搭载blog之安装halo(三)
要求:安装halo博客,并配置域名可访问
一. 安装nfs-provisioner
二. 安装halo
三. 配置Ingress
一、安装nfs-provisioner
- 首先安装helm
$ curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
- 安装nfs-provisioner
我在这里使用helm安装nfs
$ helm repo add stable http://mirror.azure.cn/kubernetes/charts/
"stable" has been added to your repositories
2.本地搜索库
$ helm search repo nfs-client-provisioner
3.安装
$ helm install nfs-storage stable/nfs-client-provisioner \
--set nfs.server=10.0.8.15 \
--set nfs.path=/nfs_dir \
--set storageClass.name=nfs-storage \
--set storageClass.defaultClass=true
helm install nfs-subdir-external-provisioner nfs-subdir-external-provisioner/nfs-subdir-external-provisioner \
--set nfs.server=x.x.x.x \
--set nfs.path=/nfs_dir \
--set storageClass.name=nfs-storage \
--set storageClass.defaultClass=true
注意:
nfs.server:nfs服务地址 可ifconfig 查看eth0 的ip
nfs.path:nfs根目录
storageClass.name:存储类名称
storageClass.defaultClass:设为默认存储类
也可使用新版本的nfs
sudo helm repo add nfs-subdir-external-provisioner https://kubernetes-sigs.github.io/nfs-subdir-external-provisioner/
helm install nfs-storage nfs-subdir-external-provisioner/nfs-subdir-external-provisioner \
--set nfs.server=x.x.x.x \
--set nfs.path=/nfs_dir \
--set image.repository=registry.cn-qingdao.aliyuncs.com/jameswu-hub/nfs-subdir-external-provisioner \
--set image.tag=v4.0.2 \
--set storageClass.name=nfs-storage
4.报错1
mount.nfs: requested NFS version or transport protocol is not supported
解决:安装nfs-kernel-server
apt install nfs-kernel-server
报错2
Output: mount.nfs: access denied by server while mounting 10.0.8.15:/nfs_dir
3.创建共享目录
sudo mkdir -p /nfs_dir
4.修改权限
sudo chown nobody:nogroup /nfs_dir
sudo chmod -R 777 /nfs_dir
5.添加修改/etc/exports
sudo echo '/nfs_dir *(rw,sync,no_root_squash)' > /etc/exports
6.使目录生效
sudo exportfs -arv
查看是否安装
$ kubectl get pods
NAME READY STATUS RESTARTS AGE
nfs-storage-nfs-client-provisioner-64f59fcf7f-cgr46 1/1 Running 0 2m34s
二、安装halo
- 创建命名空间
$ kubectl create namespace ns-halo
- 安装pvc
创建halo_pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: halo-pvc
namespace: ns-halo
spec:
storageClassName: "nfs-storage"
accessModes:
- ReadWriteMany
resources:
requests:
storage: 5Gi
由于self
Google 之后,找到主要原因是,官方在 k8s 1.20 中基于对性能和统一apiserver调用方式的初衷,移除了对 SelfLink 的支持,而 nfs-provisioner 需要 SelfLink 该项功能。具体计划和原因可查看这个issue[2] 和 KEP[3]。
K3S 为兼容 K8S 应该也继承了该项修改,按 K8S 的方式修改测试了下,完美解决。
k3s修改
# /etc/systemd/system/k3s.service
ExecStart=/usr/local/bin/k3s \
server \
...
'--kube-apiserver-arg' \ # 新增
'feature-gates=RemoveSelfLink=false' \ # 新增
执行
$ kaf halo_pvc.yaml
$ kubectl get pvc -A
NAMESPACE NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
ns-halo halo-pvc Pending nfs-storage 18s
- 安装halo
创建 halo.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: halo
namespace: ns-halo
spec:
replicas: 1
selector:
matchLabels:
app: halo
env: prod
template:
metadata:
labels:
app: halo
env: prod
spec:
containers:
- name: halo
image: halohub/halo:2.5.2
ports:
- containerPort: 8090
volumeMounts:
- name: halo-files
mountPath: "/root/.halo2"
args:
- --halo.security.initializer.superadminusername=admin
- --halo.security.initializer.superadminpassword=123456
volumes:
- name: halo-files # 这里定义的名称,与上面的volumeMounts.name一致
persistentVolumeClaim:
claimName: halo-pvc #为之前创建好的pvc
---
apiVersion: v1
kind: Service
metadata:
name: halo-service
namespace: ns-halo
spec:
selector:
app: halo
ports:
- port: 80
targetPort: 8090
三、配置Ingress
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: halo-ingress
namespace: ns-halo
annotations:
kubernetes.io/ingress.class: traefik
cert-manager.io/cluster-issuer: letsencrypt
ingress.kubernetes.io/ssl-redirect: "true"
kubernetes.io/tls-acme: "true"
spec:
tls:
- hosts:
- jamesyt.com
secretName: blog-com
- hosts:
- www.jamesyt.com
secretName: blog-www-com
rules:
- host: jamesyt.com
http:
paths:
- backend:
service:
name: halo-service
port:
number: 80
pathType: Prefix
path: /
- host: www.jamesyt.com
http:
paths:
- backend:
service:
name: halo-service
port:
number: 80
pathType: Prefix
path: /
评论区