有些人只是部署了一个kubernetes(简称k8s),mysql自然是也是想部署到该容器底座中。但是为了方便,一般只是想部署一个单机版本的mysql。该教程主要是分享,如何把mysql5.7单机版快速的部署到k8s中,并且方便修改my.cnf配置,同时修改密码,适用于中小型项目中。
文章最后附完整的 k8s yaml,直接 kubectl apply -f 即可使用。
本问使用相关版本
20 > docker版本 >= 19
1.20 > kubernetes >= 1.19
步骤
1、在dockerhub中选择mysql5.7容器,选择官网的容器,方便查资料,以及更加可靠
2、分析mysql5.7 my.cnf的位置,方便后续使用k8s的 configmap 进行修改
3、编写K8S的声明式API,也有人说这个是在做k8S的容器编排
3.1、编写POD的相关信息
3.2、编写mysql的data存储位置
3.3、编写mysql的my.cnf的挂载文件
3.4、编写mysql的service端口
4、启动mysql之后,禁用root账户
5、修改service的nodeport即可直接使用
从中获取的信息有:
容器的名称和版本为:mysql:5.7
cd /etc/docker
cat my.cnf
...
!includedir /etc/mysql/conf.d/
!includedir /etc/mysql/mysql.conf.d/
从以上可以看出,挂载的文件夹有 /etc/mysql/conf.d/ 和 /etc/mysql/mysql.conf.d/ 两个
进入 /etc/mysql/conf.d/ 里面查看
cd /etc/mysql/conf.d/
docker.cnf mysqldump.cnf
可以看出,里面有两个文件,如果我们需要配置,直接在这个里面创建 .cnf 的配置文件即可,例如,填入以下内容
创建 myHome.cnf
# vi myHome.cnf
[mysqld]
default_storage_engine=innodb
max_connections=2000
skip_external_locking
lower_case_table_names=1
skip_host_cache
skip_name_resolve
default-time-zone='+8:00'
character_set_server=utf8mb
初始化密码,默认密码为 123456
apiVersion: v1
kind: Secret
metadata:
name: mysql-sct
labels:
app: mysql
type: Opaque
data:
mysql-root-password: "MTIzNDU2"
mysql-password: "MTIzNDU2"
#注mysql-root-password, mysql-password需经过base6 4命令行下使用base64 <<< "密码",默认密码123456
编写pod
apiVersion: apps/v1
kind: Deployment
metadata:
name: mysql
labels:
app: mysql
spec:
selector:
matchLabels:
app: mysql
#strategy:
# type: RollingUpdate
template:
metadata:
labels:
app: mysql
spec:
containers:
- image: mysql:5.7 # 选用dockerhub提供的镜像
imagePullPolicy: IfNotPresent
name: mysql
env:
- name: MYSQL_ROOT_PASSWORD # root账户密码
valueFrom:
secretKeyRef:
key: mysql-root-password
name: mysql-sct
- name: MYSQL_PASSWORD # mymysql的账户密码
valueFrom:
secretKeyRef:
key: mysql-password
name: mysql-sct
- name: MYSQL_USER #默认创建除了root之外的账户
value: mymysql
ports:
- containerPort: 3306
name: mysql
volumeMounts:
- name: mysql-pv
mountPath: /var/lib/mysql #mysql data的持久化文件
- name: mysql-cm
mountPath: /etc/mysql/conf.d/ # mysql的 配置文件
volumes:
- name: mysql-pv
persistentVolumeClaim:
claimName: mysql-pvc
- name: mysql-cm
configMap:
name: mysql-cm
items:
- key: myHome.cnf
path: myHome.cnf
编写存储卷
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: mysql-pvc
labels:
app: mysql
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
一共编写了三个文件,myHome.cnf docker.cnf mysqldump.cnf
kind: ConfigMap
apiVersion: v1
metadata:
name: mysql-cm
data:
myHome.cnf: |
[mysqld]
default_storage_engine=innodb
max_connections=2000
skip_external_locking
lower_case_table_names=1
skip_host_cache
skip_name_resolve
default-time-zone='+8:00'
character_set_server=utf8mb4
docker.cnf: |
[mysqld]
skip-host-cache
skip-name-resolve
mysqldump.cnf: |
[mysqldump]
quick
quote-names
max_allowed_packet = 16M
apiVersion: v1
kind: Service
metadata:
name: mysql-svc
labels:
app: mysql
spec:
type: NodePort
ports:
- port: 3306
nodePort: 30306
selector:
app: mysql
进到k8s容器控制台里面处理,获取使用navica等mysql客户端连接工具进行处理。
完整yaml下载地址:https://gitee.com/chencanzhan/cancan-java-share/blob/master/kubernetes/yaml/mysql.yaml
下载后,运行 kubectl apply -f mysql.yaml
persistentvolumeclaim/mysql-pvc created
secret/mysql-sct created
deployment.apps/mysql created
configmap/mysql-cm created
service/mysql-svc created
# mysql -uroot -p123456
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.7.36 MySQL Community Server (GPL)
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
同时查看date,如果时间对,则说明配置生效
mysql> select now();
+---------------------+
| now() |
+---------------------+
| 2023-12-11 23:17:18 |
+---------------------+
1 row in set (0.00 sec
时间对,则说明我们的 myHome.cnf 生效了
1 删除root远程访问权限,并创建另一个拥有root权限账户
-- 切换到mysql数据库,并查看user表
mysql> use mysql;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> select user,host from user;
+---------------+-----------+
| user | host |
+---------------+-----------+
| mymysql | % |
| root | % |
| mysql.session | localhost |
| mysql.sys | localhost |
| root | localhost |
+---------------+-----------+
5 rows in set (0.00 sec)
--- 删除mysql数据库user表中 user="root",host="%"的那条记录,并刷新权限
mysql> delete user from mysql.user where user='root' and host='%';
Query OK, 1 row affected (0.00 sec)
flush privileges;
1 把mysql账户的密码修改复杂一点,并赋予root权限
mysql> UPDATE mysql.user SET authentication_string=PASSWORD('admin@123') WHERE User='mymysql';
Query OK, 1 row affected, 1 warning (0.00 sec)
Rows matched: 1 Changed: 1 Warnings: 1
FLUSH PRIVILEGES;
并赋予root权限
mysql> GRANT ALL ON *.* TO 'mymysql'@'%' WITH GRANT OPTION;
Query OK, 0 rows affected (0.00 sec)
mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.01 sec)
从上图可以看出,mymysql采用密码 admin@123 顺利登录,而且有root权限。
当前控制台 本地可以登录