Kubernetes集群部署Nginx服务
使用k8s部署Nginx服务,Nginx对外提供服务只希望部署在其中一台主机,该主机不提供其他服务一.设置标签及污点 为了保证nginx之能分配到nginx服务器需要设置标签和污点,设置标签可以让Pod选择该服务器部署,设置污点可以使其他服务Pod无法部署在该服务器本次部署nginx服务器IP为192.168.1.232设置标签#设置标签 key为typevalue为nginxkubectl l
·
使用k8s部署Nginx服务,Nginx对外提供服务只希望部署在其中两台主机,这两台主机不提供其他服务。
一.设置标签及污点
为了保证nginx之能分配到nginx服务器需要设置标签和污点,设置标签可以让Pod选择该服务器部署,设置污点可以使其他服务Pod无法部署在该服务器。
部署nginx服务器IP为192.168.79.111,192.168.79.112,设置2个副本。
设置标签
#设置标签 key为typevalue为nginx
kubectl label node 192.168.79.111 type=nginx
#查看标签
kubectl get node 192.168.79.111 --show-labels
NAME STATUS ROLES AGE VERSION LABELS
192.168.79.111 Ready <none> 30h v1.17.4 kubernetes.io/arch=amd64,kubernetes.io/hostname=192.168.79.111,kubernetes.io/os=linux,type=nginx
设置污点
#给node192.168.79.111 设置污点key为key值为nginx effec为NoSchedule永不调度
#除非在Pod里设置了对应的tolerations参数
kubectl taint node 192.168.79.111 key=nginx:NoSchedule
查看污点
[root@kmaster79110 promethues]# kubectl taint node 192.168.79.111 key=nginx:NoSchedule
node/192.168.79.111 tainted
[root@kmaster79110 promethues]# kubectl describe node 192.168.79.111
Name: 192.168.79.111
Roles: <none>
Labels: beta.kubernetes.io/arch=amd64
beta.kubernetes.io/os=linux
dashboard=turnon
kubernetes.io/arch=amd64
kubernetes.io/hostname=192.168.79.111
kubernetes.io/os=linux
type=nginx
Annotations: node.alpha.kubernetes.io/ttl: 0
volumes.kubernetes.io/controller-managed-attach-detach: true
CreationTimestamp: Wed, 23 Jun 2021 15:11:03 +0800
Taints: key=nginx:NoSchedule
Unschedulable: false
Lease:
HolderIdentity: 192.168.79.111
AcquireTime: <unset>
RenewTime: Thu, 24 Jun 2021 23:36:48 +0800
Conditions:
Type Status LastHeartbeatTime LastTransitionTime Reason Message
---- ------ ----------------- ------------------ ------ -------
MemoryPressure False Thu, 24 Jun 2021 23:34:21 +0800 Thu, 24 Jun 2021 07:15:55 +0800 KubeletHasSufficientMemory kubelet has sufficient memory available
DiskPressure False Thu, 24 Jun 2021 23:34:21 +0800 Thu, 24 Jun 2021 07:15:55 +0800 KubeletHasNoDiskPressure kubelet has no disk pressure
PIDPressure False Thu, 24 Jun 2021 23:34:21 +0800 Thu, 24 Jun 2021 07:15:55 +0800 KubeletHasSufficientPID kubelet has sufficient PID available
Ready True Thu, 24 Jun 2021 23:34:21 +0800 Thu, 24 Jun 2021 07:15:55 +0800 KubeletReady kubelet is posting ready status
Addresses:
InternalIP: 192.168.79.111
Hostname: 192.168.79.111
Capacity:
cpu: 1
ephemeral-storage: 103757316Ki
hugepages-2Mi: 0
memory: 4015196Ki
pods: 210
Allocatable:
cpu: 1
ephemeral-storage: 95622742268
hugepages-2Mi: 0
memory: 3912796Ki
pods: 210
System Info:
Machine ID: 4a78154c965a40aab1a1693fb8a32f46
System UUID: b2a04d56-33a5-145f-4eae-af3b16123147
Boot ID: dd6b58d2-cb34-4415-af1e-49fc8ac515c9
Kernel Version: 4.19.12-1.el7.elrepo.x86_64
OS Image: CentOS Linux 7 (Core)
Operating System: linux
Architecture: amd64
Container Runtime Version: docker://19.3.13
Kubelet Version: v1.21.0
Kube-Proxy Version: v1.21.0
PodCIDR: 172.30.0.0/25
PodCIDRs: 172.30.0.0/25
Non-terminated Pods: (3 in total)
Namespace Name CPU Requests CPU Limits Memory Requests Memory Limits Age
--------- ---- ------------ ---------- --------------- ------------- ---
kube-system coredns-5969657997-fzmph 100m (10%) 0 (0%) 70Mi (1%) 170Mi (4%) 32h
kube-system metrics-server-794dfd4bbb-w5lpc 0 (0%) 0 (0%) 0 (0%) 0 (0%) 32h
kube-system traefik-ingress-controller-hx5zm 0 (0%) 0 (0%) 0 (0%) 0 (0%) 32h
Allocated resources:
(Total limits may be over 100 percent, i.e., overcommitted.)
Resource Requests Limits
-------- -------- ------
cpu 100m (10%) 0 (0%)
memory 70Mi (1%) 170Mi (4%)
ephemeral-storage 0 (0%) 0 (0%)
hugepages-2Mi 0 (0%) 0 (0%)
Events: <none>
二.设置Nginx-deployment的yaml文件
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: nginx
name: nginx-deployment
spec:
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- image: nginx:latest
name: nginx
#标签选择器
nodeSelector:
type: nginx
#设置污点可以调度到对应服务器
tolerations:
- key: "key"
operator: "Equal"
value: "nginx"
effect: "NoSchedule"
应用启动
kubectl apply -f nginx-deployment.yaml
查看已经调度到对应的服务器
# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-deployment-57f94c46b4-5whb5 1/1 Running 0 6h30m 172.17.97.3 192.168.1.232 <none> <none>
三.设置Nginx配置文件和程序根目录挂载
启动的Nginx使用默认的配置文件和默认的网站根目录,需要使用volume挂载
# cat nginx-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: nginx
name: nginx-deployment
spec:
replicas: 1
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- image: nginx:latest
name: nginx
volumeMounts:
- name: conf
mountPath: /etc/nginx
- name: opt
mountPath: /opt
#标签选择器
nodeSelector:
type: nginx
#设置污点可以调度到对应服务器
tolerations:
- key: "key"
operator: "Equal"
value: "nginx"
effect: "NoSchedule"
volumes:
- name: conf
hostPath:
path: /etc/nginx
type: Directory
- name: opt
hostPath:
path: /opt
type: Directory
本次使用了本机挂载hostPath挂载配置文件及根目录,生产环境最好使用pvc挂载
四.设置Service对外提供服务
# cat nginx-service.yaml
kind: Service
metadata:
labels:
app: nginx
name: nginx-deployment
spec:
ports:
- port: 80
name: nginx-svc8880
protocol: TCP
targetPort: 80
nodePort: 8880
selector:
app: nginx
type: NodePort
PS:使用NodePort启用端口对外提供服务,如果对外映射多个端口需要在port参数下加参数name定义名称,单个端口无需设置参数name
k8s默认使用NodePort对外映射端口为30000-50000如需要映射其他端口需要修改配置文件/opt/kubernetes/cfg/kube-apiserver,修改端口范围
五、将博客模板导入导入容器
[root@kmaster79111 test]# docker cp 30f9301444d7:/etc/nginx .
[root@kmaster79111 test]# ll
total 0
drwxr-xr-x 5 root root 240 Jun 26 06:25 nginx
[root@kmaster79111 test]# cd nginx/
[root@kmaster79111 nginx]# ll moban5179
total 164
-rw-r--r-- 1 root root 11365 Jan 13 15:50 about.html
-rw-r--r-- 1 root root 21522 Jan 13 15:50 blog-details-fullwidth.html
-rw-r--r-- 1 root root 25133 Jan 13 15:50 blog-details.html
-rw-r--r-- 1 root root 8611 Jan 13 15:50 contact.html
drwxr-xr-x 4 root root 96 Oct 29 2020 css
drwxr-xr-x 7 root root 4096 Oct 29 2020 images
-rw-r--r-- 1 root root 21890 Jan 13 15:50 index-2.html
-rw-r--r-- 1 root root 27032 Jan 13 15:50 index-3.html
-rw-r--r-- 1 root root 27202 Jan 13 15:50 index.html
drwxr-xr-x 2 root root 89 Oct 29 2020 js
drwxr-xr-x 4 root root 31 Oct 29 2020 plugins
-rw-r--r-- 1 root root 3177 Nov 10 2016 ╦╡├ў.htm
[root@kmaster79111 nginx]# ll
total 7832
drwxr-xr-x 2 root root 26 Jun 26 06:31 conf.d
-rw-r--r-- 1 root root 1350222 Jun 25 21:49 Desktop.zip
-rw-r--r-- 1 root root 1007 May 25 20:28 fastcgi_params
drwxr-xr-x 2 root root 4096 Jun 25 21:48 Machine777_CSDN
-rw-r--r-- 1 root root 345563 Jun 25 21:48 Machine777_CSDN.html
-rw-r--r-- 1 root root 5290 May 25 20:28 mime.types
drwxr-xr-x 6 root root 235 Jan 13 15:59 moban5179
-rw-r--r-- 1 root root 6288470 Jun 25 22:25 moban5179.zip
lrwxrwxrwx 1 root root 22 May 25 21:01 modules -> /usr/lib/nginx/modules
-rw-r--r-- 1 root root 648 May 25 21:01 nginx.conf
-rw-r--r-- 1 root root 636 May 25 20:28 scgi_params
-rw-r--r-- 1 root root 664 May 25 20:28 uwsgi_params
[root@kmaster79111 nginx]# vim conf.d/default.conf
[root@kmaster79111 nginx]# cat conf.d/default.conf
server {
listen 80;
listen [::]:80;
server_name localhost;
#access_log /var/log/nginx/host.access.log main;
location / {
#root /usr/share/nginx/html;
root /etc/nginx/moban5179/;
index index.html about.html blog-details-fullwidth.html blog-details.html contact.html index-2.html index-3.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
[root@kmaster79111 nginx]# ll
total 7832
drwxr-xr-x 2 root root 26 Jun 29 15:56 conf.d
-rw-r--r-- 1 root root 1350222 Jun 25 21:49 Desktop.zip
-rw-r--r-- 1 root root 1007 May 25 20:28 fastcgi_params
drwxr-xr-x 2 root root 4096 Jun 25 21:48 Machine777_CSDN
-rw-r--r-- 1 root root 345563 Jun 25 21:48 Machine777_CSDN.html
-rw-r--r-- 1 root root 5290 May 25 20:28 mime.types
drwxr-xr-x 6 root root 235 Jan 13 15:59 moban5179
-rw-r--r-- 1 root root 6288470 Jun 25 22:25 moban5179.zip
lrwxrwxrwx 1 root root 22 May 25 21:01 modules -> /usr/lib/nginx/modules
-rw-r--r-- 1 root root 648 May 25 21:01 nginx.conf
-rw-r--r-- 1 root root 636 May 25 20:28 scgi_params
-rw-r--r-- 1 root root 664 May 25 20:28 uwsgi_params
登录容器重启nginx
[root@kmaster79111 nginx]# docker exec -it 30f9301444d7 /bin/bash
root@nginx-deployment-68589697df-6dskx:/# nginx -V
nginx version: nginx/1.21.0
built by gcc 8.3.0 (Debian 8.3.0-6)
built with OpenSSL 1.1.1d 10 Sep 2019
TLS SNI support enabled
configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-l
og-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-g -O2 -fdebug-prefix-map=/data/builder/debuild/nginx-1.21.0/debian/debuild-base/nginx-1.21.0=. -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC' --with-ld-opt='-Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie'root@nginx-deployment-68589697df-6dskx:/# ls /etc/nginx/
Desktop.zip Machine777_CSDN Machine777_CSDN.html conf.d fastcgi_params mime.types moban5179 moban5179.zip modules nginx.conf scgi_params uwsgi_params
root@nginx-deployment-68589697df-6dskx:/# ls /etc/nginx/conf.d/
default.conf
root@nginx-deployment-68589697df-6dskx:/#
浏览器展示效果
通过这次部署介绍了k8s部署服务的可以理解容器部署和调度的大致原理。
更多推荐
已为社区贡献2条内容
所有评论(0)