Web 应用
HTTP 服务部署
Deployment & Service
在 K8s Boilerplates 中我们定义了简单的
# nginx-deployment-service.yaml
---
apiVersion: apps/v1 # for versions before 1.9.0 use apps/v1beta2
kind: Deployment
metadata:
name: nginx
spec:
strategy:
type: Recreate
selector:
matchLabels:
app: nginx
replicas: 3 # tells deployment to run 1 pods matching the template
template: # create pods using pod definition in this template
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: nginx
namespace: default
labels:
app: nginx
spec:
externalTrafficPolicy: Local
ports:
- name: http
port: 80
selector:
app: nginx
type: NodePort
$ kubectl create -f nginx-deployment-service.yaml
$ kubectl get pod
NAME READY STATUS RESTARTS AGE
nginx-56db997f77-2q6qz 1/1 Running 0 3m21s
nginx-56db997f77-fv2zs 1/1 Running 0 3m21s
nginx-56db997f77-wx2q5 1/1 Running 0 3m21s
$ kubectl get deployment
NAME READY UP-TO-DATE AVAILABLE AGE
nginx 3/3 3 3 3m36s
$ kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.43.0.1 <none> 443/TCP 21h
nginx NodePort 10.43.8.50 <none> 80:32356/TCP 4m5s
Ingress
目前可用的
Helm 安装Ingress
$ helm install --name nginx-ingress --set "rbac.create=true,controller.service.externalIPs[0]=172.19.157.1,controller.service.externalIPs[1]=172.19.157.2,controller.service.e
xternalIPs[2]=172.19.157.3" stable/nginx-ingress
NAME: nginx-ingress
LAST DEPLOYED: Tue Aug 20 14:50:13 2019
NAMESPACE: default
STATUS: DEPLOYED
RESOURCES:
==> v1/ConfigMap
NAME DATA AGE
nginx-ingress-controller 1 0s
==> v1/Pod(related)
NAME READY STATUS RESTARTS AGE
nginx-ingress-controller-5f874f7bf4-nvsvv 0/1 ContainerCreating 0 0s
nginx-ingress-default-backend-6f598d9c4c-vj4v8 0/1 ContainerCreating 0 0s
==> v1/Service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
nginx-ingress-controller LoadBalancer 10.43.115.59 172.19.157.1,172.19.157.2,172.19.157.3 80:32122/TCP,443:32312/TCP 0s
nginx-ingress-default-backend ClusterIP 10.43.8.65 <none> 80/TCP 0s
==> v1/ServiceAccount
NAME SECRETS AGE
nginx-ingress 1 0s
==> v1beta1/ClusterRole
NAME AGE
nginx-ingress 0s
==> v1beta1/ClusterRoleBinding
NAME AGE
nginx-ingress 0s
==> v1beta1/Deployment
NAME READY UP-TO-DATE AVAILABLE AGE
nginx-ingress-controller 0/1 1 0 0s
nginx-ingress-default-backend 0/1 1 0 0s
==> v1beta1/PodDisruptionBudget
NAME MIN AVAILABLE MAX UNAVAILABLE ALLOWED DISRUPTIONS AGE
nginx-ingress-controller 1 N/A 0 0s
nginx-ingress-default-backend 1 N/A 0 0s
部署完成后我们可以看到
$ kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.43.0.1 <none> 443/TCP 20h
nginx-ingress-controller LoadBalancer 10.43.115.59 172.19.157.1,172.19.157.2,172.19.157.3 80:32122/TCP,443:32312/TCP 77m
nginx-ingress-default-backend ClusterIP 10.43.8.65 <none> 80/TCP 77m
$ kubectl --namespace default get services -o wide -w nginx-ingress-controller
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
nginx-ingress-controller LoadBalancer 10.43.115.59 172.19.157.1,172.19.157.2,172.19.157.3 80:32122/TCP,443:32312/TCP 77m app=nginx-ingress,component=controller,release=nginx-ingress
由于我们采用了
$ curl 127.0.0.1/
# default backend - 404
$ curl 127.0.0.1/healthz/
# 返回的是 200
后续我们如果需要创建自身的
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: nginx
name: example
namespace: foo
spec:
rules:
- host: www.example.com
http:
paths:
- backend:
serviceName: exampleService
servicePort: 80
path: /
# This section is only required if TLS is to be enabled for the Ingress
tls:
- hosts:
- www.example.com
secretName: example-tls
如果希望使用
apiVersion: v1
kind: Secret
metadata:
name: example-tls
namespace: foo
data:
tls.crt: <base64 encoded cert>
tls.key: <base64 encoded key>
type: kubernetes.io/tls
WordPress
$ helm install --name wordpress-test --set "ingress.enabled=true,persistence.enabled=false,mariadb.persistence.enabled=false" stable/wordpress
NAME: wordpress-test
...
这里我们使用
$ kubectl get ingress
NAME HOSTS ADDRESS PORTS AGE
wordpress.local-wordpress-test wordpress.local 172.19.157.1,172.19.157.2,172.19.157.3 80 59m
$ curl -I http://wordpress.local -x 127.0.0.1:80
HTTP/1.1 200 OK
Server: nginx/1.15.6
Date: Tue, 20 Aug 2019 07:55:21 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.0.27
Link: <http://wordpress.local/wp-json/>; rel="https://api.w.org/"
也可以根据
echo Username: user
echo Password: $(kubectl get secret --namespace default wordpress-test-wordpress -o jsonpath="{.data.wordpress-password}" | base64 --decode)
==> v1beta1/Role
NAME AGE
nginx-ingress 0s
==> v1beta1/RoleBinding
NAME AGE
nginx-ingress 0s
滚动升级
https://mp.weixin.qq.com/s/JX8Sw828e0Gv8ndYn3KXvQ 在
Kubernetes 中部署网站的综合指南Todos