K8S

admin 发布于 14 天前 7 次阅读

基于现在这套集群来做:

  • 172.16.11.142:k8s-master
  • 172.16.11.145:k8s-worker1
  • 172.16.11.146:k8s-worker2

这套方案我按“能跑起来、方便先上线验证”的思路写,默认:

  • MariaDB 和 WordPress 都先跑 1 副本
  • 数据先落在 k8s-worker1 本地磁盘
  • 对外通过 NodePort 暴露
  • 适合测试、内网、演示环境

1. 先确认集群正常

在 172.16.11.142 上执行:

kubectl get nodes -o wide kubectl get pods -A -o wide

你应该看到 3 个节点都是 Ready。

2. 在 k8s-worker1 上准备 WordPress 数据目录

先登录 172.16.11.145,执行:

sudo mkdir -p /data/k8s/wordpress/mysql sudo mkdir -p /data/k8s/wordpress/html sudo chmod -R 777 /data/k8s/wordpress

这里我直接用 777,目的是先避免权限问题,保证你先把 WordPress 跑起来。

3. 创建命名空间

回到 172.16.11.142,执行:

kubectl create namespace wordpress

4. 创建数据库密码 Secret

在 172.16.11.142 上执行:

cat > wordpress-secret.yaml <<'EOF' apiVersion: v1 kind: Secret metadata: name: wordpress-secret namespace: wordpress type: Opaque stringData: mariadb-root-password: root123456 mariadb-password: wp123456 EOF

应用:

kubectl apply -f wordpress-secret.yaml

5. 创建本地持久卷 PV 和 PVC

在 172.16.11.142 上执行:

cat > wordpress-storage.yaml <<'EOF' apiVersion: v1 kind: PersistentVolume metadata: name: wp-mariadb-pv labels: app: wordpress volume: mariadb-data spec: capacity: storage: 20Gi accessModes: - ReadWriteOnce persistentVolumeReclaimPolicy: Retain local: path: /data/k8s/wordpress/mysql nodeAffinity: required: nodeSelectorTerms: - matchExpressions: - key: kubernetes.io/hostname operator: In values: - k8s-worker1 --- apiVersion: v1 kind: PersistentVolume metadata: name: wp-html-pv labels: app: wordpress volume: wordpress-data spec: capacity: storage: 20Gi accessModes: - ReadWriteOnce persistentVolumeReclaimPolicy: Retain local: path: /data/k8s/wordpress/html nodeAffinity: required: nodeSelectorTerms: - matchExpressions: - key: kubernetes.io/hostname operator: In values: - k8s-worker1 --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: mariadb-pvc namespace: wordpress spec: accessModes: - ReadWriteOnce resources: requests: storage: 20Gi selector: matchLabels: app: wordpress volume: mariadb-data --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: wordpress-pvc namespace: wordpress spec: accessModes: - ReadWriteOnce resources: requests: storage: 20Gi selector: matchLabels: app: wordpress volume: wordpress-data EOF

应用:

kubectl apply -f wordpress-storage.yaml

检查:

kubectl get pv kubectl get pvc -n wordpress

你应该看到两个 PVC 都是 Bound。

6. 部署 MariaDB

在 172.16.11.142 上执行:

cat > wordpress-mariadb.yaml <<'EOF' apiVersion: apps/v1 kind: Deployment metadata: name: mariadb namespace: wordpress spec: replicas: 1 selector: matchLabels: app: mariadb template: metadata: labels: app: mariadb spec: nodeSelector: kubernetes.io/hostname: k8s-worker1 containers: - name: mariadb image: mariadb:11.4 ports: - containerPort: 3306 env: - name: MARIADB_ROOT_PASSWORD valueFrom: secretKeyRef: name: wordpress-secret key: mariadb-root-password - name: MARIADB_DATABASE value: wordpress - name: MARIADB_USER value: wpuser - name: MARIADB_PASSWORD valueFrom: secretKeyRef: name: wordpress-secret key: mariadb-password volumeMounts: - name: mariadb-data mountPath: /var/lib/mysql volumes: - name: mariadb-data persistentVolumeClaim: claimName: mariadb-pvc --- apiVersion: v1 kind: Service metadata: name: mariadb namespace: wordpress spec: selector: app: mariadb ports: - port: 3306 targetPort: 3306 EOF

应用:

kubectl apply -f wordpress-mariadb.yaml

等待数据库起来:

kubectl rollout status deployment/mariadb -n wordpress kubectl get pods -n wordpress -o wide

7. 部署 WordPress

在 172.16.11.142 上执行:

cat > wordpress-app.yaml <<'EOF' apiVersion: apps/v1 kind: Deployment metadata: name: wordpress namespace: wordpress spec: replicas: 1 selector: matchLabels: app: wordpress template: metadata: labels: app: wordpress spec: nodeSelector: kubernetes.io/hostname: k8s-worker1 containers: - name: wordpress image: wordpress:php8.2-apache ports: - containerPort: 80 env: - name: WORDPRESS_DB_HOST value: mariadb - name: WORDPRESS_DB_NAME value: wordpress - name: WORDPRESS_DB_USER value: wpuser - name: WORDPRESS_DB_PASSWORD valueFrom: secretKeyRef: name: wordpress-secret key: mariadb-password volumeMounts: - name: wordpress-data mountPath: /var/www/html volumes: - name: wordpress-data persistentVolumeClaim: claimName: wordpress-pvc --- apiVersion: v1 kind: Service metadata: name: wordpress namespace: wordpress spec: type: NodePort selector: app: wordpress ports: - port: 80 targetPort: 80 nodePort: 30080 EOF

应用:

kubectl apply -f wordpress-app.yaml

等待起来:

kubectl rollout status deployment/wordpress -n wordpress kubectl get pods -n wordpress -o wide kubectl get svc -n wordpress

8. 访问

现在可以直接访问:

http://172.16.11.142:30080

也可以试:

http://172.16.11.145:30080 http://172.16.11.146:30080

如果节点防火墙没拦,NodePort 在 3 个节点 IP 上都能通。

9. 检查 WordPress 是否真的正常

在 172.16.11.142 上执行:

kubectl get all -n wordpress kubectl get pv kubectl get pvc -n wordpress

正常状态应该是:

  • mariadb Pod:Running
  • wordpress Pod:Running
  • mariadb-pvc:Bound
  • wordpress-pvc:Bound
  • wordpress Service:NodePort

10. 常见排查命令

如果 WordPress Pod 启不来:

kubectl describe pod -n wordpress -l app=wordpress kubectl logs -n wordpress -l app=wordpress

如果 MariaDB Pod 启不来:

kubectl describe pod -n wordpress -l app=mariadb kubectl logs -n wordpress -l app=mariadb

如果服务不通:

kubectl get svc -n wordpress kubectl get pods -n wordpress -o wide kubectl get nodes -o wide

11. 删除整套

如果你要重装,执行:

kubectl delete -f wordpress-app.yaml kubectl delete -f wordpress-mariadb.yaml kubectl delete -f wordpress-storage.yaml kubectl delete -f wordpress-secret.yaml kubectl delete namespace wordpress

注意:
PV 用的是 Retain,所以删掉后,/data/k8s/wordpress/mysql 和 /data/k8s/wordpress/html 里的数据还在。

如果你要连数据一起删,再到 172.16.11.145 上执行:

sudo rm -rf /data/k8s/wordpress/mysql/* sudo rm -rf /data/k8s/wordpress/html/*

12. 这套方案的特点

这套 WordPress 方案的特点是:

  • 能直接跑起来
  • 步骤简单
  • 适合先验证业务
  • 数据持久化到了 k8s-worker1
  • 但不是高可用
  • 如果 k8s-worker1 挂了,WordPress 和数据库都会受影响

此作者没有提供个人介绍。
最后更新于 2026-04-22