篇首语:本文由编程笔记#自由互联小编为大家整理,主要介绍了k8s实战之手动部署PHP项目和Java项目相关的知识,希望对你有一定的参考价值。
作者 | 乔克 来源 | 运维开发故事
对k8s刚入门的朋友而言,光搭建k8s集群是不够的,我们需要更多的理论加实战,才能更好的掌握k8s的好处,当我们成功部署一个k8s集群之后,我们需要在实际项目中进行应用,本文简单的介绍了当前比较主流的PHP项目和Java项目的部署。
传统部署与K8S部署区别
通常使用传统的部署的时候,我们一个web项目,网站的搭建,往往使用的如下的一种整体架构,可能有的公司在某一环节使用的东西是不一样,但是大体的框架流程是都是差不多的使用K8S部署,便于弹性伸缩,节约资源,发布周期快,整体框架如下:
准备环境
192.168.73.138k8s-Master
192.168.73.139k8s-node01
192.168.73.140k8s-node02
192.168.73.136Harbor镜像仓库
1 php项目部署流程 1.1 制作镜像
使用Dockerfile制作镜像,把应用程序、运行环境、文件系统一起打包成一个镜像,然后推送到Harbor镜像仓库中首先在k8s的master节点进行操作
[root@k8s-master ]# git clone https://github.com/zhangdongdong7/php-demo.git[root@k8s-master ]# cd php-demo[root@k8s-master php-demo]# lsdeployment.yaml ingress.yaml mysql.yaml namespace.yaml README.md service.yaml wordpress
#修改数据库连接地址[root@k8s-master php-demo]cd wordpress[root@k8s-master wordpress]# vim wp-config.php...// ** MySQL 设置 - 具体信息来自您正在使用的主机 ** ///** WordPress数据库的名称 */define('DB_NAME', 'wp');/** MySQL数据库用户名 */define('DB_USER', 'root');/** MySQL数据库密码 */define('DB_PASSWORD', '123456');/** MySQL主机 */define('DB_HOST', '192.168.73.136:3306');/** 创建数据表时默认的文字编码 */define('DB_CHARSET', 'utf8mb4');/** 数据库整理类型。如不确定请勿更改 */define('DB_COLLATE', '');...
#编写Dockerfile构建镜像[root@k8s-master wordpress]# vim Dockerfile FROMregistry.cn-hangzhou.aliyuncs.com/sunsharing/nginx-php:latestMAINTAINER www.ctnrs.comADD . /usr/local/nginx/html[root@k8s-master wordpress]docker login 192.168.73.136[root@k8s-master wordpress]docker build -t 192.168.73.136/test/php-demo:latest . [root@k8s-master wordpress]docker push 192.168.73.136/test/php-demo:latest
1.2 创建控制器管理pod
回到php-demo目录编写yaml,首先部署一个test的命令空间
[root@k8s-master wordpress]# cd ../[root@k8s-master php-demo]# vim namespace.yaml apiVersion: v1kind: Namespacemetadata: name: test[root@k8s-masterphp-demo]#kubectl apply -f namespace.yaml
创建harbor私有仓库认证
[root@k8s-master php-demo]# kubectl create secret docker-registry registry-pull-secret —docker-username=admin —docker-password=Harbor12345 —docker-email=123@qq.com —docker-server=192.168.73.136 -n test
[root@k8s-master php-demo]# vim deployment.yaml apiVersion: apps/v1beta1kind: Deploymentmetadata: name: php-demo namespace: testspec: replicas: 2 selector: matchLabels: project: www app: php-demo template: metadata: labels: project: www app: php-demo spec: imagePullSecrets: - name: registry-pull-secret containers: - name: nginx image: 192.168.73.136/test/php-demo:v3 imagePullPolicy: Always ports: - containerPort: 80 name: web protocol: TCP resources: requests: cpu: 0.5 memory: 256Mi limits: cpu: 1 memory: 1Gi resources: requests: cpu: 0.5 memory: 256Mi limits: cpu: 1 memory: 1Gi livenessProbe: httpGet: path: /status.php port: 80
1.3 pod数据持久化
这里演示的是一个静态的web网站,基本不需要做持久化,直接把代码打包到了镜像中
1.4 暴露应用
创建一个service来暴露应用,直接使用的了ingress控制器的方式暴露应用了
[root@k8s-master php-demo]# vim service.yamlapiVersion: v1kind: Servicemetadata: name: php-demo namespace: testspec: selector: project: www app: php-demo ports: - name: web port: 80 targetPort: 80[root@k8s-masterphp-demo]#kubectlapply-fservice.yaml[root@k8s-master php-demo]# kubectl get pods,svc -n test -o wideNAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATESpod/php-demo-66d9c64968-4r4vn 1/1 Running 0 24h 10.244.1.73 k8s-node01 pod/php-demo-66d9c64968-8zw9s1/1Running024h10.244.2.43k8s-node02NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTORservice/php-demoNodePort10.1.136.9680:32625/TCP23happ=php-demo,project=www[root@k8s-master php-demo]#
1.5 创建ingress对外发布应用
编写yaml,首先创建ingress控制器,创建ingress,最后可以查看pod,svc,ingress的状态,全部都正常可以开始下一步,如果有异常可以使用kubectl describe命令查看日志进行排错
[root@k8s-masterjava-demo]#kubectlapply-fmandatory.yaml[root@k8s-master php-demo]# vim ingress.yaml apiVersion: extensions/v1beta1kind: Ingressmetadata: name: php-demo namespace: testspec: rules: - host: php.ctnrs.com http: paths: - path: / backend: serviceName: php-demoservicePort:80[root@k8s-masterphp-demo]#kubectl apply -fingress.yaml[root@k8s-masterphp-demo]#kubectlgetpod,svc,ingress-ntest-owideNAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATESpod/php-demo-66d9c64968-4r4vn 1/1 Running 0 24h 10.244.1.73 k8s-node01 pod/php-demo-66d9c64968-8zw9s1/1Running024h10.244.2.43k8s-node02NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTORservice/php-demoNodePort10.1.136.9680:32625/TCP24happ=php-demo,project=wwwNAME HOSTS ADDRESS PORTS AGEingress.extensions/php-demophp.ctnrs.com8024h
可以在集群之外找一个虚机创建数据库,我是在harbor镜像仓库安装
docker run -d -p 3306:3306 -e MYSQL_ROOT_PASSWORD=123456 mysql:5.7docker exec -it mysql:5.7 bashmysql -uroot -p$MYSQL_ROOT_PASSWORDcreate database wp;
2.6 绑定本机hosts,访问域名验证
192.168.73.139 php.ctnrs.com
在浏览器中,输入php.ctnrs.com,会跳转到初始化设置界面,设置对应的账号,然后安装,登录,然后就可以编辑文章发布了,一个简单的WordPress的php网站搭建完成
2 Java项目部署流程 2.1 制作镜像
使用Dockerfile制作镜像,把应用程序、运行环境、文件系统一起打包成一个镜像,然后推送到Harbor镜像仓库中
首先在k8s的master节点进行操作
[root@k8s-master ]# git clone https://github.com/zhangdongdong7/java-demo.git[root@k8s-master java-demo]# cd java-demo[root@k8s-master java-demo]# lsdeployment.yaml ingress.yaml mysql.yaml README.md tomcat-java-demo-master.zip deploy.yml mandatory.yaml namespace.yaml service.yaml[root@k8s-master java-demo]# unzip tomcat-java-demo-master.zip[root@k8s-master java-demo]# cd tomcat-java-demo-master/
安装环境
[root@k8s-master tomcat-java-demo-master]# yum install java-1.8.0-openjdk maven -y
编译构建如果maven构建慢的话,默认是官方源,可以换阿里云的源vim /etc/maven/settings.xml,大概在(159-164行),更换为如下代码
[root@k8s-master tomcat-java-demo-master]# vim /etc/maven/settings.xml ... central central aliyun maven https://maven.aliyun.com/repository/public ...[root@k8s-mastertomcat-java-demo-master]# mvn clean package -Dmaven.test.skip=true......[root@k8s-master tomcat-java-demo-master]# lsdbDockerfileLICENSEpom.xmlREADME.mdsrctarget
Dockerfile已经打包好了,ls可以查看目录中已经存在,可以查看一下
[root@k8s-master tomcat-java-demo-master]# cat Dockerfile FROM lizhenliang/tomcat LABEL maintainer www.ctnrs.comRUN rm -rf /usr/local/tomcat/webapps/ADD target/.war /usr/local/tomcat/webapps/ROOT.war
在tomcat目录下构建镜像
[root@k8s-master tomcat-java-demo-master]# docker login 192.168.73.136Authenticating with existing credentials…WARNING! Your password will be stored unencrypted in /root/.docker/config.json.Configure a credential helper to remove this warning. Seehttps://docs.docker.com/engine/reference/commandline/login/#credentials-storeLogin Succeeded[root@k8s-master tomcat-java-demo-master]docker build -t 192.168.73.136/test/java-demo:latest .[root@k8s-master tomcat-java-demo-master]docker push 192.168.73.136/test/java-demo:latest
回到上一层java-demo目录中
[root@k8s-master tomcat-java-demo-master]# cd ../[root@k8s-master java-demo]# lsdb deploy.yml mandatory.yaml namespace.yaml service.yaml tomcat-java-demo-master.zipdeployment.yaml ingress.yaml mysql.yaml README.md tomcat-java-demo-master[root@k8s-master java-demo]#
创建一个test的命名空间
[root@k8s-master java-demo]# cat namespace.yaml apiVersion: v1kind: Namespacemetadata: name: test namespace.yaml[root@k8s-masterjava-demo]#kubectl apply -fnamespace.yaml
创建一个harbor仓库的拉取镜像认证,,如果搭建php网站的时候创建过认证,这一步可以不用再创建,跳过
[root@k8s-master java-demo]# kubectl create secret docker-registry registry-pull-secret —docker-username=admin —docker-password=Harbor12345 —docker-email=123@qq.com —docker-server=192.168.73.136 -n test
2.2 创建控制器管理pod
[root@k8s-master java-demo]# vim deployment.yaml apiVersion: apps/v1beta1kind: Deploymentmetadata: name: tomcat-java-demo namespace: testspec: replicas: 2 selector: matchLabels: project: www app: java-demo template: metadata: labels: project: www app: java-demo spec: imagePullSecrets: - name: registry-pull-secret containers: - name: tomcat image: 192.168.73.136/test/java-demo:latest imagePullPolicy: Always ports: - containerPort: 8080 name: web protocol: TCP resources: requests: cpu: 0.25 memory: 1Gi limits: cpu: 1 memory: 2Gi livenessProbe: httpGet: path: / port: 8080 initialDelaySeconds: 60 timeoutSeconds: 20 readinessProbe: httpGet: path: / port: 8080 initialDelaySeconds: 60[root@k8s-masterjava-demo]#kubectl adpply -fdeployment.yaml
2.3 pod数据持久化
这里演示的是一个静态的web网站,基本不需要做持久化,直接把代码打包到了镜像中
2.4 暴露应用
创建一个service来暴露应用,直接使用的了ingress控制器的方式暴露应用了
[root@k8s-master java-demo]# cat service.yamlapiVersion: v1kind: Servicemetadata: name: tomcat-java-demo namespace: testspec: selector: project: www app: java-demo ports: - name: web port: 80 targetPort: 8080[root@k8s-masterjava-demo]#kubectlapply -fservice.yaml
2.5 创建ingress对外发布应用
编写yaml,因为刚才php项目创建过ingress控制器,因此可以不用创建,直接创建ingress,最后可以查看pod,svc,ingress的状态,全部都正常可以开始下一步,如果有异常可以使用kubectl describe命令查看日志进行排错
[root@k8s-master java-demo]# cat ingress.yaml apiVersion: extensions/v1beta1kind: Ingressmetadata: name: tomcat-java-demo namespace: testspec: rules: - host: java.ctnrs.com http: paths: - path: / backend: serviceName: tomcat-java-demo servicePort: 80[root@k8s-master java-demo]# kubectl apply -f ingress.yaml[root@k8s-master java-demo]# kubectl get pod,svc,ingress -n test -o wideNAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATESpod/php-demo-66d9c64968-4r4vn 1/1 Running 0 24h 10.244.1.73 k8s-node01 pod/php-demo-66d9c64968-8zw9s 1/1 Running 0 24h 10.244.2.43 k8s-node02 pod/tomcat-java-demo-5f4f64dd4b-tcmtv 1/1 Running 0 24h 10.244.2.42 k8s-node02 pod/tomcat-java-demo-5f4f64dd4b-vvx5x 1/1 Running 0 24h 10.244.1.72 k8s-node01 NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTORservice/php-demo NodePort 10.1.136.96 80:32625/TCP 24h app=php-demo,project=wwwservice/tomcat-java-demo ClusterIP 10.1.198.15 80/TCP 24h app=java-demo,project=wwwNAME HOSTS ADDRESS PORTS AGEingress.extensions/php-demo php.ctnrs.com 80 24hingress.extensions/tomcat-java-demo java.ctnrs.com 80 24h[root@k8s-master java-demo]#
2.6 绑定本机hosts,访问域名验证
192.168.73.139 java.ctnrs.com
在浏览器中输入java.ctnrs.com访问