业务容器化案例8: kubernetes运行lnmp环境wordpress
架构:
构建镜像
构建基础centos-base镜像
Centos基础镜像构建
|
YAML
unzip k8s-data-20230511.zip
cd k8s-data/dockerfile/system/centos
root@k8s-m001:~# ll
total 31856
drwxr-xr-x 2 root root 4096 Nov 30 11:16 ./
drwxr-xr-x 3 root root 4096 Aug 9 2022 ../
-rw-r--r-- 1 root root 350 May 11 2023 build-command.sh
-rw-r--r-- 1 root root 445 Aug 7 2022 Dockerfile
-rw-r--r-- 1 root root 32600353 May 18 2021 filebeat-7.12.1-x86_64.rpm
centos基础镜像构建:
cat Dockerfile
---------------------------------------------------------------------------
#自定义Centos 基础镜像,注意 前后端都需要用同一个账号启动,这里设置的nginx
FROM centos:7.9.2009
MAINTAINER leilei.chen 370460370@qq.com
ADD filebeat-7.12.1-x86_64.rpm /tmp
RUN yum install -y /tmp/filebeat-7.12.1-x86_64.rpm vim wget tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools iotop && rm -rf /etc/localtime /tmp/filebeat-7.12.1-x86_64.rpm && ln -snf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && useradd nginx -u 2088
---------------------------------------------------------------------------
cat build-command.sh
---------------------------------------------------------------------------
#!/bin/bash
#docker build -t harbor.wh02.com/baseimages/magedu-centos-base:7.9.2009 .
#docker push harbor.wh02.com/baseimages/magedu-centos-base:7.9.2009
/usr/local/bin/nerdctl build -t harbor.wh02.com/baseimages/leilei-centos-base:7.9.2009 .
/usr/local/bin/nerdctl push harbor.wh02.com/baseimages/leilei-centos-base:7.9.2009
---------------------------------------------------------------------------
注意: 使用buildkitd构建,需要部署好
注意,如果是本地仓库记得在hosts添加解析:
cat /etc/hosts
192.168.3.120 k8s-harbor harbor.wh02.com
开始构建:
|
在harbor中查看:
得到centos基础镜像
harbor.wh02.com/baseimages/leilei-centos-base:7.9.2009
至此,centos基础镜像构建完成
构建nginx镜像
构建nginx基础镜像
|
YAML
root@k8s-m001:/nginx-base-wordpress# ll
total 3100
drwxr-xr-x 2 root root 4096 Dec 14 12:25 ./
drwxr-xr-x 6 root root 4096 Aug 9 2022 ../
-rwxr-xr-x 1 root root 314 Dec 13 16:36 build-command.sh*
-rw-r--r-- 1 root root 485 Dec 13 16:38 Dockerfile
-rw-r--r-- 1 root root 1015384 Jun 22 2021 nginx-1.14.2.tar.gz
-rw-r--r-- 1 root root 1062124 Nov 16 2021 nginx-1.20.2.tar.gz
-rw-r--r-- 1 root root 1073322 May 24 2022 nginx-1.22.0.tar.gz
cat build-command.sh
--------------------------------------------------------------
#!/bin/bash
#docker build -t harbor.wh02.com/pub-images/nginx-base-wordpress:v1.20.2 .
#sleep 1
#docker push harbor.wh02.com/pub-images/nginx-base-wordpress:v1.20.2
nerdctl build -t harbor.wh02.com/pub-images/nginx-base-wordpress:v1.22.0 .
nerdctl push harbor.wh02.com/pub-images/nginx-base-wordpress:v1.22.0
--------------------------------------------------------------
cat Dockerfile
--------------------------------------------------------------
#Nginx Base Image
FROM harbor.wh02.com/baseimages/leilei-centos-base:7.9.2009
MAINTAINER zhangshijie@magedu.net
RUN yum install -y vim wget tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools iotop
ADD nginx-1.22.0.tar.gz /usr/local/src/
RUN cd /usr/local/src/nginx-1.22.0 && ./configure --prefix=/apps/nginx && make && make install && ln -sv /apps/nginx/sbin/nginx /usr/sbin/nginx &&rm -rf /usr/local/src/nginx-1.22.0.tar.gz
--------------------------------------------------------------
构建镜像:
bash build-command.sh
|
得到基础镜像地址:
harbor.wh02.com/baseimages/leilei-centos-base:7.9.2009
harbor.wh02.com/pub-images/nginx-base-wordpress:v1.22.0
php可选 构建php5.6镜像
|
YAML
root@k8s-m001:~/1.云原生上课课件/1.kubernetes/5.kubernetes-day5-20230514/k8s-data/dockerfile/web/magedu/wordpress/php# ll
total 48
drwxr-xr-x 2 root root 4096 Dec 14 10:33 ./
drwxr-xr-x 4 root root 4096 Aug 9 2022 ../
-rwxr-xr-x 1 root root 316 Dec 13 18:07 build-command.sh*
-rw-r--r-- 1 root root 428 Dec 14 10:28 Dockerfile
-rwxr-xr-x 1 root root 184 Dec 14 10:26 run_php.sh*
-rw-r--r-- 1 root root 19220 Jun 22 2021 www.conf
cat build-command.sh:
--------------------------------------------------------------
#!/bin/bash
TAG=$1
#docker build -t harbor.linuxarchitect.io/magedu/wordpress-php-5.6:${TAG} .
nerdctl build -t harbor.wh02.com/magedu/wordpress-php-5.6:${TAG} .
echo "镜像制作完成,即将上传至Harbor服务器"
sleep 1
nerdctl push harbor.wh02.com/magedu/wordpress-php-5.6:${TAG}
echo "镜像上传完成"
--------------------------------------------------------------
cat Dockerfile:
--------------------------------------------------------------
#PHP Base Image
FROM harbor.wh02.com/baseimages/leilei-centos-base:7.9.2009
MAINTAINER zhangshijie@magedu.net
RUN yum install -y https://mirrors.tuna.tsinghua.edu.cn/remi/enterprise/remi-release-7.rpm && yum install php56-php-fpm php56-php-mysql -y
ADD www.conf /opt/remi/php56/root/etc/php-fpm.d/www.conf
#RUN useradd nginx -u 2019
ADD run_php.sh /usr/local/bin/run_php.sh
EXPOSE 9000
CMD ["/usr/local/bin/run_php.sh"]
--------------------------------------------------------------
cat run_php.sh:
--------------------------------------------------------------
#!/bin/bash
#echo "nameserver 10.20.254.254" > /etc/resolv.conf
/opt/remi/php56/root/usr/sbin/php-fpm
#/opt/remi/php56/root/usr/sbin/php-fpm --nodaemonize
tail -f /etc/hosts
--------------------------------------------------------------
cat www.conf
--------------------------------------------------------------
[www]
user = nginx
group = nginx
listen = 0.0.0.0:9000
pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
slowlog = /opt/remi/php56/root/var/log/php-fpm/www-slow.log
php_admin_value[error_log] = /opt/remi/php56/root/var/log/php-fpm/www-error.log
php_admin_flag[log_errors] = on
php_value[session.save_handler] = files
php_value[session.save_path] = /opt/remi/php56/root/var/lib/php/session
php_value[soap.wsdl_cache_dir] = /opt/remi/php56/root/var/lib/php/wsdlcache
--------------------------------------------------------------
执行构建:
bash build-command.sh v1
|
得到php镜像地址:
harbor.wh02.com/baseimages/leilei-centos-base:7.9.2009
harbor.wh02.com/pub-images/nginx-base-wordpress:v1.22.0
harbor.wh02.com/magedu/wordpress-php-5.6:v1
php可选 构建php8镜像
使用的基础centos镜像,部署为php8版本的镜像
|
YAML
root@k8s-m001:~/web/magedu/wordpress/php# ll
total 980580
drwxr-xr-x 2 root root 4096 Dec 16 03:56 ./
drwxr-xr-x 4 root root 4096 Aug 9 2022 ../
-rwxr-xr-x 1 root root 316 Dec 13 18:07 build-command.sh*
-rw-r--r-- 1 root root 765 Dec 16 03:08 Dockerfile
-rwxr-xr-x 1 root root 188 Dec 16 02:47 run_php.sh*
-rw-r--r-- 1 root root 19220 Jun 22 2021 www.conf
|
Cat build-command.sh
|
YAML
#!/bin/bash
TAG=$1
#docker build -t harbor.linuxarchitect.io/magedu/wordpress-php-5.6:${TAG} .
nerdctl build -t harbor.wh02.com/magedu/wordpress-php-8.0:${TAG} .
echo "镜像制作完成,即将上传至Harbor服务器"
sleep 1
nerdctl push harbor.wh02.com/magedu/wordpress-php-8.0:${TAG}
echo "镜像上传完成"
|
cat Dockerfile
|
Dockerfile
#PHP Base Image
FROM harbor.wh02.com/baseimages/leilei-centos-base:7.9.2009
MAINTAINER zhangshijie@magedu.net
#RUN yum install -y https://mirrors.tuna.tsinghua.edu.cn/remi/enterprise/remi-release-7.rpm && yum install php56-php-fpm php56-php-mysql -y
#RUN useradd nginx -u 2019
RUN yum install -y epel-release
RUN yum install -y https://rpms.remirepo.net/enterprise/remi-release-7.rpm
RUN yum-config-manager --enable remi-php80 && \
yum install -y php php-mysqlnd php-mbstring php-gd php-xml php-xmlrpc php-pecl-mcrypt php-fpm php-opcache php-mysqli
#ADD www.conf /opt/remi/php56/root/etc/php-fpm.d/www.conf
ADD www.conf /etc/php-fpm.d/www.conf
ADD run_php.sh /usr/local/bin/run_php.sh
RUN mkdir -p /run/php-fpm
EXPOSE 9000
CMD ["/usr/local/bin/run_php.sh"]
|
cat run_php.sh*
|
Dockerfile
#!/bin/bash
#echo "nameserver 10.20.254.254" > /etc/resolv.conf
php-fpm -F
|
www.conf
|
Dockerfile
root@k8s-m001:~ egrep -v '^;|^$' www.conf
[www]
user = nginx
group = nginx
listen = 0.0.0.0:9000
pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
slowlog = /var/log/php-fpm/www-slow.log
php_admin_value[error_log] = /opt/remi/php56/root/var/log/php-fpm/www-error.log
php_admin_flag[log_errors] = on
php_value[session.save_handler] = files
php_value[session.save_path] = /opt/remi/php56/root/var/lib/php/session
php_value[soap.wsdl_cache_dir] = /opt/remi/php56/root/var/lib/php/wsdlcache
|
构建镜像:
|
Dockerfile
bash build-command.sh v1
得到php8镜像:
harbor.wh02.com/magedu/wordpress-php-8.0:v1
|
构建wordpress业务镜像
|
YAML
root@k8s-m001:~wordpress/nginx# ll
total 28
drwxr-xr-x 2 root root 4096 Dec 13 18:13 ./
drwxr-xr-x 4 root root 4096 Aug 9 2022 ../
-rwxr-xr-x 1 root root 302 Dec 13 16:43 build-command.sh*
-rw-r--r-- 1 root root 358 Dec 13 16:39 Dockerfile
-rw-r--r-- 1 root root 11 Jun 22 2021 index.html
-rw-r--r-- 1 root root 3367 Dec 13 16:40 nginx.conf
-rwxr-xr-x 1 root root 151 Jun 22 2021 run_nginx.sh*
|
Dockerfile (引用基础镜像 harbor.wh02.com/magedu/wordpress-nginx:v1 )
|
YAML
FROM harbor.wh02.com/pub-images/nginx-base-wordpress:v1.22.0
ADD nginx.conf /apps/nginx/conf/nginx.conf
ADD run_nginx.sh /apps/nginx/sbin/run_nginx.sh
RUN mkdir -pv /home/nginx/wordpress
RUN chown nginx.nginx /home/nginx/wordpress/ -R
EXPOSE 80 443
CMD ["/apps/nginx/sbin/run_nginx.sh"]
|
index.html
|
YAML
cat index.html:
nginx web1
|
nginx.conf
|
YAML
user nginx nginx;
worker_processes auto;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
#daemon off;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
client_max_body_size 10M;
client_body_buffer_size 16k;
client_body_temp_path /apps/nginx/tmp 1 2 2;
gzip on;
server {
listen 80;
#修改为自己的域名
server_name blogs.wh02.com;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root /home/nginx/wordpress;
index index.php index.html index.htm;
#if ($http_user_agent ~ "ApacheBench|WebBench|TurnitinBot|Sogou web spider|Grid Service") {
# proxy_pass http://www.baidu.com;
# #return 403;
#}
}
location ~ \.php$ {
root /home/nginx/wordpress;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
#fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
|
run_nginx.sh
|
YAML
#!/bin/bash
#echo "nameserver 10.20.254.254" > /etc/resolv.conf
#chown nginx.nginx /home/nginx/wordpress/ -R
/apps/nginx/sbin/nginx
tail -f /etc/hosts
|
执行构建:
|
YAML
bash build-command.sh v1
|
得到镜像地址:
得到基础镜像地址:
harbor.wh02.com/baseimages/leilei-centos-base:7.9.2009
harbor.wh02.com/pub-images/nginx-base-wordpress:v1.22.0
harbor.wh02.com/magedu/wordpress-php-5.6:v1
harbor.wh02.com/magedu/wordpress-php-8.0:v1 [可选]
harbor.wh02.com/magedu/wordpress-nginx:v1
部署wordpress
nfs服务器创建目录:
mkdir -p /data/k8sdata/magedu/wordpress
cat wordpress.yaml
|
YAML
kind: Deployment
#apiVersion: extensions/v1beta1
apiVersion: apps/v1
metadata:
labels:
app: wordpress-app
name: wordpress-app-deployment
namespace: magedu
spec:
replicas: 1
selector:
matchLabels:
app: wordpress-app
template:
metadata:
labels:
app: wordpress-app
spec:
containers:
- name: wordpress-app-nginx
image: harbor.wh02.com/magedu/wordpress-nginx:v1 #修改为自己的ngixn镜像地址
imagePullPolicy: Always
ports:
- containerPort: 80
protocol: TCP
name: http
- containerPort: 443
protocol: TCP
name: https
volumeMounts:
- name: wordpress
mountPath: /home/nginx/wordpress
readOnly: false
- name: wordpress-app-php
image: harbor.wh02.com/magedu/wordpress-php-8:v1 #修改为自己的PHP镜像地址
#image: harbor.wh02.com/magedu/php:5.6.40-fpm
#imagePullPolicy: IfNotPresent
imagePullPolicy: Always
ports:
- containerPort: 9000
protocol: TCP
name: http
volumeMounts:
- name: wordpress
mountPath: /home/nginx/wordpress
readOnly: false
volumes:
- name: wordpress
nfs:
server: 192.168.3.113 #修改nfs地址
path: /data/k8sdata/magedu/wordpress
---
kind: Service
apiVersion: v1
metadata:
labels:
app: wordpress-app
name: wordpress-app-spec
namespace: magedu
spec:
type: NodePort
ports:
- name: http
port: 80
protocol: TCP
targetPort: 80
nodePort: 30031
- name: https
port: 443
protocol: TCP
targetPort: 443
nodePort: 30033
selector:
app: wordpress-app
|
部署:
|
YAML
root@k8s-m001:~# kubectl apply -f wordpress.yaml
deployment.apps/wordpress-app-deployment created
service/wordpress-app-spec created
root@k8s-m001:~# kubectl get svc -n magedu
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
magedu-consumer-server NodePort 10.100.5.192 <none> 80:42550/TCP 2d19h
magedu-dubboadmin-service NodePort 10.100.48.187 <none> 80:31080/TCP 2d18h
magedu-jenkins-service NodePort 10.100.32.152 <none> 80:38080/TCP 4d9h
magedu-nginx-service NodePort 10.100.29.28 <none> 80:30090/TCP,443:30091/TCP 11d
magedu-provider-spec NodePort 10.100.141.165 <none> 80:30732/TCP 2d19h
magedu-tomcat-app1-service ClusterIP 10.100.62.115 <none> 80/TCP 11d
mysql ClusterIP None <none> 3306/TCP 4d12h
mysql-read ClusterIP 10.100.2.246 <none> 3306/TCP 4d12h
wordpress-app-spec NodePort 10.100.146.120 <none> 80:30031/TCP,443:30033/TCP 67s
可以看到暴露的端口是 30031,通过haproxy来代理这个端口[自己部署集群这么做,云上负载均衡代理即可]
修改haproxy.cfg添加如下配置:
listen wordpress-80
bind 192.168.3.202:80
mode tcp
server k8s-m001 192.168.3.101:30031 check
server k8s-m002 192.168.3.102:30031 check
server k8s-m003 192.168.3.103:30031 check
listen wordpress-443
bind 192.168.3.202:443
mode tcp
server k8s-m001 192.168.3.101:30033 check
server k8s-m002 192.168.3.102:30033 check
server k8s-m003 192.168.3.103:30033 check
重启haproxy
systemctl restart haproxy
访问域名:
http://wh02.com/
域名可以改为
http://blog.wh02.com
用于安装wordpress
|
上传WordPress包到nfs中并解压:
|
YAML
root@k8s-n003:/data/k8sdata/magedu/wordpress# ll
total 224
drwxr-xr-x 5 root root 4096 Dec 14 13:45 ./
drwxr-xr-x 23 root root 4096 Dec 13 17:01 ../
-rw-r--r-- 1 1006 1006 405 Feb 6 2020 index.php
-rw-r--r-- 1 1006 1006 19915 Oct 18 2022 license.txt
-rw-r--r-- 1 1006 1006 7278 Oct 18 2022 readme.html
-rw-r--r-- 1 1006 1006 7101 Jul 29 2020 wp-activate.php
drwxr-xr-x 9 1006 1006 4096 Oct 18 2022 wp-admin/
-rw-r--r-- 1 1006 1006 351 Feb 6 2020 wp-blog-header.php
-rw-r--r-- 1 1006 1006 2328 Oct 9 2020 wp-comments-post.php
-rw-r--r-- 1 1006 1006 2913 Oct 18 2022 wp-config-sample.php
drwxr-xr-x 5 1006 1006 4096 Oct 18 2022 wp-content/
-rw-r--r-- 1 1006 1006 3939 Jul 31 2020 wp-cron.php
drwxr-xr-x 25 1006 1006 12288 Oct 18 2022 wp-includes/
-rw-r--r-- 1 1006 1006 2496 Feb 6 2020 wp-links-opml.php
-rw-r--r-- 1 1006 1006 3300 Feb 6 2020 wp-load.php
-rw-r--r-- 1 1006 1006 49831 Nov 9 2020 wp-login.php
-rw-r--r-- 1 1006 1006 8454 Oct 18 2022 wp-mail.php
-rw-r--r-- 1 1006 1006 20975 Nov 12 2020 wp-settings.php
-rw-r--r-- 1 1006 1006 31337 Oct 1 2020 wp-signup.php
-rw-r--r-- 1 1006 1006 4816 Oct 18 2022 wp-trackback.php
-rw-r--r-- 1 1006 1006 3236 Jun 9 2020 xmlrpc.php
|
在线安装wordpress:
这里为了方便。添加了blog.wh02.com域名
注意这里还有个问题,为了有完整权限,还需要将nfs中目录权限修改为nginx的用户ID
先进wordpress容器看看
|
YAML
root@k8s-m001:~/1.云原生上课课件/1.kubernetes/5.kubernetes-day5-20230514/k8s-data/yaml/magedu/wordpress# kubectl exec -it -n magedu wordpress-app-deployment-68bb99b669-z7z8f -- bash
Defaulted container "wordpress-app-nginx" out of: wordpress-app-nginx, wordpress-app-php
[root@wordpress-app-deployment-68bb99b669-z7z8f /]# id nginx
uid=2088(nginx) gid=2088(nginx) groups=2088(nginx)
可以看到nginx uid是2088,这时候需要去nfs中配置uid授权
cd /data/k8sdata/magedu/wordpress
chown -R 2088.2088 .
|
数据库:
当时部署了 mysql 一主两从架构,可以直接在那个架构上创建数据库和账号密码
|
YAML
root@k8s-m001:~/# kubectl get pod -n magedu
NAME READY STATUS RESTARTS AGE
mysql-0 2/2 Running 0 4d12h
mysql-1 2/2 Running 1 (4d12h ago) 4d12h
mysql-2 2/2 Running 0 4d12h
ubuntu1804 1/1 Running 0 5d3h
wordpress-app-deployment-68bb99b669-z7z8f 2/2 Running 0 15m
mysql> CREATE DATABASE wordpress;
Query OK, 1 row affected (0.02 sec)
mysql> GRANT ALL PRIVILEGES ON wordpress.* TO "wordpress"@"%" IDENTIFIED BY "wordpress";
Query OK, 0 rows affected, 1 warning (0.02 sec)
mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.02 sec)
|
web安装页面添加配置好的数据库信息
提交后的页面:
点现在安装
注意,如果是多个pod部署,在nginx中的配置里需要写php这个pod的svc地址
测试写博文插入图片
查看文章:
【版权声明】本文为华为云社区用户原创内容,转载时必须标注文章的来源(华为云社区)、文章链接、文章作者等基本信息, 否则作者和本社区有权追究责任。如果您发现本社区中有涉嫌抄袭的内容,欢迎发送邮件进行举报,并提供相关证据,一经查实,本社区将立刻删除涉嫌侵权内容,举报邮箱:
cloudbbs@huaweicloud.com
评论(0)