tu
/
kubernetes-x
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

更新 'kubernetes-MD/利用kubernetes部署网站项目.md'

This commit is contained in:
diandian 2023-04-12 14:18:54 +08:00
parent 985e38ef5e
commit 3f429cee63
1 changed files with 335 additions and 336 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

671
kubernetes-MD/利用kubernetes部署网站项目.md
View File

@ -1,336 +1,335 @@
<h1><center>利用kubernetes部署网站项目</center></h1> <h1><center>利用kubernetes部署网站项目</center></h1>
著作:行癫 <盗版必究> 著作:行癫 <盗版必究>
------ ------
## 一:环境准备 ## 一:环境准备
#### 1.kubernetes集群 #### 1.kubernetes集群
集群正常运行,例如使用以下命令检查 集群正常运行,例如使用以下命令检查
```shell ```shell
[root@master ~]# kubectl get node [root@master ~]# kubectl get node
NAME STATUS ROLES AGE VERSION NAME STATUS ROLES AGE VERSION
master Ready control-plane,master 5d19h v1.23.1 master Ready control-plane,master 5d19h v1.23.1
node-1 Ready <none> 5d19h v1.23.1 node-1 Ready <none> 5d19h v1.23.1
node-2 Ready <none> 5d19h v1.23.1 node-2 Ready <none> 5d19h v1.23.1
node-3 Ready <none> 5d19h v1.23.1 node-3 Ready <none> 5d19h v1.23.1
``` ```
#### 2.harbor私有仓库 #### 2.harbor私有仓库
主要给kubernetes集群提供镜像服务 主要给kubernetes集群提供镜像服务
<img src="%E5%88%A9%E7%94%A8kubernetes%E9%83%A8%E7%BD%B2%E7%BD%91%E7%AB%99%E9%A1%B9%E7%9B%AE.assets/image-20220502184026483.png" alt="image-20220502184026483" style="zoom:50%;" /> <img src="https://xingdian-image.oss-cn-beijing.aliyuncs.com/xingdian-image/image-20220502184026483.png" alt="image-20220502184026483" style="zoom:50%;" />
## 二:项目部署
## 二:项目部署
#### 1.镜像构建
#### 1.镜像构建
软件下载地址:
软件下载地址:
```shell
```shell wget https://nginx.org/download/nginx-1.20.2.tar.gz
wget https://nginx.org/download/nginx-1.20.2.tar.gz ```
```
项目包下载地址:
项目包下载地址:
```shell
```shell git clone https://github.com/blackmed/xingdian-project.git
git clone https://github.com/blackmed/xingdian-project.git ```
```
构建centos基础镜像Dockerfile文件
构建centos基础镜像Dockerfile文件
```shell
```shell root@nfs-harbor ~]# cat Dockerfile
root@nfs-harbor ~]# cat Dockerfile FROM daocloud.io/centos:7
FROM daocloud.io/centos:7 MAINTAINER "xingdianvip@gmail.com"
MAINTAINER "xingdianvip@gmail.com" ENV container docker
ENV container docker RUN yum -y swap -- remove fakesystemd -- install systemd systemd-libs
RUN yum -y swap -- remove fakesystemd -- install systemd systemd-libs RUN yum -y update; yum clean all; \
RUN yum -y update; yum clean all; \ (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \
(cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \ rm -f /lib/systemd/system/multi-user.target.wants/*;\
rm -f /lib/systemd/system/multi-user.target.wants/*;\ rm -f /etc/systemd/system/*.wants/*;\
rm -f /etc/systemd/system/*.wants/*;\ rm -f /lib/systemd/system/local-fs.target.wants/*; \
rm -f /lib/systemd/system/local-fs.target.wants/*; \ rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
rm -f /lib/systemd/system/sockets.target.wants/*udev*; \ rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \ rm -f /lib/systemd/system/basic.target.wants/*;\
rm -f /lib/systemd/system/basic.target.wants/*;\ rm -f /lib/systemd/system/anaconda.target.wants/*;
rm -f /lib/systemd/system/anaconda.target.wants/*; VOLUME [ "/sys/fs/cgroup" ]
VOLUME [ "/sys/fs/cgroup" ] CMD ["/usr/sbin/init"]
CMD ["/usr/sbin/init"] root@nfs-harbor ~]# docker bulid -t xingdian .
root@nfs-harbor ~]# docker bulid -t xingdian . ```
```
构建项目镜像:
构建项目镜像:
```shell
```shell [root@nfs-harbor nginx]# cat Dockerfile
[root@nfs-harbor nginx]# cat Dockerfile FROM xingdian
FROM xingdian ADD nginx-1.20.2.tar.gz /usr/local
ADD nginx-1.20.2.tar.gz /usr/local RUN rm -rf /etc/yum.repos.d/*
RUN rm -rf /etc/yum.repos.d/* COPY CentOS-Base.repo /etc/yum.repos.d/
COPY CentOS-Base.repo /etc/yum.repos.d/ COPY epel.repo /etc/yum.repos.d/
COPY epel.repo /etc/yum.repos.d/ RUN yum clean all && yum makecache fast
RUN yum clean all && yum makecache fast RUN yum -y install gcc gcc-c++ openssl openssl-devel pcre-devel zlib-devel make
RUN yum -y install gcc gcc-c++ openssl openssl-devel pcre-devel zlib-devel make WORKDIR /usr/local/nginx-1.20.2
WORKDIR /usr/local/nginx-1.20.2 RUN ./configure --prefix=/usr/local/nginx
RUN ./configure --prefix=/usr/local/nginx RUN make && make install
RUN make && make install WORKDIR /usr/local/nginx
WORKDIR /usr/local/nginx ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/nginx/sbin
ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/nginx/sbin EXPOSE 80
EXPOSE 80 RUN rm -rf /usr/local/nginx/conf/nginx.conf
RUN rm -rf /usr/local/nginx/conf/nginx.conf COPY nginx.conf /usr/local/nginx/conf/
COPY nginx.conf /usr/local/nginx/conf/ RUN mkdir /dist
RUN mkdir /dist CMD ["nginx", "-g", "daemon off;"]
CMD ["nginx", "-g", "daemon off;"] [root@nfs-harbor nginx]# docker build -t nginx:v2 .
[root@nfs-harbor nginx]# docker build -t nginx:v2 . ```
```
注意:
注意:
需要事先准备好Centos的Base仓库和epel仓库
需要事先准备好Centos的Base仓库和epel仓库
#### 2.上传项目到harbor
#### 2.上传项目到harbor
修改镜像tag
修改镜像tag
```shell
```shell [root@nfs-harbor ~]# docker tag nginx:v2 10.0.0.230/xingdian/nginx:v2
[root@nfs-harbor ~]# docker tag nginx:v2 10.0.0.230/xingdian/nginx:v2 ```
```
登录私有仓库:
登录私有仓库:
```shell
```shell [root@nfs-harbor ~]# docker login 10.0.0.230
[root@nfs-harbor ~]# docker login 10.0.0.230 Username: xingdian
Username: xingdian Password:
Password: ```
```
上传镜像:
上传镜像:
```shell
```shell [root@nfs-harbor ~]# docker push 10.0.0.230/xingdian/nginx:v2
[root@nfs-harbor ~]# docker push 10.0.0.230/xingdian/nginx:v2 ```
```
注意:
注意:
默认上传时采用https因为我们部署的harbor使用的是http所以再上传之前按照3-1进行修改
默认上传时采用https因为我们部署的harbor使用的是http所以再上传之前按照3-1进行修改
#### 3.kubernetes集群连接harbor
#### 3.kubernetes集群连接harbor
修改所有kubernetes集群能够访问http仓库默认访问的是https
修改所有kubernetes集群能够访问http仓库默认访问的是https
```shell
```shell [root@master ~]# vim /etc/systemd/system/multi-user.target.wants/docker.service
[root@master ~]# vim /etc/systemd/system/multi-user.target.wants/docker.service ExecStart=/usr/bin/dockerd -H fd:// --insecure-registry 10.0.1.13 --containerd=/run/containerd/containerd.sock
ExecStart=/usr/bin/dockerd -H fd:// --insecure-registry 10.0.1.13 --containerd=/run/containerd/containerd.sock [root@master ~]# systemctl daemon-reload
[root@master ~]# systemctl daemon-reload [root@master ~]# systemctl restart docker
[root@master ~]# systemctl restart docker ```
```
kubernetes集群创建secret用于连接harbor
kubernetes集群创建secret用于连接harbor
```shell
```shell [root@master ~]# kubectl create secret docker-registry regcred --docker-server=10.0.0.230 --docker-username=diange --docker-password=QianFeng@123
[root@master ~]# kubectl create secret docker-registry regcred --docker-server=10.0.0.230 --docker-username=diange --docker-password=QianFeng@123 [root@master ~]# kubectl get secret
[root@master ~]# kubectl get secret NAME TYPE DATA AGE
NAME TYPE DATA AGE regcred kubernetes.io/dockerconfigjson 1 19h
regcred kubernetes.io/dockerconfigjson 1 19h ```
```
注意:
注意:
regcredsecret的名字
regcredsecret的名字
--docker-server指定服务器的地址
--docker-server指定服务器的地址
--docker-username指定harbor的用户
--docker-username指定harbor的用户
--docker-password指定harbor的密码
--docker-password指定harbor的密码
#### 4.部署NFS
#### 4.部署NFS
部署NFS目的是为了给kubernetes集群提供持久化存储,kubernetes集群也要安装nfs-utils目的是为了支持nfs文件系统
部署NFS目的是为了给kubernetes集群提供持久化存储,kubernetes集群也要安装nfs-utils目的是为了支持nfs文件系统
```shell
```shell [root@nfs-harbor ~]# yum -y install nfs-utils
[root@nfs-harbor ~]# yum -y install nfs-utils [root@nfs-harbor ~]# systemctl start nfs
[root@nfs-harbor ~]# systemctl start nfs [root@nfs-harbor ~]# systemctl enable nfs
[root@nfs-harbor ~]# systemctl enable nfs ```
```
创建共享目录并对外共享
创建共享目录并对外共享
```shell
```shell [root@nfs-harbor ~]# mkdir /kubernetes-1
[root@nfs-harbor ~]# mkdir /kubernetes-1 [root@nfs-harbor ~]# cat /etc/exports
[root@nfs-harbor ~]# cat /etc/exports /kubernetes-1 *(rw,no_root_squash,sync)
/kubernetes-1 *(rw,no_root_squash,sync) [root@nfs-harbor ~]# exportfs -rv
[root@nfs-harbor ~]# exportfs -rv ```
```
项目放入共享目录下
项目放入共享目录下
```shell
```shell [root@nfs-harbor ~]# git clone https://github.com/blackmed/xingdian-project.git
[root@nfs-harbor ~]# git clone https://github.com/blackmed/xingdian-project.git [root@nfs-harbor ~]# unzip dist.zip
[root@nfs-harbor ~]# unzip dist.zip [root@nfs-harbor ~]# cp -r dist/* /kubernetes-1
[root@nfs-harbor ~]# cp -r dist/* /kubernetes-1 ```
```
#### 5.创建statefulset部署项目
#### 5.创建statefulset部署项目
该yaml文件中除了statefulset以外还有service、PersistentVolume、StorageClass
该yaml文件中除了statefulset以外还有service、PersistentVolume、StorageClass
```shell
```shell [root@master xingdian]# cat Statefulset.yaml
[root@master xingdian]# cat Statefulset.yaml apiVersion: v1
apiVersion: v1 kind: Service
kind: Service metadata:
metadata: name: nginx
name: nginx labels:
labels: app: nginx
app: nginx spec:
spec: type: NodePort
type: NodePort ports:
ports: - port: 80
- port: 80 name: web
name: web targetPort: 80
targetPort: 80 nodePort: 30010
nodePort: 30010 selector:
selector: app: nginx
app: nginx ---
--- apiVersion: storage.k8s.io/v1
apiVersion: storage.k8s.io/v1 kind: StorageClass
kind: StorageClass metadata:
metadata: name: xingdian
name: xingdian provisioner: example.com/external-nfs
provisioner: example.com/external-nfs parameters:
parameters: server: 10.0.0.230
server: 10.0.0.230 path: /kubernetes-1
path: /kubernetes-1 readOnly: "false"
readOnly: "false" ---
--- apiVersion: v1
apiVersion: v1 kind: PersistentVolume
kind: PersistentVolume metadata:
metadata: name: xingdian-1
name: xingdian-1 spec:
spec: capacity:
capacity: storage: 1Gi
storage: 1Gi volumeMode: Filesystem
volumeMode: Filesystem accessModes:
accessModes: - ReadWriteOnce
- ReadWriteOnce storageClassName: xingdian
storageClassName: xingdian nfs:
nfs: path: /kubernetes-1
path: /kubernetes-1 server: 10.0.0.230
server: 10.0.0.230 ---
--- apiVersion: v1
apiVersion: v1 kind: PersistentVolume
kind: PersistentVolume metadata:
metadata: name: xingdian-2
name: xingdian-2 spec:
spec: capacity:
capacity: storage: 1Gi
storage: 1Gi volumeMode: Filesystem
volumeMode: Filesystem accessModes:
accessModes: - ReadWriteOnce
- ReadWriteOnce storageClassName: xingdian
storageClassName: xingdian nfs:
nfs: path: /kubernetes-1
path: /kubernetes-1 server: 10.0.0.230
server: 10.0.0.230 ---
--- apiVersion: apps/v1
apiVersion: apps/v1 kind: StatefulSet
kind: StatefulSet metadata:
metadata: name: web
name: web spec:
spec: selector:
selector: matchLabels:
matchLabels: app: nginx
app: nginx serviceName: "nginx"
serviceName: "nginx" replicas: 2
replicas: 2 template:
template: metadata:
metadata: labels:
labels: app: nginx
app: nginx spec:
spec: terminationGracePeriodSeconds: 10
terminationGracePeriodSeconds: 10 containers:
containers: - name: nginx
- name: nginx image: 10.0.0.230/xingdian/nginx:v2
image: 10.0.0.230/xingdian/nginx:v2 ports:
ports: - containerPort: 80
- containerPort: 80 name: web
name: web volumeMounts:
volumeMounts: - name: www
- name: www mountPath: /dist
mountPath: /dist volumeClaimTemplates:
volumeClaimTemplates: - metadata:
- metadata: name: www
name: www spec:
spec: accessModes: [ "ReadWriteOnce" ]
accessModes: [ "ReadWriteOnce" ] storageClassName: "xingdian"
storageClassName: "xingdian" resources:
resources: requests:
requests: storage: 1Gi
storage: 1Gi ```
```
#### 6.运行
#### 6.运行
```shell
```shell [root@master xingdian]# kubectl create -f Statefulset.yaml
[root@master xingdian]# kubectl create -f Statefulset.yaml service/nginx created
service/nginx created storageclass.storage.k8s.io/xingdian created
storageclass.storage.k8s.io/xingdian created persistentvolume/xingdian-1 created
persistentvolume/xingdian-1 created persistentvolume/xingdian-2 created
persistentvolume/xingdian-2 created statefulset.apps/web created
statefulset.apps/web created ```
```
## 三:项目验证
## 三:项目验证
#### 1.pv验证
#### 1.pv验证
```shell
```shell [root@master xingdian]# kubectl get pv
[root@master xingdian]# kubectl get pv NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE xingdian-1 1Gi RWO Retain Bound default/www-web-1 xingdian 9m59s
xingdian-1 1Gi RWO Retain Bound default/www-web-1 xingdian 9m59s xingdian-2 1Gi RWO Retain Bound default/www-web-0 xingdian 9m59s
xingdian-2 1Gi RWO Retain Bound default/www-web-0 xingdian 9m59s ```
```
#### 2.pvc验证
#### 2.pvc验证
```shell
```shell [root@master xingdian]# kubectl get pvc
[root@master xingdian]# kubectl get pvc NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE www-web-0 Bound xingdian-2 1Gi RWO xingdian 10m
www-web-0 Bound xingdian-2 1Gi RWO xingdian 10m www-web-1 Bound xingdian-1 1Gi RWO xingdian 10m
www-web-1 Bound xingdian-1 1Gi RWO xingdian 10m ```
```
#### 3.storageClass验证
#### 3.storageClass验证
```shell
```shell [root@master xingdian]# kubectl get storageclass
[root@master xingdian]# kubectl get storageclass NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE
NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE xingdian example.com/external-nfs Delete Immediate false 10m
xingdian example.com/external-nfs Delete Immediate false 10m ```
```
#### 4.statefulset验证
#### 4.statefulset验证
```shell
```shell [root@master xingdian]# kubectl get statefulset
[root@master xingdian]# kubectl get statefulset NAME READY AGE
NAME READY AGE web 2/2 13m
web 2/2 13m [root@master xingdian]# kubectl get pod
[root@master xingdian]# kubectl get pod NAME READY STATUS RESTARTS AGE
NAME READY STATUS RESTARTS AGE web-0 1/1 Running 0 13m
web-0 1/1 Running 0 13m web-1 1/1 Running 0 13m
web-1 1/1 Running 0 13m ```
```
#### 5.service验证
#### 5.service验证
```shell
```shell [root@master xingdian]# kubectl get svc
[root@master xingdian]# kubectl get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE nginx NodePort 10.111.189.32 <none> 80:30010/TCP 13m
nginx NodePort 10.111.189.32 <none> 80:30010/TCP 13m ```
```
#### 6.浏览器访问
#### 6.浏览器访问
<img src="https://xingdian-image.oss-cn-beijing.aliyuncs.com/xingdian-image/image-20220502193031689.png" alt="image-20220502193031689" style="zoom:80%;" />
<img src="%E5%88%A9%E7%94%A8kubernetes%E9%83%A8%E7%BD%B2%E7%BD%91%E7%AB%99%E9%A1%B9%E7%9B%AE.assets/image-20220502193031689.png" alt="image-20220502193031689" style="zoom:80%;" />