7 K8S 实现 nginx + php + wordpress + mysql 实现完全容器化的 web 站点案例
项目地址:https://github.com/As9530272755/k8sOfLNMP
这里的数据库则采用的是:K8S 实战系列: MySQL 主从
而 nginx 和 php 镜像则需要通过自己构建,word press 的话就类似于公司中的运行程序
访问静态数据就交给 nginx 处理,而这个数据也是放到后端存储,如果是写数据的话就是转给 PHP 的,然后由 php 来进行渲染然后在返回给 nginx ,写数据一定是 php 往里写
7.1构建镜像
7.1.1 构建 nginx 基础镜像
1.下载安装包
[14:42:24 root@k8s-master dockerfile]#wget http://nginx.org/download/nginx-1.14.2.tar.gz
2.编写 dockefile
[14:40:56 root@k8s-master dockerfile]#vim Dockerfile
#Nginx Base Image
FROM hub.zhangguiyuan.com/baseimage/centos-base:7.8.2003
MAINTAINER zhangguiyuan
# 安装依赖
RUN yum install -y vim wget tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools iotop
# 解压安装包
ADD nginx-1.14.2.tar.gz /usr/local/src/
# 编译
RUN cd /usr/local/src/nginx-1.14.2 && ./configure --prefix=/apps/nginx && make && make install && ln -sv /apps/nginx/sbin/nginx /usr/sbin/nginx &&rm -rf /usr/local/src/nginx-1.14.2.tar.gz
3.编写构建脚本
[14:43:57 root@k8s-master dockerfile]#vim build-command.sh
#!/bin/bash
docker build -t hub.zhangguiyuan.com/baseimage/nginx-base-wordpress:v1.14.2 .
sleep 1
docker push hub.zhangguiyuan.com/baseimage/nginx-base-wordpress:v1.14.2
4.执行构建脚本
[14:44:58 root@k8s-master dockerfile]#. build-command.sh
7.1.2 构建 nginx 配置文件镜像
1.编写 nginx.conf 文件
由于我在 nginx 的配置文件中定义了 php 的配置,所以我们打完该镜像的时候还不能及时运行,因为依赖于 php
[14:48:02 root@k8s-master nginxconfig]#cat nginx.conf
user nginx nginx;
worker_processes auto;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
#daemon off;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
client_max_body_size 10M;
client_body_buffer_size 16k;
client_body_temp_path /apps/nginx/tmp 1 2 2;
gzip on;
server {
listen 80;
server_name blogs.magedu.net;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root /home/nginx/wordpress;
index index.php index.html index.htm;
#if ($http_user_agent ~ "ApacheBench|WebBench|TurnitinBot|Sogou web spider|Grid Service") {
# proxy_pass http://www.baidu.com;
# #return 403;
#}
}
# 一旦访问 php 后最的文件就会将请求调度给本就的 9000 端口
location ~ \.php$ {
root /home/nginx/wordpress;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
#fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
2.编写 nginx html 测试页
[14:50:57 root@k8s-master nginxconfig]#echo "nginx web1" > index.html
nginx web1
3.编写 nginx 容器运行脚本
[14:51:03 root@k8s-master nginxconfig]#cat run_nginx.sh
#!/bin/bash
/apps/nginx/sbin/nginx
tail -f /etc/hosts
4.编写 dockerfile 文件
[14:52:30 root@k8s-master nginxconfig]#vim Dockerfile
FROM hub.zhangguiyuan.com/baseimage/nginx-base-wordpress:v1.14.2
ADD nginx.conf /apps/nginx/conf/nginx.conf
ADD run_nginx.sh /apps/nginx/sbin/run_nginx.sh
RUN mkdir -pv /home/nginx/wordpress
RUN chown nginx.nginx /home/nginx/wordpress/ -R
EXPOSE 80 443
CMD ["/apps/nginx/sbin/run_nginx.sh"]
5.编写构建脚本
[14:54:32 root@k8s-master nginxconfig]#vim build-command.sh
#!/bin/bash
TAG=$1
docker build -t hub.zhangguiyuan.com/baseimage/wordpress-nginx:${TAG} .
echo "镜像制作完成,即将上传至Harbor服务器"
sleep 1
docker push hub.zhangguiyuan.com/baseimage/wordpress-nginx:${TAG}
echo "镜像上传完成"
6.给当前脚本添加执行权限
[14:55:12 root@k8s-master nginxconfig]#chmod +x *.sh
7.运行构建脚本
[14:56:23 root@k8s-master nginxconfig]#. build-command.sh v1.14.2
7.1.3 构建 php 镜像
1.编写 dockerfile
[15:01:16 root@k8s-master php]#vim Dockerfile
#PHP Base Image
FROM hub.zhangguiyuan.com/baseimage/centos-base:7.8.2003
MAINTAINER zhangguiyaun
RUN yum install -y https://mirrors.tuna.tsinghua.edu.cn/remi/enterprise/remi-release-7.rpm && yum install php56-php-fpm php56-php-mysql -y
ADD www.conf /opt/remi/php56/root/etc/php-fpm.d/www.conf
# RUN useradd nginx -u 2019
ADD run_php.sh /usr/local/bin/run_php.sh
EXPOSE 9000
CMD ["/usr/local/bin/run_php.sh"]
2.创建 php 配置文件,这里我就不写了,可用过 apt 或者 yum 的方式先下载一个 php 然后再将对应的配置文件拷贝过来修改即可
# 去掉注释的配置文件
[15:00:10 root@k8s-master php]#cat www.conf | grep "^[^;]"
[www]
user = nginx # 这里通过 nginx 用户启动,因为在 nginx 中也是通过该用户启动
group = nginx
listen = 0.0.0.0:9000
pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
slowlog = /opt/remi/php56/root/var/log/php-fpm/www-slow.log
php_admin_value[error_log] = /opt/remi/php56/root/var/log/php-fpm/www-error.log
php_admin_flag[log_errors] = on
php_value[session.save_handler] = files
php_value[session.save_path] = /opt/remi/php56/root/var/lib/php/session
php_value[soap.wsdl_cache_dir] = /opt/remi/php56/root/var/lib/php/wsdlcache
3.编写启动脚本
[15:04:05 root@k8s-master php]#cat run_php.sh
#!/bin/bash
/opt/remi/php56/root/usr/sbin/php-fpm
tail -f /etc/hosts
4.编写构建脚本
[15:04:12 root@k8s-master php]#vim build-command.sh
#!/bin/bash
TAG=$1
docker build -t hub.zhangguiyuan.com/baseimage/wordpress-php-5.6:${TAG} .
echo "镜像制作完成,即将上传至Harbor服务器"
sleep 1
docker push hub.zhangguiyuan.com/baseimage/wordpress-php-5.6:${TAG}
echo "镜像上传完成"
5.添加执行权限
[15:10:01 root@k8s-master php]#chmod +x *.sh
6.运行构建脚本
[15:13:08 root@k8s-master php]#. build-command.sh v1
7.2 编写 yaml 文件
7.2.1 创建 ns
1.编写 ns yaml
[15:18:04 root@k8s-master yaml]#vim ns.yaml
apiVersion: v1
kind: Namespace
metadata:
name: wordpress
2.运行
[15:18:53 root@k8s-master yaml]#kubectl apply -f ns.yaml
7.2.2 创建 wordpress pod
1.在 nfs 服务上创建挂载目录
[15:23:07 root@harbor-nfs ~]#mkdir -p /data/k8sdata/wordpress/wordpress
2.回到 master 节点编写 yaml 文件
[15:30:26 root@k8s-master yaml]#cat wordpress.yaml
kind: Deployment
#apiVersion: extensions/v1beta1
apiVersion: apps/v1
metadata:
labels:
app: wordpress-app
name: wordpress-app-deployment
namespace: wordpress
spec:
replicas: 1
selector:
matchLabels:
app: wordpress-app
template:
metadata:
labels:
app: wordpress-app
spec:
containers:
- name: wordpress-app-nginx
image: hub.zhangguiyuan.com/baseimage/wordpress-nginx:v1.14.2
imagePullPolicy: Always
ports:
- containerPort: 80
protocol: TCP
name: http
- containerPort: 443
protocol: TCP
name: https
volumeMounts:
- name: wordpress
mountPath: /home/nginx/wordpress
readOnly: false
- name: wordpress-app-php
image: hub.zhangguiyuan.com/baseimage/wordpress-php-5.6:v1
#image: harbor.wordpress.net/wordpress/php:5.6.40-fpm
#imagePullPolicy: IfNotPresent
imagePullPolicy: Always
ports:
- containerPort: 9000
protocol: TCP
name: http
volumeMounts:
- name: wordpress
mountPath: /home/nginx/wordpress
readOnly: false
volumes:
- name: wordpress
nfs:
server: 10.0.0.133
path: /data/k8sdata/wordpress/wordpress
---
kind: Service
apiVersion: v1
metadata:
labels:
app: wordpress-app
name: wordpress-app-spec
namespace: wordpress
spec:
type: NodePort
ports:
- name: http
port: 80
protocol: TCP
targetPort: 80
nodePort: 30031
- name: https
port: 443
protocol: TCP
targetPort: 443
nodePort: 30033
selector:
app: wordpress-app
3.创建
[15:30:27 root@k8s-master yaml]#kubectl apply -f wordpress.yaml
4.查看 pod 状态
[15:39:56 root@k8s-master yaml]#kubectl get pod -n wordpress
NAME READY STATUS RESTARTS AGE
wordpress-app-deployment-657f96f598-xm8gt 2/2 Running 0 5s
7.2.3 html 验证
1.在挂载目录下创建也给 index.html 文件
[15:42:44 root@harbor-nfs ~]#echo "test web" > /data/k8sdata/wordpress/wordpress/index.html
2.浏览器访问 nodeport 端口
7.2.4 php 验证
1.在挂载目录下编写一个 test.php 验证 php 环境是否成功
[15:42:49 root@harbor-nfs ~]#vim /data/k8sdata/wordpress/wordpress/test.php
<?php
phpinfo();
?>
2.浏览器验证
http://10.0.0.131:30031/test.php
7.3 在 mysql pod 中授权
这里的 mysql pod 是通过 MySQL 主从搭建:K8S 实战系列: MySQL 主从 – Code:Z
# 进入 mysql pod
[16:08:09 root@k8s-master k8sOfLNMP]#kubectl exec -it -n mysql mysql-0 /bin/bash
# 进入数据库
root@mysql-0:/# mysql
# 创建 wordpress 库
mysql> create database wordpress;
Query OK, 1 row affected (0.01 sec)
# 创建 wordpress 用户并授权
mysql> grant all on wordpress.* to wordpress@'127.0.0.1' identified by "wordpress";
Query OK, 0 rows affected, 1 warning (0.01 sec)
7.4 安装 wordpress
这里的 wordpress 其实就类似于工作中的业务代码
# 进入到挂载目录
[15:50:32 root@harbor-nfs ~]#cd /data/k8sdata/wordpress/wordpress/
# 下载 wordpress
[16:32:53 root@harbor-nfs wordpress]#wget https://cn.wordpress.org/wordpress-5.0.2-zh_CN.tar.gz
# 解压
[15:52:05 root@harbor-nfs wordpress]#tar xf wordpress-5.0.2-zh_CN.tar.gz
# 移动到挂载目录
[15:53:00 root@harbor-nfs wordpress]#mv wordpress/* /data/k8sdata/wordpress/wordpress/
通过浏览器访问 http://10.0.0.131:30031/ 就能够看到安装页面,接下来就将刚才的 mysql 授权添加即可,数据库地址的话就解析 mysql 的 DNS mysql-0.mysql.mysql.svc.linux.local
