k8s 部署nginx前端

1.构建docker镜像，k8s拉取镜像运行

​​​​​​​docker自己安装

[root@master1 ~]# docker pull nginx:1.24.0
[root@master1 ~]# mkdir k8s-nginx
[root@master1 ~]# cd k8s-nginx

[root@master1 k8s-nginx]# vim nginx.conf

    server_tokens off;
    server {
        listen       8010; #web访问端口
        server_name  localhost;
            
        keepalive_timeout  65;
        proxy_connect_timeout 300;
        proxy_send_timeout 300;
        proxy_read_timeout 300;
                
        location / {
            root /etc/nginx/dist;   #web代码路径
            index  index.html index.htm;
        }

        #后端代码接口配置
        #location /api {
        #    proxy_pass http://127.0.0.1:8001;
        #    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        #}

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

    }

[root@master1 k8s-nginx]# mkdir dist #这个dist是前端包目录，我这里只做个测试
[root@master1 k8s-nginx]# cd dist
[root@master1 dist]# vim index.html
this is a test!

写Dockerfile：

[root@master1 k8s-nginx]# vim Dockerfile

FROM nginx:1.24.0

COPY nginx.conf /etc/nginx/conf.d/web.conf

COPY dist /etc/nginx/dist

构建镜像：

[root@master1 k8s-nginx]# docker build -t nginx:v1 .

Sending build context to Docker daemon  5.12 kB
Step 1/3 : FROM nginx:1.24.0
 ---> 6b753f58c54e
Step 2/3 : COPY nginx.conf /etc/nginx/conf.d/web.conf
 ---> Using cache
 ---> c67c98f8e802
Step 3/3 : COPY dist /etc/nginx/dist
 ---> 546db553f62a
Removing intermediate container d9a8e88cb4da
Successfully built 546db553f62a

将镜像上传到镜像仓库，我这里是上传到阿里云的镜像仓库
仓库地址:
https://cr.console.aliyun.com/cn-zhangjiakou/instance/credentials

登录镜像仓库：
docker login --username=asula registry.cn-zhangjiakou.aliyuncs.com

推送镜像：
docker tag nginx:v1 registry.cn-zhangjiakou.aliyuncs.com/ymku/nginx:v1
docker push registry.cn-zhangjiakou.aliyuncs.com/ymku/nginx:v1

k8s拉取私有仓库需要登录，有时候不可能为每个k8s节点登录
我们就需要为创建k8s集群的secret，设置秘钥配置imagePullSecrets
1.创建secret

kubectl create secret docker-registry secret名 --docker-server=仓库地址 --docker-username=用户名 --docker-password=密码 

例如：

kubectl create secret docker-registry secret-key --docker-server=registry.cn-zhangjiakou.aliyuncs.com --docker-username=ABCD --docker-password=QWER!@

--docker-server=registry.cn-zhangjiakou.aliyuncs.com  #阿里云仓库地址
--docker-username=ABCD  #阿里云仓库登录的用户名
--docker-password=QWER!@#$ #阿里云仓库的登录密码

2.删除secret

kubectl delete secret secret-key 

编写k8s的yaml文件：

[root@master1 k8s-nginx]# vim nginx-test.yaml

apiVersion: v1
kind: Service
metadata:
  labels:
    app: nginx-servie
  name: nginx-service
  namespace: default
spec:
  ports:
    #对外暴露端口30003
  - nodePort: 30003
    port: 8010
    protocol: TCP
    targetPort: 8010
  selector:
    app: nginx-web
  #NodePort对外暴露端口
  type: NodePort
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: nginx-web
  name: nginx-web
  namespace: default
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx-web
  template:
    metadata:
      labels:
        app: nginx-web
      namespace: default
    spec:
      imagePullSecrets:
      - name: secret-key
      containers:
      - image: registry.cn-zhangjiakou.aliyuncs.com/ymku/nginx:v1
        name: nginx
        imagePullPolicy: Always
        ports:
        - containerPort: 80
        resources:
          requests:
            cpu: 100m
            memory: 1Gi
          limits:
            cpu: 100m
            memory: 1Gi

[root@master1 k8s-nginx]# kubectl apply -f nginx-test.yaml 
service/nginx-service configured
deployment.apps/nginx-web created
[root@master1 k8s-nginx]# kubectl get pod
NAME                        READY   STATUS    RESTARTS   AGE
nginx-web-9f5fbbb7b-bjwvg   1/1     Running   0          3s

**验证：**http://10.10.10.10:30003/index.html