Try K3S
试玩一下 K3S ,弄一个简单而且不用怎么配置的 Web 应用 neosmemo/memos 玩一下,并且以先能跑起来位目标(
这个应用我原本是塞在 docker 里面的。这是我原本的 docker-compose.yml.
services:
memos:
image: neosmemo/memos:stable
container_name: memos
volumes:
- "./memos/:/var/opt/memos"
labels:
- "traefik.http.routers.memos.rule=Host(`memos.example.com`)"
- "traefik.http.routers.memos.tls=true"
- "traefik.http.routers.memos.entrypoints=https"
- "traefik.http.services.memos.loadbalancer.server.port=5230"
restart: unless-stopped
logging:
driver: "json-file"
options:
max-size: "1m"
deploy:
resources:
limits:
cpus: "1"
memory: 128m
networks:
traefik_proxy:
networks:
traefik_proxy:
external: true
这个编排文件里,主要是做了这么几个东西:
- 分配了 CPU 和内存资源
- 挂了一个卷到容器的
/var/opt/memos里面 - Traefik 当做反向代理,让我可以在公网上访问这个服务
要将这个转换成 K8S 的东西,就看看这几样东西是对应 K8S 的哪几样东西。
- CPU和内存资源 –> Pod / Deployment
- 挂载卷 –> Persistent Volume 及 Persistent Volume Claim
- Traefik反向代理 –> Services 及 Ingress
有了大概的思路之后就可以开始把官网的示例配置直接复制下来改编写配置文件了
首先是 Persistent Volume Claim 。
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: memos-pvc
spec:
accessModes:
- ReadWriteOnce
storageClassName: local-path
resources:
requests:
storage: 5Gi
然后是 Deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: memos
spec:
selector:
matchLabels:
app: memos
replicas: 1 # 因为只是单机部署,所以副本数量是1
template:
metadata:
labels:
app: memos
spec:
containers:
- name: memos
image: neosmemo/memos:stable
imagePullPolicy: IfNotPresent
args:
- "--port"
- "5230"
ports:
- containerPort: 5230 # 暴露5230端口
volumeMounts: # 指定 PV 挂载路径
- name: memos-data
mountPath: /var/opt/memos
volumes: # 要使用哪个 pvc
- name: memos-data
persistentVolumeClaim:
claimName: memos-pvc
然后是 Service
按照 k8s 文档的说法,
每个 pod 都有自己独立的 IP 地址。而当你用 deployment 来部署应用的时候,在后方实际干活的 pod 是会被自动创建或者销毁的。因此你不可能亲自来管理他们的网络映射关系。
Service 就是替我们干这个累活的东西。
apiVersion: v1
kind: Service
metadata:
name: memos
spec:
selector:
app: memos
ports: # 告诉 k8s 这个应用是开在 5230/tcp 上面的
- protocol: TCP
port: 5230
最后是Ingress,能帮你自动创建反向代理并套上SSL
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: memos
spec:
ingressClassName: traefik
rules:
- http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: memos
port:
number: 5230
最后可以把这些 yaml 文件都复制到一个文件夹里面 kubectl apply 一下。
root@debian:~# ls memos/
memos-deployment.yml memos-ingeress.yml memos-pvc.yml memos-service.yml
root@debian:~# kubectl apply -f memos/
deployment.apps/memos created
ingress.networking.k8s.io/memos created
persistentvolumeclaim/memos-pvc created
service/memos created
看到很多 created 就代表 OK 了!
还可以各种 kubectl get 看看东西是不是都是 up 或者 running 了的。
root@debian:~# kubectl get deployment
NAME READY UP-TO-DATE AVAILABLE AGE
memos 1/1 1 1 96s
root@debian:~# kubectl get pods
NAME READY STATUS RESTARTS AGE
memos-5f4757bd75-sfkw7 1/1 Running 0 99s
root@debian:~# kubectl get pvc
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS VOLUMEATTRIBUTESCLASS AGE
memos-pvc Bound pvc-1f2c69fb-ed80-4f7c-9648-8d481e13d942 5Gi RWO local-path <unset> 102s
root@debian:~# kubectl get pv
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS VOLUMEATTRIBUTESCLASS REASON AGE
pvc-1f2c69fb-ed80-4f7c-9648-8d481e13d942 5Gi RWO Delete Bound default/memos-pvc local-path <unset> 102s
root@debian:~# kubectl get service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.43.0.1 <none> 443/TCP 24h
memos ClusterIP 10.43.215.176 <none> 5230/TCP 109s
root@debian:~# kubectl get ingress
NAME CLASS HOSTS ADDRESS PORTS AGE
memos traefik * 192.168.80.137 80 111s