configMap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: pub-oa-configmap
namespace: hunter
data:
MYSQL_HOST: pub-oa-db-svc
MYSQL_PORT: 3306
sceret.yaml
apiVersion: v1
kind: Secret
metadata:
name: pub-oa-secret
namespace: hunter
type: Opaque
data:
MYSQL_USER: cm9vdA== # 注意加-n参数,echo -n root|base64
MYSQL_PASSWORD: aHVudGVy
service-mysql.yaml
apiVersion: apps/v1
kind: Service
metadata:
name: pub-oa-db-svc
namespace: hunter
spec:
ports:
- port: 3306
protocal: TCP
targetPort: 3306
selector:
app: pub-oa-db
type: ClusterIP
service-web.yaml
# 查看pod节点,并显示labels
# kubectl -n hunter get pods --show-labels
# 查看service
# kubectl -n hunter get svc
# 查看指定service
# kubectl -n hunter get svc pub-oa-web
# 查看某个service详情
# kubectl -n hunter describe svc pub-oa-web
# 查看pub-oa-web的 endpoints情况
# kubectl -n hunter get endpoints pub-oa-web
apiVersion: apps/v1
kind: Service
metadata:
name: pub-oa-web-svc
namespace: hunter
spec:
ports:
- port: 8080
protocal: TCP
targetPort: 8080
selector:
app: pub-oa-web
type: ClusterIP
mysql-deploy.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: pub-oa-db
namespace: hunter
spec:
replicas: 1 # 指定pod的副本数量
selector:
matchLabels:
app: pub-oa-db
template:
metadata:
labels: # 给pod打label
app: pub-oa-db
spec:
volumes:
- name: mysql
hostPath:
path: /opt/mysql/data
nodeSelector: # 使用节点选择器将pod调度到指定的label节点
component: prod-k8s-node1 # kubectl label node prod-k8s-node1 component=prod-k8s-node1
containers:
- name: pub-oa-db
image: rigistry.cn-shanghai.aliyuncs.com/pub-oa-db:v1
imagePullPolicy: IfNotPresent # 镜像拉去策略,此外还有Always, Never
ports:
- containerPort: 3306
env:
- name: MYSQL_USER
valueFrom:
secretKeyRef:
name: pub-oa-secret
key: MYSQL_USER
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: pub-oa-secret
key: MYSQL_PASSWORD
resources: # 容器资源限制
requests:
memory: 100Mi # 当pod内存超过100Mi时,会报OOM
cpu: 50m # 当cpu超过limit限制时,不会被kill,但是会限制不超过limit值,1 CPU = 1000 millicpu(1 core = 1000m(毫核)),cpu资源是按 “时间片”的方式来分配的
limits:
memory: 500Mi
cpu: 100m
volumeMounts:
- name: mysql
mountPath: /var/lib/mysql
web-deploy.yaml
# overView:
# 1. 添加pod驱逐策略,在某些场景下如节点 NotReady,或则资源不足时,把pod驱逐至其他节点上
# 2. 添加pod更新策略
apiVersion: apps/v1
kind: Deployment
metadata:
name: pub-oa-web
namespace: hunter
spec:
replicas: 1 # 指定pod的副本数量, 扩容web服务,kubectl scale deploy web --replicas=2
selector:
matchLabels: # 指定pod选择器
app: pub-oa-web
template:
metadata:
labels: # 给pod打label
app: pub-oa-web
spec:
nodeSelector: # 使用节点选择器将pod调度到指定的label节点
component: prod-k8s-node1 # kubectl label node prod-k8s-node1 component=prod-k8s-node1
containers:
- name: pub-oa-web
image: rigistry.cn-shanghai.aliyuncs.com/pub-oa-app:v1
imagePullPolicy: IfNotPresent # 镜像拉去策略,此外还有Always, Never
ports:
- containerPort: 8080
env:
- name: MYSQL_HOST
valueFrom:
configMapKeyRef:
name: pub-oa-configmap
key: MYSQL_HOST
- name: MYSQL_PORT
valueFrom:
configMapKeyRef:
name: pub-oa-configmap
key: MYSQL_PORT
- name: MYSQL_USER
valueFrom:
secretKeyRef:
name: pub-oa-secret
key: MYSQL_USER
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
name: pub-oa-secret
key: MYSQL_PASSWORD
livenessProbe: # 存活性探测
httpGet: # 此外还有 exec,tcpSocket类型
path: /code-library/listCodeLibrary
port: 8080
scheme: HTTP
initialDelaySeconds: 10 # 容器启动后,第一次执行探测时需要等待多少秒
periodSeconds: 10 # 执行探测的频率
timeoutSeconds: 2 # 探测超时时间
readinessProbe: # 可用性探测
httpGet: # 此外还有 exec,tcpSocket类型
path: /code-library/listCodeLibrary
port: 8080
scheme: HTTP
initialDelaySeconds: 10 # 容器启动后,第一次执行探测时需要等待多少秒
periodSeconds: 10 # 执行探测的频率
timeoutSeconds: 2 # 探测超时时间
resources: # 容器资源限制
requests:
memory: 100Mi # 当pod内存超过100Mi时,会报OOM
cpu: 50m # 当cpu超过limit限制时,不会被kill,但是会限制不超过limit值,1 CPU = 1000 millicpu(1 core = 1000m(毫核)),cpu资源是按 “时间片”的方式来分配的
limits:
memory: 500Mi
cpu: 100m
volumeMounts:
- name: mysql
mountPath: /var/lib/mysql
web-endpoint.yaml
# 为pub-oa-web做节点负载均衡
apiVersion: apps/v1
kind: Service
metadata:
name: pub-oa-web-np
namespace: hunter
spec:
ports:
- port: 8080
protocal: TCP
targetPort: 8080
selector:
app: pub-oa-web
type: NodePort