架构班的小伙伴作业看这里哦:(学习杰哥视频的作业第33-34天)
1、创建jdk和tomcat镜像,使用 nginx + tomcat + NFS 实现web请求的动静分离
一、 基于基础的linux系统(centos/ubuntu/alpine)镜像,制作Nginx基础镜像
1.1 Centos基础镜像制作
# tree /opt/k8s-data/dockerfile/system/centos
├── build-command.sh
├── Dockerfile
└── filebeat-6.8.1-x86_64.rpm
1.2 Dockerfile文件内容
FROM harbor.magedu.net/baseimages/centos:7.6.1810
ADD filebeat-6.8.1-x86_64.rpm /tmp/
RUN yum install -y epel-release /tmp/filebeat-6.5.4-x86_64.rpm && rm -rf /tmp/filebeat-6.5.4-x86_64.rpm
RUN yum install -y vim wget tree pcre pcre-devel gcc gcc-c++ zlib zlib-devel openssl openssl-devel net-tools iotop unzip zip iproute ntpdate nfs-utils tcp dump telnet traceroute
RUN rm -rf /etc/localtime && ln -snf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
1.3 build-command脚本
#!/bin/bash docker build -t harbor.magedu.net/baseimages/centos-base:v7.6 .
sleep1
docker push harbor.magedu.net/baseimages/centos-base:v7.6
1.4 执行构建centos 基础镜像
# bash build-command.sh
2.1 Nginx 基础镜像制作
# tree /opt/k8s-data/dockerfile/pub-images/nginx-base
├── build-command.sh
├── Dockerfile
└── nginx-1.14.2.tar.gz
2.2 Dockerfile文件内容
#Nginx Base Image
FROM harbor.magedu.net/baseimages/centos-base:v7.6
RUN yum install -y vim wget tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools iotop
ADD nginx-1.14.2.tar.gz /usr/local/src/
RUN cd /usr/local/src/nginx-1.14.2 && ./configure && make && make install && ln -sv /usr/local/nginx/sbin/nginx /usr/sbin/nginx && useradd nginx -u 2001
2.3 build-command脚本
#!/bin/bash docker build -t harbor.magedu.net/pub-images/nginx-base:v1.14.2 .
sleep 1
docker push harbor.magedu.net/pub-images/nginx-base:v1.14.2
2.4 执行构建Nginx基础镜像
# bash build-command.sh
二、基于基础的linux系统(centos/ubuntu/alpine)镜像,制作JDK基础镜像、Tomcat镜像
1.1 JDK基础镜像制作
# tree /opt/k8s-data/dockerfile/pub-images/jdk-1.8.212
├── build-command.sh
├── Dockerfile
├── jdk-8u212-linux-x64.tar.gz
└── profile
1.2 Dockerfile文件内容
#JDK Base Image
FROM harbor.magedu.net/baseimages/centos-base:v7.6
ADD jdk-8u212-linux-x64.tar.gz /usr/local/src/
RUN ln -sv /usr/local/src/jdk1.8.0_212 /usr/local/jdk && groupadd tomcat -g 2018 && useradd tomcat -u 2018 -g 2018
ADD profile /etc/profile
ENV JAVA_HOME /usr/local/jdk
ENV JRE_HOME $JAVA_HOME/jre
ENV CLASSPATH $JAVA_HOME/lib/:$JRE_HOME/lib/
ENV PATH $PATH:$JAVA_HOME/bin
1.3 build-command脚本
#!/bin/bash docker build -t harbor.magedu.net/pub-images/jdk-base:v8.212 .
sleep 1
docker push harbor.magedu.net/pub-images/jdk-base:v8.212
1.4 执行构建JDK基础镜像
# bash build-command.sh
2.1 tomcat基础镜像制作
# tree /opt/k8s-data/dockerfile/pub-images/tomcat-base
├── apache-tomcat-8.5.43.tar.gz
├── build-command.sh
└── Dockerfile
2.2 Dockerfile文件内容
#JDK Base Image
FROM harbor.magedu.net/pub-images/jdk-base:v8.212
RUN mkdir /apps /data/tomcat/webapps /data/tomcat/logs -pv
ADD apache-tomcat-8.5.43.tar.gz /apps
RUN ln -sv /apps/apache-tomcat-8.5.43 /apps/tomcat && chown -R tomcat.tomcat /apps /data -R
#ADD filebeat-6.4.2-x86_64.rpm /tmp/
#RUN yum install -y /tmp/filebeat-6.4.2-x86_64.rpm && rm -rf /tmp/filebeat-6.4.2- x86_64.rpm
2.3 build-command脚本
#!/bin/bash docker build -t harbor.magedu.net/pub-images/tomcat-base:v8.5.43 .
sleep 1
docker push harbor.magedu.net/pub-images/tomcat-base:v8.5.43
2.4 构建tomcat基础镜像
# bash build-command.sh
3.1 tomcat业务镜像app1制作
# tree /opt/k8s-data/dockerfile/linux36/tomcat-app1
├── app1.tar.gz
├── build-command.sh
├── catalina.sh
├── Dockerfile
├── filebeat.yml
├── myapp
│ └── index.html
├── run_tomcat.sh
└── server.xml
3.2 Dockerfile文件内容
#tomcat web1
FROM harbor.magedu.net/pub-images/tomcat-base:v8.5.43
ADD catalina.sh /apps/tomcat/bin/catalina.sh
ADD server.xml /apps/tomcat/conf/server.xml
#ADD myapp/* /data/tomcat/webapps/myapp/
ADD app1.tar.gz /data/tomcat/webapps/myapp/
ADD run_tomcat.sh /apps/tomcat/bin/run_tomcat.sh
#ADD filebeat.yml /etc/filebeat/filebeat.yml
RUN chown -R tomcat.tomcat /data/ /apps/
EXPOSE 8080 8443
CMD ["/apps/tomcat/bin/run_tomcat.sh"]
3.3 build-command脚本
#!/bin/bash TAG=$1
docker build -t harbor.magedu.net/linux36/tomcat-app1:${TAG} .
sleep 3
docker push harbor.magedu.net/linux36/tomcat-app1:${TAG}
3.4 执行构建tomcat业务镜像
# bash build-command.sh
三、k8s中nginx+tomcat实现动静分离
实现一个通用的nginx+tomcat动静分离web架构,即用户访问的静态页面和图片在由nginx直接响应,而动态请求则基于location转发至tomcat。重点:Nginx基于tomcat的service name转发用户请求到tomcat业务app
1.1 Nginx业务镜像制作
# tree /opt/k8s-data/dockerfile/linux36/nginx
├── build-command.sh
├── Dockerfile
├── index.html
├── nginx.conf
└── webapp
└── index.html
1.2 Dockerfile文件内容
#Nginx Base Image
FROM harbor.magedu.net/pub-images/nginx-base:v1.14.2
ADD nginx.conf /usr/local/nginx/conf/nginx.conf
ADD webapp/* /usr/local/nginx/html/webapp/
ADD index.html /usr/local/nginx/html/index.html
#RUN mkdir /usr/local/nginx/html/webapp/about /usr/local/nginx/html/webapp/images EXPOSE 80 443
CMD ["nginx"]
1.3 build-command脚本
#!/bin/bash docker build -t harbor.magedu.net/linux36/nginx-web1:v1 .
sleep 1
docker push harbor.magedu.net/linux36/nginx-web1:v1
1.4 nginx配置文件
upstream tomcat_webserver {
server linux36-tomcat-app1-service.linux36.svc.linux36.local:80;
}
server {
location /myapp{
proxy_pass http://tomcat_webserver;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
}
}
1.5 执行构建Nginx 业务镜像
# bash build-command.sh
2.1 NFS 服务器环境准备
# mkdir /data/linux36/images #图片目录
# mkdir /data/linux36/static #静态文件目录
# vim /etc/exports
/data/linux36 *(rw,no_root_squash)
# systemctl restart nfs-server
2.2 NFS客户端挂载并测试写入文件
# mount -t nfs 192.168.7.108:/data/linux36 /mnt
# cp /etc/passwd /mnt/ #必须能够写入数据
3 nginx 业务容器yaml
/opt/k8s-data/yaml/linux36/tomcat-app1/tomcat-app1.yaml
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
labels:
app: linux36-tomcat-app1-deployment-label
name: linux36-tomcat-app1-deployment
namespace: linux36
spec:
replicas: 1
selector:
matchLabels:
app: linux36-tomcat-app1-selector
template:
metadata:
labels:
app: linux36-tomcat-app1-selector
spec:
containers:
- name: linux36-tomcat-app1-container
image: harbor.magedu.net/linux36/tomcat-app1:2019-08-02_11_02_30
#command: ["/apps/tomcat/bin/run_tomcat.sh"]
#imagePullPolicy: IfNotPresent
imagePullPolicy: Always
ports:
- containerPort: 8080
protocol: TCP
name: http
volumeMounts:
- name: linux36-images
mountPath: /data/tomcat/webapps/myapp/images
readOnly: false
- name: linux36-static
mountPath: /data/tomcat/webapps/myapp/static
readOnly: false
volumes:
- name: linux36-images
nfs:server: 192.168.7.108
path: /data/linux36/images
- name: linux36-static
nfs:
server: 192.168.7.108
path: /data/linux36/static
---
kind: Service
apiVersion: v1
metadata:
labels:
app: linux36-tomcat-app1-service-label
name: linux36-tomcat-app1-service
namespace: linux36
spec:
type: NodePort
ports:
- name: http
port: 80
protocol: TCP
targetPort: 8080
nodePort: 30003
selector:
app: linux36-tomcat-app1-selector
4 创建Nginx pod
# kubectl apply -f nginx.yaml
5 pod中验证NFS挂载
# kubectl get pods -n linux36
6 tomcat业务pod更新挂载
/opt/k8s-data/yaml/linux36/tomcat-app1/tomcat-app1.yaml
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
labels:
app: linux36-tomcat-app1-deployment-label
name: linux36-tomcat-app1-deployment
namespace: linux36
spec:
replicas: 1
selector:
matchLabels:
app: linux36-tomcat-app1-selector
template:
metadata:
labels:
app: linux36-tomcat-app1-selector
spec:
containers:
- name: linux36-tomcat-app1-container
image: harbor.magedu.net/linux36/tomcat-app1:2019-08-02_11_02_30
#command: ["/apps/tomcat/bin/run_tomcat.sh"]
#imagePullPolicy: IfNotPresent
imagePullPolicy: Always
ports:
- containerPort: 8080
protocol: TCP
name: http
volumeMounts:
- name: linux36-images
mountPath: /data/tomcat/webapps/myapp/images
readOnly: false
- name: linux36-static
mountPath: /data/tomcat/webapps/myapp/static
readOnly: false
volumes:
- name: linux36-images
nfs:server: 192.168.7.108
path: /data/linux36/images
- name: linux36-static
nfs:
server: 192.168.7.108
path: /data/linux36/static
---
kind: Service
apiVersion: v1
metadata:
labels:
app: linux36-tomcat-app1-service-label
name: linux36-tomcat-app1-service
namespace: linux36
spec:
type: NodePort
ports:
- name: http
port: 80
protocol: TCP
targetPort: 8080
nodePort: 30003
selector:
app: linux36-tomcat-app1-selector
7 执行更新tomcat app1业务容器yaml
# kubectl apply -f tomcat- app1.yaml
四、访问web测试
1 上传数据到NFS
# tree /data/linux36
├── images
│ └── 1.jpg
└── static
└── index.html
2 访问nginx 业务pod
http://192.168.7.108/myaopp/1.jpg
3 访问tomcat业务pod
http://192.168.7.108:port/webapp/images/1.jpg
参考资料链接:https://www.jianshu.com/p/b5d11e88deaa
2、实现k8s一个pod多个容器实现LNMP的wordpress服务
LNMP案例之基于Nginx+PHP实现WordPress博客站点,要求Nginx+PHP运行在同一个Pod的不同容器,MySQL 运行与default的namespace并可以通过service name增删改查数据库。
PHP代码通过NFS共享挂载到每个容器的的代码目录中
https://cn.wordpress.org/
https://cn.wordpress.org/download/releases/
wordpress-5.0.2-zh_CN.tar.gz
1:准备PHP镜像:
1.1:官方PHP镜像:
https://hub.docker.com/
1.2:自制PHP镜像:
# docker pull php:5.6.40-fpm
# docker tag php:5.6.40-fpm harbor.magedu.net/linux36/php:5.6.40-fpm
# docker push harbor.magedu.net/linux36/php:5.6.40-fpm
# pwd
/opt/k8s-data/dockerfile/linux36/wordpress/php
# tree
.
├── build-command.sh
├── Dockerfile
├── run_php.sh
└── www.conf
0 directories, 4 files
# bash build-command.sh v1
2:准备Nginx镜像:
# pwd
/opt/k8s-data/dockerfile/linux36/wordpress/nginx
# tree
.
├── build-command.sh
├── Dockerfile
├── index.html
├── nginx.conf
└── run_nginx.sh
0 directories, 5 files
# bash build-command.sh v1
3:运行WordPress站点:
使用官方PHP镜像运行PHP环境,WordPress页面文件保存在后端存储NFS服务器。
3.1:运行WordPress:
# pwd
/opt/k8s-data/yaml/linux36/wordpress
# kubectl apply -f .
deployment.extensions/wordpress-app-deployment created
service/wordpress-app-spec created
3.2:创建PHP测试页:
准备WordPress页面文件并更改权限为指定用户
# pwd
/data/k8sdata/linux36/wordpress
# cat test.php
phpinfo();
?>
linux36# chown 2001.2001 wordpress/ -R
3.3:访问PHP测试页:
4:初始化WordPress站点:
使用k8s中运行的mysql服务,作为mysql服务器
4.1:k8s中MySQL创建数据库:
# kubectl exec -it mysql-0 sh -n linux36
.....
mysql> CREATE DATABASE wordpress;
Query OK, 1 row affected (0.01 sec)
mysql> GRANT ALL PRIVILEGES ON wordpress.* TO "wordpress"@"%" IDENTIFIED BY
"wordpress";
Query OK, 0 rows affected, 1 warning (0.01 sec)
4.2:k8s中测试MySQL连接:
# mysql -uwordpress -hmysql-0.mysql -pwordpress
4.3:通过web界面初始化数据库:
4.4:WordPress数据库连接配置:
~ wordpress# cp wp-config-sample.php wp-config.php
# cat wp-config.php
/**
* WordPress基础配置文件。
*
* 这个文件被安装程序用于自动生成wp-config.php配置文件,
* 您可以不使用网站,您需要手动复制这个文件,
* 并重命名为“wp-config.php”,然后填入相关信息。
*
* 本文件包含以下配置选项:
*
* * MySQL设置
* * 密钥
* * 数据库表名前缀
* * ABSPATH
*
* @link https://codex.wordpress.org/zh-cn:%E7%BC%96%E8%BE%91_wp-config.php
*
* @package WordPress
*/
// ** MySQL 设置 - 具体信息来自您正在使用的主机 ** //
/** WordPress数据库的名称 */
define('DB_NAME', 'wordpress');
/** MySQL数据库用户名 */
define('DB_USER', 'wordpress');
/** MySQL数据库密码 */
define('DB_PASSWORD', 'wordpress');
/** MySQL主机 */
define('DB_HOST', 'mysql-0.mysql');
/** 创建数据表时默认的文字编码 */
define('DB_CHARSET', 'utf8');
/** 数据库整理类型。如不确定请勿更改 */
define('DB_COLLATE', '');
/**#@+
* 身份认证密钥与盐。
.............................
5:验证k8s中mysql 数据:
分别验证k8s中MySQL主库和从库是否数据
5.1:master数据:
5.2:slave数据库: