本文将介绍在kubernetes环境中部署一套php应用系统。前端web采用nginx、中间件php以fastcgi的方式运行,后台数据库由mysql主从提供支撑。 各服务组件之间的调用采用dns解析服务名的方式进行,数据和配置文件持久化采用hostPath。
一、通过dockerfile创建php镜像文件
# cat dockerfile
FROM docker.io/openshift/base-centos7:latest
MAINTAINER feiyu "akwangj@126.com"
RUN yum makecache
RUN yum -y install php-fpm php php-gd php-mysql php-mbstring php-xml php-mcrypt php-imap php-odbc php-pear php-xmlrpc
RUN sed -i 's/listen = 127.0.0.1:9000/listen = 0.0.0.0:9000/' /etc/php-fpm.d/www.conf
RUN sed -i 's/listen.allowed_clients = 127.0.0.1/;listen.allowed_clients = 127.0.0.1/' /etc/php-fpm.d/www.conf
EXPOSE 9000
CMD ["/sbin/php-fpm"]
# docker build -t php:0.1 .
二、部署php
# cat php-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: php-server
labels:
name: php-server
spec:
replicas: 1
selector:
matchLabels:
app: php-server
template:
metadata:
labels:
app: php-server
spec:
containers:
- name: php-server
image: php:0.1
volumeMounts:
- mountPath: /var/www/html/
name: nginx-data
ports:
- containerPort: 9000
volumes:
- name: nginx-data
hostPath:
path: /root/k8s/nmp/html
# cat php-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: php
spec:
ports:
- name: php
port: 9000
protocol: TCP
targetPort: 9000
selector:
app: php-server
kubectl apply -f php-deploy.yaml -f php-svc.yaml
三、部署nginx
cat nginx-deploy.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-php
spec:
selector:
matchLabels:
app: nginx-php
replicas: 1
template:
metadata:
labels:
app: nginx-php
spec:
containers:
- name: nginx-php
image: nginx:latest
ports:
- containerPort: 80
volumeMounts:
- name: nginx-data
mountPath: /usr/share/nginx/html
- name: nginx-conf
mountPath: /etc/nginx/conf.d/
volumes:
- name: nginx-data
hostPath:
path: /root/k8s/nmp/html
- name: nginx-conf
hostPath:
path: /root/k8s/nmp/conf
cat nginx-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: nginx-php
spec:
type: NodePort
ports:
- name: nginx
port: 80
protocol: TCP
targetPort: 80
nodePort: 30003
selector:
app: nginx-php
nginx配置文件
# cat /root/k8s/nmp/conf/default.conf
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
# root html;
fastcgi_pass php:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/html/$fastcgi_script_name;
include fastcgi_params;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
kubectl apply -f nginx-deploy.yaml -f nginx-svc.yaml 网页访问phpinfo页面测试
四、部署mysql
vi mysql-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: php-mysql
labels:
app: mysql
spec:
replicas: 2
selector:
matchLabels:
app: mysql
template:
metadata:
labels:
app: mysql
spec:
containers:
- image: mysql:5.7
name: mysql
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
#kubectl create secret generic mysql-pass --from-literal=password=Passwd123
name: mysql-pass
key: password
ports:
- containerPort: 3306
name: mysql
volumeMounts:
- name: mysql-persistent-storage
mountPath: /var/lib/mysql
volumes:
- name: mysql-persistent-storage
persistentVolumeClaim:
claimName: mysql-claim
vi mysql-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: mysql
labels:
app: mysql
spec:
ports:
- port: 3306
targetPort: 3306
selector:
app: mysql
mysql> grant all privileges on *.* to 'root'@'%' identified by 'Passwd123'; Query OK, 0 rows affected, 1 warning (0.05 sec)
mysql> flush privileges; Query OK, 0 rows affected (0.04 sec)
五、下载Discuz应用部署,测试php和mysql主从的连通性 下载地址:http://www.discuz.net/thread-3796882-1-1.html
# cd /root/k8s/nmp/html
# unzip Discuz_X3.3_SC_UTF8.zip
# mv upload/* ./
通过访问网页进行部署
数据库服务器选择这里是个坑
安装成功,正常访问