目录

一、私有仓库搭建

二、镜像准备

三、提前创建PV

四、mysql部署工作

五、nginx部署工作

六、php部署工作

七、wordpress部署工作

---

一、私有仓库搭建

#pull私有仓库镜像

[root@node01 ~]# docker pull registry

#创建用户密码本

[root@node01 ~]# mkdir auth
[root@node01 ~]# docker run --entrypoint htpasswd registry:latest -Bbn amusitelangpao 123456 >/root/auth/htpasswd
[root@node01 ~]# cat /root/auth/htpasswd

#主机/root/auth目录挂载到镜像的/auth目录下，然后指定这个目录下的htpasswd文件来进行认证

[root@node01 ~]# docker login 127.0.0.1:5000
Username: amusitelangpao
Password: 
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded

#打包镜像到私有仓库

[root@node01 ~]# docker pull hello-world
[root@node01 ~]# docker tag hello-world:latest 127.0.0.1:5000/hello-world:v1
[root@node01 ~]# docker push 127.0.0.1:5000/hello-world:v1
[root@node01 ~]# ls /opt/registry/docker/registry/v2/repositories/
hello-world
[root@node01 ~]# curl -u amusitelangpao:123456 127.0.0.1:5000/v2/_catalog          
{"repositories":["hello-world"]}

#集群服务器全部配置信任私有仓库节点地址   

[root@manage01 ~]# vi /etc/docker/daemon.json
{
  "insecure-registries": ["192.168.192.129:5000"]
}
[root@manage01 ~]# systemctl daemon-reload 
[root@manage01 ~]# systemctl restart docker

#其他节点机器下载镜像成功

[root@manage01 ~]# docker images | grep hello
[root@manage01 ~]# docker pull 192.168.192.129:5000/hello-world:v1
v1: Pulling from hello-world
1b930d010525: Pull complete 
Digest: sha256:92c7f9c92844bbbb5d0a101b22f7c2a7949e40f8ea90c8b3bc396879d95e899a
Status: Downloaded newer image for 192.168.192.129:5000/hello-world:v1
192.168.192.129:5000/hello-world:v1
[root@manage01 ~]# docker images | grep hello                     
192.168.192.129:5000/hello-world   v1                  fce289e99eb9        14 months ago       1.84kB

二、镜像准备

#环境配置
192.168.192.128  k8s集群管理机manege01
192.168.192.129  k8s集群节点node01、私有仓库机器
192.168.192.130  k8s集群节点node02、nfs服务机器

#本次lnmp搭建存在两个问题：
1、node需提前准备好本地镜像，可能还需添加私有库权限配置
2、lnmp部署完毕，pod显示running，一切正常，页面无法访问，进入容器发现nginx服务未启动，手动启动后正常

#nginx和php创建部署文件提前准备好了，mysql用docker hub上面的。
https://download.csdn.net/download/weixin_39855998/12252247

#目录规划

[root@node01 ~]# mkdir -p lnmp/{php,nginx}
[root@node01 ~]# ls /root/lnmp/nginx/
Dockerfile  nginx-1.12.1.tar.gz  nginx.conf
[root@node01 ~]# ls /root/lnmp/php/
Dockerfile  php-5.6.31.tar.gz  php.ini

#镜像的构建、上传私有库、查看

[root@node01 lnmp]# docker login 192.168.192.129:5000
[root@node01 lnmp]# cd nginx
[root@node01 nginx]# docker build -t 192.168.192.129:5000/lnmp/nginx .
[root@node01 nginx]# docker push 192.168.192.129:5000/lnmp/nginx

[root@node01 lnmp]# cd php
[root@node01 nginx]# docker build -t 192.168.192.129:5000/lnmp/php .
[root@node01 nginx]# docker push 192.168.192.129:5000/lnmp/php

[root@node01 nginx]# docker pull mysql:5.6
[root@node01 nginx]# docker tag mysql:5.6 192.168.192.129:5000/lnmp/mysql
[root@node01 nginx]# docker push 192.168.192.129:5000/lnmp/mysql

[root@node01 nginx]# curl -u amusitelangpao:123456 192.168.192.129:5000/v2/_catalog          
{"repositories":["hello-world","lnmp/mysql","lnmp/nginx","lnmp/php"]}

#此时已经将mysql、nginx、php镜像上传私有库，部署时直接pull就可以了

三、提前创建PV

#nfs服务器创建目录用来挂载

[root@node02 ~]# mkdir -p /opt/nfs/wp-data  #存放nginx、php数据
[root@node02 ~]# mkdir -p /opt/nfs/wp-mysql  #存放mysql数据
[root@node02 ~]# cat  /etc/exports      #nfs策略  
/nfsdata *(rw,no_root_squash,no_all_squash,sync)
/opt/nfs/wp-mysql 192.168.192.0/24(rw,no_root_squash)
/opt/nfs/wp-data 192.168.192.0/24(rw,no_root_squash)

#master上创建pv

[root@manage01 lnmp]# cat pv.yaml 
apiVersion: v1
kind: PersistentVolume
metadata:
  name: mysql-pv
  labels:
    apps: mysql-pv
spec:
  capacity:
    storage: 10Gi
  accessModes:
    - ReadWriteMany
  nfs:
    path: /opt/nfs/wp-mysql
    server: 192.168.192.130

---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: wp-pv01
  labels:
    apps: wp-pv01
spec:
  capacity:
    storage: 5Gi
  accessModes:
    - ReadWriteMany
  nfs:
    path: /opt/nfs/wp-data
    server: 192.168.192.130

---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: wp-pv02
  labels:
    apps: wp-pv02
spec:
  capacity:
    storage: 5Gi
  accessModes:
    - ReadWriteMany
  nfs:
    path: /opt/nfs/wp-data
    server: 192.168.192.130

[root@manage01 lnmp]# kubectl create -f pv.yaml
persistentvolume/mysql-pv created
persistentvolume/wp-pv01 created
persistentvolume/wp-pv02 created

#每个节点提前装好镜像

[root@node01 ~]# docker pull 192.168.192.129:5000/lnmp/nginx
[root@node01 ~]# docker pull 192.168.192.129:5000/lnmp/mysql
[root@node01 ~]# docker pull 192.168.192.129:5000/lnmp/

四、mysql部署工作

1、提前安装本地镜像 2、一旦有问题删除pv pvc 否则pengding状态

#mysql密码认证

[root@manage01 lnmp]# kubectl create secret generic mysql-pass --from-literal=password=123456

#mysql的service、pvc、deployment创建
pvc匹配标签为上面创建的标签为apps: mysql-pv的pv
指定secret为上面创建的mysql-pass
拉取镜像为192.168.192.129:5000/lnmp/mysql
使用mysql-pv-claim这个pvc，把上面创建的mysql的pv挂载在容器的/var/lib/mysql目录下。

[root@manage01 lnmp]# cat mysql-deployment.yaml 
apiVersion: v1
kind: Service
metadata:
  name: wordpress-mysql
  labels:
    app: wordpress
spec:
  ports:
    - port: 3306
  selector:
    app: wordpress
    tier: mysql

---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: mysql-pv-claim
  labels:
    app: wordpress
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 20Gi
  selector:
    matchLabels:
      apps: mysql-pv

---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: wordpress-mysql
  labels:
    app: wordpress
spec:
  selector:
    matchLabels:
      app: wordpress
      tier: mysql
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: wordpress
        tier: mysql
    spec:
      containers:
      - name: mysql
        image: 192.168.192.129:5000/lnmp/mysql
        imagePullPolicy: IfNotPresent
        env:
        - name: MYSQL_ROOT_PASSWORD
          valueFrom:
            secretKeyRef:
              name: mysql-pass
              key: password

        ports: 
        - containerPort: 3306
          name: mysql
        volumeMounts:
        - name: mysql-persistent-storage
          mountPath: /var/lib/mysql
      #imagePullSecrets:
       # - name: registrypullsecret
      volumes:
      - name: mysql-persistent-storage
        persistentVolumeClaim:
          claimName: mysql-pv-claim

[root@manage01 lnmp]# kubectl create -f  mysql-deployment.yaml

五、nginx部署工作

[root@manage01 lnmp]# cat nginx-deployment.yaml 
apiVersion: v1
kind: ConfigMap
metadata:
  name: nginx-wp-config
data:
  site.conf: |-
    server {
        listen 80;
        server_name localhost;
        root html;
        index index.html index.php;

        location ~ \.php$ {
            root html;
            fastcgi_pass wordpress-php:9000;
            fastcgi_param SCRIPT_FILENAME /var/www/html$fastcgi_script_name;
            include fastcgi_params;
            fastcgi_connect_timeout 60s;
            fastcgi_read_timeout 300s;
            fastcgi_send_timeout 300s;
        }
    }
---
apiVersion: v1
kind: Service
metadata:
  name: wordpress-nginx
  labels:
    app: wordpress
spec:
  ports:
    - port: 80
  selector:
    app: wordpress-nginx
    tier: frontend
  type: NodePort
  sessionAffinity: ClientIP
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: wp-pvc02
  labels:
    app: wordpress
spec: 
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 5Gi
  selector:
    matchLabels:
      apps: wp-pv02
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: wordpress-nginx
  labels:
    app: wordpress
spec:
  replicas: 3
  selector:
    matchLabels:
      app: wordpress-nginx
      tier: frontend
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: wordpress-nginx
        tier: frontend
    spec:
      containers:
      - name: nginx
        image: 192.168.192.129:5000/lnmp/nginx
        imagePullPolicy: IfNotPresent
        command: [ "/bin/bash", "-ce", "tail -f /dev/null" ]
        ports:
        - containerPort: 80
          name: wordpress
        volumeMounts:
        - name: wordpress-persistent-storage
          mountPath: /usr/local/nginx/html
        - name: config
          mountPath: /usr/local/nginx/conf/vhost/site.conf
          subPath: site.conf
        #imagePullSecrets:
        #- name: registrypullsecret
      volumes:
      - name: wordpress-persistent-storage
        persistentVolumeClaim:
          claimName: wp-pvc02
      - name: config
        configMap:
          name: nginx-wp-config

[root@manage01 lnmp]# kubectl create -f  nginx-deployment.yaml

六、php部署工作

[root@manage01 lnmp]# cat php-deployment.yaml 
apiVersion: v1
kind: Service
metadata:
  name: wordpress-php
  labels:
    app: wordpress
spec:
  ports:
    - port: 9000
  selector:
    app: wordpress-php
    tier: frontend
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: wp-pvc01
  labels:
    app: wordpress
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 5Gi
  selector:
    matchLabels:
      apps: wp-pv01
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: wordpress-php
  labels:
    app: wordpress
spec:
  replicas: 3
  selector:
    matchLabels:
      app: wordpress-php
      tier: frontend
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: wordpress-php
        tier: frontend
    spec:
      containers:
      - name: php
        image: 192.168.192.129:5000/lnmp/php
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 9000
          name: wordpress
        volumeMounts:
        - name: wordpress-persistent-storage
          mountPath: /var/www/html
        ##拉取镜像时的用户认证,没有的时候注释掉这2行
        #imagePullSecrets:
        #- name: registrypullsecret
      volumes:
      - name: wordpress-persistent-storage
        persistentVolumeClaim:
          claimName: wp-pvc01

[root@manage01 lnmp]# kubectl create -f  php-deployment.yaml

[root@manage01 lnmp]# kubectl get pod
NAME                               READY   STATUS    RESTARTS   AGE
wordpress-mysql-76d8c4456f-rznmk   1/1     Running   0          3h21m
wordpress-nginx-874bffd44-5ltwb    1/1     Running   0          178m
wordpress-nginx-874bffd44-d4mhw    1/1     Running   0          178m
wordpress-nginx-874bffd44-svwkp    1/1     Running   0          178m
wordpress-php-797977fb-q9cbt       1/1     Running   0          3h1m
wordpress-php-797977fb-vx79c       1/1     Running   0          3h1m
wordpress-php-797977fb-zjsqc       1/1     Running   0          3h1m

七、wordpress部署工作

#nfs服务器安装wp并复制到存储卷目录

[root@node02 wordpress]# wget https://wordpress.org/latest.tar.gz
[root@node02 wordpress]# tar xf wordpress-5.3.2.tar.gz
[root@node02 wordpress]# cp -a wordpress/* /opt/nfs/wp-data/
[root@node02 wordpress]# chown -R nobody /opt/nfs/wp-data

#进入mysql容器为wp创建数据库

[root@manage01 lnmp]# kubectl exec -it wordpress-mysql-76d8c4456f-rznmk bash
root@wordpress-mysql-76d8c4456f-rznmk:/# mysql -uroot -p123456
mysql> CREATE DATABASE wordpressdb;
mysql> exit;

#查看server

[root@manage01 lnmp]# kubectl get svc
NAME              TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)        AGE
kubernetes        ClusterIP   10.10.10.1    <none>        443/TCP        16d
wordpress-mysql   ClusterIP   10.10.10.8    <none>        3306/TCP       3h26m
wordpress-nginx   NodePort    10.10.10.50   <none>        80:44802/TCP   3h2m
wordpress-php     ClusterIP   10.10.10.71   <none>        9000/TCP       3h5m

#创建ingress配置nginx-wp页面域名访问

[root@manage01 lnmp]# cat wp-ingress.yaml 
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: wp-ingress
spec:
  rules:
  - host: www.amu.blog
    http:
      paths:
      - backend:
          serviceName: wordpress-nginx
          servicePort: 80

[root@manage01 lnmp]# kubectl create -f wp-ingress.yaml

#查看ingress

[root@manage01 lnmp]#  kubectl get ingress
NAME         HOSTS                           ADDRESS   PORTS     AGE
wp-ingress   www.amu.blog                              80        63m

#主机hosts配置域名解析

#C:\Windows\System32\drivers\etc\hosts
192.168.192.129 www.amu.blog
192.168.192.130 www.amu.blog

#页面访问显示如下