kubernetes进阶 (三) 基础练习
前两天朋友给了我几道题,看着挺简单的,但实际做的时候发现坑不少,这里做下笔记
一、镜像构建部署lnmp
1、构建镜像 nginx、php、mysql 要求使用centos7作为基础镜像
2、使用deployment部署上面的容器,要求3个服务要放到一个pod中(虽然这样是不对的)
3、使用ingress 将上面部署的服务发布出去,通过访问nginx下的index.php访问链接到mysql数据库
4、nginx 和php 要求挂载宿主机的/apps/data/的目录做存储
0、docker镜像加速配置留存
我自己常用的一些加速源,如果你没有配置过就把下面的加上重启docker服务
vi /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"registry-mirrors": [
"http://hub-mirror.c.163.com",
"https://cn-north-4.mirror.huaweicloud.com",
"https://registry.docker-cn.com",
"https://mirror.ccs.tencentyun.com",
"https://b9pmyelo.mirror.aliyuncs.com"
],
"insecure-registries": ["10.0.16.15:30007"]
}
systemctl restart docker
1、构建php镜像
#创建构建目录
mkdir /apps/build/{nginx,php,mysql} -p
cd /apps/build/php/
#拉取php包
wget https://www.php.net/distributions/php-7.1.10.tar.gz --no-check-certificate
vi Dockerfile
FROM centos:7.4.1708
ADD php-7.1.10.tar.gz /opt
RUN yum -y install gcc gcc-c++ make gd-devel libxml2-devel libcurl-devel libjpeg-devel libpng-devel openssl-devel bison
&& mkdir -p /usr/local/php/etc
&& cd /opt/php-7.1.10/
&& ./configure --prefix=/usr/local/php
--with-config-file-path=/usr/local/php/etc
--with-gd --with-mysqli
--with-openssl --with-zlib --with-curl
--with-jpeg-dir --with-png-dir --with-iconv
--enable-fpm --enable-zip --enable-mbstring
&& make -j 2
&& make install
&& cp /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf
&& cp /usr/local/php/etc/php-fpm.d/www.conf.default /usr/local/php/etc/php-fpm.d/www.conf
&& sed -i '/;daemonize/adaemonize = no' /usr/local/php/etc/php-fpm.conf
&& sed -i 's/127.0.0.1/0.0.0.0/g' /usr/local/php/etc/php-fpm.d/www.conf
&& echo "${TIME_ZOME}" > /etc/timezone
&& ln -sf /usr/share/zoneinfo/${TIME_ZOME} /etc/localtime
&& rm -rf /opt/local/php*
&& yum clean all
&& yum -y remove gcc gcc-c++ make
&& mkdir -p /usr/local/nginx/html
&& echo -e "<?phpnphpinfo();n?>" > /usr/local/nginx/html/index.php
WORKDIR /usr/local/php/
EXPOSE 9000
CMD ["sbin/php-fpm","-c","etc/php-fpm.conf"]
构建
#预计10分钟
docker build . -f Dockerfile -t lnmp/php:v1
2、构建mysql镜像
cd /apps/build/mysql/
wget https://dev.mysql.com/get/Downloads/mysql-5.6.26.tar.gz
vi Dockerfile
FROM centos:7.4.1708
ADD mysql-5.6.26.tar.gz /opt
RUN curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
&& useradd -s /sbin/nologin mysql
&& yum -y install gcc gcc-c++ make pcre-devel expat-devel perl ncurses-devel autoconf cmake
&& cd /opt/mysql-5.6.26/
&& cmake -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DDEFAULT_CHARSET=utf8 -DDEFAULT_COLLATION=utf8_general_ci -DEXTRA_CHARSETS=all -DSYSCONFIDIR=/etc -DMYSQL_DATADIR=/home/mysql/ -DMYSQL_UNIX_ADDR=/home/mysql/mysql.sock
&& make -j2
&& make install
&& cp -f support-files/my-default.cnf /etc/my.cnf
&& cp support-files/mysql.server /etc/init.d/mysqld
&& chown -R mysql:mysql /usr/local/mysql/
&& sed -i 's/^basedir/basedir=/usr/local/mysql/g' /etc/init.d/mysqld
&& sed -i 's/^datadir/datadir=/home/mysql/g' /etc/init.d/mysqld
&& /usr/local/mysql/scripts/mysql_install_db --user=mysql --ldata=/var/lib/mysql --basedir=/usr/local/mysql --datadir=/home/mysql
ENV PATH /usr/local/mysql/bin:$PATH
EXPOSE 3306
ENTRYPOINT ["/usr/local/mysql/bin/mysqld_safe"]
构建
#初次构建15分钟
docker build . -f Dockerfile -t lnmp/mysql:v1
3、构建nginx镜像
cd /apps/build/nginx/
wget http://nginx.org/download/nginx-1.12.0.tar.gz
vi Dockerfile
FROM centos:7.4.1708
ADD nginx-1.12.0.tar.gz /opt
RUN yum -y install pcre-devel zlib-devel openssl-devel gcc gcc-c++ make
&& useradd -M -s /sbin/nologin nginx
&& cd /opt/nginx-1.12.0/
&& ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_stub_status_module --with-file-aio --with-http_gzip_static_module --with-http_flv_module --with-http_ssl_module
&& make
&& make install
&& ln -s /usr/local/nginx/sbin/nginx /usr/sbin/nginx
&& echo -e "events {nuse epoll;nworker_connections 1024;n}nhttp {nserver_tokens on;nserver {nlisten 80;nserver_name localhost;nlocation / {nroot html;nindex index.html index.htmi index.php;n}nerror_page 500 502 503 504 /50x.html;nlocation = /50x.html {nroot html;n}nlocation ~ .php$ {nroot html;nfastcgi_pass 172.168.184.30:9000;nfastcgi_index index.php;nfastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;ninclude fastcgi_params;n}n}n}" > /usr/local/nginx/conf/nginx.conf
ENV PATH /usr/local/nginx/sbin:$PATH
WORKDIR /usr/local/nginx/
EXPOSE 80
CMD ["nginx","-g","daemon off;"]
构建
docker build . -f Dockerfile -t lnmp/nginx:v1
4、部署lnmp
#主页文件挂在路径
/usr/local/nginx/html
#配置文件路径
/usr/local/nginx/conf/nginx.conf
创建密钥文件
kubectl create secret generic mysql-pass --from-literal=password=Passwd123 --from-literal=database=tmp --from-literal=passwd=123
vi /apps/build/lnmp.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-deployment
spec:
replicas: 1
selector:
matchLabels:
app: my-app
template:
metadata:
labels:
app: my-app
spec:
containers:
- name: nginx-container
image: lnmp/nginx:v1
volumeMounts:
- name: data-volume
mountPath: /usr/local/nginx/html
- name: config-volume
mountPath: /usr/local/nginx/conf/nginx.conf
subPath: nginx.conf
- name: php-container
image: lnmp/php:v1
volumeMounts:
- name: data-volume
mountPath: /usr/local/nginx/html
- name: mysql-container
image: lnmp/mysql:v1
env:
- name: MYSQL_ROOT_PASSWORD #mysqlroot密码
valueFrom:
secretKeyRef:
name: mysql-pass
key: password #Passwd123
- name: MYSQL_DATABASE #默认的库
valueFrom:
secretKeyRef:
name: mysql-pass
key: database #tmp
- name: MYSQL_USER
value: sun #默认用户
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-pass
key: passwd #默认密码 123
volumes:
- name: data-volume
hostPath:
path: /apps/data/
- name: config-volume
configMap:
name: nginx-configmap
items:
- key: nginx.conf
path: nginx.conf
---
apiVersion: v1
kind: Service
metadata:
name: nginx-php-mysql
spec:
type: NodePort
ports:
- name: nginx
port: 80
protocol: TCP
targetPort: 80
nodePort: 30010
selector:
app: my-app
---
apiVersion: v1
kind: ConfigMap
metadata:
name: nginx-configmap
data:
nginx.conf: |
events {
use epoll;
worker_connections 1024;
}
http {
server_tokens on;
server {
listen 80;
server_name localhost;
location / {
root html;
index index.html index.htmi index.php;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location ~ .php$ {
root html;
fastcgi_pass localhost:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
}
部署
kubectl apply -f lnmp.yaml
5、配置php访问页面
vi /apps/data/index.php
<?php
phpinfo();
?>
访问
http://101.43.156.78:30010/index.php
6、配置php链接mysql测试
vi /apps/data/conn.php
<?php
$link=mysqli_connect('localhost:3306','sun','123');
if($link) echo "数据库链接成功";
mysqli_close($link);
?>
mysql授权
#登录容器
kubectl exec -it my-deployment-5bb547dc98-2qj77 -c mysql-container bash
#授权
mysql -e "GRANT ALL PRIVILEGES ON *.* TO 'sun'@'localhost' IDENTIFIED BY '123';"
#上面没有要求做mysql的持久化,这里重新部署容器的时候这个权限要重新赋予
访问
http://101.43.156.78:30010/conn.php
7、配置ingress控制器
安装
cd /apps/build
wget https://ghproxy.com/https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.3.1/deploy/static/provider/cloud/deploy.yaml
替换镜像
sed -i s#registry.k8s.io/ingress-nginx/controller:v1.3.1@sha256:54f7fe2c6c5a9db9a0ebf1131797109bb7a4d91f56b9b362bde2abd237dd1974#registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:v1.3.1#g deploy.yaml
sed -i s#registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.3.0@sha256:549e71a6ca248c5abd51cdb73dbc3083df62cf92ed5e6147c780e30f7e007a47#registry.cn-hangzhou.aliyuncs.com/google_containers/kube-webhook-certgen:v1.3.0#g deploy.yaml
添加主机网络模式
awk '/containers:/ {print " hostNetwork: true"} 1' deploy.yaml > ingress-controller.yaml
rm -f deploy.yaml
部署
kubectl apply -f ingress-controller.yaml
查看
kubectl get pod,svc,ing,deploy -n ingress-nginx
这里Completed是正常的
8、部署http-backend
vi http-backend.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: default-http-backend
labels:
k8s-app: default-http-backend
namespace: kube-system
spec:
replicas: 1
selector:
matchLabels:
k8s-app: default-http-backend
template:
metadata:
labels:
k8s-app: default-http-backend
spec:
terminationGracePeriodSeconds: 60
containers:
- name: default-http-backend
# Any image is permissable as long as:
# 1. It serves a 404 page at /
# 2. It serves 200 on a /healthz endpoint
image: registry.cn-hangzhou.aliyuncs.com/hachikou/defaultbackend:1.0
livenessProbe:
httpGet:
path: /healthz #这个URI是 nginx-ingress-controller中nginx里配置好的localtion
port: 8080
scheme: HTTP
initialDelaySeconds: 30 #30s检测一次/healthz
timeoutSeconds: 5
ports:
- containerPort: 8080
# resources:
# limits:
# cpu: 10m
# memory: 20Mi
# requests:
# cpu: 10m
# memory: 20Mi
---
apiVersion: v1
kind: Service #为default backend 创建一个service
metadata:
name: default-http-backend
namespace: kube-system
labels:
k8s-app: default-http-backend
spec:
ports:
- port: 80
targetPort: 8080
selector:
k8s-app: default-http-backend
部署
kubectl apply -f http-backend.yaml
9、添加ingress-nginx规则
vi ingress-nginx.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nginx
spec:
ingressClassName: nginx
rules:
- host: www.han.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: nginx-php-mysql
port:
number: 80
部署
kubectl apply -f ingress-nginx.yaml
查看
kubectl describe ingress nginx
10、访问域名测试
vi /etc/hosts
10.0.16.15 www.han.com
访问
curl www.han.com/conn.php
二、部署mysql主从
1、使用statefulset 控制器部署mysql:8.0 要求副本数为2,且为主从关系
2、使用无头svc 发布,名称为mysql-headless
3、使用ingress发布mysql 端口为30012
4、使用动态存储卷(nfs),存储mysql数据
0、准备nfs共享
我集群就1台主机 随便放了
yum install nfs-utils -y
mkdir -p /apps/mysql_master_slave/data/{mysql-0,mysql-1}
echo '/apps/mysql_master_slave/data/mysql-0 *(rw,no_root_squash)' >> /etc/exports
echo '/apps/mysql_master_slave/data/mysql-1 *(rw,no_root_squash)' >> /etc/exports
systemctl restart nfs-server
1、创建持久卷
cd /apps/mysql_master_slave
vi mysql-pv.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: pv-a # 为持久化卷A指定名称
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteOnce
- ReadOnlyMany
persistentVolumeReclaimPolicy: Recycle
nfs:
server: 10.0.16.15
path: /apps/mysql_master_slave/data/mysql-0 # 指定NFS路径
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: pv-b # 为持久化卷B指定名称
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteOnce
- ReadOnlyMany
persistentVolumeReclaimPolicy: Recycle
nfs:
server: 10.0.16.15
path: /apps/mysql_master_slave/data/mysql-1 # 指定NFS路径
部署
kubectl apply -f mysql-pv.yaml
#查看
kubectl get pv
2、编辑mysql主从配置
vi mysql-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: mysql
labels:
app: mysql
data:
master.cnf: |
# Apply this config only on the master.
[mysqld]
log-bin
slave.cnf: |
# Apply this config only on slaves.
[mysqld]
super-read-only
部署
kubectl apply -f mysql-configmap.yaml
3、部署无头svc
vi mysql-headless-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: mysql-headless
labels:
app: mysql
spec:
ports:
- name: mysql
port: 3306
clusterIP: None
selector:
app: mysql
部署
kubectl apply -f mysql-headless-svc.yaml
4、部署mysql服务
vi mysql-sts.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: mysql-ss
spec:
selector:
matchLabels:
app: mysql
serviceName: mysql-headless
replicas: 2
template:
metadata:
labels:
app: mysql
spec:
initContainers:
- name: init-mysql
image: mysql:8.0.18
command:
- bash
- "-c"
- |
set ex
[[ `hostname` =~ -([0-9]+)$ ]] || exit 1
ordinal=${BASH_REMATCH[1]}
echo [mysqld] > /mnt/conf.d/server-id.cnf
echo server-id=$((100 + $ordinal)) >> /mnt/conf.d/server-id.cnf
if [[ $ordinal -eq 0 ]]; then
cp /mnt/config-map/master.cnf /mnt/conf.d/
else
cp /mnt/config-map/slave.cnf /mnt/conf.d/
fi
volumeMounts:
- name: conf
mountPath: /mnt/conf.d
- name: config-map
mountPath: /mnt/config-map
- name: clone-mysql
image: jstang/xtrabackup:2.3
command:
- bash
- "-c"
- |
set -ex
[[ -d /var/lib/mysql/mysql ]] && exit 0
[[ `hostname` =~ -([0-9]+)$ ]] || exit 1
ordinal=${BASH_REMATCH[1]}
[[ $ordinal -eq 0 ]] && exit 0
ncat --recv-only mysql-ss-$(($ordinal-1)).mysql-headless 3307 | xbstream -x -C /var/lib/mysql
xtrabackup --prepare --target-dir=/var/lib/mysql
volumeMounts:
- name: data
mountPath: /var/lib/mysql
subPath: mysql
- name: conf
mountPath: /etc/mysql/conf.d
containers:
- name: mysql
image: mysql:8.0.18
args: ["--default-authentication-plugin=mysql_native_password"]
env:
- name: MYSQL_ALLOW_EMPTY_PASSWORD
value: "1"
ports:
- name: mysql
containerPort: 3306
volumeMounts:
- name: data
mountPath: /var/lib/mysql
subPath: mysql
- name: conf
mountPath: /etc/mysql/conf.d
resources:
requests:
cpu: 50m
memory: 50Mi
livenessProbe:
exec:
command: ["mysqladmin", "ping"]
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
readinessProbe:
exec:
command: ["mysql", "-h", "127.0.0.1", "-e", "SELECT 1"]
initialDelaySeconds: 5
periodSeconds: 2
timeoutSeconds: 1
- name: xtrabackup
image: jstang/xtrabackup:2.3
ports:
- name: xtrabackup
containerPort: 3307
command:
- bash
- "-c"
- |
set -ex
cd /var/lib/mysql
if [[ -s xtrabackup_slave_info ]]; then
mv xtrabackup_slave_info change_master_to.sql.in
rm -f xtrabackup_binlog_info
elif [[ -f xtrabackup_binlog_info ]]; then
[[ `cat xtrabackup_binlog_info` =~ ^(.*?)[[:space:]]+(.*?)$ ]] || exit 1
rm xtrabackup_binlog_info
echo "CHANGE MASTER TO MASTER_LOG_FILE='${BASH_REMATCH[1]}', MASTER_LOG_POS=${BASH_REMATCH[2]}" > change_master_to.sql.in
fi
sleep 10s
if [[ -f change_master_to.sql.in ]]; then
echo "Waiting for mysqld to be ready (accepting connections)"
until mysql -h 127.0.0.1 -e "SELECT 1"; do sleep 1; done
echo "Initializing replication from clone position"
mv change_master_to.sql.in change_master_to.sql.orig
sed 's/\//' change_master_to.sql.orig
mysql -h 127.0.0.1 -e "source change_master_to.sql.orig; CHANGE MASTER TO MASTER_HOST='mysql-ss-0.mysql-headless', MASTER_USER='root', MASTER_PASSWORD='', MASTER_CONNECT_RETRY=10; START SLAVE;"
fi
exec ncat --listen --keep-open --send-only --max-conns=1 3307 -c "xtrabackup --backup --slave-info --stream=xbstream --host=127.0.0.1 --user=root"
volumeMounts:
- name: data
mountPath: /var/lib/mysql
subPath: mysql
- name: conf
mountPath: /etc/mysql/conf.d
resources:
requests:
cpu: 10m
memory: 10Mi
volumes:
- name: conf
emptyDir: {}
- name: config-map
configMap:
name: mysql
volumeClaimTemplates:
- metadata:
name: data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 0.1Gi
部署
kubectl apply -f mysql-sts.yaml
#查看
kubectl get pod
5、验证mysql主从是否正常
kubectl exec -it mysql-ss-1 -- bash
mysql -e "SHOW SLAVE STATUSG" | grep -E "Slave_IO_Running|Slave_SQL_Running"
登录mysql-0 新增数据,去mysql-1 查看
#数据库1
create database ui;
create table ui.user(name varchar(255));
insert into ui.user(name) values("jstang");
#数据库2
select * from ui.user;
6、ingres发布mysql (没整过,先略,下面是废话,跳过直接看三)
,
对于使用 StatefulSet 部署的 MySQL,您可以通过 Ingress 来进行访问。然而需要注意的是,由于 MySQL 使用的是 TCP 协议而不是 HTTP/HTTPS,传统的 Ingress 无法直接代理 TCP 流量。不过,Kubernetes 社区提供了一种叫做 "TCP Ingress" 的解决方案,可以用来代理 TCP 流量,包括 MySQL。
vi ingress-nginx.yaml
spec:
hostNetwork: true
containers:
- args:
- /nginx-ingress-controller
- --publish-service=$(POD_NAMESPACE)/ingress-nginx-controller
- --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services #添加
- --udp-services-configmap=$(POD_NAMESPACE)/udp-services #添加
vi tcp-services.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: tcp-services
namespace: default
data:
3306: "default/mysql-headless:3306"
kubectl apply -f tcp-services.yaml
kubectl edit service ingress-nginx-controller -n ingress-nginx
- name: tcp-service-3306
port: 3306
protocol: TCP
targetPort: 3306
#添加上述信息
selector:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: ingress-nginx
app.kubernetes.io/name: ingress-nginx
sessionAffinity: None
type: LoadBalancer
status:
loadBalancer: {}
三、 zabbix 监控
1、使用deployment部署zabbix,并使用daemonSet部署zabbix-agent
2、启动zabbix-UI页面后,选定指定的主机的物理ip才可访问(hostport + nodeSelector)
3、zabbix上可以监控上题的所有pod中的mysql(需要导入mysql监控模板)
0、准备nfs目录
mkdir -p /apps/zabbix/data
echo "/apps/zabbix/data *(insecure,rw,sync,no_root_squash)" >> /etc/exports
exportfs -r
1、部署zabbix-mysql
cd /apps/zabbix
kubectl create namespace zabbix
vi zabbix_mysql.yaml
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: zabbixdb-pv
spec:
capacity: #创建存储的大小
storage: 10Gi
volumeMode: Filesystem #存储的类型
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Recycle
nfs:
path: /apps/zabbix/data
server: 10.0.16.15 #修改
mountOptions:
- hard
- nfsvers=4.1
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: zabbixdb-pvc
namespace: zabbix
spec:
accessModes:
- ReadWriteOnce
volumeMode: Filesystem #存储类型 ,块存储Block
resources:
requests:
storage: 8Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: zabbixdb
name: zabbixdb
namespace: zabbix
spec:
replicas: 1
selector:
matchLabels:
app: zabbixdb
strategy: {}
template:
metadata:
labels:
app: zabbixdb
spec:
volumes:
- name: zabbixdb-data
persistentVolumeClaim:
claimName: zabbixdb-pvc
containers:
- image: mysql:8.0
name: mysql
ports:
- name: mysql
containerPort: 3306
protocol: TCP
volumeMounts:
- name: zabbixdb-data
mountPath: /var/lib/mysql
env:
- name: MYSQL_USER
value: 'zabbix'
- name: MYSQL_PASSWORD
value: 'zabbix'
- name: MYSQL_ROOT_PASSWORD
value: 'zabbix'
---
apiVersion: v1
kind: Service
metadata:
creationTimestamp: null
labels:
app: zabbixdb
name: zabbixdb
namespace: zabbix
spec:
clusterIP: 10.96.1.99
ports:
- name: 3306-3306
port: 3306
protocol: TCP
targetPort: 3306
selector:
app: zabbixdb
type: ClusterIP
status:
loadBalancer: {}
部署
kubectl apply -f zabbix_mysql.yaml
2、部署 zabbix-server
固定运行节点
运行
kubectl label nodes k8s-master01 zabbix-server=true
vi zabbix_server.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
creationTimestamp: null
labels:
app: zabbix-server
name: zabbix-server
namespace: zabbix
spec:
replicas: 1
selector:
matchLabels:
app: zabbix-server
strategy: {}
template:
metadata:
creationTimestamp: null
labels:
app: zabbix-server
spec:
volumes:
- name: zabbix-scripts
hostPath:
path: /usr/lib/zabbix/
- name: zabbix-file
hostPath:
path: /var/lib/zabbix
nodeSelector:
zabbix-server: "true"
initContainers:
- name: zabbix-db-init
image: zabbix/zabbix-server-mysql:6.0-ubuntu-latest
command:
- sh
- -c
- |
sleep 30
if ! mysql -u root -pzabbix -h 10.96.1.99 -P3306 --skip-column-names -e "SELECT COUNT(*) FROM information_schema.SCHEMATA WHERE SCHEMA_NAME = 'zabbix';" 2>/dev/null | grep -q '^1'; then
echo "CREATE DATABASE zabbix charset utf8 collate utf8_bin;" | mysql -u root -pzabbix -h 10.96.1.99 -P3306
sleep 1s
echo "CREATE DATABASE zabbix1 charset utf8 collate utf8_bin;" | mysql -u root -pzabbix -h 10.96.1.99 -P3306
mysql -u root -pzabbix -h 10.96.1.99 -P3306 -e "USE zabbix; GRANT ALL PRIVILEGES ON zabbix.* TO 'zabbix'@'%';";
else
if mysql -u root -pzabbix -h 10.96.1.99 -P3306 --skip-column-names -D zabbix -e "SELECT COUNT(*) FROM zabbix.users;" 2>/dev/null | grep -q '^0'; then
echo "DROP DATABASE IF EXISTS zabbix;" | mysql -u root -pzabbix -h 10.96.1.99 -P3306
sleep 1s
echo "CREATE DATABASE zabbix charset utf8 collate utf8_bin;" | mysql -u root -pzabbix -h 10.96.1.99 -P3306
sleep 1s
echo "CREATE DATABASE zabbix1 charset utf8 collate utf8_bin;" | mysql -u root -pzabbix -h 10.96.1.99 -P3306
fi
fi
if ! mysql -u root -pzabbix -h 10.96.1.99 -P3306 -e "USE zabbix; DESCRIBE users;"; then
{ zcat /usr/share/doc/zabbix-server-mysql/create.sql.gz | tee -a zcat_mysql.log; } | mysql -u root -pzabbix -h 10.96.1.99 -P3306 zabbix >> zcat_mysql.log
fi #初次自动导入sql包到数据库的时候是有问题的,需要删除表后重新导入
containers:
- image: zabbix/zabbix-server-mysql:6.0-ubuntu-latest
name: zabbix-server-mysql
env:
- name: DB_SERVER_HOST
value: zabbixdb.zabbix.svc.cluster.local
- name: MYSQL_USER
value: zabbix
- name: MYSQL_PASSWORD
value: zabbix
resources: {}
ports:
- containerPort: 10051
hostPort: 10051
status: {}
---
apiVersion: v1
kind: Service
metadata:
creationTimestamp: null
labels:
app: zabbix-server
name: zabbix-server
namespace: zabbix
spec:
ports:
- name: 10051-10051
port: 10051
protocol: TCP
targetPort: 10051
selector:
app: zabbix-server
type: ClusterIP
status:
loadBalancer: {}
部署
kubectl apply -f zabbix_server.yaml
kubectl -n zabbix get pod
检查数据库是否有用户
kubectl -n zabbix exec -it zabbixdb-5949d4d487-ld58v bash
mysql -uroot -pzabbix
select * from zabbix.users;
3、部署zabbix-web
vi zabbix_web.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
creationTimestamp: null
labels:
app: zabbix-web
name: zabbix-web
namespace: zabbix
spec:
replicas: 1
selector:
matchLabels:
app: zabbix-web
strategy: {}
template:
metadata:
creationTimestamp: null
labels:
app: zabbix-web
spec:
containers:
- image: zabbix/zabbix-web-nginx-mysql:6.0-ubuntu-latest
name: zabbix-web-nginx-mysql
env:
- name: DB_SERVER_HOST
value: zabbixdb.zabbix.svc.cluster.local
- name: MYSQL_USER
value: zabbix
- name: MYSQL_PASSWORD
value: zabbix
- name: ZBX_SERVER_HOST
value: 10.0.16.15
- name: PHP_TZ
value: Asia/shanghai
resources: {}
status: {}
---
apiVersion: v1
kind: Service
metadata:
creationTimestamp: null
labels:
app: zabbix-web
name: zabbix-web
namespace: zabbix
spec:
ports:
- name: 8080-8080
port: 8080
protocol: TCP
targetPort: 8080
nodePort: 30011
selector:
app: zabbix-web
type: NodePort
status:
loadBalancer: {}
部署
kubectl apply -f zabbix_web.yaml
4、部署zabbix-agent
vi zabbix_agent.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
labels:
app: zabbix-agent
name: zabbix-agent
namespace: zabbix
spec:
selector:
matchLabels:
app: zabbix-agent
template:
metadata:
creationTimestamp: null
labels:
app: zabbix-agent
spec:
hostNetwork: true
containers:
- image: zabbix/zabbix-agent:6.0-ubuntu-latest
name: zabbix-agent
env:
- name: ZBX_SERVER_HOST
value: 10.0.16.15
resources: {}
部署
kubectl apply -f zabbix_agent.yaml
5、访问zabbix-ui
http://101.43.156.78:30011 #nodeport暴露端口
账号 Admin #首字母大写
密码 zabbix
6、导入mysql模板监控
略
四、部署DNS
1、使用Deployment创建两个Pod,一个Pod为DNS主服务器,另一个Pod为DNS从服务器
2、DNS子域可以解析域名第一题中的ingress地址
3、单独创建一个pod,指定dns为dns从服务器,并且访问第一题中的域名要正常打开
略,有空在看