k8s部署squid代理

# squid
#https://github.com/sameersbn/docker-squid
#配置： 1. 先复制一份/etc/squid/squid.conf配置文件，然后修改
# auth_param basic program /usr/lib/squid/basic_ncsa_auth /passwd
# acl auth_user proxy_auth REQUIRED
# http_access allow auth_user
# 新增上面三行，忽略首字母注释符，其中/passwd是使用htpasswd生成的账号密码文件
# http_access deny !Safe_ports
# http_access deny CONNECT !SSL_ports
# 注释上面两行
# http_access deny all
# 修改上面这行deny改成allow


apiVersion: apps/v1
kind: Deployment
metadata:
  name: ssx-squid-dmsv
  namespace: ssx
spec:
  replicas: 1
  selector: #标签选择器，与上面的标签共同作用
    matchLabels: #选择包含标签app:mysql的资源
      app: ssx-squid-dmsv
  template: #这是选择或创建的Pod的模板
    metadata: #Pod的元数据
      labels: #Pod的标签，上面的selector即选择包含标签app:mysql的Pod
        app: ssx-squid-dmsv
    spec: #期望Pod实现的功能（即在pod中部署）
      hostAliases: #给pod添加hosts网络
        - ip: "192.168.0.101"
          hostnames:
            - "node101"
        - ip: "192.168.0.102"
          hostnames:
            - "node102"
        - ip: "192.168.0.103"
          hostnames:
            - "node103"
      containers: #生成container,注意此pod部署了zookeeper和kafka.因为后者依赖前者。逻辑上来说需要有启动顺序，如果kafka启动报错未连接到zk,但是kebernetes会重启kafka容器
        - name: ssx-squid-c
          image: docker.io/sameersbn/squid:3.5.27-2
          ports:
            - containerPort: 3128  # 开启本容器的80端口可访问,UI端口
          volumeMounts: # zipkin默认不会持久化数据的，默认保存在内存中
            - mountPath: /etc/localtime   #时间同步
              name: c-v-path-lt
            - mountPath: /var/spool/squid   #时间同步
              name: c-v-cache
            - mountPath: /etc/squid/squid.conf   #时间同步
              name: c-v-conf
            - mountPath: /var/log/squid/
              name: c-v-log
            - mountPath: /passwd
              name: c-v-pw
      volumes:
        - name: c-v-path-lt
          hostPath:
            path: /etc/localtime   #时间同步
        - name: c-v-cache
          hostPath:
            path: /home/app/apps/k8s/for_docker_volume/squid/cache
        - name: c-v-conf
          hostPath:
            path: /home/app/apps/k8s/for_docker_volume/squid/squid.conf
        - name: c-v-log
          hostPath:
            path: /home/app/apps/k8s/for_docker_volume/squid/log
        - name: c-v-pw
          hostPath:
            path: /home/app/apps/k8s/for_docker_volume/squid/passwd
      nodeSelector: #把此pod部署到指定的node标签上
        kubernetes.io/hostname: node101
---
apiVersion: v1
kind: Service
metadata:
  name: ssx-squid-dmsv
  namespace: ssx
spec:
  ports:
    - port: 3128
      name: ssx-squid-3128
      protocol: TCP
      targetPort: 3128 # 容器nginx对外开放的端口 上面的dm已经指定了
      nodePort: 31001 # 容器nginx对外开放的端口 上面的dm已经指定了
  selector:
    app: ssx-squid-dmsv
  type: NodePort