背景

wiki.js 是优秀的开源 wiki 系统,相较于 xwiki ,功能目前性上比 xwiki 不够完善,但也在不断进步。 wiki 写作、分项、权限管理功能还是有的,胜在 UI 设计很漂亮,能满足小团队的基本知识管理需求。

以下工作是在 kubernetes 1.23.0 + helm 3 已经部署好的情况下进行的。部署 kubernetes 可以参考我另外的文章 “kubesphere 多节点集群安装”

准备storageclass

我们使用 openebs 作为存储,openebs 默认安装的 local storageclass 在 pod 销毁后自动删除,不适合用于我的 mysql 存储,我们在 local storageclass 基础上稍作修改,创建新的 storageclass,允许 pod 销毁后,pv 内容继续保留,手动决定怎么处理。

apiVersion: v1
items:
- apiVersion: storage.k8s.io/v1
  kind: StorageClass
  metadata:
    annotations:
      cas.openebs.io/config: |
        - name: StorageType
          value: "hostpath"
        - name: BasePath
          value: "/var/openebs/localretain/"
      openebs.io/cas-type: local
      storageclass.beta.kubernetes.io/is-default-class: "false"
      storageclass.kubesphere.io/supported-access-modes: '["ReadWriteOnce"]'
    name: localretain
  provisioner: openebs.io/local
  reclaimPolicy: Retain
  volumeBindingMode: WaitForFirstConsumer
kind: List
metadata:
  resourceVersion: ""
  selfLink: ""

部署 postgresql

我们团队其他项目中也需要使用 postgresql, 为了提高 postgresql 数据库的利用率和统一管理,我们独立部署 postgresql, 并在安装 wiki.js 时,配置外部数据库。

准备用户名密码配置

我们使用 secret 保存 postgres 用户密码等敏感信息。

kind: Secret
apiVersion: v1
metadata:
  name: postgres-prod
data:
  POSTGRES_PASSWORD: 自行填写
type: Opaque

准备数据库初始化脚本

使用 configmap 保存数据库初始化脚本,在 数据库创建时,将 configmap 中的数据库初始化脚本挂载到 /docker-entrypoint-initdb.d, 容器初始化时会自动执行该脚本。

apiVersion: v1
kind: ConfigMap
metadata:
  name: wikijs-postgres-init
data:
  init.sql: |-
    CREATE DATABASE wikijs;
    CREATE USER wikijs with password '自行填写';
    GRANT CONNECT ON DATABASE wikijs to wikijs;
    GRANT USAGE ON SCHEMA public TO wikijs;
    GRANT SELECT,update,INSERT,delete ON ALL TABLES IN SCHEMA public TO wikijs;
    ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO wikijs;
    

准备存储

我们使用 openesb 来提供存储服务。可以通过 创建 pvc 来提供持久化存储。

这里声明一个 10G 的 pvc

kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: postgres-prod-data
  finalizers:
    - kubernetes.io/pvc-protection
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 10Gi
  storageClassName: localretain
  volumeMode: Filesystem

部署 postgresql 数据库

在前面的步骤准备好各种配置信息和存储后,就可以开始部署 postgresql 服务了。
我们的 kubernetes 没有配置 存储阵列,使用的是 openesb 作为存储,我们使用 deployment 来部署 postgresql 服务。

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: postgres-prod
  name: postgres-prod
spec:
  replicas: 1
  selector:
    matchLabels:
      app: postgres-prod
  template:
    metadata:
      labels:
        app: postgres-prod
    spec:
      containers:
        - name: db
          imagePullPolicy: IfNotPresent
          image: 'postgres:14.2-alpine'
          ports:
            - name: tcp-5432
              protocol: TCP
              containerPort: 5432
          envFrom:
          - secretRef:
              name: postgres-prod
          volumeMounts:
            - name: postgres-prod-data
              readOnly: false
              mountPath: /var/lib/postgresql/data
            - name: wikijs-postgres-init
              readOnly: true
              mountPath: /docker-entrypoint-initdb.d
      volumes:
        - name: postgres-prod-data
          persistentVolumeClaim:
            claimName: postgres-prod-data
        - name: wikijs-postgres-init
          configMap:
            name: wikijs-postgres-init

创建供其他 pod 访问的 service

apiVersion: v1
kind: Service
metadata:
  name: postgres-prod
spec:
  selector:
    app: postgres-prod
  ports:
    - protocol: TCP
      port: 5432
      targetPort: tcp-5432

完成 postgres 部署。

测试略

安装 adminer

adminer 是 php 语言的 数据库管理工具,可以在浏览器上管理数据库,因为我们的数据库部署在 kubernetes ,配套使用基于浏览器的 数据库管理工具,可以更方便的管理,而且不需要把安装在 kubernetes 集群里的数据库暴露出来,提高了数据保密性。

准备配置文件

我们使用 configmap 保存 adminer 需要的环境变量。比如通过 ADMINER_DESIGN 设置皮肤,通过 ADMINER_PLUGINS 设置需要加载的插件。

apiVersion: v1
kind: ConfigMap
metadata:
  name: adminer
data:
  ADMINER_DESIGN: pappu687
  ADMINER_PLUGINS: tables-filter

在前面的步骤准备好各种配置信息和存储后,就可以开始部署 adminer 服务了。

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: adminer
  name: adminer
spec:
  replicas: 1
  selector:
    matchLabels:
      app: adminer
  template:
    metadata:
      labels:
        app: adminer
    spec:
      containers:
        - name: adminer
          image: 'adminer'
          ports:
            - name: http-9000
              protocol: TCP
              containerPort: 9000
          envFrom:
          - configMapRef:
              name: adminer

创建供集群内访问的 service

apiVersion: v1
kind: Service
metadata:
  name: adminer
spec:
  selector:
    app: adminer
  ports:
    - protocol: TCP
      port: 9000
      targetPort: http-9000

创建集群外访问的 Ingress

kind: Ingress
apiVersion: networking.k8s.io/v1
metadata:
  name: adminer
spec:
  ingressClassName: nginx
  rules:
    - host: adminer.xyz.cn
      http:
        paths:
          - path: /
            pathType: ImplementationSpecific
            backend:
              service:
                name: adminer
                port:
                  number: 9000

验证

部署 wiki.js

准备用户名密码配置

我们使用 secret 保存 wiki.js 用于连接数据库的用户名密码等敏感信息。

apiVersion: v1
kind: Secret
metadata:
  name: wikijs
data:
  DB_USER: d2lraWpz
  DB_PASS: 自行填写
type: Opaque

准备数据库连接配置

我们使用 configmap 保存 wiki.js 的数据库连接信息。

apiVersion: v1
kind: ConfigMap
metadata:
  name: wikijs
data:
  DB_TYPE: postgres
  DB_HOST: postgres-prod.infra
  DB_PORT: "5432"
  DB_NAME: wikijs
  HA_ACTIVE: "true"

创建数据库用户和数据库

如果 postgresql 数据库里没有创建 wikijs 用户和数据 ,需要手工完成一下工作:
通过 adminer 连接 postgresql 数据库,执行一下 sql 语句,完成数据库和用户的创建、授权

CREATE DATABASE wikijs;
CREATE USER wikijs with password '自行填写';
GRANT CONNECT ON DATABASE wikijs to wikijs;
GRANT USAGE ON SCHEMA public TO wikijs;
GRANT SELECT,update,INSERT,delete ON ALL TABLES IN SCHEMA public TO wikijs;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO wikijs;

部署 wiki.js

在前面的步骤准备好各种配置信息和存储后,就可以开始部署 wiki.js 服务了。

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: wikijs
  name: wikijs
spec:
  replicas: 1
  selector:
    matchLabels:
      app: wikijs
  template:
    metadata:
      labels:
        app: wikijs
    spec:
      containers:
        - name: wikijs
          image: 'requarks/wiki:2'
          ports:
            - name: http-3000
              protocol: TCP
              containerPort: 3000
          envFrom:
          - secretRef:
              name: wikijs
          - configMapRef:
              name: wikijs


创建供 wiki.js 的 service

apiVersion: v1
kind: Service
metadata:
  name: wikijs
spec:
  selector:
    app: wikijs
  ports:
    - protocol: TCP
      port: 3000
      targetPort: http-3000

创建集群外访问的 Ingress

kind: Ingress
apiVersion: networking.k8s.io/v1
metadata:
  name: wikijs
spec:
  ingressClassName: nginx
  rules:
    - host: wiki.xyz.cn
      http:
        paths:
          - path: /
            pathType: ImplementationSpecific
            backend:
              service:
                name: wikijs
                port:
                  number: 3000

完整的 yaml 文件

以下是完整的通过 deployment 部署 mysql 数据库和 xwiki 的 yaml 文件,保存为 xwiki.yaml 。

apiVersion: v1
items:
- apiVersion: storage.k8s.io/v1
  kind: StorageClass
  metadata:
    annotations:
      cas.openebs.io/config: |
        - name: StorageType
          value: "hostpath"
        - name: BasePath
          value: "/var/openebs/localretain/"
      openebs.io/cas-type: local
      storageclass.beta.kubernetes.io/is-default-class: "false"
      storageclass.kubesphere.io/supported-access-modes: '["ReadWriteOnce"]'
    name: localretain
  provisioner: openebs.io/local
  reclaimPolicy: Retain
  volumeBindingMode: WaitForFirstConsumer
kind: List
metadata:
  resourceVersion: ""
  selfLink: ""

---
kind: Secret
apiVersion: v1
metadata:
  name: postgres-prod
data:
  POSTGRES_PASSWORD: 自行填写
type: Opaque  

---
apiVersion: v1
kind: ConfigMap
metadata:
  name: wikijs-postgres-init
data:
  init.sql: |-
    CREATE DATABASE wikijs;
    CREATE USER wikijs with password '自行填写';
    GRANT CONNECT ON DATABASE wikijs to wikijs;
    GRANT USAGE ON SCHEMA public TO wikijs;
    GRANT SELECT,update,INSERT,delete ON ALL TABLES IN SCHEMA public TO wikijs;
    ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO wikijs;

---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: postgres-prod-data
  finalizers:
    - kubernetes.io/pvc-protection
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 10Gi
  storageClassName: localretain
  volumeMode: Filesystem

---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: postgres-prod
  name: postgres-prod
spec:
  replicas: 1
  selector:
    matchLabels:
      app: postgres-prod
  template:
    metadata:
      labels:
        app: postgres-prod
    spec:
      containers:
        - name: db
          imagePullPolicy: IfNotPresent
          image: 'postgres:14.2-alpine'
          ports:
            - name: tcp-5432
              protocol: TCP
              containerPort: 5432
          envFrom:
          - secretRef:
              name: postgres-prod
          volumeMounts:
            - name: postgres-prod-data
              readOnly: false
              mountPath: /var/lib/postgresql/data
            - name: wikijs-postgres-init
              readOnly: true
              mountPath: /docker-entrypoint-initdb.d
      volumes:
        - name: postgres-prod-data
          persistentVolumeClaim:
            claimName: postgres-prod-data
        - name: wikijs-postgres-init
          configMap:
            name: wikijs-postgres-init

---
apiVersion: v1
kind: Service
metadata:
  name: postgres-prod
spec:
  selector:
    app: postgres-prod
  ports:
    - protocol: TCP
      port: 5432
      targetPort: tcp-5432

---
apiVersion: v1
kind: ConfigMap
metadata:
  name: adminer
data:
  ADMINER_DESIGN: pappu687
  ADMINER_PLUGINS: tables-filter

---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: adminer
  name: adminer
spec:
  replicas: 1
  selector:
    matchLabels:
      app: adminer
  template:
    metadata:
      labels:
        app: adminer
    spec:
      containers:
        - name: adminer
          image: 'adminer'
          ports:
            - name: http-9000
              protocol: TCP
              containerPort: 9000
          envFrom:
          - configMapRef:
              name: adminer

---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: adminer
  name: adminer
spec:
  replicas: 1
  selector:
    matchLabels:
      app: adminer
  template:
    metadata:
      labels:
        app: adminer
    spec:
      containers:
        - name: adminer
          image: 'adminer'
          ports:
            - name: http-9000
              protocol: TCP
              containerPort: 9000
          envFrom:
          - configMapRef:
              name: adminer        

---
apiVersion: v1
kind: Service
metadata:
  name: adminer
spec:
  selector:
    app: adminer
  ports:
    - protocol: TCP
      port: 9000
      targetPort: http-9000

---
kind: Ingress
apiVersion: networking.k8s.io/v1
metadata:
  name: adminer
spec:
  ingressClassName: nginx
  rules:
    - host: adminer.xyz.cn
      http:
        paths:
          - path: /
            pathType: ImplementationSpecific
            backend:
              service:
                name: adminer
                port:
                  number: 9000

---
apiVersion: v1
kind: Secret
metadata:
  name: wikijs
data:
  DB_USER: d2lraWpz
  DB_PASS: 自行填写
type: Opaque

---
apiVersion: v1
kind: ConfigMap
metadata:
  name: wikijs
data:
  DB_TYPE: postgres
  DB_HOST: postgres-prod.infra
  DB_PORT: "5432"
  DB_NAME: wikijs
  HA_ACTIVE: "true"

---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: wikijs
  name: wikijs
spec:
  replicas: 1
  selector:
    matchLabels:
      app: wikijs
  template:
    metadata:
      labels:
        app: wikijs
    spec:
      containers:
        - name: wikijs
          image: 'requarks/wiki:2'
          ports:
            - name: http-3000
              protocol: TCP
              containerPort: 3000
          envFrom:
          - secretRef:
              name: wikijs
          - configMapRef:
              name: wikijs

---
apiVersion: v1
kind: Service
metadata:
  name: wikijs
spec:
  selector:
    app: wikijs
  ports:
    - protocol: TCP
      port: 3000
      targetPort: http-3000

---
kind: Ingress
apiVersion: networking.k8s.io/v1
metadata:
  name: wikijs
spec:
  ingressClassName: nginx
  rules:
    - host: wiki.xyz.cn
      http:
        paths:
          - path: /
            pathType: ImplementationSpecific
            backend:
              service:
                name: wikijs
                port:
                  number: 3000

直接执行可以创建好 wiki.js

kubectl apply -f wikijs.yaml
Logo

开源、云原生的融合云平台

更多推荐