k8s入門教程5 --小實戰

微服務web集羣要求

1.實驗myos:php-fpm創建後臺應用php-app

2.創建php-service,爲後端應用提供內部clusterIP和負載均衡

3.使用myos:nginx創建應用,並使用php-service解析php文件

4,創建web-service,發佈nginx應用到nodePort

5.使用Ingress對外發布服務nginx應用

 

實戰構建解析:

一般用戶是通過雲平臺的負載均衡訪問的kube-node節點,在這裏的kube-node節點就是我們的k8s集羣,kube-node通過對外訪問的Ingress訪問到對應的web-nginx的服務上,服務在訪問對定的web-pod,此時是web-pod是提供解析的,當解析到動態頁面的時候,需要去調用php-fpm的服務,讓該服務提供給web-pod動態解析使用的php-fpm,此時web-pod和php-fpm容器需要固定的訪問一些文件,這些文件是需要持久化的,所有需要使用類似月NFS這種可以提高持久化存儲的軟件,存儲對應的文件.

 

 

步驟一:鏡像的製作

當將nginx+php-fpm服務製作在一起的時候,我們會遇見依賴包對,配置負載,需要編譯,多服務怎麼樣調用,文件如何共享的問題,爲了解決這類問題我們將容器服務進行了拆分,將nginx與php-fpm服務分開成nginx鏡像(只負責前端靜態頁面),php-fpm鏡像(通過內部網絡爲nginx提供解析服務).nginx鏡像和php-fpm鏡像通信方式採用共享網絡命令空間.

php-fpm鏡像創建思路:php-fpm是後端服務,需要前段nginx調用,nginx調用後端php-fpm,是通過php-fpm監聽網絡端口,從網絡把服務傳遞進來,針對php-fpm容器經常變化,我們可以使用service處理,讓他們共享網絡命令空間.service還可以起到負載均衡的作用.

[root@registry ~]# mkdir php-fpm
[root@registry ~]# cd php-fpm/
[root@registry php-fpm]# touch Dockerfile

FROM myos:latest
RUN yum install -y php-fpm && yum clean all
COPY www.conf /etc/php-fpm.d/www.conf
EXPOSE 9000
CMD "/usr/sbin/php-fpm","--nodaemonize"

[root@registry php-fpm]# docker run -it myos
[root@32a5d7afb55e /]# yum -y install php php-fpm

[root@32a5d7afb55e /]# cd /etc/php-fpm.d/
[root@32a5d7afb55e php-fpm.d]# ls
www.conf

[root@32a5d7afb55e php-fpm.d]# vim www.conf 

 12 listen = 0.0.0.0:9000

24 ;listen.allowed_clients = 127.0.0.1

[root@32a5d7afb55e php-fpm.d]# /usr/sbin/php-fpm  --nodaemonize &

[root@32a5d7afb55e php-fpm.d]# ss -untlp 
Netid  State      Recv-Q Send-Q  Local Address:Port                 Peer Address:Port              
tcp    LISTEN     0      128                 *:9000                            *:*                   users:(("php-fpm",pid=173,fd=6))
[root@32a5d7afb55e php-fpm.d]# exit

[root@registry php-fpm]# docker cp 32a5d7afb55e:/etc/php-fpm.d/www.conf ./
 

[root@registry php-fpm]# docker build -t myos:php-fpm .

[root@registry php-fpm]# docker images 
REPOSITORY                                      TAG                 IMAGE ID            CREATED             SIZE
myos                                            php-fpm             a2dec3a5c9d9        2 weeks ago         348.1 MB
 

[root@registry php-fpm]# docker push myos:php-fpm  
 

 

 

nginx鏡像創建思路

nginx需要編譯,可以在外部編譯nginx,把編譯好的文件打包,使用打包文件構成nginx鏡像服務.後端php文件這個時候可以通過nginx與php-fpm容器共享網絡命名空間,使用localhost訪問真正的啓動服務的時候可以用Configmap配置,後端解析傳遞的是文件路徑,php-fpm可以通過docker卷,在nginx和php-fpm中共享目錄.

 

 

 

 

[root@registry ~]# tar -xaf nginx-1.12.2.tar.gz

[root@registry lnmp_soft]# cd nginx-1.12.2/
[root@registry nginx-1.12.2]# yum install gcc make openssl-devel pcre-devel
 

[root@registry nginx-1.12.2]# ./configure --prefix=/usr/local/ginx --user=nginx --group=nginx --with-http_ssl_module 
 

[root@registry nginx-1.12.2]# make &make install

 

[root@registry nginx-1.12.2]# cd /usr/local/nginx/conf/

[root@registry conf]# vim nginx.conf

 65         location ~ \.php$ {
 66             root           html;
 67             fastcgi_pass   localhost:9000;
 68             fastcgi_index  index.php;
 69          #   fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
 70             include        fastcgi.conf;
 71         }
 

[root@registry local]# tar cf  nginx.tar.gz nginx
[root@registry local]# cd
[root@registry ~]# mkdir nginx
[root@registry ~]# cd nginx/
[root@registry nginx]# mcv /usr/local/nginx.tar.gz ./
[root@registry nginx]# ls
Dockerfile  nginx.tar.gz
[root@registry nginx]# cat Dockerfile 
FROM myos:latest
RUN yum install -y prce openssl && useradd nginx
ADD nginx.tar.gz /usr/local
EXPOSE 80
WORKDIR /usr/local/nginx/html
CMD ["/usr/local/nginx/sbin/nginx","-g","daemon off;"]
 

 

[root@registry nginx]# docker build -t myos:nginx .

 

驗證鏡像成功

[root@registry nginx]# docker images 
REPOSITORY                                      TAG                 IMAGE ID            CREATED             SIZE
myos                                            nginx               cfb3781017a1        2 weeks ago         401.5 MB

[root@registry nginx]# docker run -itd myos:nginx
7cd36866838d1812a6b229334b71bd4cc03e5eb96fb1401b9d8a8327c0ca996c
[root@registry nginx]# docker exec -it 7c /bin/bash
[root@7cd36866838d html]# ss -untlp
Netid State      Recv-Q Send-Q     Local Address:Port                    Peer Address:Port              
tcp   LISTEN     0      128                    *:80                                 *:*                   users:(("nginx",pid=1,fd=6))
[root@7cd36866838d html]# ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1450
        inet 10.254.56.3  netmask 255.255.255.0  broadcast 0.0.0.0

[root@7cd36866838d html]# exit

[root@registry nginx]# docker cp 32a5d7afb55e:/usr/local/nginx/conf/nginx.conf  ./
exit
[root@registry nginx]# curl http://10.254.56.3

[root@registry nginx]# docker push myos:nginx
 

 

創建後端節點

[root@registry nginx]#  vim ngiux.conf

67             fastcgi_pass  web-php:9000;
 

[root@kubemaseter webapp]# kubectl create configmap nginx-conf --from-file=nginx.conf
configmap "nginx-conf" created
[root@kubemaseter webapp]# kubectl get configmap 
NAME         DATA      AGE
my-httpd     1         1d
nginx-conf   1         16s
 

[root@kubemaseter webapp]# kubectl create -f  webapp.yaml  (yaml的具體編寫放在本文最後)

[root@kubemaseter webapp]# kubectl get pod
NAME                        READY     STATUS              RESTARTS   AGE
my-nginx-bc4f4cb45-dqwmh    0/1       ContainerCreating   0          8s
my-nginx-bc4f4cb45-vnvg8    0/1       ContainerCreating   0          9s
my-phpfpm-9ffb646f4-k9qjd   0/1       ContainerCreating   0          9s
my-phpfpm-9ffb646f4-r2l6r   0/1       ContainerCreating   0          9s
my-phpfpm-9ffb646f4-x748s   0/1       ContainerCreating   0          9s
[root@kubemaseter webapp]# kubectl get ingress 
NAME      HOSTS     ADDRESS        PORTS     AGE
my-app    *         192.168.1.23   80        29s
[root@kubemaseter webapp]# curl -L -k http://192.168.1.23:80
<pre>
hello world
hello world
hello world
 

 

 

[root@kubemaseter webapp]# cat webapp.yaml

---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: pv-nfs
  labels:
    app: web-nfs
spec:
  capacity:
    storage: 20Gi
  accessModes:
  - ReadWriteMany
  persistentVolumeReclaimPolicy: Retain
  nfs:
    path: /var/webroot
    server: 192.168.1.101
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: pvc-nfs
spec:
  accessModes:
  - ReadWriteMany
  resources:
    requests:
      storage: 20Gi
  selector:
   matchLabels:
     app: web-nfs

---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: my-phpfpm
spec:
  replicas: 3
  template:
    metadata:
      labels:
        app: my-phpfpm
    spec:
      containers:
      - image: 192.168.1.100:5000/myos:php-fpm
        name: my-phpfpm
        volumeMounts:
        - mountPath: /usr/local/nginx/html
          name: site-data
      volumes:
      - name: site-data
        persistentVolumeClaim:
          claimName: pvc-nfs

---
apiVersion: v1
kind: Service
metadata:
  name: web-php
spec:
  ports:
  - port: 9000
    protocol: TCP
    targetPort: 9000
  selector:
    app: my-phpfpm
  type: ClusterIP
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: my-nginx
spec:
  replicas: 2
  template:
    metadata:
      labels:
        app: my-nginx
    spec:
      containers:
      - image: 192.168.1.100:5000/myos:nginx
        name: my-nginx
        volumeMounts:
        - mountPath: /usr/local/nginx/conf/nginx.conf
          name: my-config
          subPath: nginx.conf
        - mountPath: /usr/local/nginx/html
          name: site-data
      volumes:
      - name: my-config
        configMap:
          name: nginx-conf
      - name: site-data
        persistentVolumeClaim:
          claimName: pvc-nfs

---
apiVersion: v1
kind: Service
metadata:
  name: web-nginx
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    app: my-nginx
  type: ClusterIP

---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: my-app
  namespace: default
  annotations:
    kubernetes.io/ingress.class: "nginx"
spec:
  rules:
  - http: 
     paths:
     - path: /
       backend:
        serviceName: web-nginx
        servicePort: 80