kubernetes 部署 HTTPS-jpress项目
作者:互联网
要求
1. 部署jpress # https
2. 网站打开就有类容
3. 数据持久?
1. 部署jpress
1. 上传jpress代码
rz
2. 解压jpress代码
unzip jpress-v3.2.5.war
4. 重新打war包 (需要jdk环境)
cd jpress-v3.2.5
jar -cvf ROOT.war ./*
5. 修改Dockerfile
vim /opt/jpress/Dockerfile
FROM hub.c.163.com/library/tomcat
MAINTAINER 422943135@qq.com
RUN rm -rf /usr/local/tomcat/webapps/ROOT
COPY ROOT.war /usr/local/tomcat/webapps/
6. 制作镜像
docker build -t 172.16.0.24:180/public/jpress:v2 .
7. 启动镜像 初始化
docker run -d -p 8888:8080 172.16.0.24:180/public/jpress:v2
# 访问测试
MySQL 操作(MySQL不在集群内)
1.安装依赖
yum install -y ncurses-devel libaio-devel gcc gcc-c++ glibc cmake autoconf openssl openssl-devel
2.解压包
tar xf mysql-5.6.46-linux-glibc2.12-x86_64.tar.gz
3.创建自定义目录
mkdir /service
4.移动目录并做软连接
mv mysql-5.6.46-linux-glibc2.12-x86_64 /service/
ln -s /service/mysql-5.6.46-linux-glibc2.12-x86_64 /service/mysql
5.创建用户
useradd mysql -s /sbin/nologin -M
6.拷贝配置文件和启动脚本
cd /service/mysql/support-files/
cp my-default.cnf /etc/my.cnf
cp: overwrite '/etc/my.cnf'? y
# 主库配置文件
vim /etc/my.cnf
[mysqld]
basedir = /service/mysql
datadir = /service/mysql/data
port=mysql
server_id=1
skip_name_resolve
log_err=/service/mysql/data/mysql.err
log_bin=/service/mysql/data/mysql-bin
cp mysql.server /etc/init.d/mysqld
7.初识化3306数据库
cd /service/mysql/scripts/
./mysql_install_db --user=mysql --basedir=/service/mysql --datadir=/service/mysql/data
8.配置system管理mysql
vim /usr/lib/systemd/system/mysqld.service
[Unit]
Description=MySQL Server
Documentation=man:mysqld(8)
Documentation=https://dev.mysql.com/doc/refman/en/using-systemd.html
After=network.target
After=syslog.target
[Install]
WantedBy=multi-user.target
[Service]
User=mysql
Group=mysql
ExecStart=/service/mysql/bin/mysqld --defaults-file=/etc/my.cnf
LimitNOFILE = 5000
systemctl daemon-reload
systemctl start mysqld
9.配置环境变量
vim /etc/profile.d/mysql.sh
export PATH=/service/mysql/bin:$PATH
source /etc/profile
# 登录数据库
mysql> create database jpress;
mysql> grant all on *.* to lyw@'172.16.0.%' identified by '123';
2. 配置jpress镜像资源
7.上传镜像到仓库
docker push 172.16.0.24:180/public/jpress:v2
# master 启动启用jpress:v2镜像
vim jpressv2.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
appname: jpressv
name: jpress-v3
spec:
replicas: 1
selector:
matchLabels:
appname: jpressv
template:
metadata:
labels:
appname: jpressv
spec:
containers:
- image: 172.16.0.24:180/public/jpress:v2
name: jpressv
ports:
- containerPort: 8080
imagePullSecrets:
- name: login
# 启动
kubectl apply -f jpressv2.yaml
# 映射端口
kubectl expose deployment jpress-v2 --port=8080 --type=NodePort
# 查看端口
kubectget svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
jpress-v2 NodePort 10.96.91.253 <none> 8080:21349/TCP 41s
# 发布文章
3. 打包jpress 代码包重新制作镜像 并使用HTTPS
# node节点复制代码
[root@kubernetes-node-01 tmp]# docker cp 01723ee49640:/usr/local/tomcat/webapps/ROOT/ /opt
# 发送代码到harbor服务器
[root@kubernetes-node-01 opt]# scp -r ROOT root@172.16.0.24:/opt
# 删除原来代码
[root@kubernetes-lb jpress]# rm -rf ROOT.war
# 重新打包代码
[root@kubernetes-lb ROOT]# jar -cvf ROOT.war ./*
[root@kubernetes-lb opt]# mv ROOT/ROOT.war jpress/
# 制作镜像
[root@kubernetes-lb jpress]# docker build -t 172.16.0.24:180/public/jpress:v5 .
[root@kubernetes-lb jpress]# docker push 172.16.0.24:180/public/jpress:v5
# 配置https
# 自签证书
openssl genrsa -out tls.key 2048
openssl req -new -x509 -key tls.key -out tls.crt -subj /C=CN/ST=ShangHai/L=ShangHai/O=Ingress/CN=www.jpres.com
# 上传集群
kubectl -n default create secret tls ingress-tls --cert=tls.crt --key=tls.key
# 查看
kubectl get secrets
[root@kubernetes-master-01 ~]# kubectl get secrets
NAME TYPE DATA AGE
default-token-jzqnf kubernetes.io/service-account-token 3 8h
ingress-tls kubernetes.io/tls 2 14m
login kubernetes.io/dockerconfigjson 1 8h
[root@kubernetes-master-01 ~]# vim www.jpressv2.yaml
kind: Deployment
apiVersion: apps/v1
metadata:
name: ingress-jpress
namespace: default
labels:
app: deployment
spec:
replicas: 1
selector:
matchLabels:
app: pod
template:
metadata:
labels:
app: pod
spec:
containers:
- name: ingress-pod
image: 172.16.0.24:180/public/jpress:v5
imagePullPolicy: IfNotPresent
ports:
- containerPort: 8080
name: http
---
kind: Service
apiVersion: v1
metadata:
name: jpress-service
namespace: default
labels:
app: svc
spec:
type: ClusterIP
selector:
app: pod
ports:
- port: 8080
targetPort: 8080
name: http
---
kind: Ingress
apiVersion: extensions/v1beta1
metadata:
name: ingress-ingress
namespace: default
annotations:
kubernetes.io/ingress.class: "nginx"
spec:
tls:
- secretName: tls
rules:
- host: www.jpress.com
http:
paths:
- path: /
backend:
serviceName: jpress-service
servicePort: 8080
# 启动
[root@kubernetes-master-01 ~]# kubectl apply -f jpressv2.yaml
deployment.apps/jpress-v3 created
service/jpress-v3 created
[root@kubernetes-master-01 ~]# kubectl get pods,svc
[root@kubernetes-master-01 ~]# kubectl get pods,svc
NAME READY STATUS RESTARTS AGE
pod/ingress-jpress-67df46bfb-rrpwn 1/1 Running 0 6m17s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/jpress-service ClusterIP 10.96.48.220 <none> 8080/TCP 6m17s
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 9h
[root@kubernetes-master-01 ~]# kubectl get svc -n ingress-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx-controller NodePort 10.96.190.176 <none> 80:44888/TCP,443:25838/TCP 7m15s
ingress-nginx-controller-admission ClusterIP 10.96.237.57 <none> 443/TCP 7m15s
# 访问
标签:ingress,kubernetes,service,jpress,HTTPS,mysql,root 来源: https://www.cnblogs.com/jojoblog/p/13710813.html