Appearance
搭载blog之安装halo(三)
要求:安装halo博客,并配置域名可访问 一. 安装nfs-provisioner 二. 安装halo 三. 配置Ingress
一、安装nfs-provisioner
- 首先安装helm
$ curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
- 安装nfs-provisioner 我在这里使用helm安装nfs
$ helm repo add stable http://mirror.azure.cn/kubernetes/charts/
"stable" has been added to your repositories
2.本地搜索库
$ helm search repo nfs-client-provisioner
3.安装
$ helm install nfs-storage stable/nfs-client-provisioner \
--set nfs.server=10.0.8.15 \
--set nfs.path=/nfs_dir \
--set storageClass.name=nfs-storage \
--set storageClass.defaultClass=true
helm install nfs-subdir-external-provisioner nfs-subdir-external-provisioner/nfs-subdir-external-provisioner \
--set nfs.server=x.x.x.x \
--set nfs.path=/nfs_dir \
--set storageClass.name=nfs-storage \
--set storageClass.defaultClass=true
注意:
nfs.server:nfs服务地址 可ifconfig 查看eth0 的ip
nfs.path:nfs根目录
storageClass.name:存储类名称
storageClass.defaultClass:设为默认存储类
也可使用新版本的nfs
sudo helm repo add nfs-subdir-external-provisioner https://kubernetes-sigs.github.io/nfs-subdir-external-provisioner/
helm install nfs-storage nfs-subdir-external-provisioner/nfs-subdir-external-provisioner \
--set nfs.server=x.x.x.x \
--set nfs.path=/nfs_dir \
--set image.repository=registry.cn-qingdao.aliyuncs.com/jameswu-hub/nfs-subdir-external-provisioner \
--set image.tag=v4.0.2 \
--set storageClass.name=nfs-storage
4.报错1 mount.nfs: requested NFS version or transport protocol is not supported
解决:安装nfs-kernel-server
apt install nfs-kernel-server
报错2 Output: mount.nfs: access denied by server while mounting 10.0.8.15:/nfs_dir
3.创建共享目录
sudo mkdir -p /nfs_dir
4.修改权限
sudo chown nobody:nogroup /nfs_dir
sudo chmod -R 777 /nfs_dir
5.添加修改/etc/exports
sudo echo '/nfs_dir *(rw,sync,no_root_squash)' > /etc/exports
6.使目录生效
sudo exportfs -arv
查看是否安装
$ kubectl get pods
NAME READY STATUS RESTARTS AGE
nfs-storage-nfs-client-provisioner-64f59fcf7f-cgr46 1/1 Running 0 2m34s
二、安装halo
创建命名空间
$ kubectl create namespace ns-halo
安装pvc 创建halo_pvc.yaml
apiVersion: v1 kind: PersistentVolumeClaim metadata: name: halo-pvc namespace: ns-halo spec: storageClassName: "nfs-storage" accessModes: - ReadWriteMany resources: requests: storage: 5Gi
由于self
Google 之后,找到主要原因是,官方在 k8s 1.20 中基于对性能和统一apiserver调用方式的初衷,移除了对 SelfLink 的支持,而 nfs-provisioner 需要 SelfLink 该项功能。具体计划和原因可查看这个issue[2] 和 KEP[3]。
K3S 为兼容 K8S 应该也继承了该项修改,按 K8S 的方式修改测试了下,完美解决。
k3s修改
# /etc/systemd/system/k3s.service
ExecStart=/usr/local/bin/k3s \
server \
...
'--kube-apiserver-arg' \ # 新增
'feature-gates=RemoveSelfLink=false' \ # 新增
执行
$ kaf halo_pvc.yaml
$ kubectl get pvc -A
NAMESPACE NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
ns-halo halo-pvc Pending nfs-storage 18s
安装halo 创建 halo.yaml
apiVersion: apps/v1 kind: Deployment metadata: name: halo namespace: ns-halo spec: replicas: 1 selector: matchLabels: app: halo env: prod template: metadata: labels: app: halo env: prod spec: containers: - name: halo image: halohub/halo:2.5.2 ports: - containerPort: 8090 volumeMounts: - name: halo-files mountPath: "/root/.halo2" args: - --halo.security.initializer.superadminusername=admin - --halo.security.initializer.superadminpassword=123456 volumes: - name: halo-files # 这里定义的名称,与上面的volumeMounts.name一致 persistentVolumeClaim: claimName: halo-pvc #为之前创建好的pvc
apiVersion: v1 kind: Service metadata: name: halo-service namespace: ns-halo spec: selector: app: halo ports: - port: 80 targetPort: 8090
三、配置Ingress
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: halo-ingress
namespace: ns-halo
annotations:
kubernetes.io/ingress.class: traefik
cert-manager.io/cluster-issuer: letsencrypt
ingress.kubernetes.io/ssl-redirect: "true"
kubernetes.io/tls-acme: "true"
spec:
tls:
- hosts:
- jamesyt.com
secretName: blog-com
- hosts:
- www.jamesyt.com
secretName: blog-www-com
rules:
- host: jamesyt.com
http:
paths:
- backend:
service:
name: halo-service
port:
number: 80
pathType: Prefix
path: /
- host: www.jamesyt.com
http:
paths:
- backend:
service:
name: halo-service
port:
number: 80
pathType: Prefix
path: /