微服务web集群要求
1.实验myos:php-fpm创建后台应用php-app
2.创建php-service,为后端应用提供内部clusterIP和负载均衡
3.使用myos:nginx创建应用,并使用php-service解析php文件
4,创建web-service,发布nginx应用到nodePort
5.使用Ingress对外发布服务nginx应用
实战构建解析:
一般用户是通过云平台的负载均衡访问的kube-node节点,在这里的kube-node节点就是我们的k8s集群,kube-node通过对外访问的Ingress访问到对应的web-nginx的服务上,服务在访问对定的web-pod,此时是web-pod是提供解析的,当解析到动态页面的时候,需要去调用php-fpm的服务,让该服务提供给web-pod动态解析使用的php-fpm,此时web-pod和php-fpm容器需要固定的访问一些文件,这些文件是需要持久化的,所有需要使用类似月NFS这种可以提高持久化存储的软件,存储对应的文件.
步骤一:镜像的制作
当将nginx+php-fpm服务制作在一起的时候,我们会遇见依赖包对,配置负载,需要编译,多服务怎么样调用,文件如何共享的问题,为了解决这类问题我们将容器服务进行了拆分,将nginx与php-fpm服务分开成nginx镜像(只负责前端静态页面),php-fpm镜像(通过内部网络为nginx提供解析服务).nginx镜像和php-fpm镜像通信方式采用共享网络命令空间.
php-fpm镜像创建思路:php-fpm是后端服务,需要前段nginx调用,nginx调用后端php-fpm,是通过php-fpm监听网络端口,从网络把服务传递进来,针对php-fpm容器经常变化,我们可以使用service处理,让他们共享网络命令空间.service还可以起到负载均衡的作用.
[root@registry ~]# mkdir php-fpm
[root@registry ~]# cd php-fpm/
[root@registry php-fpm]# touch Dockerfile
FROM myos:latest
RUN yum install -y php-fpm && yum clean all
COPY www.conf /etc/php-fpm.d/www.conf
EXPOSE 9000
CMD "/usr/sbin/php-fpm","--nodaemonize"
[root@registry php-fpm]# docker run -it myos
[root@32a5d7afb55e /]# yum -y install php php-fpm
[root@32a5d7afb55e /]# cd /etc/php-fpm.d/
[root@32a5d7afb55e php-fpm.d]# ls
www.conf
[root@32a5d7afb55e php-fpm.d]# vim www.conf
12 listen = 0.0.0.0:9000
24 ;listen.allowed_clients = 127.0.0.1
[root@32a5d7afb55e php-fpm.d]# /usr/sbin/php-fpm --nodaemonize &
[root@32a5d7afb55e php-fpm.d]# ss -untlp
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
tcp LISTEN 0 128 *:9000 *:* users:(("php-fpm",pid=173,fd=6))
[root@32a5d7afb55e php-fpm.d]# exit
[root@registry php-fpm]# docker cp 32a5d7afb55e:/etc/php-fpm.d/www.conf ./
[root@registry php-fpm]# docker build -t myos:php-fpm .
[root@registry php-fpm]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
myos php-fpm a2dec3a5c9d9 2 weeks ago 348.1 MB
[root@registry php-fpm]# docker push myos:php-fpm
nginx镜像创建思路
nginx需要编译,可以在外部编译nginx,把编译好的文件打包,使用打包文件构成nginx镜像服务.后端php文件这个时候可以通过nginx与php-fpm容器共享网络命名空间,使用localhost访问真正的启动服务的时候可以用Configmap配置,后端解析传递的是文件路径,php-fpm可以通过docker卷,在nginx和php-fpm中共享目录.
[root@registry ~]# tar -xaf nginx-1.12.2.tar.gz
[root@registry lnmp_soft]# cd nginx-1.12.2/
[root@registry nginx-1.12.2]# yum install gcc make openssl-devel pcre-devel
[root@registry nginx-1.12.2]# ./configure --prefix=/usr/local/ginx --user=nginx --group=nginx --with-http_ssl_module
[root@registry nginx-1.12.2]# make &make install
[root@registry nginx-1.12.2]# cd /usr/local/nginx/conf/
[root@registry conf]# vim nginx.conf
65 location ~ \.php$ {
66 root html;
67 fastcgi_pass localhost:9000;
68 fastcgi_index index.php;
69 # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
70 include fastcgi.conf;
71 }
[root@registry local]# tar cf nginx.tar.gz nginx
[root@registry local]# cd
[root@registry ~]# mkdir nginx
[root@registry ~]# cd nginx/
[root@registry nginx]# mcv /usr/local/nginx.tar.gz ./
[root@registry nginx]# ls
Dockerfile nginx.tar.gz
[root@registry nginx]# cat Dockerfile
FROM myos:latest
RUN yum install -y prce openssl && useradd nginx
ADD nginx.tar.gz /usr/local
EXPOSE 80
WORKDIR /usr/local/nginx/html
CMD ["/usr/local/nginx/sbin/nginx","-g","daemon off;"]
[root@registry nginx]# docker build -t myos:nginx .
验证镜像成功
[root@registry nginx]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
myos nginx cfb3781017a1 2 weeks ago 401.5 MB
[root@registry nginx]# docker run -itd myos:nginx
7cd36866838d1812a6b229334b71bd4cc03e5eb96fb1401b9d8a8327c0ca996c
[root@registry nginx]# docker exec -it 7c /bin/bash
[root@7cd36866838d html]# ss -untlp
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
tcp LISTEN 0 128 *:80 *:* users:(("nginx",pid=1,fd=6))
[root@7cd36866838d html]# ifconfig eth0
eth0: flags=4163
inet 10.254.56.3 netmask 255.255.255.0 broadcast 0.0.0.0
[root@7cd36866838d html]# exit
[root@registry nginx]# docker cp 32a5d7afb55e:/usr/local/nginx/conf/nginx.conf ./
exit
[root@registry nginx]# curl http://10.254.56.3
[root@registry nginx]# docker push myos:nginx
创建后端节点
[root@registry nginx]# vim ngiux.conf
67 fastcgi_pass web-php:9000;
[root@kubemaseter webapp]# kubectl create configmap nginx-conf --from-file=nginx.conf
configmap "nginx-conf" created
[root@kubemaseter webapp]# kubectl get configmap
NAME DATA AGE
my-httpd 1 1d
nginx-conf 1 16s
[root@kubemaseter webapp]# kubectl create -f webapp.yaml (yaml的具体编写放在本文最后)
[root@kubemaseter webapp]# kubectl get pod
NAME READY STATUS RESTARTS AGE
my-nginx-bc4f4cb45-dqwmh 0/1 ContainerCreating 0 8s
my-nginx-bc4f4cb45-vnvg8 0/1 ContainerCreating 0 9s
my-phpfpm-9ffb646f4-k9qjd 0/1 ContainerCreating 0 9s
my-phpfpm-9ffb646f4-r2l6r 0/1 ContainerCreating 0 9s
my-phpfpm-9ffb646f4-x748s 0/1 ContainerCreating 0 9s
[root@kubemaseter webapp]# kubectl get ingress
NAME HOSTS ADDRESS PORTS AGE
my-app * 192.168.1.23 80 29s
[root@kubemaseter webapp]# curl -L -k http://192.168.1.23:80
hello world
hello world
hello world
[root@kubemaseter webapp]# cat webapp.yaml
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: pv-nfs
labels:
app: web-nfs
spec:
capacity:
storage: 20Gi
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Retain
nfs:
path: /var/webroot
server: 192.168.1.101
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: pvc-nfs
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 20Gi
selector:
matchLabels:
app: web-nfs---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: my-phpfpm
spec:
replicas: 3
template:
metadata:
labels:
app: my-phpfpm
spec:
containers:
- image: 192.168.1.100:5000/myos:php-fpm
name: my-phpfpm
volumeMounts:
- mountPath: /usr/local/nginx/html
name: site-data
volumes:
- name: site-data
persistentVolumeClaim:
claimName: pvc-nfs---
apiVersion: v1
kind: Service
metadata:
name: web-php
spec:
ports:
- port: 9000
protocol: TCP
targetPort: 9000
selector:
app: my-phpfpm
type: ClusterIP
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: my-nginx
spec:
replicas: 2
template:
metadata:
labels:
app: my-nginx
spec:
containers:
- image: 192.168.1.100:5000/myos:nginx
name: my-nginx
volumeMounts:
- mountPath: /usr/local/nginx/conf/nginx.conf
name: my-config
subPath: nginx.conf
- mountPath: /usr/local/nginx/html
name: site-data
volumes:
- name: my-config
configMap:
name: nginx-conf
- name: site-data
persistentVolumeClaim:
claimName: pvc-nfs---
apiVersion: v1
kind: Service
metadata:
name: web-nginx
spec:
ports:
- port: 80
protocol: TCP
targetPort: 80
selector:
app: my-nginx
type: ClusterIP---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: my-app
namespace: default
annotations:
kubernetes.io/ingress.class: "nginx"
spec:
rules:
- http:
paths:
- path: /
backend:
serviceName: web-nginx
servicePort: 80