部署k8s集群架构：

192.168.175.128 k8s-master

192.168.175.130 k8s-node1

192.168.175.131 k8s-node2

192.168.175.132 harbor/glusterfs/nfs

一、构建底层镜像Dockerfile

上传至Harbor仓库中，具体仓库的搭建请看前面的博客

(1)nginx：需要有一个默认的nginx.conf，以及nginx1.12编译安装包

nginx.conf配置如下：

[root@glusterfs-master nginx]# cat nginx.conf

user  root;

worker_processes  auto;

error_log  logs/error.log  info;

pid        logs/nginx.pid;

events {

use epoll;

}

http {

include       mime.types;

default_type  application/octet-stream;

log_format  main '$remote_addr - $remote_user [$time_local] "$request" '

'$status $body_bytes_sent "$http_referer" '

'"$http_user_agent" "$http_x_forwarded_for"';

access_log logs/access.log main;

sendfile        on;

keepalive_timeout  65;

# server {

#     listen 80;

#     server_name localhost;

#     root html;

#     index index.html index.php;

#     location  / {

#         root html;

#         index index.html;

#     }

# }

include   vhost/*.conf;

}

nginx Dockerfile如下

[root@glusterfs-master nginx]# cat Dockerfile

FROM centos:7

MAINTAINER wujunqi

RUN rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

RUN yum install -y gcc gcc-c++ make openssl-devel pcre-devel

ADD nginx-1.12.1.tar.gz /tmp

RUN cd /tmp/nginx-1.12.1 && \

./configure --prefix=/usr/local/nginx && \

make -j 2 && \

make install

RUN rm -rf /tmp/nginx-1.12.1* && yum clean all

COPY nginx.conf /usr/local/nginx/conf

WORKDIR /usr/local/nginx

EXPOSE 80

CMD ["./sbin/nginx", "-g", "daemon off;"]

(2)php：php编译版本为php-5.6.31，需要有一个默认的php.ini文件

php Dockerfile如下

[root@glusterfs-master php]# cat Dockerfile

FROM 192.168.175.132/centos/centos7

MAINTAINER wujunqi

RUN yum install -y gcc gcc-c++ make gd-devel libxml2-devel libcurl-devel libjpeg-devel libpng-devel openssl-devel

ADD php-5.6.31.tar.gz /tmp/

RUN cd /tmp/php-5.6.31 && \

./configure --prefix=/usr/local/php \

--with-config-file-path=/usr/local/php/etc \

--with-mysql --with-mysqli \

--with-openssl --with-zlib --with-curl --with-gd \

--with-jpeg-dir --with-png-dir --with-iconv \

--enable-fpm --enable-zip --enable-mbstring && \

make -j 2 && \

make install && \

cp /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf && \

sed -i "s/127.0.0.1/0.0.0.0/" /usr/local/php/etc/php-fpm.conf && \

sed -i "21a \daemonize = no" /usr/local/php/etc/php-fpm.conf

COPY php.ini /usr/local/php/etc

RUN rm -rf /tmp/php-5.6.31* && yum clean all

WORKDIR /usr/local/php

EXPOSE 9000

CMD ["./sbin/php-fpm", "-c", "/usr/local/php/etc/php-fpm.conf"]

二、构建镜像并上传

# docker build -t 192.168.175.132/nginx/nginx-1.12.1 -f Dockerfile .

# docker build -t 192.168.175.132/php/php-5.6.31 -f Dockerfile .  (标记表示上传到哪台harbor主机，以及对应的项目下)

# docker login 192.168.175.132 (登录harbor下的用户，上传的该用户下的指定项目)

# docker push 192.168.175.132/nginx/nginx-1.12.1

# docker push 192.168.175.132/php/php-5.6.31

三、k8s-master上配置LNMP的yaml配置文件

①nginx：采用configMap对象，将需要的虚拟主机配置放置在指定位置下加载，指定nodePort让外部网络访问，也可以使用ingress。需要注意的是nginx需要配置会话绑定，不然会话会飘。挂载点使用的是nfs以及configMap，因为很简单，看看就好。启动deployment的时候需要先启动php，要不然nginx会起不来，因为配置文件里需要解析php-server，另外为了能够让集群解析servicename，还需要配置kube-dns的，要不然会有问题。

Nginx Deployment yaml 如下

[root@k8s-master1 wjq]# cat nginx-wjq-deployment.yaml

apiVersion: v1

kind: ConfigMap

metadata:

name: nginx-config

data:

http.conf: |-

server {

listen 80;

server_name localhost;

root /usr/local/nginx/html;

index index.html index.php;

location ~ \.php$ {

root /usr/local/nginx/html;

fastcgi_pass php-server:9000;

fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

include /usr/local/nginx/conf/fastcgi_params;

fastcgi_connect_timeout 60s;

fastcgi_read_timeout 300s;

fastcgi_send_timeout 300s;

}

}

---

apiVersion: v1

kind: Service

metadata:

name: wordpress-nginx

labels:

app: wordpress

spec:

ports:

- port: 80

selector:

app: wordpress-nginx

type: NodePort

sessionAffinity: ClientIP

---

apiVersion: apps/v1beta2

kind: Deployment

metadata:

name: wordpress-nginx

labels:

app: wordpress

spec:

replicas: 1

selector:

matchLabels:

app: wordpress-nginx

template:

metadata:

labels:

app: wordpress-nginx

spec:

containers:

- name: nginx

image: 192.168.175.132/nginx/nginx-1.12.1

ports:

- containerPort: 80

name: wordpress

volumeMounts:

- name: wordpress-persistent-storage

mountPath: /usr/local/nginx/html

- name: config

mountPath: /usr/local/nginx/conf/vhost/http.conf

subPath: http.conf

volumes:

- name: wordpress-persistent-storage

nfs:

server: 192.168.175.132

path: /opt/nfs/data

- name: config

configMap:

name: nginx-config

②php

php Deployment yaml如下

[root@k8s-master1 wjq]# cat php-wjq-deployment.yaml

apiVersion: v1

kind: Service

metadata:

name: php-server

labels:

app: lnmp-php

spec:

ports:

- port: 9000

selector:

app: lnmp-php

---

apiVersion: apps/v1beta1

kind: Deployment

metadata:

name: php-wjq-deployment

labels:

app: lnmp-php

spec:

replicas: 2

template:

metadata:

labels:

app: lnmp-php

spec:

containers:

- name: php

image: 192.168.175.132/php/php-5.6.31

ports:

- containerPort: 9000

volumeMounts:

- name: php-html

mountPath: /usr/local/nginx/html

volumes:

- name: php-html

nfs:

server: 192.168.175.132

path: /opt/nfs/data

③mysql：mysql使用glusterfs持久卷的方式挂载/var/lib/mysql，即数据库目录，保证数据库文件不丢失，冗余备份。mysql运行需要数据库密码，即root密码，在这里配置一个secret变量在配置文件中用于读取mysql密码，然后在k8s-master创建一个secret。设置密码为123456.

# kubectl create secret generic mysql-pass --from-literal=password=123456

env:

- name: MYSQL_ROOT_PASSWORD

valueFrom:

secretKeyRef:

name: mysql-pass

key: password

pv-mysql.yaml：mysql持久卷设置，容量大小。

[root@k8s-master1 wjq]# cat pv-mysql.yaml

apiVersion: v1

kind: PersistentVolume

metadata:

name: mysql-pv

spec:

capacity:

storage: 10Gi

accessModes:

- ReadWriteMany

persistentVolumeReclaimPolicy: Recycle

glusterfs:

endpoints: "glusterfs-cluster"

path: "gv0"

pvc-mysql.yaml：持久卷申请。

[root@k8s-master1 wjq]# cat pvc-mysql.yaml

apiVersion: v1

kind: PersistentVolumeClaim

metadata:

name: mysql-pvc

spec:

resources:

requests:

storage: 10Gi

accessModes:

- ReadWriteMany

mysql Deployment yaml如下

[root@k8s-master1 wjq]# cat mysql-wjq-deployment.yaml

---

apiVersion: v1

kind: Service

metadata:

name: mysql-service

labels:

app: lnmp-mysql

spec:

ports:

- port: 3306

selector:

app: lnmp-mysql

---

apiVersion: apps/v1beta1

kind: Deployment

metadata:

name: mysql-deployment

labels:

app: lnmp-mysql

spec:

replicas: 1

template:

metadata:

labels:

app: lnmp-mysql

spec:

containers:

- image: mysql:5.6

env:

- name: MYSQL_ROOT_PASSWORD

valueFrom:

secretKeyRef:

name: mysql-pass

key: password

name: mysql

ports:

- containerPort: 3306

volumeMounts:

- name: mysql

mountPath: /var/lib/mysql

volumes:

- name: mysql

#nfs:

#server: 192.168.175.132

#path: /opt/nfs/mysql

persistentVolumeClaim:

claimName: mysql-pvc

启动deployment，nginx需在php后启动

[root@k8s-master1 wjq]# kubectl create -f mysql-wjq-deployment.yaml

[root@k8s-master1 wjq]# kubectl create -f php-wjq-deployment.yaml

[root@k8s-master1 wjq]# kubectl create -f nginx-wjq-deployment.yaml

运行正常

四、访问wordpress

数据库主机填mysql-service即mysql deployment的serviceName