一起来学k8s 33.二进制k8s集群部署wordpress

二进制k8s集群部署wordpress

环境准备

##/etc/hosts
192.168.48.101 master01
192.168.48.102 master02
192.168.48.103 master03
192.168.48.201 node01
192.168.48.202 node02
192.168.48.54  nfs

## keepalived的vip
192.168.48.66

IP	Hostname	CPU	Memory
192.168.48.101	master01	2	4G
192.168.48.102	master02	2	4G
192.168.48.103	master03	2	4G
192.168.48.201	node01	2	4G
192.168.48.202	node02	2	4G
192.168.48.54	nfs	2	4G

软件	版本
kubernetes	1.15.2
docker-ce	19.03
calico	3.8
etcd	3.3.13
CNI	0.8.1
coredns	1.4.0
metrics-server	0.3.3
ingress-controller	0.25.0
dashboard	1.10.1
Weave Scope	1.11.4
nfs	v4
helm	2.14.3
harbor	1.1.1

helm替换微软的repo

[root@master01 ~]# helm repo list
NAME  	URL                                             
stable	https://kubernetes-charts.storage.googleapis.com
local 	http://127.0.0.1:8879/charts                    
harbor	https://helm.goharbor.io       

[root@master01 ~]# helm repo remove stable
"stable" has been removed from your repositories
[root@master01 ~]# helm repo list
NAME  	URL                         
local 	http://127.0.0.1:8879/charts
harbor	https://helm.goharbor.io    

[root@master01 ~]# helm repo add stable http://mirror.azure.cn/kubernetes/charts
"stable" has been added to your repositories
[root@master01 ~]# helm repo list
NAME  	URL                                     
local 	http://127.0.0.1:8879/charts            
harbor	https://helm.goharbor.io                
stable	http://mirror.azure.cn/kubernetes/charts

[root@master01 ~]# helm repo update

helm安装wordpress

查看chart

[root@master01 ~]# helm  search wordpress
NAME            	CHART VERSION	APP VERSION	DESCRIPTION                                             
stable/wordpress	7.1.0        	5.2.2      	Web publishing platform for building blogs and websites.

下载chart

[root@master01 ~]# cd /root/.helm/cache/archive/
[root@master01 archive]# helm fetch stable/wordpress
[root@master01 archive]# ll
total 52
-rw-r--r-- 1 root root 33044 Aug 16 12:56 wordpress-7.1.0.tgz

[root@master01 archive]# tar xvf wordpress-7.1.0.tgz

[root@master01 archive]# cd wordpress/
[root@master01 wordpress]# ll
total 56
drwxr-xr-x 3 root root    21 Aug 16 12:57 charts
-rwxr-xr-x 1 root root   454 Jan  1  1970 Chart.yaml
-rwxr-xr-x 1 root root 28661 Jan  1  1970 README.md
-rwxr-xr-x 1 root root   237 Jan  1  1970 requirements.lock
-rwxr-xr-x 1 root root   173 Jan  1  1970 requirements.yaml
drwxr-xr-x 3 root root   233 Aug 16 12:57 templates
-rwxr-xr-x 1 root root 12702 Jan  1  1970 values.yaml

编辑values

vim wordpress-values.yaml

## Global Docker image parameters
## Please, note that this will override the image parameters, including dependencies, configured to use the global value
## Current available global Docker image parameters: imageRegistry and imagePullSecrets
##
# global:
#   imageRegistry: myRegistryName
#   imagePullSecrets:
#     - myRegistryKeySecretName

## Bitnami WordPress image version
## ref: https://hub.docker.com/r/bitnami/wordpress/tags/
##
image:
  registry: docker.io
  repository: bitnami/wordpress
  tag: 5.2.2-debian-9-r12
  ## Specify a imagePullPolicy
  ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
  ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
  ##
  pullPolicy: IfNotPresent
  ## Optionally specify an array of imagePullSecrets.
  ## Secrets must be manually created in the namespace.
  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
  ##
  # pullSecrets:
  #   - myRegistryKeySecretName

## String to partially override wordpress.fullname template (will maintain the release name)
##
# nameOverride:

## String to fully override wordpress.fullname template
##
# fullnameOverride:

## User of the application
## ref: https://github.com/bitnami/bitnami-docker-wordpress#environment-variables
##
wordpressUsername: tk8s

## Application password
## Defaults to a random 10-character alphanumeric string if not set
## ref: https://github.com/bitnami/bitnami-docker-wordpress#environment-variables
##
wordpressPassword: tk8s

## Admin email
## ref: https://github.com/bitnami/bitnami-docker-wordpress#environment-variables
##
wordpressEmail: [email protected]

## First name
## ref: https://github.com/bitnami/bitnami-docker-wordpress#environment-variables
##
wordpressFirstName: tk8s

## Last name
## ref: https://github.com/bitnami/bitnami-docker-wordpress#environment-variables
##
wordpressLastName: tk8s

## Blog name
## ref: https://github.com/bitnami/bitnami-docker-wordpress#environment-variables
##
wordpressBlogName: tk8s's Blog!

## Table prefix
## ref: https://github.com/bitnami/bitnami-docker-wordpress#environment-variables
##
wordpressTablePrefix: wp_

## Scheme to generate application URLs
## ref: https://github.com/bitnami/bitnami-docker-wordpress#environment-variables
##
wordpressScheme: http

## Skip wizard installation (only if you use an external database that already contains WordPress data)
## ref: https://github.com/bitnami/bitnami-docker-wordpress#connect-wordpress-docker-container-to-an-existing-database
##
wordpressSkipInstall: false

## Set up update strategy for wordpress installation. Set to Recreate if you use persistent volume that cannot be mounted by more than one pods to makesure the pods is destroyed first.
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
## Example:
## updateStrategy:
##  type: RollingUpdate
##  rollingUpdate:
##    maxSurge: 25%
##    maxUnavailable: 25%
updateStrategy:
  type: RollingUpdate

## Set to `false` to allow the container to be started with blank passwords
## ref: https://github.com/bitnami/bitnami-docker-wordpress#environment-variables
##
allowEmptyPassword: true

## Set Apache allowOverride to None
## ref: https://github.com/bitnami/bitnami-docker-wordpress#environment-variables
##
allowOverrideNone: false

# ConfigMap with custom wordpress-htaccess.conf file (requires allowOverrideNone to true)
customHTAccessCM:

## Use an alternate scheduler, e.g. "stork".
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
##
# schedulerName:

## SMTP mail delivery configuration
## ref: https://github.com/bitnami/bitnami-docker-wordpress/#smtp-configuration
##
# smtpHost:
# smtpPort:
# smtpUser:
# smtpPassword:
# smtpUsername:
# smtpProtocol:

replicaCount: 1

externalDatabase:
## All of these values are only used when mariadb.enabled is set to false
  ## Database host
  host: localhost

  ## non-root Username for Wordpress Database
  user: bn_wordpress

  ## Database password
  password: ""

  ## Database name
  database: bitnami_wordpress

  ## Database port number
  port: 3306

##
## MariaDB chart configuration
##
## https://github.com/helm/charts/blob/master/stable/mariadb/values.yaml
##
mariadb:
  ## Whether to deploy a mariadb server to satisfy the applications database requirements. To use an external database set this to false and configure the externalDatabase parameters
  enabled: true
  ## Disable MariaDB replication
  replication:
    enabled: false

  ## Create a database and a database user
  ## ref: https://github.com/bitnami/bitnami-docker-mariadb/blob/master/README.md#creating-a-database-user-on-first-run
  ##
  db:
    name: bitnami_wordpress
    user: bn_wordpress
    ## If the password is not specified, mariadb will generates a random password
    ##
    # password:

  ## MariaDB admin password
  ## ref: https://github.com/bitnami/bitnami-docker-mariadb/blob/master/README.md#setting-the-root-password-on-first-run
  ##
  # rootUser:
  #   password:

  ## Enable persistence using Persistent Volume Claims
  ## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
  ##
  master:
    persistence:
      enabled: true
      ## mariadb data Persistent Volume Storage Class
      ## If defined, storageClassName: 
      ## If set to "-", storageClassName: "", which disables dynamic provisioning
      ## If undefined (the default) or set to null, no storageClassName spec is
      ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
      ##   GKE, AWS & OpenStack)
      ##
      storageClass: "k8s-nfs-storage"
      accessMode: ReadWriteOnce
      size: 8Gi

## Kubernetes configuration
## For minikube, set this to NodePort, elsewhere use LoadBalancer or ClusterIP
##
service:
  type: NodePort
  # HTTP Port
  port: 80
  # HTTPS Port
  httpsPort: 443
  # metrics Port
  metricsPort: 9117
  ##
  ## nodePorts:
  ##   http: 
  ##   https: 
  ##   metrics: 
  nodePorts:
    http: ""
    https: ""
    metrics: ""
  ## Enable client source IP preservation
  ## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
  ##
  externalTrafficPolicy: Cluster
  annotations: {}
  ## Extra ports to expose (normally used with the `sidecar` value)
  # extraPorts:

## Allow health checks to be pointed at the https port
healthcheckHttps: false

## Configure extra options for liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
livenessProbe:
  initialDelaySeconds: 120
  periodSeconds: 10
  timeoutSeconds: 5
  failureThreshold: 6
  successThreshold: 1
readinessProbe:
  initialDelaySeconds: 30
  periodSeconds: 10
  timeoutSeconds: 5
  failureThreshold: 6
  successThreshold: 1
## If using an HTTPS-terminating load-balancer, the probes may need to behave
## like the balancer to prevent HTTP 302 responses.  According to the Kubernetes
## docs, 302 should be considered "successful", but this issue on GitHub
## (https://github.com/kubernetes/kubernetes/issues/47893) shows that it isn't.
# livenessProbeHeaders:
# - name: X-Forwarded-Proto
#   value: https
# readinessProbeHeaders:
# - name: X-Forwarded-Proto
#   value: https

## Configure the ingress resource that allows you to access the
## WordPress installation. Set up the URL
## ref: http://kubernetes.io/docs/user-guide/ingress/
##
ingress:
  ## Set to true to enable ingress record generation
  enabled: true

  ## Set this to true in order to add the corresponding annotations for cert-manager
  certManager: false

  ## Ingress annotations done as key:value pairs
  ## For a full list of possible ingress annotations, please see
  ## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/annotations.md
  ##
  ## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set
  ## If certManager is set to true, annotation kubernetes.io/tls-acme: "true" will automatically be set
  annotations:
  #  kubernetes.io/ingress.class: nginx

  ## The list of hostnames to be covered with this ingress record.
  ## Most likely this will be just one host, but in the event more hosts are needed, this is an array
  hosts:
  - name: wordpress.tk8s.com
    path: /

  ## The tls configuration for the ingress
  ## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
  ## tls:
  ## - hosts:
  ##     - wordpress.local
  ##   secretName: wordpress.local-tls

  secrets:
  ## If you're providing your own certificates, please use this to add the certificates as secrets
  ## key and certificate should start with -----BEGIN CERTIFICATE----- or
  ## -----BEGIN RSA PRIVATE KEY-----
  ##
  ## name should line up with a tlsSecret set further up
  ## If you're using cert-manager, this is unneeded, as it will create the secret for you if it is not set
  ##
  ## It is also possible to create and manage the certificates outside of this helm chart
  ## Please see README.md for more information
  # - name: wordpress.local-tls
  #   key:
  #   certificate:

## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence:
  enabled: true
  ## wordpress data Persistent Volume Storage Class
  ## If defined, storageClassName: 
  ## If set to "-", storageClassName: "", which disables dynamic provisioning
  ## If undefined (the default) or set to null, no storageClassName spec is
  ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
  ##   GKE, AWS & OpenStack)
  ##
  storageClass: "k8s-nfs-storage"
  ##
  ## If you want to reuse an existing claim, you can pass the name of the PVC using
  ## the existingClaim variable
  # existingClaim: your-claim
  accessMode: ReadWriteOnce
  size: 10Gi

## Configure resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
  requests:
    memory: 512Mi
    cpu: 300m

## Node labels for pod assignment
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}

## Tolerations for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []

## Affinity for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity: {}

## Pod annotations
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
##
podAnnotations: {}
## Prometheus Exporter / Metrics
##
metrics:
  enabled: false
  image:
    registry: docker.io
    repository: bitnami/apache-exporter
    tag: 0.7.0-debian-9-r2
    pullPolicy: IfNotPresent
    ## Optionally specify an array of imagePullSecrets.
    ## Secrets must be manually created in the namespace.
    ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
    ##
    # pullSecrets:
    #   - myRegistryKeySecretName
  ## Metrics exporter pod Annotation and Labels
  podAnnotations:
    prometheus.io/scrape: "true"
    prometheus.io/port: "9117"
  ## Metrics exporter resource requests and limits
  ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
  ##
  # resources: {}

  ## Prometheus Service Monitor
  ## ref: https://github.com/coreos/prometheus-operator
  ##      https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
  serviceMonitor:
    ## If the operator is installed in your cluster, set to true to create a Service Monitor Entry
    enabled: false
    ## Specify the namespace in which the serviceMonitor resource will be created
    # namespace: ""
    ## Specify the interval at which metrics should be scraped
    interval: 30s
    ## Specify the timeout after which the scrape is ended
    # scrapeTimeout: 30s
    ## Specify Metric Relabellings to add to the scrape endpoint
    # relabellings:
    ## Specify honorLabels parameter to add the scrape endpoint
    honorLabels: false
    ## Used to pass Labels that are used by the Prometheus installed in your cluster to select Service Monitors to work with
    ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec
    additionalLabels: {}

sidecars:
## Add sidecars to the pod.
## e.g.
# - name: your-image-name
  # image: your-image
  # imagePullPolicy: Always
  # ports:
  # - name: portname
  #   containerPort: 1234

安装

[root@master01 wordpress]# helm install stable/wordpress -n kubu-wordpress -f wordpress-values.yaml  --namespace kube-wordpress

NOTES:
1. Get the WordPress URL:

  You should be able to access your new WordPress installation through
  http://wordpress.tk8s.com/admin

2. Login with the following credentials to see your blog

  echo Username: tk8s
  echo Password: $(kubectl get secret --namespace kube-wordpress kubu-wordpress -o jsonpath="{.data.wordpress-password}" | base64 --decode)

镜像下载

bitnami/mariadb:10.3.16-debian-9-r38
bitnami/wordpress:5.2.2-debian-9-r12

下载地址

链接: https://pan.baidu.com/s/1tEP58ivZq77JJPEUQZP1Qw 提取码: ark8

docker load -i wordpress.tar.gz

[root@master01 ~]# kubectl get pod -n kube-wordpress  -o wide
NAME                              READY   STATUS    RESTARTS   AGE   IP               NODE     NOMINATED NODE   READINESS GATES
kubu-wordpress-68ff4c8847-g5wsq   1/1     Running   0          3m    10.244.140.89    node02              
kubu-wordpress-mariadb-0          1/1     Running   0          3m    10.244.196.134   node01              

访问

NOTES:
1. Get the WordPress URL:

  You should be able to access your new WordPress installation through
  http://wordpress.tk8s.com/admin

2. Login with the following credentials to see your blog

  echo Username: tk8s
  echo Password: $(kubectl get secret --namespace kube-wordpress kubu-wordpress -o jsonpath="{.data.wordpress-password}" | base64 --decode)

##密码
[root@master01 ~]# kubectl get secret --namespace kube-wordpress kubu-wordpress -o jsonpath="{.data.wordpress-password}" | base64 --decode
tk8s