前置环境
K8S v1.27.3,单节点 control plane,三节点 worker。
已经按照 https://doraemonext.com/archives/382.html 文档完成了 cephfs 安装。
安装 MySQL
helm repo add bitnami https://charts.bitnami.com/bitnami
helm pull bitnami/mysql --version 9.10.9
tar zvxf mysql-9.10.9.tgz
之后本地会解压出来 mysql 目录。编辑其中的 values.yaml 文件:
- architecture: replication
- auth.rootPassword (自行修改)
- auth.database (自行修改)
- auth.username (自行修改)
- auth.password (自行修改)
- auth.replicationPassword (自行修改)
- primary.persistence.size (自行修改)
- secondary.persistence.size (自行修改)
- secondary.replicas (自行修改,副本数)
之后执行安装命令:
helm install mysql-cluster mysql
等待 kubectl get pods | grep mysql 中的几个 Pod 拉起完毕。
安装 phpMyAdmin
helm pull bitnami/phpmyadmin --version 11.1.6
tar zvxf phpmyadmin-11.1.6.tgz
如果需要修改 phpmyadmin/values.yaml 文件,自行更新。之后安装:
helm install phpmyadmin phpmyadmin
配置 Istio Ingress
从上到下分别是证书申请,Istio 网关配置,Istio 虚拟服务配置。
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: p-doraemonext-net-cert-prod
namespace: istio-system
spec:
dnsNames:
- p.doraemonext.net
duration: 2160h0m0s
issuerRef:
group: cert-manager.io
kind: ClusterIssuer
name: letsencrypt
privateKey:
algorithm: RSA
encoding: PKCS1
size: 2048
renewBefore: 360h0m0s
secretName: p-doraemonext-net-cert-prod
usages:
- server auth
- client auth
---
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: phpmyadmin-gateway
namespace: istio-system
spec:
selector:
istio: ingressgateway
servers:
- port:
number: 80
name: http
protocol: HTTP
hosts:
- "p.doraemonext.net"
- port:
number: 443
name: https
protocol: HTTPS
tls:
mode: SIMPLE
credentialName: p-doraemonext-net-cert-prod
hosts:
- "p.doraemonext.net"
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: phpmyadmin-vs
namespace: istio-system
spec:
hosts:
- "p.doraemonext.net"
gateways:
- phpmyadmin-gateway
http:
- match:
- port: 80
redirect:
authority: "p.doraemonext.net:443"
- match:
- port: 443
route:
- destination:
host: phpmyadmin.default.svc.cluster.local
port:
number: 80
之后就可以通过 p.doraemonext.net 来访问和测试刚才产出的 MySQL 了:
