5、k8s部署Nginx Proxy Manager

前言

Nginx-Proxy-Manager 是一个基于 Web 的 Nginx 服务器管理工具,它允许用户通过浏览器界面轻松地管理和监控 Nginx 服务器。通过 Nginx-Proxy-Manager,可以获得受信任的 SSL 证书,并通过单独的配置、自定义和入侵保护来管理多个代理。用户还可以查看服务器的状态、配置、日志以及流量等信息,还可以对服务器进行一键重启、停止等操作。

1、创建命名空间

kubectl create namespace nginx-proxy-manager

2、创建持久化卷(PV)

# 创建编排文件:nginx-proxy-manager-pv.yml
vim /k8s/nginx-proxy-manager-pv.yml

文件内容如下:

apiVersion: v1
kind: PersistentVolume
metadata:
  name: nginx-proxy-manager-pv
spec:
  capacity:
    storage: 500Mi
  accessModes:
    - ReadWriteOnce
  # 这里就用hostPath,指向所在节点的外部主机的相应目录下,如/k8s-pv/nginx-proxy-manager-pv,如果出现节点漂移,数据会无法读取的哦
  # 建议使用云服务器或者nfs
  hostPath:
    path: /k8s-pv/nginx-proxy-manager-pv
# 部署持久化卷到k8s
kubectl apply -f /k8s/nginx-proxy-manager-pv.yml

3、创建持久卷申明(PVC)

# 创建编排文件:nginx-proxy-manager-pvc.yml
vim /k8s/nginx-proxy-manager-pvc.yml

文件内容如下:

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: nginx-proxy-manager-pvc
  namespace: nginx-proxy-manager
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 500Mi
  # 指向前面创建的PV的名称
  volumeName: nginx-proxy-manager-pv
# 部署持久化卷申明到k8s
kubectl apply -f /k8s/nginx-proxy-manager-pvc.yml

4、部署Nginx Proxy Manager

# 创建编排文件:nginx-proxy-manager-deployment.yml
vim /k8s/nginx-proxy-manager-deployment.yml

文件内容如下:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-proxy-manager
  namespace: nginx-proxy-manager
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx-proxy-manager
  template:
    metadata:
      labels:
        app: nginx-proxy-manager
    spec:
      containers:
        - name: nginx-proxy-manager
          image: jc21/nginx-proxy-manager:latest
          ports:
            - containerPort: 80
              name: http
            - containerPort: 81
              name: https
          volumeMounts:
            - name: data
              mountPath: /data
          env:
            # 这里必须要配置能访问正常的mysql数据库
            - name: DB_MYSQL_HOST
              value: "192.168.6.1"
            - name: DB_MYSQL_PORT
              value: "3306"
            - name: DB_MYSQL_USER
              value: "root"
            - name: DB_MYSQL_PASSWORD
              value: "cm207893"
            - name: DB_MYSQL_NAME
              value: "npm"
      volumes:
        - name: data
          persistentVolumeClaim:
            # 指向前面创建的pvc
            claimName: nginx-proxy-manager-pvc
# 部署nginx proxy manager镜像到k8s
kubectl apply -f /k8s/nginx-proxy-manager-deployment.yml

5、创建Service

# 创建编排文件:nginx-proxy-manager-service.yml
vim /k8s/nginx-proxy-manager-service.yml

文件内容如下:

apiVersion: v1
kind: Service
metadata:
  name: nginx-proxy-manager
  namespace: nginx-proxy-manager
spec:
  selector:
    app: nginx-proxy-manager
  ports:
    - protocol: TCP
      port: 80
      targetPort: 80
      name: http
    - protocol: TCP
      port: 81
      targetPort: 81
      name: https
  type: LoadBalancer
# 部署service到k8s
kubectl apply -f /k8s/nginx-proxy-manager-service.yml

这里可能会遇到k8s的端口限制而报错:

[root@master ~]# kubectl apply -f /k8s/nginx-proxy-manager-service.yml
The Service “nginx-proxy-manager” is invalid: spec.ports[0].nodePort: Invalid value: 80: provided port is not in the valid range. The range of valid ports is 30000-32767

解决:
(1)、 编辑 kube-apiserver.yaml文件

vim /etc/kubernetes/manifests/kube-apiserver.yaml

(2)、 找到 --service-cluster-ip-range 这一行,在该行下面1行增加以下内容

- --service-node-port-range=1-65535

如图所示:
5、k8s部署Nginx Proxy Manager_第1张图片

(3)、重启 kubelet

systemctl daemon-reload
systemctl restart kubelet

6、创建Ingress

# 创建编排文件:nginx-proxy-manager-ingress.yml
vim /k8s/nginx-proxy-manager-ingress.yml

文件内容如下:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: nginx-proxy-manager-ingress
  namespace: nginx-proxy-manager
spec:
  rules:
  # 这里配置通配符,表示以.felix666.com的都可以访问
  - host: "*.felix666.com"
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: nginx-proxy-manager-service
            port:
              number: 80
# 部署ingress到k8s
kubectl apply -f /k8s/nginx-proxy-manager-ingress.yml

7、测试访问

查看服务端口:

[root@k8s-master k8s]# kubectl get service -n nginx-proxy-manager
NAME                  TYPE           CLUSTER-IP    EXTERNAL-IP   PORT(S)               AGE
nginx-proxy-manager   LoadBalancer   10.97.63.81   <pending>     80:80/TCP,81:81/TCP   17h

将容器内部nginx-proxy-manager服务所在端口81映射到了外部主机(我的是虚拟机:192.168.6.11)的81端口
所以外部访问地址:http://192.168.6.11:81
5、k8s部署Nginx Proxy Manager_第2张图片
默认登陆的用户名:[email protected] 密码:changeme

你可能感兴趣的:(系统运维,kubernetes,nginx,容器)