夢想可以天花亂墜, 理想,是我們一步一個腳印踩出來的坎坷道路
對k8s剛入門的朋友而言,光搭建k8s集羣是不夠的,我們需要更多的理論加實戰,才能更好的掌握k8s的好處,當我們成功部署一個k8s集羣之後,我們需要在實際項目中進行應用,本文簡單的介紹了當前比較主流的PHP/Java網站的部署
傳統部署與K8S部署區別
通常使用傳統的部署的時候,我們一個web項目,網站的搭建,往往使用的如下的一種整體架構,可能有的公司在某一環節使用的東西是不一樣,但是大體的框架流程是都是差不多的
使用K8S部署,便於彈性伸縮,節約資源,發佈週期快,整體框架如下:
準備環境
192.168.73.138 k8s-Master
192.168.73.139 k8s-node01
192.168.73.140 k8s-node02
192.168.73.136 Harbor鏡像倉庫
1 php項目部署流程
當我們把項目遷移到K8S平臺上時,首先我們需要了解的是整個部署的流程,按照這個流程部署,才能避免出現問題,也方便大家理解
github項目地址https://github.com/zhangdongdong7/php-demo.git
1.1 製作鏡像
使用Dockerfile製作鏡像,把應用程序、運行環境、文件系統一起打包成一個鏡像,然後推送到Harbor鏡像倉庫中 首先在k8s的master節點進行操作
[root@k8s-master ]# git clone https://github.com/zhangdongdong7/php-demo.git [root@k8s-master ]# cd php-demo[root@k8s-master php-demo]# ls deployment.yaml ingress.yaml mysql.yaml namespace.yaml README.md service.yaml wordpress
使用wordpress創建一個博客網站,打開wordpress,編寫Dockerfile構建鏡像,然後推送到一個harbor鏡像倉庫中,可以看前面章節,harbor鏡像的搭建,這裏是使用的harbor鏡像倉庫地址爲192.168.73.136
[root@k8s-master php-demo]cd wordpress [root@k8s-master wordpress]# vim Dockerfile FROM lizhenliang/nginx-php:latest MAINTAINER www.ctnrs.com ADD . /usr/local/nginx/html [root@k8s-master wordpress]docker login 192.168.73.136 [root@k8s-master wordpress]docker build -t 192.168.73.136/test/php-demo:latest . [root@k8s-master wordpress]docker push 192.168.73.136/test/php-demo:latest
1.2 創建控制器管理pod
回到php-demo目錄編寫yaml,首先部署一個test的命令空間
[root@k8s-master wordpress]# cd ../ [root@k8s-master php-demo]# vim namespace.yaml apiVersion: v1 kind: Namespace metadata: name: test [root@k8s-master php-demo]# kubectl apply -f namespace.yaml
創建認證
[root@k8s-master php-demo]# kubectl create secret docker-registry registry-pull-secret —docker-username=admin —docker-password=Harbor12345 —docker-email=123@qq.com —docker-server=192.168.73.136 -n test
編寫deployment.yaml控制器,這裏需要把image進行修改成剛纔推送到Harbor鏡像倉庫中的地址
[root@k8s-master php-demo]# vim deployment.yaml apiVersion: apps/v1beta1 kind: Deployment metadata: name: php-demo namespace: test spec: replicas: 2 selector: matchLabels: project: www app: php-demo template: metadata: labels: project: www app: php-demo spec: imagePullSecrets: - name: registry-pull-secret containers: - name: nginx image: 192.168.73.136/test/php-demo:v3 imagePullPolicy: Always ports: - containerPort: 80 name: web protocol: TCP resources: requests: cpu: 0.5 memory: 256Mi limits: cpu: 1 memory: 1Gi resources: requests: cpu: 0.5 memory: 256Mi limits: cpu: 1 memory: 1Gi livenessProbe: httpGet: path: /status.php port: 80
1.3 pod數據持久化
這裏演示的是一個靜態的web網站,基本不需要做持久化,直接把代碼打包到了鏡像中
1.4 暴露應用
創建一個service來暴露應用,直接使用的了ingress控制器的方式暴露應用了
[root@k8s-master php-demo]# vim service.yaml apiVersion: v1 kind: Service metadata: name: php-demo namespace: test spec: selector: project: www app: php-demo ports: - name: web port: 80 targetPort: 80 [root@k8s-master php-demo]# kubectl apply -f service.yaml [root@k8s-master php-demo]# kubectl get pods,svc -n test -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES pod/php-demo-66d9c64968-4r4vn 1/1 Running 0 24h 10.244.1.73 k8s-node01 <none> <none> pod/php-demo-66d9c64968-8zw9s 1/1 Running 0 24h 10.244.2.43 k8s-node02 <none> <none> pod/tomcat-java-demo-5f4f64dd4b-tcmtv 1/1 Running 0 24h 10.244.2.42 k8s-node02 <none> <none> pod/tomcat-java-demo-5f4f64dd4b-vvx5x 1/1 Running 0 24h 10.244.1.72 k8s-node01 <none> <none> NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR service/php-demo NodePort 10.1.136.96 <none> 80:32625/TCP 23h app=php-demo,project=www service/tomcat-java-demo ClusterIP 10.1.198.15 <none> 80/TCP 24h app=java-demo,project=www [root@k8s-master php-demo]#
1.5 創建ingress對外發布應用
編寫yaml,首先創建ingress控制器,創建ingress,最後可以查看pod,svc,ingress的狀態,全部都正常可以開始下一步,如果有異常可以使用kubectl describe命令查看日誌進行排錯
[root@k8s-master java-demo]# kubectl apply -f mandatory.yaml [root@k8s-master php-demo]# vim ingress.yaml apiVersion: extensions/v1beta1 kind: Ingress metadata: name: php-demo namespace: test spec: rules: - host: php.ctnrs.com http: paths: - path: / backend: serviceName: php-demo servicePort: 80 [root@k8s-master php-demo]# kubectl apply -f ingress.yaml [root@k8s-master java-demo]# kubectl get pod,svc,ingress -n test -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES pod/php-demo-66d9c64968-4r4vn 1/1 Running 0 24h 10.244.1.73 k8s-node01 <none> <none> pod/php-demo-66d9c64968-8zw9s 1/1 Running 0 24h 10.244.2.43 k8s-node02 <none> <none> pod/tomcat-java-demo-5f4f64dd4b-tcmtv 1/1 Running 0 24h 10.244.2.42 k8s-node02 <none> <none> pod/tomcat-java-demo-5f4f64dd4b-vvx5x 1/1 Running 0 24h 10.244.1.72 k8s-node01 <none> <none> NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR service/php-demo NodePort 10.1.136.96 <none> 80:32625/TCP 24h app=php-demo,project=www service/tomcat-java-demo ClusterIP 10.1.198.15 <none> 80/TCP 24h app=java-demo,project=www NAME HOSTS ADDRESS PORTS AGE ingress.extensions/php-demo php.ctnrs.com 80 24h ingress.extensions/tomcat-java-demo java.ctnrs.com 80 24h [root@k8s-master java-demo]#
可以在集羣之外找一個虛機創建數據庫,我是在harbor鏡像倉庫安裝
docker run -d -p 3306:3306 -e MYSQL_ROOT_PASSWORD=123456 mysql:5.7 docker exec -it mysql:5.7 bash mysql -uroot -p$MYSQL_ROOT_PASSWORDcreate database wp;
2.6 綁定本機hosts,訪問域名驗證
windows系統,hosts文件地址:C:\Windows\System32\drivers\etc,Mac系統sudo vi /private/etc/hosts 編輯hosts文件,在底部加入域名和ip,用於解析,這個ip地址爲node節點ip地址 加入如下命令,然後保存
192.168.73.139 php.ctnrs.com
在瀏覽器中,輸入php.ctnrs.com,會跳轉到初始化設置界面,設置對應的賬號,然後安裝,登錄,然後就可以編輯文章發佈了,一個簡單的WordPress的php網站搭建完成
2 Java項目部署流程
部署流程如下,跟php的網址一樣
github項目地址https://github.com/zhangdongdong7/java-demo.git
2.1 製作鏡像
使用Dockerfile製作鏡像,把應用程序、運行環境、文件系統一起打包成一個鏡像,然後推送到Harbor鏡像倉庫中
- 首先在k8s的master節點進行操作
[root@k8s-master ]# git clone https://github.com/zhangdongdong7/java-demo.git [root@k8s-master java-demo]# cd java-demo [root@k8s-master java-demo]# ls deployment.yaml ingress.yaml mysql.yaml README.md tomcat-java-demo-master.zipdeploy.yml mandatory.yaml namespace.yaml service.yaml [root@k8s-master java-demo]# unzip tomcat-java-demo-master.zip [root@k8s-master java-demo]# cd tomcat-java-demo-master/
- 安裝環境
[root@k8s-master tomcat-java-demo-master]# yum install java-1.8.0-openjdk maven -y
- 編譯構建 如果maven構建慢的話,默認是官方源,可以換阿里雲的源vim /etc/maven/settings.xml,大概在(159-164行),更換爲如下代碼
[root@k8s-master tomcat-java-demo-master]# vim /etc/maven/settings.xml ... <mirror> <id>central</id> <mirrorOf>central</mirrorOf> <name>aliyun maven</name> <url>https://maven.aliyun.com/repository/public</url> </mirror> ... [root@k8s-master tomcat-java-demo-master]# ls db Dockerfile LICENSE pom.xml README.md src target
- Dockerfile已經打包好了,ls可以查看目錄中已經存在,可以查看一下
[root@k8s-master tomcat-java-demo-master]# cat Dockerfile FROM lizhenliang/tomcat LABEL maintainer www.ctnrs.com RUN rm -rf /usr/local/tomcat/webapps/ ADD target/.war /usr/local/tomcat/webapps/ROOT.war
- 在tomcat目錄下構建鏡像
[root@k8s-master tomcat-java-demo-master]# docker login 192.168.73.136 Authenticating with existing credentials…WARNING! Your password will be stored unencrypted in /root/.docker/config.json.Configure a credential helper to remove this warning. Seehttps://docs.docker.com/engine/reference/commandline/login/#credentials-storeLogin Succeeded [root@k8s-master tomcat-java-demo-master]docker build -t 192.168.73.136/test/java-demo:latest . [root@k8s-master tomcat-java-demo-master]docker push 192.168.73.136/test/java-demo:latest
- 回到上一層java-demo目錄中
[root@k8s-master tomcat-java-demo-master]# cd ../ [root@k8s-master java-demo]# ls db deploy.yml mandatory.yaml namespace.yaml service.yaml tomcat-java-demo-master.zip deployment.yaml ingress.yaml mysql.yaml README.md tomcat-java-demo-master [root@k8s-master java-demo]#
- 創建一個test的命名空間
[root@k8s-master java-demo]# cat namespace.yaml apiVersion: v1 kind: Namespace metadata: name: test namespace.yaml [root@k8s-master java-demo]# kubectl apply -f namespace.yaml
- 創建一個harbor倉庫的拉取鏡像認證,,如果搭建php網站的時候創建過認證,這一步可以不用再創建,跳過
[root@k8s-master java-demo]# kubectl create secret docker-registry registry-pull-secret —docker-username=admin —docker-password=Harbor12345 —docker-email=123@qq.com —docker-server=192.168.73.136 -n test
2.2 創建控制器管理pod
- 編寫deployment.yaml,創建pods,這裏需要把image進行修改成剛纔推送到Harbor鏡像倉庫中的地址
[root@k8s-master java-demo]# vim deployment.yaml apiVersion: apps/v1beta1 kind: Deployment metadata: name: tomcat-java-demo namespace: test spec: replicas: 2 selector: matchLabels: project: www app: java-demo template: metadata: labels: project: www app: java-demo spec: imagePullSecrets: - name: registry-pull-secret containers: - name: tomcat image: 192.168.73.136/test/java-demo:latest imagePullPolicy: Always ports: - containerPort: 8080 name: web protocol: TCP resources: requests: cpu: 0.25 memory: 1Gi limits: cpu: 1 memory: 2Gi livenessProbe: httpGet: path: / port: 8080 initialDelaySeconds: 60 timeoutSeconds: 20 readinessProbe: httpGet: path: / port: 8080 initialDelaySeconds: 60 [root@k8s-master java-demo]# kubectl adpply -f deployment.yaml
2.3 pod數據持久化
這裏演示的是一個靜態的web網站,基本不需要做持久化,直接把代碼打包到了鏡像中
2.4 暴露應用
創建一個service來暴露應用,直接使用的了ingress控制器的方式暴露應用了
[root@k8s-master java-demo]# cat service.yaml apiVersion: v1 kind: Service metadata: name: tomcat-java-demo namespace: test spec: selector: project: www app: java-demo ports: - name: web port: 80 targetPort: 8080 [root@k8s-master java-demo]# kubectl apply -f service.yaml
2.5 創建ingress對外發布應用
編寫yaml,因爲剛纔php項目創建過ingress控制器,因此可以不用創建,直接創建ingress,最後可以查看pod,svc,ingress的狀態,全部都正常可以開始下一步,如果有異常可以使用kubectl describe命令查看日誌進行排錯
[root@k8s-master java-demo]# cat ingress.yaml apiVersion: extensions/v1beta1 kind: Ingress metadata: name: tomcat-java-demo namespace: test spec: rules: - host: java.ctnrs.com http: paths: - path: / backend: serviceName: tomcat-java-demo servicePort: 80 [root@k8s-master java-demo]# kubectl apply -f ingress.yaml [root@k8s-master java-demo]# kubectl get pod,svc,ingress -n test -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES pod/php-demo-66d9c64968-4r4vn 1/1 Running 0 24h 10.244.1.73 k8s-node01 <none> <none> pod/php-demo-66d9c64968-8zw9s 1/1 Running 0 24h 10.244.2.43 k8s-node02 <none> <none> pod/tomcat-java-demo-5f4f64dd4b-tcmtv 1/1 Running 0 24h 10.244.2.42 k8s-node02 <none> <none> pod/tomcat-java-demo-5f4f64dd4b-vvx5x 1/1 Running 0 24h 10.244.1.72 k8s-node01 <none> <none> NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR service/php-demo NodePort 10.1.136.96 <none> 80:32625/TCP 24h app=php-demo,project=www service/tomcat-java-demo ClusterIP 10.1.198.15 <none> 80/TCP 24h app=java-demo,project=www NAME HOSTS ADDRESS PORTS AGE ingress.extensions/php-demo php.ctnrs.com 80 24h ingress.extensions/tomcat-java-demo java.ctnrs.com 80 24h [root@k8s-master java-demo]#
2.6 綁定本機hosts,訪問域名驗證
windows系統,hosts文件地址:C:\Windows\System32\drivers\etc,Mac系統sudo vi /private/etc/hosts 編輯hosts文件,在底部加入域名和ip,用於解析,這裏的ip是node的ip地址 加入如下命令,然後保存
192.168.73.139 java.ctnrs.com
在瀏覽器中輸入java.ctnrs.com訪問
如有不對的地方和問題,歡迎指出和交流