前提准备:
系统:Debian 12
kubernetes: V1.28
容器运行时: containerd:V1.6.24
存储类:NFS
一:创建PVC
保证domain-admin服务数据的持久化,编写pvc.yaml (前提已经部署完成SC,实现了nfs共享存储)
1.1 提前创建好NS
kubectl create ns domain-admin
1.2 pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: domain-admin # pod name
namespace: domain-admin # pod所在的NS
spec:
accessModes:
- ReadWriteMany #权限为RWM
resources:
requests:
storage: 1Gi
storageClassName: nfs-storage #创建的sc
1.3 部署pvc
kubectl apply -f pvc.yaml
二:编写damain-admin的yaml文件
apiVersion: apps/v1
kind: Deployment
metadata:
name: domain-admin
namespace: domain-admin
spec:
replicas: 1
selector:
matchLabels:
app: domain-admin
template:
metadata:
labels:
app: domain-admin
spec:
containers:
- name: domain-admin
image: mouday/domain-admin:v1.5.25
ports:
- containerPort: 8000
volumeMounts:
- name: database-db
mountPath: /app/database
dnsPolicy: "None" # #dns策略,需要添加,否则不能访问内网的域名
dnsConfig:
nameservers: #用于域名解析的DNS服务器列表
- 10.96.0.10 # k8s内部的(默认的)
- 192.168.10.1 #内网的DNS
searches: # 用于域名搜索的DNS域名后缀,用的是pod默认的
- monitoring.svc.cluster.local
- svc.cluster.local
- cluster.local
options: # 配置其他可选DNS参数,用的是pod默认的
- name: ndots
value: "5"
volumes:
- name: localtime
hostPath:
path: /usr/share/zoneinfo/Asia/Shanghai
- name: database-db #上面创建pvc的名字
persistentVolumeClaim:
claimName: domain-admin---
apiVersion: v1
kind: Service
metadata:
name: domain-admin
namespace: domain-admin
spec:
selector:
app: domain-admin
ports:
- protocol: TCP
port: 8000
targetPort: 8000
三:部署ingress,实现域名访问
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: domain-admin-ingress
namespace: domain-admin
annotations:
kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/use-regex: "true"
nginx.ingress.kubernetes.io/rewrite-target: /
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/proxy-body-size: 8m
spec:
tls:
- hosts:
- "www.domain-admin.io" #填写的域名
secretName: " ******" #填写证书
rules:
- host: "www.domain-admin.io"
http:
paths:
- path: "/"
pathType: Prefix
backend:
service:
name: domain-admin
port:
number: 8000
四:登录访问doamin-admin
访问web页面 注:初始登录为 user:admin password:123456
项目地址:GitHub - mouday/domain-admin: Domain and SSL Cert monitor System. 域名SSL证书监测平台