPY www.conf /etc/php-fpm.d/www.conf
EXPOSE 9000
CMD "/usr/sbin/php-fpm","--nodaemonize"
[root@registry php-fpm]# docker run -it myos
[root@32a5d7afb55e /]# yum -y install php php-fpm
[root@32a5d7afb55e /]# cd /etc/php-fpm.d/
[root@32a5d7afb55e php-fpm.d]# ls
www.conf
[root@32a5d7afb55e php-fpm.d]# vim www.conf
12 listen = 0.0.0.0:9000
24 ;listen.allowed_clients = 127.0.0.1
[root@32a5d7afb55e php-fpm.d]# /usr/sbin/php-fpm --nodaemonize &
[root@32a5d7afb55e php-fpm.d]# ss -untlp
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
tcp LISTEN 0 128 *:9000 *:* users:(("php-fpm",pid=173,fd=6))
[root@32a5d7afb55e php-fpm.d]# exit
[root@registry php-fpm]# docker cp 32a5d7afb55e:/etc/php-fpm.d/www.conf ./
[root@registry php-fpm]# docker build -t myos:php-fpm .
[root@registry php-fpm]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
myos php-fpm a2dec3a5c9d9 2 weeks ago 348.1 MB
[root@registry php-fpm]# docker push myos:php-fpm
nginx鏡像創建思路
nginx需要編譯,可以在外部編譯nginx,把編譯好的文件打包,使用打包文件構成nginx鏡像服務.後端php文件這個時候可以通過nginx與php-fpm容器共享網絡命名空間,使用localhost訪問真正的啓動服務的時候可以用Configmap配置,後端解析傳遞的是文件路徑,php-fpm可以通過docker卷,在nginx和php-fpm中共享目錄.
[root@registry ~]# tar -xaf nginx-1.12.2.tar.gz
[root@registry lnmp_soft]# cd nginx-1.12.2/
[root@registry nginx-1.12.2]# yum install gcc make openssl-devel pcre-devel
[root@registry nginx-1.12.2]# ./configure --prefix=/usr/local/ginx --user=nginx --group=nginx --with-http_ssl_module
[root@registry nginx-1.12.2]# make &make install
[root@registry nginx-1.12.2]# cd /usr/local/nginx/conf/
[root@registry conf]# vim nginx.conf
65 location ~ \.php$ {
66 root html;
67 fastcgi_pass localhost:9000;
68 fastcgi_index index.php;
69 # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
70 include fastcgi.conf;
71 }
[root@registry local]# tar cf nginx.tar.gz nginx
[root@registry local]# cd
[root@registry ~]# mkdir nginx
[root@registry ~]# cd nginx/
[root@registry nginx]# mcv /usr/local/nginx.tar.gz ./
[root@registry nginx]# ls
Dockerfile nginx.tar.gz
[root@registry nginx]# cat Dockerfile
FROM myos:latest
RUN yum install -y prce openssl && useradd nginx
ADD nginx.tar.gz /usr/local
EXPOSE 80
WORKDIR /usr/local/nginx/html
CMD ["/usr/local/nginx/sbin/nginx","-g","daemon off;"]
[root@registry nginx]# docker build -t myos:nginx .
驗證鏡像成功
[root@registry nginx]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
myos nginx cfb3781017a1 2 weeks ago 401.5 MB
[root@registry nginx]# docker run -itd myos:nginx
7cd36866838d1812a6b229334b71bd4cc03e5eb96fb1401b9d8a8327c0ca996c
[root@registry nginx]# docker exec -it 7c /bin/bash
[root@7cd36866838d html]# ss -untlp
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
tcp LISTEN 0 128 *:80 *:* users:(("nginx",pid=1,fd=6))
[root@7cd36866838d html]# ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
inet 10.254.56.3 netmask 255.255.255.0 broadcast 0.0.0.0
[root@7cd36866838d html]# exit
[root@registry nginx]# docker cp 32a5d7afb55e:/usr/local/nginx/conf/nginx.conf ./
exit
[root@registry nginx]# curl http://10.254.56.3
[root@registry nginx]# docker push myos:nginx
創建後端節點
[root@registry nginx]# vim ngiux.conf
67 fastcgi_pass web-php:9000;
[root@kubemaseter webapp]# kubectl create configmap nginx-conf --from-file=nginx.conf
configmap "nginx-conf" created
[root@kubemaseter webapp]# kubectl get configmap
NAME DATA AGE
my-httpd 1 1d
nginx-conf 1 16s
[root@kubemaseter webapp]# kubectl create -f webapp.yaml (yaml的具體編寫放在本文最後)
[root@kubemaseter webapp]# kubectl get pod
NAME READY STATUS RESTARTS AGE
my-nginx-bc4f4cb45-dqwmh 0/1 ContainerCreating 0 8s
my-nginx-bc4f4cb45-vnvg8 0/1 ContainerCreating 0 9s
my-phpfpm-9ffb646f4-k9qjd 0/1 ContainerCreating 0 9s
my-phpfpm-9ffb646f4-r2l6r 0/1 ContainerCreating 0 9s
my-phpfpm-9ffb646f4-x748s 0/1 ContainerCreating 0 9s
[root@kubemaseter webapp]# kubectl get ingress
NAME HOSTS ADDRESS PORTS AGE
my-app * 192.168.1.23 80 29s
[root@kubemaseter webapp]# curl -L -k http://192.168.1.23:80
<pre>
hello world
hello world
hello world
[root@kubemaseter webapp]# cat webapp.yaml
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: pv-nfs
labels:
app: web-nfs
spec:
capacity:
storage: 20Gi
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Retain
nfs:
path: /var/webroot
server: 192.168.1.101
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: pvc-nfs
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 20Gi
selector:
matchLabels:
app: web-nfs
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: my-phpfpm
spec:
replicas: 3
template:
metadata:
labels:
app: my-phpfpm
spec:
containers:
- image: 192.168.1.100:5000/myos:php-fpm
name: my-phpfpm
volumeMounts:
- mountPath: /usr/local/nginx/html
name: site-data
volumes:
- name: site-data
persistentVolumeClaim:
claimName: pvc-nfs
---
apiVersion: v1
kind: Service
metadata:
name: web-php
spec:
ports:
- port: 9000
protocol: TCP
targetPort: 9000
selector:
app: my-phpfpm
type: ClusterIP
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: my-nginx
spec:
replicas: 2
template:
metadata:
labels:
app: my-nginx
spec:
containers:
- image: 192.168.1.100:5000/myos:nginx
name: my-nginx
volumeMounts:
- mountPath: /usr/local/nginx/conf/nginx.conf
name: my-config
subPath: nginx.conf
- mountPath: /usr/local/nginx/html
name: site-data
volumes:
- name: my-config
configMap:
name: nginx-conf
- name: site-data
persistentVolumeClaim:
claimName: pvc-nfs
---
apiVersion: v1
kind: Service
metadata:
name: web-nginx
spec:
ports:
- port: 80
protocol: TCP
targetPort: 80
selector:
app: my-nginx
type: ClusterIP
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: my-app
namespace: default
annotations:
kubernetes.io/ingress.class: "nginx"
spec:
rules:
- http:
paths:
- path: /
backend:
serviceName: web-nginx
servicePort: 80