StorageClass:
kubernetes.io/no-provisioner, что означает, что управление хранилищем будет выполняться вручную, и вам нужно заранее создать директории на узлах, как будет указано в PV (PersistentVolume).
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: local-storage
provisioner: kubernetes.io/no-provisioner
volumeBindingMode: WaitForFirstConsumer
PersistentVolume (PV) и PersistentVolumeClaim (PVC):
apiVersion: v1
kind: PersistentVolume
metadata:
name: mysql-pv
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteOnce
storageClassName: local-storage
hostPath:
path: /mnt/k8s/mysql-data #Убедитесь, что эта директория существует на узлах
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: joomla-pv
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteOnce
storageClassName: local-storage
hostPath:
path: /mnt/k8s/joomla-data
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: mysql-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi #Не должен привышать capasity в PV
storageClassName: local-storage
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: joomla-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
storageClassName: local-storage
Secrets:
Cекреты для хранения чувствительных данных, таких как пароли для базы данных MySQL и Joomla.
apiVersion: v1
data:
.dockerconfigjson: <base64>
kind: Secret
metadata:
name: gldr-secrets
type: kubernetes.io/dockerconfigjson
---
apiVersion: v1
kind: Secret
metadata:
name: mysql-secrets
type: Opaque
data:
mysql-root-password: <base64>
mysql-user: <base64>
mysql-password: <base64>
---
apiVersion: v1
kind: Secret
metadata:
name: joomla-secrets
type: Opaque
data:
JOOMLA_DB_PASSWORD: <base64>
JOOMLA_DB_USER: <base64>
Deployments && Services:
apiVersion: apps/v1
kind: Deployment
metadata:
name: mysql
labels:
app: mysql
spec:
replicas: 1
selector:
matchLabels:
app: mysql
template:
metadata:
labels:
app: mysql
spec:
containers:
- name: mysql
image: registry.devopz.space/kowalski/devopz/mysql:5.7
resources:
limits:
cpu: "100m"
memory: "100Mi"
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-secrets
key: mysql-root-password
- name: MYSQL_DATABASE
value: jdb
- name: MYSQL_USER
valueFrom:
secretKeyRef:
name: mysql-secrets
key: mysql-user
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-secrets
key: mysql-password
ports:
- containerPort: 3306
volumeMounts:
- name: mysql-persistent-storage
mountPath: /var/lib/mysql
imagePullSecrets:
- name: gldr-secrets
volumes:
- name: mysql-persistent-storage
persistentVolumeClaim:
claimName: mysql-pvc
---
apiVersion: v1
kind: Service
metadata:
name: mysql
spec:
selector:
app: mysql
ports:
- protocol: TCP
port: 3306
targetPort: 3306
clusterIP: None
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: joomla
spec:
replicas: 1
selector:
matchLabels:
app: joomla
template:
metadata:
annotations:
rollme: "now" #Перезапускать Pod при изменении конфигурации
labels:
app: joomla
spec:
containers:
- name: joomla
image: registry.devopz.space/kowalski/devopz/joomla:3.10.11-php7.4-apache
resources:
limits:
cpu: "100m"
memory: "100Mi"
env:
- name: JOOMLA_DB_HOST
value: mysql
- name: JOOMLA_DB_USER
valueFrom:
secretKeyRef:
name: joomla-secrets
key: JOOMLA_DB_USER
- name: JOOMLA_DB_PASSWORD
valueFrom:
secretKeyRef:
name: joomla-secrets
key: JOOMLA_DB_PASSWORD
- name: JOOMLA_DB_NAME
value: jdb
ports:
- containerPort: 80
imagePullSecrets:
- name: gldr-secrets
volumes:
- name: joomla-persistent-storage
persistentVolumeClaim:
claimName: joomla-pvc
---
apiVersion: v1
kind: Service
metadata:
name: joomla
spec:
selector:
app: joomla
ports:
- protocol: TCP
port: 80
targetPort: 80
type: NodePort
