架构图:
示例:
[root@master ~]# cat webcluster.yaml --- kind: PersistentVolume apiVersion: v1 metadata: name: pv-nfs spec: volumeMode: Filesystem capacity: storage: 30Gi accessModes: - ReadWriteOnce - ReadOnlyMany - ReadWriteMany persistentVolumeReclaimPolicy: Retain nfs: server: 192.168.1.100 path: /var/webroot --- kind: PersistentVolumeClaim apiVersion: v1 metadata: name: pvc-nfs spec: volumeMode: Filesystem accessModes: - ReadWriteMany resources: requests: storage: 25Gi --- kind: ConfigMap apiVersion: v1 metadata: name: nginx-conf data: nginx.conf: |2 #user nobody; worker_processes 1; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; server { listen 80; server_name localhost; #charset koi8-r; #access_log logs/host.access.log main; location / { root html; index index.html index.htm; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # location ~ \.php$ { root html; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi.conf; } # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # location / { # root html; # index index.html index.htm; # } #} # HTTPS server # #server { # listen 443 ssl; # server_name localhost; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # ssl_session_cache shared:SSL:1m; # ssl_session_timeout 5m; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on; # location / { # root html; # index index.html index.htm; # } #} } --- kind: Deployment apiVersion: apps/v1 metadata: name: webnginx spec: selector: matchLabels: myapp: nginx replicas: 3 template: metadata: labels: myapp: nginx spec: volumes: - name: nginx-php configMap: name: nginx-conf - name: log-data hostPath: path: /var/log/weblog type: DirectoryOrCreate - name: website persistentVolumeClaim: claimName: pvc-nfs containers: - name: nginx image: 192.168.1.100:5000/myos:nginx volumeMounts: - name: nginx-php subPath: nginx.conf mountPath: /usr/local/nginx/conf/nginx.conf - name: log-data mountPath: /usr/local/nginx/logs - name: website mountPath: /usr/local/nginx/html ports: - protocol: TCP containerPort: 80 - name: php-backend image: 192.168.1.100:5000/myos:php-fpm volumeMounts: - name: website mountPath: /usr/local/nginx/html restartPolicy: Always --- kind: Service apiVersion: v1 metadata: name: webcluster spec: ports: - protocol: TCP port: 80 targetPort: 80 selector: myapp: nginx type: ClusterIP --- apiVersion: extensions/v1beta1 kind: Ingress metadata: name: myweb annotations: kubernetes.io/ingress.class: "nginx" spec: backend: serviceName: webcluster servicePort: 80 [root@master ~]# kubectl apply -f webcluster.yaml persistentvolume/pv-nfs created persistentvolumeclaim/pvc-nfs created configmap/nginx-conf created deployment.apps/webnginx created service/webcluster created ingress.extensions/myweb created [root@master ~]# kubectl get pod NAME READY STATUS RESTARTS AGE webnginx-647877b59-hdb64 2/2 Running 0 11s webnginx-647877b59-ljb6g 2/2 Running 0 11s webnginx-647877b59-rqmdr 2/2 Running 0 11s [root@master ~]# kubectl get ingresses NAME HOSTS ADDRESS PORTS AGE myweb * 192.168.1.31 80 17s [root@master ~]# # 给 node-0001 绑定弹性公网IP,或使用 ELB 发布到互联网即可验证