接上篇,kubernate结合nginx部署service访问tomcat,上一篇已经部署了tomcat的javaweb程序,下面介绍nginx部署及与tomcat的链接
一:首先创建nginx镜像
(1)首先拉一个nginx的镜像做环境
docker pull hub.c.163.com/library/nginx:latest
(2)下载一个nginx包,修改里面的nginx.conf
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
upstream idat2_server {
server idat2server:8099; ##这个idat2server:8099是前一篇部署的javaweb程序service的入口,8099端口是在pod中访问的对内端口
}
server {
listen 80;
server_name "";
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
proxy_pass http://idat2_server/; ##此处使用上面的upstream链接
proxy_redirect default;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
注意其中upstream的配置,此处配置的是后端程序在kubernate集群部署的service入口,8099为集群对内访问端口
(3)在nginx.conf目录创建Dockerfile
FROM nginx:latest
MAINTAINER 682556
ENV WORK_PATH /etc/nginx
ENV CONF_FILE_NAME nginx.conf
RUN rm $WORK_PATH/$CONF_FILE_NAME
COPY ./$CONF_FILE_NAME $WORK_PATH/
RUN chmod a+r $WORK_PATH/$CONF_FILE_NAME
CMD ["nginx"]
(4)dokcer打包nginx
docker build -t idat2_nginx .
(5)给镜像打标签
docker tag idat2_nginx:latest 10.38.150.64:8090/library/idat2_nginx
查看镜像
(6)上传镜像到私有仓库
查看私有仓库,已经上传
二:kubernate部署nginx
之前已经部署了javaweb程序idat2,可以使用30009外部端口访问程序
接下去部署nginx对接后端
(1)首先拉取刚才制作的nginx镜像
查看nginx镜像
(2)创建nginx的deployment pod
apiVersion: apps/v1
kind: Deployment
metadata:
name: ng-deploy
spec:
replicas: 1
selector:
matchLabels:
app: ng-deploy
template:
metadata:
labels:
app: ng-deploy
spec:
containers:
- name: ng-deploy
image: 10.38.150.64:8090/library/idat2_nginx
command: ["/bin/bash", "-ce", "tail -f /dev/null"]
ports:
- containerPort: 80
nodeSelector:
accelerator: lab1
节点标签问题
此处做一个说明,nodeSelector标签。在我的kubernate集群节点,总是出现一个问题,就是在上篇idat2程序部署好之后,我去curl程序的时候,总是会出现一会能curl通,一会curl不通,此问题困扰我很久,在某次灵感乍现,发现应该是某个node的网络存在问题,在每次curl的时候,如果curl到这台node就会fail,查看了节点的网络设置,发现calico存在问题
圈出来的node1的calico网络设置一直没起来,导致出现此问题。因为对网络这块不熟,没有弄清楚该怎么处理。想到kubernate可以将节点设置label,在启动pod的时候就可以指定label启动,这样就可以绕过node1的问题。
***********************************
给节点打标签
kubectl label nodes k8node2.wux.chin.seagate.com accelerator=lab1
kubectl label nodes k8node3.wux.chin.seagate.com accelerator=lab1
在启动pod container的时候给出nodeSelector标签,这样pod启动时候只会在有lab1标签的node上启动
spec:
containers:
- name: ng-deploy
image: 10.38.150.64:8090/library/idat2_nginx
command: ["/bin/bash", "-ce", "tail -f /dev/null"]
ports:
- containerPort: 80
nodeSelector:
accelerator: lab1
***********************************
(3)创建nginx的service
apiVersion: v1
kind: Service
metadata:
name: idat2-nginx-svc
labels:
name: idat2-nginx-svc
spec:
type: NodePort
ports:
- port: 8091
name: idat2-port
targetPort: 80
protocol: TCP
nodePort: 30010
selector:
app: ng-deploy
(4)启动nginx deployment和service
kubectl apply -f idat2_nginx_deploy.yaml
kubectl apply -f idat2_nginx_svc.yaml
查看deployment和service
(5)使用30010端口访问到了tomcat,成功!