上篇博文,发布之后,正好跟着双十一,不知道大家剁手了没~~。好啦,言归正传先声明一下,每周1,3,5更新教程,大家如果想要了解更多的教程可以重温一下之前的教程或者,关注崔格拉斯 公众号,大家想要源码的可以私信我~
每日解析(11.9 每日一题解析)
昨天的教程中留下了一个问题:如何实现数据持久化,确保django project和数据库文件不随pod的销毁而销毁。
解析:
在上一篇教程中,我们已经使用了emptyDir 数据卷。这种数据卷对于当个容器来说是持久的,但是对于Pod来说并不是持久的。当我们删除Pod资源的时候,emptyDir数据卷的内容也会被删除~~。简而言之,emptyDir和Pod的生命周期是绑定的,Pod还在数据卷就不会消失。所以,如果我们的数据持久化,只做到和Pod周期一致,那就不需要进行重新设计啦。当然显然在生产环境中,我们有些数据是需要数据是一致持久存在的,即使是Pod销毁了,数据卷的数据也不可以丢失,这个时候,就要使用共享存储,来实现数据持久化。
kubernetes 提供了数据持久化的方案,我在之前的kubernetes-从入门到弃坑-8中也介绍了PV和PVC。这里我们继续使用NFS 创建pv(外部存储系统中的一块存储空间),pvc(对pv资源的申请)。然后在django_deployment.yaml和mysql_deployment.yaml中设置使用NFS PV。
NFS 服务器
想法再好,也要落地,第一步就是搭建好NFS服务器,有了NFS服务,我们再去考虑其他的事情~~
nfs_install.sh
1234567891011121314151617181920 |
yum -y install nfs-utils rpcbindsystemctl start rpcbind.servicesystemctl enable rpcbind.servicesystemctl start nfs.servicesystemctl enable nfs.servicerpcinfo -p localhostps -ef|egrep "rpc|nfs"mkdir -p /nfs-sharechmod a+w /nfs-shareecho "/nfs-share 172.16.0.0/16(rw,async,no_root_squash)" >> /etc/exportsmkdir -p /mysql-sharechmod a+w /mysql-shareecho "/mysql-share 172.16.0.0/16(rw,async,no_root_squash)" >> /etc/exportsmkdir -p /django-sharechmod a+w /django-shareecho "/django-share 172.16.0.0/16(rw,async,no_root_squash)" >> /etc/exportssystemctl restart nfs.serviceshowmount -efirewall-cmd --permanent --zone=public --add-port=2049/tcp --add-port=111/tcp --add-port=111/udp --add-port=4046/udpfirewall-cmd --reload |
安装其实很简单,值得注意的是在使用yum安装完nfs服务之后,我们要根据自己的使用情况,设置nfs共享目录,并且打开防火墙的相关端口,确保其他主机也可以访问~~
确保你的NFS服务已经将这三个文件夹共享出去之后,我们再执行接下来的操作~~
重新制作镜像
重新制作镜像是因为,我们要把开机启动脚本统一放入/start_script目录下,然后便于统一修正管理
mysql/Dockerfile
12345 |
FROM centos7:mysql5.7MAINTAINER from cglsRUN chmod +755 /etc/rc.d/rc.local && echo "/start_script/mysql_init.sh" >> /etc/rc.d/rc.localCMD ["/usr/sbin/init"] |
1 |
docker build -t centos7:mysql3 . |
django/Dockerfile
12345678 |
FROM centos7:django2.02MAINTAINER from cglsRUN yum -y install git && git config --global user.name cuigelasi && git config --global user.email [email protected] && chmod +755 /etc/rc.d/rc.local && echo "/start_script/django_init.sh" >> /etc/rc.d/rc.localCMD ["/usr/sbin/init"] |
1 |
docker build -t centos7:django3 . |
创建PV / PVC
存放初始化脚本的pv/pvc
nfs_pv_init.yaml
1234567891011121314 |
apiVersion: v1kind: PersistentVolumemetadata: name: mypv1spec: capacity: storage: 1Gi accessModes: - ReadWriteOnce persistentVolumeReclaimPolicy: Recycle storageClassName: mynfs nfs: path: /nfs-share server: 172.16.2.237 |
nfs_pvc_init.yml
1234567891011 |
apiVersion: v1kind: PersistentVolumeClaimmetadata: name: mypvc1spec: accessModes: - ReadWriteOnce resources: requests: storage: 1Gi storageClassName: mynfs |
存放mysql数据的pv/pvc
nfs_pv_mysql.yaml
1234567891011121314 |
apiVersion: v1kind: PersistentVolumemetadata: name: mysqlpvspec: capacity: storage: 1Gi accessModes: - ReadWriteOnce persistentVolumeReclaimPolicy: Recycle storageClassName: mysqlnfs nfs: path: /mysql-share server: 172.16.2.237 |
nfs_pvc_mysql.yml
1234567891011 |
apiVersion: v1kind: PersistentVolumeClaimmetadata: name: mysqlpvcspec: accessModes: - ReadWriteOnce resources: requests: storage: 1Gi storageClassName: mysqlnfs |
存放django数据的pv/pvc
nfs_pv_django.yaml
1234567891011121314 |
apiVersion: v1kind: PersistentVolumemetadata: name: djangopvspec: capacity: storage: 1Gi accessModes: - ReadWriteOnce persistentVolumeReclaimPolicy: Recycle storageClassName: djangonfs nfs: path: /django-share server: 172.16.2.237 |
nfs_pvc_django.yml
1234567891011 |
apiVersion: v1kind: PersistentVolumeClaimmetadata: name: djangopvcspec: accessModes: - ReadWriteOnce resources: requests: storage: 1Gi storageClassName: djangonfs |
12345678 |
kubectl apply -f nfs_pv_init.yamlkubectl apply -f nfs_pvc_init.yamlkubectl apply -f nfs_pv_mysql.yamlkubectl apply -f nfs_pvc_mysql.yamlkubectl apply -f nfs_pv_django.yamlkubectl apply -f nfs_pvc_django.yamlkubectl get pvkubectl get pvc |
创建deployment和service资源
仔细阅读下面的代码,看看你能不能找出和上一个版本的差别在哪?
django_deploy.yaml
123456789101112131415161718192021222324252627282930313233 大专栏 K8S实战-构建Django项目-03-使用共享存储343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173 |
apiVersion: extensions/v1beta1kind: Deploymentmetadata: labels: app: mysql name: mysqlspec: replicas: 1 selector: matchLabels: app: mysql template: metadata: labels: app: mysql spec: initContainers: - name: mysql-init image: busybox imagePullPolicy: IfNotPresent command: - sh - "-c" - | set -ex cat > /start_script/mysql_init.sh <<EOF #!/bin/bash sed -i "/log-error/iskip-grant-tables" /etc/my.cnf systemctl restart mysqld sleep 50 mysql -uroot -p123qwe -e "CREATE DATABASE polls DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;" mysql -uroot -p123qwe -e "use mysql;" mysql -uroot -p123qwe -e "grant all privileges on *.* to [email protected]'%' identified by "123qwe";" mysql -uroot -p123qwe -e "flush privileges;" systemctl restart mysqld EOF chmod +x /start_script/mysql_init.sh volumeMounts: - name: mysql-initdb mountPath: /start_script volumes: - name: mysql-initdb persistentVolumeClaim: claimName: mypvc1 - name: mysql-data persistentVolumeClaim: claimName: mysqlpvc containers: - image: centos7:mysql3 name: mysql imagePullPolicy: IfNotPresent env: - name: MYSQL_ROOT_PASSWORD value: 123qwe readinessProbe: exec: command: - /bin/sh - "-c" - MYSQL_PWD="${MYSQL_ROOT_PASSWORD}" - mysql -h 127.0.0.1 -u root -p $MYSQL_PWD -e "SELECT 1" initialDelaySeconds: 10 timeoutSeconds: 1 successThreshold: 1 failureThreshold: 3 periodSeconds: 5 volumeMounts: - name: mysql-initdb mountPath: /start_script - name: mysql-data mountPath: /raiddisk apiVersion: v1kind: Servicemetadata: name: mysql-svcspec: selector: app: mysql clusterIP: 10.101.1.1 ports: - protocol: TCP port: 3306 targetPort: 3306 apiVersion: extensions/v1beta1kind: Deploymentmetadata: labels: app: django name: djangospec: replicas: 1 selector: matchLabels: app: django template: metadata: labels: app: django spec: initContainers: - name: django-init image: busybox imagePullPolicy: IfNotPresent command: - sh - "-c" - | set -ex cat > /start_script/django_init.sh <<EOF #!/bin/bash mkdir /root/django cd /root/django git clone https://github.com/cuigelasi/learn_django.git cd /root/django/learn_django git checkout -t origin/polls sed -i "s/172.10.1.2/10.101.1.1/" learn_django/settings.py sleep 60 python manage.py makemigrations python manage.py migrate echo "from django.contrib.auth.models import User; User.objects.create_superuser('admin', '[email protected]', '123qwe')" | python manage.py shell python manage.py runserver 0.0.0.0:8000 EOF chmod +x /start_script/django_init.sh volumeMounts: - name: django-initdb mountPath: /start_script containers: - image: centos7:django3 name: django volumeMounts: - name: django-initdb mountPath: /start_script readinessProbe: exec: command: - cat - /root/django/learn_django/learn_django/settings.py initialDelaySeconds: 10 periodSeconds: 5 nodeSelector: disktype: xfs volumes: - name: django-initdb persistentVolumeClaim: claimName: mypvc1 - name: django-data persistentVolumeClaim: claimName: djangopvc apiVersion: v1kind: Servicemetadata: name: django-svcspec: type: NodePort selector: app: django clusterIP: 10.101.1.2 ports: - protocol: TCP nodePort: 30008 port: 8000 targetPort: 8000 |
好了,不卖关子了,和上个版本的区别有两处,一处是使用的数据卷是PVC,另一处是mysql初始化的时候解决了数据库不能登陆的bug,添加了skip-grant-tables参数。
运行脚本后,我们在浏览器上再去访问看看~~
一切正常,完美解决。
每日一题
问题一:如何实现敏感数据加密?
问题二:如何从版本二升级到版本三?并且可以回滚到版本二?
大家可以好好想想解决方案,下次我将给出一个方案给大家参考~
原文地址:https://www.cnblogs.com/lijianming180/p/12262492.html