(1條消息) k8s搭建一個基于ingress,service,pv,pvc,deployment等的nginx項目_kali_yao的博客-CSDN博客

上面的nginx與php服務部署簡單但是彈性闊容比較麻煩，要把nginx和php一起闊容；這里就把nginx和php從一個pod中剝離出來；但是由于php負載較高，所以這里還加了HPA控制器（彈性伸縮），但是在配置文件中要指定服務IP與端口，但是容器的ip是會變的不好掌控（如下圖指定），這里就起一個php服務，后端php直接指定php服務，nginx解析就可以直接找php服務ip了

彈性云架構圖解

架構解析

NFS

提供存儲，負責存儲網站的頁面（需要編寫pv 和pvc資源文件）

PHP彈性集群

負責解析動態網址（需要編寫deploy和hpa，service資源文件，configmap）

Nginx集群

負責解析靜態頁面，提供網頁服務（需要編寫deploy資源文件和configmap）

Ingress

對外發布網站，提供集群外訪問路由（需要編寫ingress資源文件）

configmap內修改的內容如下圖：

?資源文件書寫與創建服務

# 資源文件書寫,需要做一個nginx和php鏡像也可以下nginx和php鏡像 ~]# vim nginx.yaml --- kind: PersistentVolume apiVersion: v1 metadata:name: pv-nfs spec:volumeMode: Filesystemcapacity:storage: 30GiaccessModes:- ReadWriteOnce- ReadOnlyMany- ReadWriteManypersistentVolumeReclaimPolicy: Retainnfs:server: 192.168.1.100path: /var/webroot ? --- kind: PersistentVolumeClaim apiVersion: v1 metadata:name: pvc-nfs spec:volumeMode: FilesystemaccessModes:- ReadWriteManyresources:requests:storage: 25Gi ? --- kind: ConfigMap apiVersion: v1 metadata:name: php-conf data:www.conf: "; Start a new pool named 'www'.\n[www]\n\n; The address on which to acceptFastCGI requests.\n; Valid syntaxes are:\n; ? 'ip.add.re.ss:port' ? - to listenon a TCP socket to a specific address on\n; ? ? ? ? ? ? ? ? ? ? ? ? ? a specificport;\n; ? 'port' ? ? ? ? ? ? ? ? - to listen on a TCP socket to all addresseson a\n; ? ? ? ? ? ? ? ? ? ? ? ? ? specific port;\n; ? '/path/to/unix/socket'- to listen on a unix socket.\n; Note: This value is mandatory.\nlisten = 0.0.0.0:9000\n\n;Set listen(2) backlog. A value of '-1' means unlimited.\n; Default Value: -1\n;listen.backlog= -1\n \n; List of ipv4 addresses of FastCGI clients which are allowed to connect.\n;Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original\n;PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address\n;must be separated by a comma. If this value is left blank, connections will be\n;accepted from any ip address.\n; Default Value: any\n; listen.allowed_clients= 127.0.0.1\n\n; Set permissions for unix socket, if one is used. In Linux, read/write\n;permissions must be set in order to allow connections from a web server. Many\n;BSD-derived systems allow connections regardless of permissions. \n; Default Values:user and group are set as the running user\n; ? ? ? ? ? ? ? ? mode is set to 0666\n;listen.owner= nobody\n;listen.group = nobody\n;listen.mode = 0666\n\n; Unix user/group ofprocesses\n; Note: The user is mandatory. If the group is not set, the defaultuser's group\n; ? ? ? will be used.\n; RPM: apache Choosed to be able to accesssome dir as httpd\nuser = apache\n; RPM: Keep a group allowed to write in logdir.\ngroup = apache\n\n; Choose how the process manager will control the numberof child processes.\n; Possible Values:\n; ? static - a fixed number (pm.max_children)of child processes;\n; ? dynamic - the number of child processes are set dynamicallybased on the\n; ? ? ? ? ? ? following directives:\n; ? ? ? ? ? ? pm.max_children\ ? ? - the maximum number of children that can\n; ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? bealive at the same time.\n; ? ? ? ? ? ? pm.start_servers ? ? - the number of childrencreated on startup.\n; ? ? ? ? ? ? pm.min_spare_servers - the minimum number ofchildren in 'idle'\n; ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? state (waiting to process).If the number\n; ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? of 'idle' processes is lessthan this\n; ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? number then some children willbe created.\n; ? ? ? ? ? ? pm.max_spare_servers - the maximum number of childrenin 'idle'\n; ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? state (waiting to process). Ifthe number\n; ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? of 'idle' processes is greaterthan this\n; ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? number then some children willbe killed.\n; Note: This value is mandatory.\npm = dynamic\n\n; The number ofchild processes to be created when pm is set to 'static' and the\n; maximum numberof child processes to be created when pm is set to 'dynamic'.\n; This value setsthe limit on the number of simultaneous requests that will be\n; served. Equivalentto the ApacheMaxClients directive with mpm_prefork.\n; Equivalent to the PHP_FCGI_CHILDRENenvironment variable in the original PHP\n; CGI.\n; Note: Used when pm is setto either 'static' or 'dynamic'\n; Note: This value is mandatory.\npm.max_children= 50\n\n; The number of child processes created on startup.\n; Note: Used onlywhen pm is set to 'dynamic'\n; Default Value: min_spare_servers + (max_spare_servers- min_spare_servers) / 2\npm.start_servers = 5\n\n; The desired minimum numberof idle server processes.\n; Note: Used only when pm is set to 'dynamic'\n; Note:Mandatory when pm is set to 'dynamic'\npm.min_spare_servers = 5\n\n; The desiredmaximum number of idle server processes.\n; Note: Used only when pm is set to'dynamic'\n; Note: Mandatory when pm is set to 'dynamic'\npm.max_spare_servers= 35\n \n; The number of requests each child process should execute before respawning.\n;This can be useful to work around memory leaks in 3rd party libraries. For\n;endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.\n;Default Value: 0\n;pm.max_requests = 500\n\n; The URI to view the FPM status page.If this value is not set, no URI will be\n; recognized as a status page. By default,the status page shows the following\n; information:\n; ? accepted conn ? - thenumber of request accepted by the pool;\n; ? pool ? ? ? ? ? ? - the name of thepool;\n; ? process manager - static or dynamic;\n; ? idle processes ? - the numberof idle processes;\n; ? active processes - the number of active processes;\n;\ total processes - the number of idle + active processes.\n; The values of'idle processes', 'active processes' and 'total processes' are\n; updated eachsecond. The value of 'accepted conn' is updated in real time.\n; Example output:\n;\ accepted conn: ? 12073\n; ? pool: ? ? ? ? ? ? www\n; ? process manager: ?static\n;\ idle processes: ? 35\n; ? active processes: 65\n; ? total processes: ?100\n;By default the status page output is formatted as text/plain. Passing either\n;'html' or 'json' as a query string will return the corresponding output\n; syntax.Example:\n; ? http://www.foo.bar/status\n; ? http://www.foo.bar/status?json\n;\ http://www.foo.bar/status?html\n; Note: The value must start with a leadingslash (/). The value can be\n; ? ? ? anything, but it may not be a good idea touse the .php extension or it\n; ? ? ? may conflict with a real PHP file.\n; DefaultValue: not set \n;pm.status_path = /status\n \n; The ping URI to call the monitoringpage of FPM. If this value is not set, no\n; URI will be recognized as a pingpage. This could be used to test from outside\n; that FPM is alive and responding,or to\n; - create a graph of FPM availability (rrd or such);\n; - remove a serverfrom a group if it is not responding (load balancing);\n; - trigger alerts forthe operating team (24/7).\n; Note: The value must start with a leading slash(/). The value can be\n; ? ? ? anything, but it may not be a good idea to usethe .php extension or it\n; ? ? ? may conflict with a real PHP file.\n; DefaultValue: not set\n;ping.path = /ping\n\n; This directive may be used to customizethe response of a ping request. The\n; response is formatted as text/plain witha 200 response code.\n; Default Value: pong\n;ping.response = pong\n \n; The timeoutfor serving a single request after which the worker process will\n; be killed.This option should be used when the 'max_execution_time' ini option\n; does notstop script execution for some reason. A value of '0' means 'off'.\n; Availableunits: s(econds)(default), m(inutes), h(ours), or d(ays)\n; Default Value: 0\n;request_terminate_timeout= 0\n \n; The timeout for serving a single request after which a PHP backtracewill be\n; dumped to the 'slowlog' file. A value of '0s' means 'off'.\n; Availableunits: s(econds)(default), m(inutes), h(ours), or d(ays)\n; Default Value: 0\n;request_slowlog_timeout= 0\n \n; The log file for slow requests\n; Default Value: not set\n; Note: slowlogis mandatory if request_slowlog_timeout is set\nslowlog = /var/log/php-fpm/www-slow.log\n\n; Set open file descriptor rlimit.\n; Default Value: system defined value\n;rlimit_files= 1024\n \n; Set max core size rlimit.\n; Possible Values: 'unlimited' or an integergreater or equal to 0\n; Default Value: system defined value\n;rlimit_core = 0\n\n; Chroot to this directory at the start. This value must be defined as an\n;absolute path. When this value is not set, chroot is not used.\n; Note: chrootingis a great security feature and should be used whenever \n; ? ? ? possible. However,all PHP paths will be relative to the chroot\n; ? ? ? (error_log, sessions.save_path,...).\n; Default Value: not set\n;chroot = \n \n; Chdir to this directory at thestart. This value must be an absolute path.\n; Default Value: current directoryor / when chroot\n;chdir = /var/www\n \n; Redirect worker stdout and stderr intomain error log. If not set, stdout and\n; stderr will be redirected to /dev/nullaccording to FastCGI specs.\n; Default Value: no\n;catch_workers_output = yes\n\n; Limits the extensions of the main script FPM will allow to parse. This can\n;prevent configuration mistakes on the web server side. You should only limit\n;FPM to .php extensions to prevent malicious users to use other extensions to\n;exectute php code.\n; Note: set an empty value to allow all extensions.\n; DefaultValue: .php\n;security.limit_extensions = .php .php3 .php4 .php5\n\n; Pass environmentvariables like LD_LIBRARY_PATH. All $VARIABLEs are taken from\n; the current environment.\n;Default Value: clean env\n;env[HOSTNAME] = $HOSTNAME\n;env[PATH] = /usr/local/bin:/usr/bin:/bin\n;env[TMP]= /tmp\n;env[TMPDIR] = /tmp\n;env[TEMP] = /tmp\n\n; Additional php.ini defines,specific to this pool of workers. These settings\n; overwrite the values previouslydefined in the php.ini. The directives are the\n; same as the PHP SAPI:\n; ? php_value/php_flag\ ? ? ? ? ? - you can set classic ini defines which can\n; ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? beoverwritten from PHP call 'ini_set'. \n; ? php_admin_value/php_admin_flag - thesedirectives won't be overwritten by\n; ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? PHPcall 'ini_set'\n; For php_*flag, valid values are on, off, 1, 0, true, false,yes or no.\n\n; Defining 'extension' will load the corresponding shared extensionfrom\n; extension_dir. Defining 'disable_functions' or 'disable_classes' willnot\n; overwrite previously defined php.ini values, but will append the new value\n;instead.\n\n; Default Value: nothing is defined by default except the values inphp.ini and\n; ? ? ? ? ? ? ? specified at startup with the -d argument\n;php_admin_value[sendmail_path]= /usr/sbin/sendmail -t -i -f www@my.domain.com\n;php_flag[display_errors] = off\nphp_admin_value[error_log]= /var/log/php-fpm/www-error.log\nphp_admin_flag[log_errors] = on\n;php_admin_value[memory_limit]= 128M\n\n; Set session path to a directory owned by process user\nphp_value[session.save_handler]= files\nphp_value[session.save_path] = /var/lib/php/session\n\n" ? --- kind: Deployment apiVersion: apps/v1 metadata:name: php-deploy spec:selector:matchLabels:app: myphpreplicas: 1template:metadata:labels:app: myphpspec:volumes:- name: php-confconfigMap:name: php-conf- name: websitepersistentVolumeClaim:claimName: pvc-nfscontainers:- name: php-fpmimage: 192.168.1.100:5000/myos:php-fpmvolumeMounts:- name: php-confsubPath: www.confmountPath: /etc/php-fpm.d/www.conf- name: websitemountPath: /usr/local/nginx/htmlports:- protocol: TCPcontainerPort: 9000resources:requests:cpu: 200mrestartPolicy: Always ? --- kind: HorizontalPodAutoscaler apiVersion: autoscaling/v1 metadata:name: myphp spec:minReplicas: 1maxReplicas: 5scaleTargetRef:apiVersion: apps/v1kind: Deploymentname: php-deploytargetCPUUtilizationPercentage: 50 ? --- apiVersion: v1 kind: Service metadata:name: phpbackend spec:ports:- protocol: TCPport: 9000targetPort: 9000selector:app: myphptype: ClusterIP ? --- kind: ConfigMap apiVersion: v1 metadata:name: nginx-conf data:nginx.conf: |2 ?#user nobody;worker_processes 1; ?#error_log logs/error.log;#error_log logs/error.log notice;#error_log logs/error.log info; ?#pid ? ? ? logs/nginx.pid; ? ?events {worker_connections 1024;} ? ?http {include ? ? ? mime.types;default_type application/octet-stream; ?#log_format main '$remote_addr - $remote_user [$time_local] "$request" '# ? ? ? ? ? ? ? ? '$status $body_bytes_sent "$http_referer" '# ? ? ? ? ? ? ? ? '"$http_user_agent" "$http_x_forwarded_for"'; ?#access_log logs/access.log main; ?sendfile ? ? ? on;#tcp_nopush ? ? on; ?#keepalive_timeout 0;keepalive_timeout 65; ?#gzip on; ?server {listen ? ? ? 80;server_name localhost; ?#charset koi8-r; ?#access_log logs/host.access.log main; ?location / {root ? html;index index.html index.htm;} ?#error_page 404 ? ? ? ? ? ? /404.html; ?# redirect server error pages to the static page /50x.html#error_page ? 500 502 503 504 /50x.html;location = /50x.html {root ? html;} ?# proxy the PHP scripts to Apache listening on 127.0.0.1:80##location ~ \.php$ {# ? proxy_pass ? http://127.0.0.1;#} ?# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000#location ~ \.php$ {root ? ? ? ? ? html;fastcgi_pass ? phpbackend:9000;fastcgi_index index.php;include ? ? ? fastcgi.conf;} ?# deny access to .htaccess files, if Apache's document root# concurs with nginx's one##location ~ /\.ht {# ? deny all;#}} ? ?# another virtual host using mix of IP-, name-, and port-based configuration##server {# ? listen ? ? ? 8000;# ? listen ? ? ? somename:8080;# ? server_name somename alias another.alias; ?# ? location / {# ? ? ? root ? html;# ? ? ? index index.html index.htm;# ? }#} ? ?# HTTPS server##server {# ? listen ? ? ? 443 ssl;# ? server_name localhost; ?# ? ssl_certificate ? ? cert.pem;# ? ssl_certificate_key cert.key; ?# ? ssl_session_cache ? shared:SSL:1m;# ? ssl_session_timeout 5m; ?# ? ssl_ciphers HIGH:!aNULL:!MD5;# ? ssl_prefer_server_ciphers on; ?# ? location / {# ? ? ? root ? html;# ? ? ? index index.html index.htm;# ? }#} ?} ? --- kind: Deployment apiVersion: apps/v1 metadata:name: webcluster spec:selector:matchLabels:app: mynginxreplicas: 3template:metadata:labels:app: mynginxspec:volumes:- name: nginx-phpconfigMap:name: nginx-conf- name: log-datahostPath:path: /var/log/weblogtype: DirectoryOrCreate- name: websitepersistentVolumeClaim:claimName: pvc-nfscontainers:- name: nginximage: 192.168.1.100:5000/myos:nginxvolumeMounts:- name: nginx-phpsubPath: nginx.confmountPath: /usr/local/nginx/conf/nginx.conf- name: log-datamountPath: /usr/local/nginx/logs- name: websitemountPath: /usr/local/nginx/htmlports:- protocol: TCPcontainerPort: 80restartPolicy: Always ? --- apiVersion: v1 kind: Service metadata:name: webforeground spec:ports:- protocol: TCPport: 80targetPort: 80selector:app: mynginxtype: ClusterIP ? --- apiVersion: extensions/v1beta1 kind: Ingress metadata:name: webclusterannotations:kubernetes.io/ingress.class: "nginx" spec:backend:serviceName: webforegroundservicePort: 80 # 添加 ~]# kubctl apply -f nginx.yaml

總結

以上是生活随笔為你收集整理的k8s项目（弹性云实战）的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。