1、使用helm部署MySQL、Wordpress和Harbor。
集群要提前部署部署好csi-driver-nfs,支持动态pv
1.1安装helm
安装helm文档:https://helm.sh/docs/intro/install/
github地址:https://github.com/helm/helm/releases
wget https://get.helm.sh/helm-v3.13.0-linux-amd64.tar.gz
tar -xf helm-v3.13.0-linux-amd64.tar.gz
root@k8s-master01:~/yaml# cd linux-amd64/
root@k8s-master01:~/yaml/linux-amd64# ls
LICENSE README.md helm
root@k8s-master01:~/yaml/linux-amd64# mv helm /usr/local/bin/
root@k8s-master01:~/yaml/linux-amd64# helm --help
1.2 部署mysql
参考https://artifacthub.io/packages/helm/bitnami/mysql
添加仓库
helm repo add bitnami https://charts.bitnami.com/bitnami
部署
helm install mysql \
--set auth.rootPassword=MageEdu \
--set global.storageClass=nfs-csi \
--set architecture=replication \
--set auth.database=wpdb \
--set auth.username=wpuser \
--set auth.password='magedu.com' \
--set secondary.replicaCount=1 \
--set auth.replicationPassword='replpass' \
bitnami/mysql \
-n blog
查看运行成功
root@k8s-master01:~# kubectl get pod -n blog
NAME READY STATUS RESTARTS AGE
mysql-primary-0 1/1 Running 0 7m22s
mysql-secondary-0 1/1 Running 0 7m22s
root@k8s-master01:~# kubectl get svc -n blog
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
mysql-primary ClusterIP 10.108.76.100 <none> 3306/TCP 8m9s
mysql-primary-headless ClusterIP None <none> 3306/TCP 8m9s
mysql-secondary ClusterIP 10.108.82.97 <none> 3306/TCP 8m9s
mysql-secondary-headless ClusterIP None <none> 3306/TCP 8m9s
1.3 部署wordpress
参考https://artifacthub.io/packages/helm/bitnami/wordpress
添加仓库 helm repo add bitnami https://charts.bitnami.com/bitnami
部署
helm upgrade wordpress \
--set mariadb.enabled=false \
--set externalDatabase.host=mysql-primary.blog.svc.cluster.local \
--set externalDatabase.user=wpuser \
--set externalDatabase.password='magedu.com' \
--set externalDatabase.database=wpdb \
--set externalDatabase.port=3306 \
--set persistence.storageClass=nfs-csi \
--set ingress.enabled=true \
--set ingress.ingressClassName=nginx \
--set ingress.hostname=blog.magedu.com \
--set ingress.pathType=Prefix \
--set wordpressUsername=admin \
--set wordpressPassword='abcdefg' \
--set image.registry="registry.cn-shenzhen.aliyuncs.com/luohuiwen20" \
--set image.repository=wordpress\
--set image.tag=6.3.1-debian-11-r32 \
bitnami/wordpress \
-n blog
查看
root@k8s-master01:~# kubectl get pods -n blog -owide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
mysql-primary-0 1/1 Running 0 42m 10.244.3.58 k8s-node03.luohw.com <none> <none>
mysql-secondary-0 1/1 Running 0 42m 10.244.2.53 k8s-node02 <none> <none>
wordpress-54d6bc547d-8qmqx 1/1 Running 0 3m38s 10.244.2.56 k8s-node02 <none> <none>
root@k8s-master01:~# kubectl get ingress -n blog
NAME CLASS HOSTS ADDRESS PORTS AGE
wordpress nginx blog.magedu.com 192.168.1.201 80 27m
添加hosts解析
192.168.1.201 blog.magedu.com
访问http://blog.magedu.com/wp-admin/登录
1.4 部署harbor
参考https://artifacthub.io/packages/helm/harbor/harbor
添加仓库
helm repo add harbor https://helm.goharbor.io
git clone https://github.com/iKubernetes/learning-k8s.git 克隆使用yaml文件部署harbor
cd learning-k8s/helm-examples/harbor
cat harbor-values2.yaml
expose:
type: nodePort #如何公开服务:ingress、clusterIP、nodePort或loadBalancer,其他值将被忽略并跳过服务的创建
tls:
enabled: true
certSource: auto
auto:
commonName: luo #用于生成证书的通用名称,当类型不是ingress时需要此名称
ingress:
hosts:
core: hub.magedu.com
notary: notary.magedu.com
controller: default
annotations:
kubernetes.io/ingress.class: "nginx"
ipFamily:
ipv4:
enabled: true
ipv6:
enabled: false
externalURL: https://registry.magedu.com
# 持久化存储配置部分
persistence:
enabled: true
resourcePolicy: "keep"
persistentVolumeClaim: # 定义Harbor各个组件的PVC持久卷
registry: # registry组件(持久卷)
storageClass: "nfs-csi" # 前面创建的StorageClass,其它组件同样配置
accessMode: ReadWriteMany # 卷的访问模式,需要修改为ReadWriteMany
size: 5Gi
chartmuseum: # chartmuseum组件(持久卷)
storageClass: "nfs-csi"
accessMode: ReadWriteMany
size: 5Gi
jobservice:
jobLog:
storageClass: "nfs-csi"
accessMode: ReadWriteOnce
size: 1Gi
#scanDataExports:
# storageClass: "nfs-csi"
# accessMode: ReadWriteOnce
# size: 1Gi
database: # PostgreSQl数据库组件
storageClass: "nfs-csi"
accessMode: ReadWriteMany
size: 2Gi
redis: # Redis缓存组件
storageClass: "nfs-csi"
accessMode: ReadWriteMany
size: 2Gi
trivy: # Trity漏洞扫描
storageClass: "nfs-csi"
accessMode: ReadWriteMany
size: 5Gi
harborAdminPassword: "abcdeg"
部署 helm install harbor -f ./harbor-values2.yaml harbor/harbor -n harbor
当yaml文件发生变化是使用helm upgrade 更新
helm upgrade harbor -f ./harbor-values2.yaml harbor/harbor -n harbor
root@server01:~/k8s/helm/learning-k8s/helm-examples/harbor# kubectl get svc -n harbor
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
harbor NodePort 10.97.35.42 <none> 80:30002/TCP,443:30003/TCP 90s
harbor-core ClusterIP 10.103.174.220 <none> 80/TCP 101m
harbor-database ClusterIP 10.99.144.75 <none> 5432/TCP 101m
harbor-jobservice ClusterIP 10.104.223.72 <none> 80/TCP 101m
harbor-portal ClusterIP 10.97.69.255 <none> 80/TCP 101m
harbor-redis ClusterIP 10.105.195.236 <none> 6379/TCP 101m
harbor-registry ClusterIP 10.104.241.84 <none> 5000/TCP,8080/TCP 101m
harbor-trivy ClusterIP 10.98.77.181 <none> 8080/TCP 101m
通过节点ip+nodeport访问
https://IP:30003/
删除
helm delete harbor -n harbor