更新时间:2023年4月
文章目录
简介
Wordpress 是一个博客系统,程序使用 PHP 语言,并以 MySQL 为数据库。本文将在 kubernetes 上部署 Wordpress 系统,实现 一个简单的 PHP 应用程序部署示例(Nginx–PHP–ProxySQL–MySQL)
注:数据库将使用之前创建的 MySQL 数据库
参考
Wordpress 官网:Blog Tool, Publishing Platform, and CMS – WordPress.org
Wordpress 下载地址:Release Archive – WordPress.org
部署 Wordpress
Namespace
$ vim ns-wordpress.yaml
---
apiVersion: v1
kind: Namespace
metadata:
name: wordpress
应用声明
$ kubectl apply -f ns-wordpress.yaml
StorageClass
$ vim sc-nfs.yaml
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: sc-nfs
provisioner: k8s-sigs.io/nfs-subdir-external-provisioner
# 回收策略此处使用 删除,实验环境方便测试
reclaimPolicy: Delete
mountOptions:
- soft
- nfsvers=4.2
- noatime # 访问文件时不更新文件 inode 中的时间戳,高并发环境可提高性能
parameters:
# 根据 PVC 的namespace 和 PVC 名称来生成路径
pathPattern: "${.PVC.namespace}/${.PVC.name}"
archiveOnDelete: "true"
应用声明
$ kubectl apply -f sc-nfs.yaml
PVC
$ vim pvc-wordpress.yaml
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: pvc-wordpress
namespace: wordpress
spec:
storageClassName: sc-nfs
accessModes:
- ReadWriteMany # 访问权限
resources:
requests:
storage: 100Mi # 空间大小
应用声明
$ kubectl apply -f pvc-wordpress.yaml
ConfigMap
创建 Nginx 配置
创建配置存放目录
$ mkdir -p ./nginx-config
创建 Nginx 主配置文件 nginx.conf
,后续将通过 ConfigMap 挂载到容器中/etc/nginx/nginx.conf
$ vim ./nginx-config/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format access_json escape=json '{'
'"@timestamp":"$time_iso8601",'
'"server_addr":"$server_addr",'
'"remote_addr":"$remote_addr",'
'"body_bytes_sent":"$body_bytes_sent",'
'"request_time":"$request_time",'
'"upstream_response_time":"$upstream_response_time",'
'"upstream_addr":"$upstream_addr",'
'"uri":"$uri",'
'"http_x_forwarded_for":"$http_x_forwarded_for",'
'"http_referer":"$http_referer",'
'"proxy_protocol_addr":"$proxy_protocol_addr",'
'"http_user_agent":"$http_user_agent",'
'"status":"$status"'
'}';
access_log /var/log/nginx/access.log access_json;
# 隐藏版本号
server_tokens off;
# 网络相关设置
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
# 客户端上传的 body 的最大值
client_max_body_size 10m;
# 开启压缩
gzip on;
sendfile on;
types_hash_max_size 4096;
# 包含 wordpress 的配置
include /etc/nginx/conf.d/wordpress/*.conf;
}
创建 Nginx 虚拟主机配置文件 server.conf
,后续将通过 ConfigMap挂载到容器中/etc/nginx/conf.d//server.conf
$ vim ./nginx-config/server.conf
server {
listen 80;
root /var/www/html;
index index.php index.htm index.html;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
expires max;
log_not_found off;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
通过 Nginx 配置生成 ConfigMap
$ kubectl create configmap nginx-config --from-file=./nginx-config --namespace wordpress
Deployment
一个 init 容器
download-wordpress
:用于下载wordpress
文件
两个业务容器
nginx
:WEB 容器php-fpm
:下载 wordpress 的依赖。设置wordpress
文件的权限为php-fpm
默认的用户(nfs 需要设置权限no_root_squash
或允许匿名用户修改权限)。运行 wordpress
$ vim deploy-wordpress.yaml
---
kind: Deployment
apiVersion: apps/v1
metadata:
labels:
app: wordpress
app.kubernetes.io/name: wordpress
name: wordpress
namespace: wordpress
spec:
replicas: 1
selector:
matchLabels:
app: wordpress
app.kubernetes.io/name: wordpress
template:
metadata:
labels:
app: wordpress
app.kubernetes.io/name: wordpress
spec:
initContainers:
### init 容器
- name: init-wordpress
image: busybox:1.36.0
imagePullPolicy: IfNotPresent
env:
- name: WORDPRESS_URL
value: "https://wordpress.org/wordpress-6.2.tar.gz"
volumeMounts:
- name: wordpress-files
mountPath: /var/www/html
readOnly: false
command:
- "/bin/sh"
- "-c"
- |
wget -qO- ${WORDPRESS_URL} | tar zxf - -C /var/www/html --strip-components=1
containers:
- name: nginx
image: nginx:1.24.0
env:
# 设置时区
- name: TZ
value: "Asia/Shanghai"
ports:
- containerPort: 80
volumeMounts:
- name: wordpress-files
mountPath: /var/www/html
# 挂载配置 (configmap)
- name: nginx-config-main
mountPath: "/etc/nginx/nginx.conf"
# 使用 subPath,防止覆盖其他的文件
subPath: nginx.conf
- name: nginx-config-vhost
mountPath: "/etc/nginx/conf.d/wordpress/"
### 业务容器 php-fpm
- name: php-fpm
image: php:8.2-fpm
imagePullPolicy: IfNotPresent
env:
# 设置时区
- name: TZ
value: "Asia/Shanghai"
volumeMounts:
- name: wordpress-files
mountPath: /var/www/html
readOnly: false
command:
- "/bin/sh"
- "-c"
- |
# 修改权限
chown -R www-data:www-data /var/www/html
# 使用国内源
mv /etc/apt/sources.list /etc/apt/sources.list.bak
cat > /etc/apt/sources.list << EOF
deb https://mirrors.aliyun.com/debian/ bullseye main non-free contrib
deb-src https://mirrors.aliyun.com/debian/ bullseye main non-free contrib
deb https://mirrors.aliyun.com/debian-security/ bullseye-security main
deb-src https://mirrors.aliyun.com/debian-security/ bullseye-security main
deb https://mirrors.aliyun.com/debian/ bullseye-updates main non-free contrib
deb-src https://mirrors.aliyun.com/debian/ bullseye-updates main non-free contrib
deb https://mirrors.aliyun.com/debian/ bullseye-backports main non-free contrib
deb-src https://mirrors.aliyun.com/debian/ bullseye-backports main non-free contrib
EOF
# 安装依赖参考 https://hub.docker.com/_/wordpress
savedAptMark="$(apt-mark showmanual)"
apt-get update; apt-get install -y --no-install-recommends libfreetype6-dev libicu-dev libjpeg-dev libmagickwand-dev libpng-dev libwebp-dev libzip-dev wget
docker-php-ext-configure gd --with-freetype --with-jpeg --with-webp
docker-php-ext-install -j "$(nproc)" bcmath exif gd intl mysqli zip
pecl install imagick-3.6.0
docker-php-ext-enable imagick
rm -r /tmp/pear
out="$(php -r 'exit(0);')"
[ -z "$out" ]
err="$(php -r 'exit(0);' 3>&1 1>&2 2>&3)"
[ -z "$err" ]
extDir="$(php -r 'echo ini_get("extension_dir");')"
[ -d "$extDir" ]
apt-mark auto '.*' > /dev/null
apt-mark manual $savedAptMark
ldd "$extDir"/*.so | awk '/=>/ { print $3 }' | sort -u | xargs -r dpkg-query -S | cut -d: -f1 | sort -u | xargs -rt apt-mark manual
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false
rm -rf /var/lib/apt/lists/*
! { ldd "$extDir"/*.so | grep 'not found'; }
err="$(php --version 3>&1 1>&2 2>&3)"
[ -z "$err" ]
# 调用原本的 ENTRYPOINT
docker-php-entrypoint php-fpm
# 声明卷
volumes:
- name: wordpress-files
persistentVolumeClaim:
claimName: pvc-wordpress
# 声明 configmap 挂载
- name: nginx-config-main
configMap:
name: nginx-config
items:
- key: "nginx.conf"
path: "nginx.conf"
- name: nginx-config-vhost
configMap:
name: nginx-config
items:
- key: "server.conf"
path: "server.conf"
应用声明
$ kubectl apply -f deploy-wordpress.yaml
Service
$ vim svc-wordpress.yaml
---
kind: Service
apiVersion: v1
metadata:
labels:
app: wordpress
app.kubernetes.io/name: wordpress
name: svc-wordpress
namespace: wordpress
spec:
type: NodePort
ports:
- name: http
port: 80
protocol: TCP
targetPort: 80
nodePort: 30031
selector:
app: wordpress
app.kubernetes.io/name: wordpress
应用声明
$ kubectl apply -f svc-wordpress.yaml
配置
配置数据库
配置 MySQL
# 创建一个临时 pod,作为 mysql 客户端
$ kubectl run -it --rm=true --image="registry.cn-hangzhou.aliyuncs.com/kmust/xtrabackup:8.0.32-26-1.generic" -n mysql-xtra mysql-cli
# 连接 mysql
$ mysql -uroot -p'qwert123..' -h mysql-xtra-0.hs-mysql
# 创建 wordpress 使用的数据库
mysql> CREATE DATABASE wordpress;
# 创建 wordpress 使用的用户并授权
mysql> CREATE USER "wordpress"@"172.20.%.%" IDENTIFIED WITH mysql_native_password BY 'wordpress';
mysql> GRANT ALL PRIVILEGES ON wordpress.* TO "wordpress"@"172.20.%.%" WITH GRANT OPTION;
# 刷新权限
mysql> FLUSH PRIVILEGES;
配置 ProxySQL
创建代理用户
# 进入 ProxySQL 实例
$ kubectl exec -it proxysql-667c7d6c55-ctw7c -n mysql-xtra -- bash
# 连接 ProxySQL 管理界面
$ mysql -u'admin' -p'admin' -h'127.0.0.1' -P6032 --prompt 'ProxySQL Admin> '
配置 ProxySQL 连接到 MySQL 的 MySQL 用户,该用户同时也是客户端连接到 ProxySQL 的用户,配置默认为写组
# 配置 MySQL 用户
ProxySQL Admin> INSERT INTO mysql_users(username,password,default_hostgroup) VALUES ('wordpress','wordpress',10);
# 查看用户信息
ProxySQL Admin> SELECT * FROM mysql_users;
加载、持久化 MySQL 用户配置
# 加载配置
ProxySQL Admin> LOAD MYSQL USERS TO RUNTIME;
# 持久化配置
ProxySQL Admin> SAVE MYSQL USERS TO DISK;
测试连接是否正常
# 在 wordpress 创建一个新的临时 mysql client pod
$ kubectl run -it --rm=true --image="registry.cn-hangzhou.aliyuncs.com/kmust/xtrabackup:8.0.32-26-1.generic" -n wordpress mysql-cli
$ mysql -u'wordpress' -p'wordpress' -h'svc-proxysql.mysql-xtra' -P6033
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| performance_schema |
| wordpress |
+--------------------+
3 rows in set (0.00 sec)
配置 Wordpress
登录 wordpress 页面,URL:http://192.168.111.184:30031/
选择语言
开始配置
配置数据库信息
配置站点信息
配置成功
登录
登录成功
其他检查
检查数据库是否创建了 Wordpress 相关数据表
# 运行一个 MySQL 客户端
$ kubectl run -it --rm=true --image="registry.cn-hangzhou.aliyuncs.com/kmust/xtrabackup:8.0.32-26-1.generic" -n wordpress mysql-cli
# 登录数据库
[root@mysql-cli /]# mysql -u'wordpress' -p'wordpress' -h'svc-proxysql.mysql-xtra' -P6033
# 进入数据库 wordpress
mysql> use wordpress;
# 查看数据表
mysql> show tables;
+-----------------------+
| Tables_in_wordpress |
+-----------------------+
| wp_commentmeta |
| wp_comments |
| wp_links |
| wp_options |
| wp_postmeta |
| wp_posts |
| wp_term_relationships |
| wp_term_taxonomy |
| wp_termmeta |
| wp_terms |
| wp_usermeta |
| wp_users |
+-----------------------+