(1条消息) k8s搭建一个基于ingress,service,pv,pvc,deployment等的nginx项目_kali_yao的博客-CSDN博客
上面的nginx与php服务部署简单但是弹性阔容比较麻烦,要把nginx和php一起阔容;这里就把nginx和php从一个pod中剥离出来;但是由于php负载较高,所以这里还加了HPA控制器(弹性伸缩),但是在配置文件中要指定服务IP与端口,但是容器的ip是会变的不好掌控(如下图指定),这里就起一个php服务,后端php直接指定php服务,nginx解析就可以直接找php服务ip了
弹性云架构图解
架构解析
NFS
提供存储,负责存储网站的页面(需要编写pv 和pvc资源文件)
PHP弹性集群
负责解析动态网址(需要编写deploy和hpa,service资源文件,configmap)
Nginx集群
负责解析静态页面,提供网页服务(需要编写deploy资源文件和configmap)
Ingress
对外发布网站,提供集群外访问路由(需要编写ingress资源文件)
configmap内修改的内容如下图:
资源文件书写与创建服务
# 资源文件书写,需要做一个nginx和php镜像也可以下nginx和php镜像 ~]# vim nginx.yaml --- kind: PersistentVolume apiVersion: v1 metadata: name: pv-nfs spec: volumeMode: Filesystem capacity: storage: 30Gi accessModes: - ReadWriteOnce - ReadOnlyMany - ReadWriteMany persistentVolumeReclaimPolicy: Retain nfs: server: 192.168.1.100 path: /var/webroot --- kind: PersistentVolumeClaim apiVersion: v1 metadata: name: pvc-nfs spec: volumeMode: Filesystem accessModes: - ReadWriteMany resources: requests: storage: 25Gi --- kind: ConfigMap apiVersion: v1 metadata: name: php-conf data: www.conf: "; Start a new pool named 'www'.\n[www]\n\n; The address on which to accept FastCGI requests.\n; Valid syntaxes are:\n; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on\n; a specific port;\n; 'port' - to listen on a TCP socket to all addresses on a\n; specific port;\n; '/path/to/unix/socket' - to listen on a unix socket.\n; Note: This value is mandatory.\nlisten = 0.0.0.0:9000\n\n; Set listen(2) backlog. A value of '-1' means unlimited.\n; Default Value: -1\n;listen.backlog = -1\n \n; List of ipv4 addresses of FastCGI clients which are allowed to connect.\n; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original\n; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address\n; must be separated by a comma. If this value is left blank, connections will be\n; accepted from any ip address.\n; Default Value: any\n; listen.allowed_clients = 127.0.0.1\n\n; Set permissions for unix socket, if one is used. In Linux, read/write\n; permissions must be set in order to allow connections from a web server. Many\n; BSD-derived systems allow connections regardless of permissions. \n; Default Values: user and group are set as the running user\n; mode is set to 0666\n;listen.owner = nobody\n;listen.group = nobody\n;listen.mode = 0666\n\n; Unix user/group of processes\n; Note: The user is mandatory. If the group is not set, the default user's group\n; will be used.\n; RPM: apache Choosed to be able to access some dir as httpd\nuser = apache\n; RPM: Keep a group allowed to write in log dir.\ngroup = apache\n\n; Choose how the process manager will control the number of child processes.\n; Possible Values:\n; static - a fixed number (pm.max_children) of child processes;\n; dynamic - the number of child processes are set dynamically based on the\n; following directives:\n; pm.max_children \ - the maximum number of children that can\n; be alive at the same time.\n; pm.start_servers - the number of children created on startup.\n; pm.min_spare_servers - the minimum number of children in 'idle'\n; state (waiting to process). If the number\n; of 'idle' processes is less than this\n; number then some children will be created.\n; pm.max_spare_servers - the maximum number of children in 'idle'\n; state (waiting to process). If the number\n; of 'idle' processes is greater than this\n; number then some children will be killed.\n; Note: This value is mandatory.\npm = dynamic\n\n; The number of child processes to be created when pm is set to 'static' and the\n; maximum number of child processes to be created when pm is set to 'dynamic'.\n; This value sets the limit on the number of simultaneous requests that will be\n; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.\n; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP\n; CGI.\n; Note: Used when pm is set to either 'static' or 'dynamic'\n; Note: This value is mandatory.\npm.max_children = 50\n\n; The number of child processes created on startup.\n; Note: Used only when pm is set to 'dynamic'\n; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2\npm.start_servers = 5\n\n; The desired minimum number of idle server processes.\n; Note: Used only when pm is set to 'dynamic'\n; Note: Mandatory when pm is set to 'dynamic'\npm.min_spare_servers = 5\n\n; The desired maximum number of idle server processes.\n; Note: Used only when pm is set to 'dynamic'\n; Note: Mandatory when pm is set to 'dynamic'\npm.max_spare_servers = 35\n \n; The number of requests each child process should execute before respawning.\n; This can be useful to work around memory leaks in 3rd party libraries. For\n; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.\n; Default Value: 0\n;pm.max_requests = 500\n\n; The URI to view the FPM status page. If this value is not set, no URI will be\n; recognized as a status page. By default, the status page shows the following\n; information:\n; accepted conn - the number of request accepted by the pool;\n; pool - the name of the pool;\n; process manager - static or dynamic;\n; idle processes - the number of idle processes;\n; active processes - the number of active processes;\n; \ total processes - the number of idle + active processes.\n; The values of 'idle processes', 'active processes' and 'total processes' are\n; updated each second. The value of 'accepted conn' is updated in real time.\n; Example output:\n; \ accepted conn: 12073\n; pool: www\n; process manager: static\n; \ idle processes: 35\n; active processes: 65\n; total processes: 100\n; By default the status page output is formatted as text/plain. Passing either\n; 'html' or 'json' as a query string will return the corresponding output\n; syntax. Example:\n; http://www.foo.bar/status\n; http://www.foo.bar/status?json\n; \ http://www.foo.bar/status?html\n; Note: The value must start with a leading slash (/). The value can be\n; anything, but it may not be a good idea to use the .php extension or it\n; may conflict with a real PHP file.\n; Default Value: not set \n;pm.status_path = /status\n \n; The ping URI to call the monitoring page of FPM. If this value is not set, no\n; URI will be recognized as a ping page. This could be used to test from outside\n; that FPM is alive and responding, or to\n; - create a graph of FPM availability (rrd or such);\n; - remove a server from a group if it is not responding (load balancing);\n; - trigger alerts for the operating team (24/7).\n; Note: The value must start with a leading slash (/). The value can be\n; anything, but it may not be a good idea to use the .php extension or it\n; may conflict with a real PHP file.\n; Default Value: not set\n;ping.path = /ping\n\n; This directive may be used to customize the response of a ping request. The\n; response is formatted as text/plain with a 200 response code.\n; Default Value: pong\n;ping.response = pong\n \n; The timeout for serving a single request after which the worker process will\n; be killed. This option should be used when the 'max_execution_time' ini option\n; does not stop script execution for some reason. A value of '0' means 'off'.\n; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)\n; Default Value: 0\n;request_terminate_timeout = 0\n \n; The timeout for serving a single request after which a PHP backtrace will be\n; dumped to the 'slowlog' file. A value of '0s' means 'off'.\n; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)\n; Default Value: 0\n;request_slowlog_timeout = 0\n \n; The log file for slow requests\n; Default Value: not set\n; Note: slowlog is mandatory if request_slowlog_timeout is set\nslowlog = /var/log/php-fpm/www-slow.log\n \n; Set open file descriptor rlimit.\n; Default Value: system defined value\n;rlimit_files = 1024\n \n; Set max core size rlimit.\n; Possible Values: 'unlimited' or an integer greater or equal to 0\n; Default Value: system defined value\n;rlimit_core = 0\n \n; Chroot to this directory at the start. This value must be defined as an\n; absolute path. When this value is not set, chroot is not used.\n; Note: chrooting is a great security feature and should be used whenever \n; possible. However, all PHP paths will be relative to the chroot\n; (error_log, sessions.save_path, ...).\n; Default Value: not set\n;chroot = \n \n; Chdir to this directory at the start. This value must be an absolute path.\n; Default Value: current directory or / when chroot\n;chdir = /var/www\n \n; Redirect worker stdout and stderr into main error log. If not set, stdout and\n; stderr will be redirected to /dev/null according to FastCGI specs.\n; Default Value: no\n;catch_workers_output = yes\n \n; Limits the extensions of the main script FPM will allow to parse. This can\n; prevent configuration mistakes on the web server side. You should only limit\n; FPM to .php extensions to prevent malicious users to use other extensions to\n; exectute php code.\n; Note: set an empty value to allow all extensions.\n; Default Value: .php\n;security.limit_extensions = .php .php3 .php4 .php5\n\n; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from\n; the current environment.\n; Default Value: clean env\n;env[HOSTNAME] = $HOSTNAME\n;env[PATH] = /usr/local/bin:/usr/bin:/bin\n;env[TMP] = /tmp\n;env[TMPDIR] = /tmp\n;env[TEMP] = /tmp\n\n; Additional php.ini defines, specific to this pool of workers. These settings\n; overwrite the values previously defined in the php.ini. The directives are the\n; same as the PHP SAPI:\n; php_value/php_flag \ - you can set classic ini defines which can\n; be overwritten from PHP call 'ini_set'. \n; php_admin_value/php_admin_flag - these directives won't be overwritten by\n; PHP call 'ini_set'\n; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.\n\n; Defining 'extension' will load the corresponding shared extension from\n; extension_dir. Defining 'disable_functions' or 'disable_classes' will not\n; overwrite previously defined php.ini values, but will append the new value\n; instead.\n\n; Default Value: nothing is defined by default except the values in php.ini and\n; specified at startup with the -d argument\n;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com\n;php_flag[display_errors] = off\nphp_admin_value[error_log] = /var/log/php-fpm/www-error.log\nphp_admin_flag[log_errors] = on\n;php_admin_value[memory_limit] = 128M\n\n; Set session path to a directory owned by process user\nphp_value[session.save_handler] = files\nphp_value[session.save_path] = /var/lib/php/session\n\n" --- kind: Deployment apiVersion: apps/v1 metadata: name: php-deploy spec: selector: matchLabels: app: myphp replicas: 1 template: metadata: labels: app: myphp spec: volumes: - name: php-conf configMap: name: php-conf - name: website persistentVolumeClaim: claimName: pvc-nfs containers: - name: php-fpm image: 192.168.1.100:5000/myos:php-fpm volumeMounts: - name: php-conf subPath: www.conf mountPath: /etc/php-fpm.d/www.conf - name: website mountPath: /usr/local/nginx/html ports: - protocol: TCP containerPort: 9000 resources: requests: cpu: 200m restartPolicy: Always --- kind: HorizontalPodAutoscaler apiVersion: autoscaling/v1 metadata: name: myphp spec: minReplicas: 1 maxReplicas: 5 scaleTargetRef: apiVersion: apps/v1 kind: Deployment name: php-deploy targetCPUUtilizationPercentage: 50 --- apiVersion: v1 kind: Service metadata: name: phpbackend spec: ports: - protocol: TCP port: 9000 targetPort: 9000 selector: app: myphp type: ClusterIP --- kind: ConfigMap apiVersion: v1 metadata: name: nginx-conf data: nginx.conf: |2 #user nobody; worker_processes 1; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; server { listen 80; server_name localhost; #charset koi8-r; #access_log logs/host.access.log main; location / { root html; index index.html index.htm; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # location ~ \.php$ { root html; fastcgi_pass phpbackend:9000; fastcgi_index index.php; include fastcgi.conf; } # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # location / { # root html; # index index.html index.htm; # } #} # HTTPS server # #server { # listen 443 ssl; # server_name localhost; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # ssl_session_cache shared:SSL:1m; # ssl_session_timeout 5m; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on; # location / { # root html; # index index.html index.htm; # } #} } --- kind: Deployment apiVersion: apps/v1 metadata: name: webcluster spec: selector: matchLabels: app: mynginx replicas: 3 template: metadata: labels: app: mynginx spec: volumes: - name: nginx-php configMap: name: nginx-conf - name: log-data hostPath: path: /var/log/weblog type: DirectoryOrCreate - name: website persistentVolumeClaim: claimName: pvc-nfs containers: - name: nginx image: 192.168.1.100:5000/myos:nginx volumeMounts: - name: nginx-php subPath: nginx.conf mountPath: /usr/local/nginx/conf/nginx.conf - name: log-data mountPath: /usr/local/nginx/logs - name: website mountPath: /usr/local/nginx/html ports: - protocol: TCP containerPort: 80 restartPolicy: Always --- apiVersion: v1 kind: Service metadata: name: webforeground spec: ports: - protocol: TCP port: 80 targetPort: 80 selector: app: mynginx type: ClusterIP --- apiVersion: extensions/v1beta1 kind: Ingress metadata: name: webcluster annotations: kubernetes.io/ingress.class: "nginx" spec: backend: serviceName: webforeground servicePort: 80 # 添加 ~]# kubctl apply -f nginx.yaml