StatefulSet 部署 MySQL
在 node1 节点
在 node 节点安装 MySQL
yum install mysql -y-
部署 MySQL StatefulSet
在
/tmp目录下创建mysql文件夹cd ~vim 11-1-mysql.yamlapiVersion: v1 kind: Service metadata: name: mysql57 labels: app: mysql spec: ports: - port: 3306 name: mysql nodePort: 30306 type: NodePort selector: app: mysql --- apiVersion: apps/v1 kind: StatefulSet metadata: name: mysql spec: selector: matchLabels: app: mysql serviceName: "mysql" replicas: 1 template: metadata: labels: app: mysql spec: terminationGracePeriodSeconds: 10 containers: - name: mysql image: registry.cn-beijing.aliyuncs.com/qingfeng666/mysql:5.7 ports: - containerPort: 3306 name: mysql volumeMounts: - name: host-path mountPath: /var/lib/mysql env: - name: MYSQL_ROOT_PASSWORD value: "password" volumes: - name: host-path hostPath: path: /tmp/mysql type: DirectoryOrCreate创建
kubectl create -f 11-1-mysql.yamlkubectl get po可以看到:NAME READY STATUS RESTARTS AGE mysql-0 0/1 ContainerCreating 0 19
-
初始化 MySQL
mysql -uroot -P30306 -h127.0.0.1 -ppassword可以看到
Welcome to the MariaDB monitor. Commands end with ; or \g. Your MySQL connection id is 2 Server version: 5.7.32 MySQL Community Server (GPL) Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MySQL [(none)]>
-
创建数据库
create database blogDB DEFAULT CHARSET utf8 COLLATE utf8_general_ci;MySQL [(none)]> create database blogDB DEFAULT CHARSET utf8 COLLATE utf8_general_ci; Query OK, 1 row affected (0.01 sec) MySQL [(none)]> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | blogDB | | mysql | | performance_schema | | sys | +--------------------+ 5 rows in set (0.01 sec) MySQL [(none)]> exit Bye
删除
cd ~
kubectl delete -f 11-1-mysql.yaml
查看
kubectl get po
可以看到
No resources found in default namespace.
重新创建
kubectl create -f 11-1-mysql.yaml
启动数据库
mysql -uroot -P30306 -h127.0.0.1 -ppassword
查看数据库
show databases;
可以看到之前创建的数据库 blogDB 还在
编写应用的 Service, Deployment 文件
在 node1 节点
vim 11-2-blog.yaml
apiVersion: v1
kind: Service
metadata:
name: kubeblog
spec:
selector:
app: kubeblog
type: NodePort
ports:
- port: 5000
targetPort: 5000
nodePort: 30002
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: kubeblog
spec:
selector:
matchLabels:
app: kubeblog
template:
metadata:
labels:
app: kubeblog
spec:
containers:
- name: kubeblog
image: registry.cn-beijing.aliyuncs.com/qingfeng666/kubeblog:1.3
resources:
limits:
memory: "512Mi"
cpu: "500m"
ports:
- containerPort: 5000
env:
- name: MYSQL_PORT
value: "30306"
- name: MYSQL_SERVER
value: "192.168.190.132"
kubectl create -f 11-2-blog.yaml
kubectl get po
NAME READY STATUS RESTARTS AGE
kubeblog-866b655bdf-v879f 1/1 Running 0 35s
mysql-0 1/1 Running 0 14m
kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubeblog NodePort 10.1.190.56 <none> 5000:30002/TCP 107s
kubernetes ClusterIP 10.1.0.1 <none> 443/TCP 15d
mysql57 NodePort 10.1.96.16 <none> 3306:30306/TCP 15m
稍等一会,等待服务启动
浏览器访问
http://192.168.190.132:30002/
可以访问到博客应用
使用私有镜像中心拉取镜像
在 master 节点
启动镜像中心
docker start artifactory-jcr
配置 vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://registry.docker-cn.com",
"https://dockerhub.azk8s.cn",
"https://reg-mirror.qiniu.com",
"http://hub-mirror.c.163.com",
"https://docker.mirrors.ustc.edu.cn"
],
"insecure-registries": ["art.local:8081","192.168.190.131:8081"]
}
重启 docker 和 kubelet
systemctl restart docker
systemctl restart kubelet
查看
docker info
可以看到
Labels:
Experimental: false
Insecure Registries:
192.168.190.131:8081
art.local:8081
127.0.0.0/8
推送镜像到镜像中心(上一篇已推送)
创建镜像仓库秘钥
kubectl create secret docker-registry regcred-local --docker-server=192.168.190.131:8081 --docker-username=admin --docker-password=password123 --docker-email=test@163.com
拉取镜像,在 master 节点或者 node 节点都可以。这里是在 node1 节点。
vim 11-3-regsecret.yaml
apiVersion: v1
kind: Service
metadata:
name: kubeblog
spec:
selector:
app: kubeblog
type: NodePort
ports:
- port: 5000
targetPort: 5000
nodePort: 30002
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: kubeblog
spec:
selector:
matchLabels:
app: kubeblog
template:
metadata:
labels:
app: kubeblog
spec:
hostAliases:
- ip: "192.168.190.131"
hostnames:
- "art.local"
containers:
- name: kubeblog
image: 192.168.190.131:8081/docker-local/kubeblog:1.0
resources:
limits:
memory: "512Mi"
cpu: "500m"
ports:
- containerPort: 5000
env:
- name: MYSQL_PORT
value: "30306"
- name: MYSQL_SERVER
value: "192.168.190.132"
imagePullSecrets:
- name: regcred-local
为博客应用进行配置分离
在 master 节点,创建 MySQL 秘钥 secret
kubectl create secret generic mysql-password-test --from-literal=MYSQL_PASSWORD_TEST=password
可以看到
secret/mysql-password-test created
在 node1 节点,登录 MySQL
mysql -h192.168.190.132 -uroot -P30306 -ppassword
创建数据库
create database blogDBTest default charset utf8mb4;
在 master 节点,在 Deployment 使用该秘钥
vim 11-4.yaml
apiVersion: v1
kind: Service
metadata:
name: kubeblog
spec:
selector:
app: kubeblog
type: NodePort
ports:
- port: 5000
targetPort: 5000
nodePort: 30002
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: kubeblog
spec:
selector:
matchLabels:
app: kubeblog
template:
metadata:
labels:
app: kubeblog
spec:
hostAliases:
- ip: "192.168.190.131"
hostnames:
- "art.local"
containers:
- name: kubeblog
image: 192.168.190.131:8081/docker-local/kubeblog:1.1
ports:
- containerPort: 5000
env:
- name: MYSQL_PORT
value: "30306"
- name: MYSQL_SERVER
value: "192.168.190.132"
- name: MYSQL_DB_NAME
value: "blogDBTest"
- name: MYSQL_USER_TEST
value: "root"
- name: MYSQL_PASSWORD_TEST
valueFrom:
secretKeyRef:
name: mysql-password-test
key: MYSQL_PASSWORD_TEST
imagePullSecrets:
- name: regcred-local
kubectl create -f 11-4.yaml
空间隔离和镜像晋级
查看命名空间
kubectl get ns
创建 test 和 prod 命名空间
kubectl create namespace test
kubectl create namespace prod
创建测试环境的秘钥
kubectl create secret generic mysql-password-test --from-literal=MYSQL_PASSWORD_TEST=password -n test
查看测试环境的秘钥
kubectl get secret -n test
可以看到
NAME TYPE DATA AGE
default-token-lwmdv kubernetes.io/service-account-token 3 3m2s
mysql-password-test Opaque 1 37s
创建测试环境的镜像仓库秘钥
kubectl create secret docker-registry regcred-local --docker-server=192.168.190.131:8081 --docker-username=admin --docker-password=password123 --docker-email=test@163.com -n test
再查看一下测试环境的秘钥
kubectl get secret -n test
可以看到
NAME TYPE DATA AGE
default-token-lwmdv kubernetes.io/service-account-token 3 6m3s
mysql-password-test Opaque 1 3m38s
regcred-local kubernetes.io/dockerconfigjson 1 3s
vim 11-5-namespace.yaml
apiVersion: v1
kind: Service
metadata:
name: kubeblog
namespace: test
spec:
selector:
app: kubeblog
type: NodePort
ports:
- port: 5000
targetPort: 5000
nodePort: 30002
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: kubeblog
namespace: test
spec:
selector:
matchLabels:
app: kubeblog
template:
metadata:
labels:
app: kubeblog
spec:
hostAliases:
- ip: "192.168.190.131"
hostnames:
- "art.local"
containers:
- name: kubeblog
image: 192.168.190.131:8081/docker/kubeblog:1.1
ports:
- containerPort: 5000
env:
- name: MYSQL_PORT
value: "30306"
- name: MYSQL_SERVER
value: "192.168.190.132"
- name: MYSQL_DB_NAME
value: "blogDBTest"
- name: MYSQL_USER_TEST
value: "root"
- name: MYSQL_PASSWORD_TEST
valueFrom:
secretKeyRef:
name: mysql-password-test
key: MYSQL_PASSWORD_TEST
imagePullSecrets:
- name: regcred-local
kubectl create -f 11-5-namespace.yaml
kubectl get po
NAME READY STATUS RESTARTS AGE
mysql-0 1/1 Running 3 5d3h
kubectl get po -n test
NAME READY STATUS RESTARTS AGE
kubeblog-747688d947-zggcl 1/1 Running 0 14m
浏览器访问:http://192.168.190.132:30002/
