From 898213891bbd31cc36007d8dc68d922cd5939a31 Mon Sep 17 00:00:00 2001 From: wxin <15253413025@163.com> Date: Sun, 11 Aug 2024 21:13:19 +0800 Subject: [PATCH] =?UTF-8?q?=E5=88=A0=E9=99=A4=20kubernetes-MD/=E5=88=A9?= =?UTF-8?q?=E7=94=A8kubernetes=E9=83=A8=E7=BD=B2=E7=BD=91=E7=AB=99?= =?UTF-8?q?=E9=A1=B9=E7=9B=AE.md?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- kubernetes-MD/利用kubernetes部署网站项目.md | 335 -------------------- 1 file changed, 335 deletions(-) delete mode 100644 kubernetes-MD/利用kubernetes部署网站项目.md diff --git a/kubernetes-MD/利用kubernetes部署网站项目.md b/kubernetes-MD/利用kubernetes部署网站项目.md deleted file mode 100644 index 162a431..0000000 --- a/kubernetes-MD/利用kubernetes部署网站项目.md +++ /dev/null @@ -1,335 +0,0 @@ -

利用kubernetes部署网站项目

- -著作:行癫 <盗版必究> - ------- - -## 一:环境准备 - -#### 1.kubernetes集群 - -集群正常运行,例如使用以下命令检查 - -```shell -[root@master ~]# kubectl get node -NAME STATUS ROLES AGE VERSION -master Ready control-plane,master 5d19h v1.23.1 -node-1 Ready 5d19h v1.23.1 -node-2 Ready 5d19h v1.23.1 -node-3 Ready 5d19h v1.23.1 -``` - -#### 2.harbor私有仓库 - -主要给kubernetes集群提供镜像服务 - -image-20220502184026483 -## 二:项目部署 - -#### 1.镜像构建 - -软件下载地址: - -```shell -wget https://nginx.org/download/nginx-1.20.2.tar.gz -``` - -项目包下载地址: - -```shell -git clone https://github.com/blackmed/xingdian-project.git -``` - -构建centos基础镜像Dockerfile文件: - -```shell -root@nfs-harbor ~]# cat Dockerfile -FROM daocloud.io/centos:7 -MAINTAINER "xingdianvip@gmail.com" -ENV container docker -RUN yum -y swap -- remove fakesystemd -- install systemd systemd-libs -RUN yum -y update; yum clean all; \ -(cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \ -rm -f /lib/systemd/system/multi-user.target.wants/*;\ -rm -f /etc/systemd/system/*.wants/*;\ -rm -f /lib/systemd/system/local-fs.target.wants/*; \ -rm -f /lib/systemd/system/sockets.target.wants/*udev*; \ -rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \ -rm -f /lib/systemd/system/basic.target.wants/*;\ -rm -f /lib/systemd/system/anaconda.target.wants/*; -VOLUME [ "/sys/fs/cgroup" ] -CMD ["/usr/sbin/init"] -root@nfs-harbor ~]# docker bulid -t xingdian . -``` - -构建项目镜像: - -```shell -[root@nfs-harbor nginx]# cat Dockerfile -FROM xingdian -ADD nginx-1.20.2.tar.gz /usr/local -RUN rm -rf /etc/yum.repos.d/* -COPY CentOS-Base.repo /etc/yum.repos.d/ -COPY epel.repo /etc/yum.repos.d/ -RUN yum clean all && yum makecache fast -RUN yum -y install gcc gcc-c++ openssl openssl-devel pcre-devel zlib-devel make -WORKDIR /usr/local/nginx-1.20.2 -RUN ./configure --prefix=/usr/local/nginx -RUN make && make install -WORKDIR /usr/local/nginx -ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/nginx/sbin -EXPOSE 80 -RUN rm -rf /usr/local/nginx/conf/nginx.conf -COPY nginx.conf /usr/local/nginx/conf/ -RUN mkdir /dist -CMD ["nginx", "-g", "daemon off;"] -[root@nfs-harbor nginx]# docker build -t nginx:v2 . -``` - -注意: - -​ 需要事先准备好Centos的Base仓库和epel仓库 - -#### 2.上传项目到harbor - -修改镜像tag: - -```shell -[root@nfs-harbor ~]# docker tag nginx:v2 10.0.0.230/xingdian/nginx:v2 -``` - -登录私有仓库: - -```shell -[root@nfs-harbor ~]# docker login 10.0.0.230 -Username: xingdian -Password: -``` - -上传镜像: - -```shell -[root@nfs-harbor ~]# docker push 10.0.0.230/xingdian/nginx:v2 -``` - -注意: - -​ 默认上传时采用https,因为我们部署的harbor使用的是http,所以再上传之前按照3-1进行修改 - -#### 3.kubernetes集群连接harbor - -修改所有kubernetes集群能够访问http仓库,默认访问的是https - -```shell -[root@master ~]# vim /etc/systemd/system/multi-user.target.wants/docker.service -ExecStart=/usr/bin/dockerd -H fd:// --insecure-registry 10.0.1.13 --containerd=/run/containerd/containerd.sock -[root@master ~]# systemctl daemon-reload -[root@master ~]# systemctl restart docker -``` - -kubernetes集群创建secret用于连接harbor - -```shell -[root@master ~]# kubectl create secret docker-registry regcred --docker-server=10.0.0.230 --docker-username=diange --docker-password=QianFeng@123 -[root@master ~]# kubectl get secret -NAME TYPE DATA AGE -regcred kubernetes.io/dockerconfigjson 1 19h -``` - -注意: - -​ regcred:secret的名字 - -​ --docker-server:指定服务器的地址 - -​ --docker-username:指定harbor的用户 - -​ --docker-password:指定harbor的密码 - -#### 4.部署NFS - -部署NFS目的是为了给kubernetes集群提供持久化存储,kubernetes集群也要安装nfs-utils目的是为了支持nfs文件系统 - -```shell -[root@nfs-harbor ~]# yum -y install nfs-utils -[root@nfs-harbor ~]# systemctl start nfs -[root@nfs-harbor ~]# systemctl enable nfs -``` - -创建共享目录并对外共享 - -```shell -[root@nfs-harbor ~]# mkdir /kubernetes-1 -[root@nfs-harbor ~]# cat /etc/exports -/kubernetes-1 *(rw,no_root_squash,sync) -[root@nfs-harbor ~]# exportfs -rv -``` - -项目放入共享目录下 - -```shell -[root@nfs-harbor ~]# git clone https://github.com/blackmed/xingdian-project.git -[root@nfs-harbor ~]# unzip dist.zip -[root@nfs-harbor ~]# cp -r dist/* /kubernetes-1 -``` - -#### 5.创建statefulset部署项目 - -该yaml文件中除了statefulset以外还有service、PersistentVolume、StorageClass - -```shell -[root@master xingdian]# cat Statefulset.yaml -apiVersion: v1 -kind: Service -metadata: - name: nginx - labels: - app: nginx -spec: - type: NodePort - ports: - - port: 80 - name: web - targetPort: 80 - nodePort: 30010 - selector: - app: nginx ---- -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: xingdian -provisioner: example.com/external-nfs -parameters: - server: 10.0.0.230 - path: /kubernetes-1 - readOnly: "false" ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: xingdian-1 -spec: - capacity: - storage: 1Gi - volumeMode: Filesystem - accessModes: - - ReadWriteOnce - storageClassName: xingdian - nfs: - path: /kubernetes-1 - server: 10.0.0.230 ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: xingdian-2 -spec: - capacity: - storage: 1Gi - volumeMode: Filesystem - accessModes: - - ReadWriteOnce - storageClassName: xingdian - nfs: - path: /kubernetes-1 - server: 10.0.0.230 ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: web -spec: - selector: - matchLabels: - app: nginx - serviceName: "nginx" - replicas: 2 - template: - metadata: - labels: - app: nginx - spec: - terminationGracePeriodSeconds: 10 - containers: - - name: nginx - image: 10.0.0.230/xingdian/nginx:v2 - ports: - - containerPort: 80 - name: web - volumeMounts: - - name: www - mountPath: /dist - volumeClaimTemplates: - - metadata: - name: www - spec: - accessModes: [ "ReadWriteOnce" ] - storageClassName: "xingdian" - resources: - requests: - storage: 1Gi -``` - -#### 6.运行 - -```shell -[root@master xingdian]# kubectl create -f Statefulset.yaml -service/nginx created -storageclass.storage.k8s.io/xingdian created -persistentvolume/xingdian-1 created -persistentvolume/xingdian-2 created -statefulset.apps/web created -``` - -## 三:项目验证 - -#### 1.pv验证 - -```shell -[root@master xingdian]# kubectl get pv -NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE -xingdian-1 1Gi RWO Retain Bound default/www-web-1 xingdian 9m59s -xingdian-2 1Gi RWO Retain Bound default/www-web-0 xingdian 9m59s -``` - -#### 2.pvc验证 - -```shell -[root@master xingdian]# kubectl get pvc -NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE -www-web-0 Bound xingdian-2 1Gi RWO xingdian 10m -www-web-1 Bound xingdian-1 1Gi RWO xingdian 10m -``` - -#### 3.storageClass验证 - -```shell -[root@master xingdian]# kubectl get storageclass -NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE -xingdian example.com/external-nfs Delete Immediate false 10m -``` - -#### 4.statefulset验证 - -```shell -[root@master xingdian]# kubectl get statefulset -NAME READY AGE -web 2/2 13m -[root@master xingdian]# kubectl get pod -NAME READY STATUS RESTARTS AGE -web-0 1/1 Running 0 13m -web-1 1/1 Running 0 13m -``` - -#### 5.service验证 - -```shell -[root@master xingdian]# kubectl get svc -NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE -nginx NodePort 10.111.189.32 80:30010/TCP 13m -``` - -#### 6.浏览器访问 - -image-20220502193031689