kubernetes进阶 (三) 基础练习

前两天朋友给了我几道题,看着挺简单的,但实际做的时候发现坑不少,这里做下笔记

一、镜像构建部署lnmp

1、构建镜像 nginx、php、mysql 要求使用centos7作为基础镜像
2、使用deployment部署上面的容器,要求3个服务要放到一个pod中(虽然这样是不对的)
3、使用ingress 将上面部署的服务发布出去,通过访问nginx下的index.php访问链接到mysql数据库
4、nginx 和php 要求挂载宿主机的/apps/data/的目录做存储

0、docker镜像加速配置留存

我自己常用的一些加速源,如果你没有配置过就把下面的加上重启docker服务

vi /etc/docker/daemon.json

{
  "exec-opts": ["native.cgroupdriver=systemd"],
  "registry-mirrors": [
    "http://hub-mirror.c.163.com",
    "https://cn-north-4.mirror.huaweicloud.com",
    "https://registry.docker-cn.com",
    "https://mirror.ccs.tencentyun.com",
    "https://b9pmyelo.mirror.aliyuncs.com"
  ],
  "insecure-registries": ["10.0.16.15:30007"]
}

systemctl restart docker

1、构建php镜像

#创建构建目录
mkdir /apps/build/{nginx,php,mysql} -p 
cd  /apps/build/php/

#拉取php包
wget https://www.php.net/distributions/php-7.1.10.tar.gz --no-check-certificate

vi Dockerfile

FROM centos:7.4.1708
ADD php-7.1.10.tar.gz /opt
RUN yum -y install gcc gcc-c++ make gd-devel libxml2-devel libcurl-devel libjpeg-devel libpng-devel openssl-devel bison 
    && mkdir -p /usr/local/php/etc 
    && cd /opt/php-7.1.10/ 
    && ./configure --prefix=/usr/local/php 
        --with-config-file-path=/usr/local/php/etc 
        --with-gd --with-mysqli 
        --with-openssl --with-zlib --with-curl 
        --with-jpeg-dir --with-png-dir --with-iconv 
        --enable-fpm --enable-zip --enable-mbstring 
    && make -j 2 
    && make install 
    && cp /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf 
    && cp /usr/local/php/etc/php-fpm.d/www.conf.default /usr/local/php/etc/php-fpm.d/www.conf 
    && sed -i '/;daemonize/adaemonize = no' /usr/local/php/etc/php-fpm.conf 
    && sed -i 's/127.0.0.1/0.0.0.0/g' /usr/local/php/etc/php-fpm.d/www.conf 
    && echo "${TIME_ZOME}" > /etc/timezone 
    && ln -sf /usr/share/zoneinfo/${TIME_ZOME} /etc/localtime 
    && rm -rf /opt/local/php* 
    && yum clean all 
    && yum -y remove gcc gcc-c++ make 
    && mkdir -p /usr/local/nginx/html 
    && echo -e "<?phpnphpinfo();n?>" > /usr/local/nginx/html/index.php

WORKDIR /usr/local/php/
EXPOSE 9000
CMD ["sbin/php-fpm","-c","etc/php-fpm.conf"]

构建

#预计10分钟
docker build . -f Dockerfile -t lnmp/php:v1

2、构建mysql镜像

 cd /apps/build/mysql/

wget https://dev.mysql.com/get/Downloads/mysql-5.6.26.tar.gz

 vi Dockerfile

FROM centos:7.4.1708
ADD mysql-5.6.26.tar.gz /opt
RUN curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo 
    &&  useradd -s /sbin/nologin mysql 
    && yum -y install gcc gcc-c++ make pcre-devel expat-devel perl ncurses-devel autoconf cmake 
    && cd /opt/mysql-5.6.26/ 
    && cmake -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DDEFAULT_CHARSET=utf8 -DDEFAULT_COLLATION=utf8_general_ci -DEXTRA_CHARSETS=all -DSYSCONFIDIR=/etc -DMYSQL_DATADIR=/home/mysql/ -DMYSQL_UNIX_ADDR=/home/mysql/mysql.sock 
    && make -j2 
    && make install 
    && cp -f support-files/my-default.cnf /etc/my.cnf 
    && cp support-files/mysql.server /etc/init.d/mysqld 
    && chown -R mysql:mysql /usr/local/mysql/ 
    && sed -i 's/^basedir/basedir=/usr/local/mysql/g' /etc/init.d/mysqld 
    && sed -i 's/^datadir/datadir=/home/mysql/g' /etc/init.d/mysqld 
    && /usr/local/mysql/scripts/mysql_install_db --user=mysql --ldata=/var/lib/mysql --basedir=/usr/local/mysql --datadir=/home/mysql
ENV PATH /usr/local/mysql/bin:$PATH
EXPOSE 3306
ENTRYPOINT ["/usr/local/mysql/bin/mysqld_safe"]

构建

#初次构建15分钟
docker build . -f Dockerfile -t lnmp/mysql:v1

3、构建nginx镜像

cd /apps/build/nginx/
wget http://nginx.org/download/nginx-1.12.0.tar.gz

vi Dockerfile

FROM centos:7.4.1708
ADD nginx-1.12.0.tar.gz /opt
RUN yum -y install pcre-devel zlib-devel openssl-devel gcc gcc-c++ make 
    && useradd -M -s /sbin/nologin nginx 
    && cd /opt/nginx-1.12.0/ 
    && ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_stub_status_module --with-file-aio --with-http_gzip_static_module --with-http_flv_module --with-http_ssl_module 
    && make 
    && make install 
    && ln -s /usr/local/nginx/sbin/nginx /usr/sbin/nginx 
    && echo -e "events {nuse epoll;nworker_connections  1024;n}nhttp {nserver_tokens on;nserver {nlisten       80;nserver_name  localhost;nlocation / {nroot   html;nindex  index.html index.htmi index.php;n}nerror_page   500 502 503 504  /50x.html;nlocation = /50x.html {nroot   html;n}nlocation ~ .php$ {nroot           html;nfastcgi_pass   172.168.184.30:9000;nfastcgi_index  index.php;nfastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;ninclude        fastcgi_params;n}n}n}" > /usr/local/nginx/conf/nginx.conf 
ENV PATH /usr/local/nginx/sbin:$PATH
WORKDIR /usr/local/nginx/
EXPOSE 80
CMD ["nginx","-g","daemon off;"]

构建

docker build . -f Dockerfile -t lnmp/nginx:v1

 

4、部署lnmp

#主页文件挂在路径
/usr/local/nginx/html

#配置文件路径
/usr/local/nginx/conf/nginx.conf

创建密钥文件

kubectl create secret generic mysql-pass --from-literal=password=Passwd123 --from-literal=database=tmp --from-literal=passwd=123

vi /apps/build/lnmp.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-deployment
spec:
  replicas: 1
  selector:
    matchLabels:
      app: my-app
  template:
    metadata:
      labels:
        app: my-app
    spec:
      containers:
        - name: nginx-container
          image: lnmp/nginx:v1
          volumeMounts:
            - name: data-volume
              mountPath: /usr/local/nginx/html
            - name: config-volume
              mountPath: /usr/local/nginx/conf/nginx.conf
              subPath: nginx.conf

        - name: php-container
          image: lnmp/php:v1
          volumeMounts:
            - name: data-volume
              mountPath: /usr/local/nginx/html
        - name: mysql-container
          image: lnmp/mysql:v1
          env:
          - name: MYSQL_ROOT_PASSWORD  #mysqlroot密码 
            valueFrom:
              secretKeyRef:
                name: mysql-pass
                key: password       #Passwd123
          - name: MYSQL_DATABASE  #默认的库
            valueFrom:
              secretKeyRef:
                name: mysql-pass
                key: database    #tmp
          - name: MYSQL_USER
            value: sun   #默认用户
          - name: MYSQL_PASSWORD
            valueFrom:
              secretKeyRef:
                name: mysql-pass
                key: passwd   #默认密码  123
      volumes:
        - name: data-volume
          hostPath:
            path: /apps/data/
        - name: config-volume
          configMap:
            name: nginx-configmap
            items:
            - key: nginx.conf
              path: nginx.conf

---
apiVersion: v1
kind: Service
metadata:
  name: nginx-php-mysql
spec:
  type: NodePort
  ports:
  - name: nginx
    port: 80
    protocol: TCP
    targetPort: 80
    nodePort: 30010
  selector:
    app: my-app
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: nginx-configmap
data:
  nginx.conf: |
    events {
        use epoll;
        worker_connections 1024;
    }

    http {
        server_tokens on;

        server {
            listen 80;
            server_name localhost;

            location / {
                root html;
                index index.html index.htmi index.php;
            }

            error_page 500 502 503 504 /50x.html;

            location = /50x.html {
                root html;
            }

            location ~ .php$ {
                root html;
                fastcgi_pass localhost:9000;
                fastcgi_index index.php;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                include fastcgi_params;
            }
        }
    }

部署

kubectl apply -f lnmp.yaml

5、配置php访问页面

vi /apps/data/index.php

<?php
  phpinfo();
?>

访问

http://101.43.156.78:30010/index.php

6、配置php链接mysql测试

vi /apps/data/conn.php

<?php
$link=mysqli_connect('localhost:3306','sun','123');
if($link) echo "数据库链接成功";
mysqli_close($link);
?>

mysql授权

#登录容器
kubectl exec -it my-deployment-5bb547dc98-2qj77 -c mysql-container  bash

#授权
mysql -e "GRANT ALL PRIVILEGES ON *.* TO 'sun'@'localhost' IDENTIFIED BY '123';"

#上面没有要求做mysql的持久化,这里重新部署容器的时候这个权限要重新赋予

访问

http://101.43.156.78:30010/conn.php

7、配置ingress控制器

安装

cd /apps/build
wget https://ghproxy.com/https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.3.1/deploy/static/provider/cloud/deploy.yaml

替换镜像

sed -i s#registry.k8s.io/ingress-nginx/controller:v1.3.1@sha256:54f7fe2c6c5a9db9a0ebf1131797109bb7a4d91f56b9b362bde2abd237dd1974#registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:v1.3.1#g deploy.yaml
sed -i s#registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.3.0@sha256:549e71a6ca248c5abd51cdb73dbc3083df62cf92ed5e6147c780e30f7e007a47#registry.cn-hangzhou.aliyuncs.com/google_containers/kube-webhook-certgen:v1.3.0#g deploy.yaml

添加主机网络模式

awk '/containers:/ {print "      hostNetwork: true"} 1' deploy.yaml > ingress-controller.yaml
rm -f deploy.yaml

 部署

kubectl apply -f ingress-controller.yaml

 

 查看

kubectl get pod,svc,ing,deploy -n ingress-nginx

 这里Completed是正常的

8、部署http-backend

vi http-backend.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: default-http-backend
  labels:
    k8s-app: default-http-backend
  namespace: kube-system
spec:
  replicas: 1
  selector:
   matchLabels:
     k8s-app: default-http-backend
  template:
    metadata:
      labels:
        k8s-app: default-http-backend
    spec:
      terminationGracePeriodSeconds: 60
      containers:
      - name: default-http-backend
        # Any image is permissable as long as:
        # 1. It serves a 404 page at /
        # 2. It serves 200 on a /healthz endpoint
        image: registry.cn-hangzhou.aliyuncs.com/hachikou/defaultbackend:1.0
        livenessProbe:
          httpGet:
            path: /healthz   #这个URI是 nginx-ingress-controller中nginx里配置好的localtion 
            port: 8080
            scheme: HTTP
          initialDelaySeconds: 30   #30s检测一次/healthz
          timeoutSeconds: 5
        ports:
        - containerPort: 8080
#        resources:
#          limits:
#            cpu: 10m
#            memory: 20Mi
#          requests:
#            cpu: 10m
#            memory: 20Mi
---
apiVersion: v1
kind: Service     #为default backend 创建一个service
metadata:
  name: default-http-backend
  namespace: kube-system
  labels:
    k8s-app: default-http-backend
spec:
  ports:
  - port: 80
    targetPort: 8080
  selector:
    k8s-app: default-http-backend

部署

kubectl apply -f http-backend.yaml

 9、添加ingress-nginx规则

vi ingress-nginx.yaml

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: nginx
spec:
  ingressClassName: nginx
  rules:
  - host: www.han.com
    http:
      paths:
        - path: /
          pathType: Prefix
          backend:
            service:
              name: nginx-php-mysql
              port:
                number: 80

 部署

kubectl apply -f ingress-nginx.yaml

查看

 kubectl describe ingress nginx

10、访问域名测试

vi /etc/hosts 

10.0.16.15 www.han.com

 访问

curl www.han.com/conn.php

二、部署mysql主从

1、使用statefulset 控制器部署mysql:8.0 要求副本数为2,且为主从关系
2、使用无头svc 发布,名称为mysql-headless
3、使用ingress发布mysql  端口为30012
4、使用动态存储卷(nfs),存储mysql数据

0、准备nfs共享

我集群就1台主机 随便放了

yum install nfs-utils -y
mkdir -p /apps/mysql_master_slave/data/{mysql-0,mysql-1}
echo '/apps/mysql_master_slave/data/mysql-0 *(rw,no_root_squash)' >> /etc/exports
echo '/apps/mysql_master_slave/data/mysql-1 *(rw,no_root_squash)' >> /etc/exports
systemctl restart nfs-server

1、创建持久卷

cd /apps/mysql_master_slave

vi mysql-pv.yaml

apiVersion: v1
kind: PersistentVolume
metadata:
  name: pv-a  # 为持久化卷A指定名称
spec:
  capacity:
    storage: 1Gi
  accessModes:
    - ReadWriteOnce
    - ReadOnlyMany
  persistentVolumeReclaimPolicy: Recycle
  nfs:
    server: 10.0.16.15
    path: /apps/mysql_master_slave/data/mysql-0  # 指定NFS路径

---

apiVersion: v1
kind: PersistentVolume
metadata:
  name: pv-b  # 为持久化卷B指定名称
spec:
  capacity:
    storage: 1Gi
  accessModes:
    - ReadWriteOnce
    - ReadOnlyMany
  persistentVolumeReclaimPolicy: Recycle
  nfs:
    server: 10.0.16.15
    path: /apps/mysql_master_slave/data/mysql-1  # 指定NFS路径

部署

kubectl apply -f mysql-pv.yaml

#查看
kubectl get pv

 2、编辑mysql主从配置

vi mysql-configmap.yaml

apiVersion: v1
kind: ConfigMap
metadata:
  name: mysql
  labels:
    app: mysql
data:
  master.cnf: |
    # Apply this config only on the master.
    [mysqld]
    log-bin
  
  slave.cnf: |
    # Apply this config only on slaves.
    [mysqld]
    super-read-only

部署

kubectl apply -f mysql-configmap.yaml

3、部署无头svc

vi mysql-headless-svc.yaml

apiVersion: v1
kind: Service
metadata:
  name: mysql-headless
  labels:
    app: mysql
spec:
  ports:
  - name: mysql
    port: 3306
  clusterIP: None
  selector:
    app: mysql

部署

kubectl apply -f mysql-headless-svc.yaml

4、部署mysql服务

vi mysql-sts.yaml

apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: mysql-ss
spec:
  selector:
    matchLabels:
      app: mysql
  serviceName: mysql-headless
  replicas: 2
  template:
    metadata:
      labels:
        app: mysql
    spec:
      initContainers:
        - name: init-mysql
          image: mysql:8.0.18
          command:
            - bash
            - "-c"
            - |
              set ex
              [[ `hostname` =~ -([0-9]+)$ ]] || exit 1
              ordinal=${BASH_REMATCH[1]}
              echo [mysqld] > /mnt/conf.d/server-id.cnf
              echo server-id=$((100 + $ordinal)) >> /mnt/conf.d/server-id.cnf
              if [[ $ordinal -eq 0 ]]; then
                cp /mnt/config-map/master.cnf /mnt/conf.d/
              else
                cp /mnt/config-map/slave.cnf /mnt/conf.d/
              fi
          volumeMounts:
            - name: conf
              mountPath: /mnt/conf.d
            - name: config-map
              mountPath: /mnt/config-map
        - name: clone-mysql
          image: jstang/xtrabackup:2.3
          command:
            - bash
            - "-c"
            - |
              set -ex
              [[ -d /var/lib/mysql/mysql ]] && exit 0
              [[ `hostname` =~ -([0-9]+)$ ]] || exit 1
              ordinal=${BASH_REMATCH[1]}
              [[ $ordinal -eq 0 ]] && exit 0
              ncat --recv-only mysql-ss-$(($ordinal-1)).mysql-headless 3307 | xbstream -x -C /var/lib/mysql
              xtrabackup --prepare --target-dir=/var/lib/mysql
          volumeMounts:
            - name: data
              mountPath: /var/lib/mysql
              subPath: mysql
            - name: conf
              mountPath: /etc/mysql/conf.d
      containers:
        - name: mysql
          image: mysql:8.0.18
          args: ["--default-authentication-plugin=mysql_native_password"]
          env:
            - name: MYSQL_ALLOW_EMPTY_PASSWORD
              value: "1"
          ports:
            - name: mysql
              containerPort: 3306
          volumeMounts:
            - name: data
              mountPath: /var/lib/mysql
              subPath: mysql
            - name: conf
              mountPath: /etc/mysql/conf.d
          resources:
            requests:
              cpu: 50m
              memory: 50Mi
          livenessProbe:
            exec:
              command: ["mysqladmin", "ping"]
            initialDelaySeconds: 30
            periodSeconds: 10
            timeoutSeconds: 5
          readinessProbe:
            exec:
              command: ["mysql", "-h", "127.0.0.1", "-e", "SELECT 1"]
            initialDelaySeconds: 5
            periodSeconds: 2
            timeoutSeconds: 1
        - name: xtrabackup
          image: jstang/xtrabackup:2.3
          ports:
            - name: xtrabackup
              containerPort: 3307
          command:
            - bash
            - "-c"
            - |
              set -ex
              cd /var/lib/mysql
              if [[ -s xtrabackup_slave_info ]]; then
                mv xtrabackup_slave_info change_master_to.sql.in
                rm -f xtrabackup_binlog_info
              elif [[ -f xtrabackup_binlog_info ]]; then
                [[ `cat xtrabackup_binlog_info` =~ ^(.*?)[[:space:]]+(.*?)$ ]] || exit 1
                rm xtrabackup_binlog_info
                echo "CHANGE MASTER TO MASTER_LOG_FILE='${BASH_REMATCH[1]}', MASTER_LOG_POS=${BASH_REMATCH[2]}" > change_master_to.sql.in
              fi
              sleep 10s
              if [[ -f change_master_to.sql.in ]]; then
                echo "Waiting for mysqld to be ready (accepting connections)"
                until mysql -h 127.0.0.1 -e "SELECT 1"; do sleep 1; done
                echo "Initializing replication from clone position"
                mv change_master_to.sql.in change_master_to.sql.orig
                sed 's/\//' change_master_to.sql.orig
                mysql -h 127.0.0.1 -e "source change_master_to.sql.orig; CHANGE MASTER TO MASTER_HOST='mysql-ss-0.mysql-headless', MASTER_USER='root', MASTER_PASSWORD='', MASTER_CONNECT_RETRY=10; START SLAVE;"


              fi
              exec ncat --listen --keep-open --send-only --max-conns=1 3307 -c "xtrabackup --backup --slave-info --stream=xbstream --host=127.0.0.1 --user=root"
          volumeMounts:
            - name: data
              mountPath: /var/lib/mysql
              subPath: mysql
            - name: conf
              mountPath: /etc/mysql/conf.d
          resources:
            requests:
              cpu: 10m
              memory: 10Mi
      volumes:
        - name: conf
          emptyDir: {}
        - name: config-map
          configMap:
            name: mysql
  volumeClaimTemplates:
    - metadata:
        name: data
      spec:
        accessModes:
          - ReadWriteOnce
        resources:
          requests:
            storage: 0.1Gi

部署

kubectl apply -f mysql-sts.yaml

#查看
kubectl get pod

5、验证mysql主从是否正常

kubectl exec -it mysql-ss-1  -- bash
mysql -e "SHOW SLAVE STATUSG" | grep -E "Slave_IO_Running|Slave_SQL_Running"

 登录mysql-0 新增数据,去mysql-1 查看

#数据库1
create database ui;
create table ui.user(name varchar(255));
insert into ui.user(name) values("jstang");
    
    
#数据库2
select * from ui.user;

6、ingres发布mysql (没整过,先略,下面是废话,跳过直接看三)

对于使用 StatefulSet 部署的 MySQL,您可以通过 Ingress 来进行访问。然而需要注意的是,由于 MySQL 使用的是 TCP 协议而不是 HTTP/HTTPS,传统的 Ingress 无法直接代理 TCP 流量。不过,Kubernetes 社区提供了一种叫做 "TCP Ingress" 的解决方案,可以用来代理 TCP 流量,包括 MySQL。

vi ingress-nginx.yaml

    spec:
      hostNetwork: true
      containers:
      - args:
        - /nginx-ingress-controller
        - --publish-service=$(POD_NAMESPACE)/ingress-nginx-controller
        - --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services  #添加
        - --udp-services-configmap=$(POD_NAMESPACE)/udp-services   #添加

vi tcp-services.yaml

apiVersion: v1
kind: ConfigMap
metadata:
  name: tcp-services
  namespace: default
data:
  3306: "default/mysql-headless:3306"

kubectl apply -f tcp-services.yaml

kubectl edit service ingress-nginx-controller -n ingress-nginx
  - name: tcp-service-3306
    port: 3306
    protocol: TCP
    targetPort: 3306
    #添加上述信息

  selector:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/name: ingress-nginx
  sessionAffinity: None
  type: LoadBalancer
status:
  loadBalancer: {}

三、 zabbix 监控

1、使用deployment部署zabbix,并使用daemonSet部署zabbix-agent
2、启动zabbix-UI页面后,选定指定的主机的物理ip才可访问(hostport + nodeSelector)
3、zabbix上可以监控上题的所有pod中的mysql(需要导入mysql监控模板)

 0、准备nfs目录

mkdir -p /apps/zabbix/data
echo "/apps/zabbix/data *(insecure,rw,sync,no_root_squash)" >> /etc/exports
exportfs -r

 1、部署zabbix-mysql

cd /apps/zabbix
kubectl create namespace zabbix

vi zabbix_mysql.yaml

---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: zabbixdb-pv
spec:
  capacity:   #创建存储的大小
    storage: 10Gi
  volumeMode: Filesystem  #存储的类型
  accessModes:
    - ReadWriteOnce
  persistentVolumeReclaimPolicy: Recycle
  nfs:
    path: /apps/zabbix/data
    server: 10.0.16.15   #修改
  mountOptions:
    - hard
    - nfsvers=4.1
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: zabbixdb-pvc
  namespace: zabbix
spec:
  accessModes:
    - ReadWriteOnce
  volumeMode: Filesystem   #存储类型 ,块存储Block
  resources:
    requests:
      storage: 8Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: zabbixdb
  name: zabbixdb
  namespace: zabbix
spec:
  replicas: 1
  selector:
    matchLabels:
      app: zabbixdb
  strategy: {}
  template:
    metadata:
      labels:
        app: zabbixdb
    spec:
      volumes:
      - name: zabbixdb-data
        persistentVolumeClaim:
          claimName: zabbixdb-pvc
      containers:
      - image: mysql:8.0
        name: mysql
        ports:
        - name: mysql
          containerPort: 3306
          protocol: TCP
        volumeMounts:
        - name: zabbixdb-data
          mountPath: /var/lib/mysql
        env:
        - name: MYSQL_USER
          value: 'zabbix'
        - name: MYSQL_PASSWORD
          value: 'zabbix'
        - name: MYSQL_ROOT_PASSWORD
          value: 'zabbix'
---

apiVersion: v1
kind: Service
metadata:
  creationTimestamp: null
  labels:
    app: zabbixdb
  name: zabbixdb
  namespace: zabbix
spec:
  clusterIP: 10.96.1.99
  ports:
  - name: 3306-3306
    port: 3306
    protocol: TCP
    targetPort: 3306
  selector:
    app: zabbixdb
  type: ClusterIP
status:
  loadBalancer: {}

 部署

kubectl apply -f zabbix_mysql.yaml 

2、部署 zabbix-server

固定运行节点

运行

kubectl label nodes k8s-master01  zabbix-server=true

vi zabbix_server.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  creationTimestamp: null
  labels:
    app: zabbix-server
  name: zabbix-server
  namespace: zabbix
spec:
  replicas: 1
  selector:
    matchLabels:
      app: zabbix-server
  strategy: {}
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: zabbix-server
    spec:
      volumes:
        - name: zabbix-scripts
          hostPath:
            path: /usr/lib/zabbix/
        - name: zabbix-file
          hostPath:
            path: /var/lib/zabbix
      nodeSelector:
        zabbix-server: "true"
      initContainers:
        - name: zabbix-db-init
          image: zabbix/zabbix-server-mysql:6.0-ubuntu-latest
          command:
              - sh
              - -c
              - |
                sleep 30
                if ! mysql -u root -pzabbix -h 10.96.1.99 -P3306 --skip-column-names -e "SELECT COUNT(*) FROM information_schema.SCHEMATA WHERE SCHEMA_NAME = 'zabbix';" 2>/dev/null | grep -q '^1'; then
                  echo "CREATE DATABASE zabbix charset utf8 collate utf8_bin;" | mysql -u root -pzabbix -h 10.96.1.99 -P3306
                  sleep 1s
                  echo "CREATE DATABASE zabbix1 charset utf8 collate utf8_bin;" | mysql -u root -pzabbix -h 10.96.1.99 -P3306
                  mysql -u root -pzabbix -h 10.96.1.99 -P3306 -e "USE zabbix; GRANT ALL PRIVILEGES ON zabbix.* TO 'zabbix'@'%';";
                else
                  if mysql -u root -pzabbix -h 10.96.1.99 -P3306 --skip-column-names -D zabbix -e "SELECT COUNT(*) FROM zabbix.users;" 2>/dev/null | grep -q '^0'; then
                    echo "DROP DATABASE IF EXISTS zabbix;" | mysql -u root -pzabbix -h 10.96.1.99 -P3306
                    sleep 1s
                    echo "CREATE DATABASE zabbix charset utf8 collate utf8_bin;" | mysql -u root -pzabbix -h 10.96.1.99 -P3306
                    sleep 1s
                    echo "CREATE DATABASE zabbix1 charset utf8 collate utf8_bin;" | mysql -u root -pzabbix -h 10.96.1.99 -P3306
                  fi
                fi

                if ! mysql -u root -pzabbix -h 10.96.1.99 -P3306 -e "USE zabbix; DESCRIBE users;"; then
                  { zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | tee -a zcat_mysql.log; } | mysql -u root -pzabbix -h 10.96.1.99 -P3306 zabbix >> zcat_mysql.log
                fi #初次自动导入sql包到数据库的时候是有问题的,需要删除表后重新导入
      containers:
        - image: zabbix/zabbix-server-mysql:6.0-ubuntu-latest
          name: zabbix-server-mysql
          env:
            - name: DB_SERVER_HOST
              value: zabbixdb.zabbix.svc.cluster.local
            - name: MYSQL_USER
              value: zabbix
            - name: MYSQL_PASSWORD
              value: zabbix
          resources: {}
          ports:
            - containerPort: 10051
              hostPort: 10051
status: {}

---
apiVersion: v1
kind: Service
metadata:
  creationTimestamp: null
  labels:
    app: zabbix-server
  name: zabbix-server
  namespace: zabbix
spec:
  ports:
    - name: 10051-10051
      port: 10051
      protocol: TCP
      targetPort: 10051
  selector:
    app: zabbix-server
  type: ClusterIP
status:
  loadBalancer: {}

部署

kubectl apply -f zabbix_server.yaml

kubectl -n zabbix get pod

检查数据库是否有用户

kubectl -n zabbix exec -it zabbixdb-5949d4d487-ld58v bash

mysql -uroot -pzabbix

select * from zabbix.users;

3、部署zabbix-web

vi zabbix_web.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  creationTimestamp: null
  labels:
    app: zabbix-web
  name: zabbix-web
  namespace: zabbix
spec:
  replicas: 1
  selector:
    matchLabels:
      app: zabbix-web
  strategy: {}
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: zabbix-web
    spec:
      containers:
      - image: zabbix/zabbix-web-nginx-mysql:6.0-ubuntu-latest
        name: zabbix-web-nginx-mysql
        env:
        - name: DB_SERVER_HOST
          value: zabbixdb.zabbix.svc.cluster.local
        - name: MYSQL_USER
          value: zabbix
        - name: MYSQL_PASSWORD
          value: zabbix
        - name: ZBX_SERVER_HOST
          value: 10.0.16.15
        - name: PHP_TZ
          value: Asia/shanghai
        resources: {}
status: {}
---
apiVersion: v1
kind: Service
metadata:
  creationTimestamp: null
  labels:
    app: zabbix-web
  name: zabbix-web
  namespace: zabbix
spec:
  ports:
  - name: 8080-8080
    port: 8080
    protocol: TCP
    targetPort: 8080
    nodePort: 30011
  selector:
    app: zabbix-web
  type: NodePort
status:
  loadBalancer: {}

部署

kubectl apply -f zabbix_web.yaml

4、部署zabbix-agent

vi zabbix_agent.yaml

apiVersion: apps/v1
kind: DaemonSet
metadata:
  labels:
    app: zabbix-agent
  name: zabbix-agent
  namespace: zabbix
spec:
  selector:
    matchLabels:
      app: zabbix-agent
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: zabbix-agent
    spec:
      hostNetwork: true
      containers:
      - image: zabbix/zabbix-agent:6.0-ubuntu-latest
        name: zabbix-agent
        env:
        - name: ZBX_SERVER_HOST
          value: 10.0.16.15
        resources: {}

部署

kubectl apply -f zabbix_agent.yaml

5、访问zabbix-ui

http://101.43.156.78:30011  #nodeport暴露端口


账号  Admin   #首字母大写
密码  zabbix

6、导入mysql模板监控

四、部署DNS

1、使用Deployment创建两个Pod,一个Pod为DNS主服务器,另一个Pod为DNS从服务器
2、DNS子域可以解析域名第一题中的ingress地址
3、单独创建一个pod,指定dns为dns从服务器,并且访问第一题中的域名要正常打开

略,有空在看