HTY1024/kubernetes-yaml
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

新增learn-kubernetes(https://github.com/yyong-brs/learn-kubernetes)相关文件

Browse Source
This commit is contained in:
huty
2024-02-20 17:15:27 +08:00
committed by huty
parent 6706e1a633
commit 34158042ad
1529 changed files with 177765 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
learn/learn-kubernetes-master/kiamol/ch08/lab/README.md Normal file
View File

@@ -0,0 +1,56 @@
# Ch08 lab
Run the app:
```
kubectl apply -f lab/nginx/
```
Get the URL and browse:
```
kubectl get svc nginx -o jsonpath='http://{.status.loadBalancer.ingress[0].*}:8088'
```
> It works, but its just a single Pod writing logs to an EmptyDir.
## Sample Solution
My [StatefulSet](solution/nginx-statefulset.yaml) runs three Pods, with volume claim templates for storage.
```
kubectl apply -f lab/solution/nginx-statefulset.yaml
```
> Make lots of calls to the web app
I used this in Powershell:
```
for($i = 0; $i -lt 100; $i++) { curl http://localhost:8088 | Out-Null }
```
Then the [Job](solution/disk-calc-job.yaml) is configured to mount all of the PVCs used in the StatefulSet Pods.
```
kubectl apply -f lab/solution/disk-calc-job.yaml
```
When I check the logs I see this:
```
PS>kubectl logs -l job-name=disk-calc
32.0K /nginx0/access.log
24.0K /nginx1/access.log
40.0K /nginx2/access.log
```
## Teardown
Delete the lab resources by their labels:
```
kubectl delete all -l kiamol=ch08-lab
kubectl delete pvc -l kiamol=ch08-lab
```

23
learn/learn-kubernetes-master/kiamol/ch08/lab/disk-calc-job.yaml Normal file
View File

@@ -0,0 +1,23 @@
apiVersion: v1
kind: Job
metadata:
name: nginx
labels:
kiamol: ch08-lab
app: nginx
spec:
containers:
- image: kiamol/ch03-sleep
name: calc
command: ['sh', '-c', 'du -h /nginx1/access.log /nginx2/access.log /nginx3/access.log']
ports:
- containerPort: 80
volumeMounts:
- name: nginx1
mountPath: /nginx1/
- name: nginx2
mountPath: /nginx2/
- name: nginx3
mountPath: /nginx3/
# volumes:
# ?

13
learn/learn-kubernetes-master/kiamol/ch08/lab/nginx/nginx-service.yaml Normal file
View File

@@ -0,0 +1,13 @@
apiVersion: v1
kind: Service
metadata:
name: nginx
labels:
kiamol: ch08-lab
spec:
type: LoadBalancer
ports:
- port: 8088
targetPort: 80
selector:
app: nginx

19
learn/learn-kubernetes-master/kiamol/ch08/lab/nginx/nginx.yaml Normal file
View File

@@ -0,0 +1,19 @@
apiVersion: v1
kind: Pod
metadata:
name: nginx
labels:
kiamol: ch08-lab
app: nginx
spec:
containers:
- image: nginx:1.17-alpine
name: nginx
ports:
- containerPort: 80
volumeMounts:
- name: logs
mountPath: /var/log/nginx/
volumes:
- name: logs
emptyDir: {}

33
learn/learn-kubernetes-master/kiamol/ch08/lab/solution/disk-calc-job.yaml Normal file
View File

@@ -0,0 +1,33 @@
apiVersion: batch/v1
kind: Job
metadata:
name: disk-calc
labels:
kiamol: ch08-lab
spec:
template:
spec:
restartPolicy: Never
containers:
- image: kiamol/ch03-sleep
name: calc
command: ['sh', '-c', 'du -h /nginx0/access.log /nginx1/access.log /nginx2/access.log']
ports:
- containerPort: 80
volumeMounts:
- name: nginx0
mountPath: /nginx0/
- name: nginx1
mountPath: /nginx1/
- name: nginx2
mountPath: /nginx2/
volumes:
- name: nginx0
persistentVolumeClaim:
claimName: logs-nginx-stateful-0
- name: nginx1
persistentVolumeClaim:
claimName: logs-nginx-stateful-1
- name: nginx2
persistentVolumeClaim:
claimName: logs-nginx-stateful-2

50
learn/learn-kubernetes-master/kiamol/ch08/lab/solution/nginx-statefulset.yaml Normal file
View File

@@ -0,0 +1,50 @@
apiVersion: v1
kind: Service
metadata:
name: nginx
labels:
kiamol: ch08-lab
spec:
type: LoadBalancer
ports:
- port: 8088
targetPort: 80
selector:
app: nginx-stateful
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: nginx-stateful
labels:
kiamol: ch08-lab
spec:
selector:
matchLabels:
app: nginx-stateful
serviceName: nginx-stateful
replicas: 3
template:
metadata:
labels:
app: nginx-stateful
spec:
containers:
- image: nginx:1.17-alpine
name: nginx
ports:
- containerPort: 80
volumeMounts:
- name: logs
mountPath: /var/log/nginx/
volumeClaimTemplates:
- metadata:
name: logs
labels:
kiamol: ch08-lab
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Mi

30
learn/learn-kubernetes-master/kiamol/ch08/pi/pi-job-random.yaml Normal file
View File

@@ -0,0 +1,30 @@
apiVersion: batch/v1
kind: Job
metadata:
name: pi-job-random
labels:
kiamol: ch08
spec:
completions: 3
parallelism: 3
template:
spec:
initContainers:
- name: init-dp
image: kiamol/ch03-sleep
command: ['sh', '-c', 'echo $RANDOM > /init/dp']
volumeMounts:
- name: init
mountPath: /init
containers:
- name: pi
image: kiamol/ch05-pi
command: ['sh', '-c', 'dotnet Pi.Web.dll -m console -dp $(cat /init/dp)']
volumeMounts:
- name: init
mountPath: /init
readOnly: true
restartPolicy: Never
volumes:
- name: init
emptyDir: {}

14
learn/learn-kubernetes-master/kiamol/ch08/pi/pi-job.yaml Normal file
View File

@@ -0,0 +1,14 @@
apiVersion: batch/v1
kind: Job
metadata:
name: pi-job
labels:
kiamol: ch08
spec:
template:
spec:
containers:
- name: pi
image: kiamol/ch05-pi
command: ["dotnet", "Pi.Web.dll", "-m", "console", "-dp", "50"]
restartPolicy: Never

26
learn/learn-kubernetes-master/kiamol/ch08/sleep/sleep-with-db-backup-mount.yaml Normal file
View File

@@ -0,0 +1,26 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: sleep
labels:
kiamol: ch08
spec:
selector:
matchLabels:
app: sleep
template:
metadata:
labels:
app: sleep
spec:
containers:
- name: sleep
image: kiamol/ch03-sleep
volumeMounts:
- name: backup
mountPath: "/backup"
readOnly: true
volumes:
- name: backup
persistentVolumeClaim:
claimName: todo-db-backup-pvc

45
learn/learn-kubernetes-master/kiamol/ch08/sleep/sleep-with-pvc.yaml Normal file
View File

@@ -0,0 +1,45 @@
apiVersion: v1
kind: Service
metadata:
name: sleep-with-pvc
labels:
kiamol: ch08
spec:
selector:
app: sleep-with-pvc
clusterIP: None
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: sleep-with-pvc
labels:
kiamol: ch08
spec:
selector:
matchLabels:
app: sleep-with-pvc
serviceName: sleep-with-pvc
replicas: 2
template:
metadata:
labels:
app: sleep-with-pvc
spec:
containers:
- name: sleep
image: kiamol/ch03-sleep
volumeMounts:
- name: data
mountPath: /data
volumeClaimTemplates:
- metadata:
name: data
labels:
kiamol: ch08
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Mi

18
learn/learn-kubernetes-master/kiamol/ch08/sleep/sleep.yaml Normal file
View File

@@ -0,0 +1,18 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: sleep
labels:
kiamol: ch08
spec:
selector:
matchLabels:
app: sleep
template:
metadata:
labels:
app: sleep
spec:
containers:
- name: sleep
image: kiamol/ch03-sleep

34
learn/learn-kubernetes-master/kiamol/ch08/todo-list/db/backup/todo-db-backup-cronjob.yaml Normal file
View File

@@ -0,0 +1,34 @@
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: todo-db-backup
labels:
kiamol: ch08
spec:
schedule: "*/2 * * * *" # see https://crontab.guru
concurrencyPolicy: Forbid
jobTemplate:
spec:
template:
spec:
restartPolicy: Never
containers:
- name: backup
image: postgres:11.6-alpine
command: ['sh', '-c', 'pg_dump -h $POSTGRES_SECONDARY_FQDN -U postgres -F tar -f "/backup/$(date +%y%m%d-%H%M).tar" todo']
envFrom:
- configMapRef:
name: todo-db-env
env:
- name: PGPASSWORD
valueFrom:
secretKeyRef:
key: POSTGRES_PASSWORD
name: todo-db-secret
volumeMounts:
- name: backup
mountPath: "/backup"
volumes:
- name: backup
persistentVolumeClaim:
claimName: todo-db-backup-pvc

12
learn/learn-kubernetes-master/kiamol/ch08/todo-list/db/backup/todo-db-backup-pvc.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: todo-db-backup-pvc
labels:
kiamol: ch08
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 100Mi

35
learn/learn-kubernetes-master/kiamol/ch08/todo-list/db/backup/update/todo-db-backup-cronjob-suspend.yaml Normal file
View File

@@ -0,0 +1,35 @@
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: todo-db-backup
labels:
kiamol: ch08
spec:
schedule: "*/2 * * * *" # see https://crontab.guru
concurrencyPolicy: Forbid
suspend: true
jobTemplate:
spec:
template:
spec:
restartPolicy: Never
containers:
- name: backup
image: postgres:11.6-alpine
command: ['sh', '-c', 'pg_dump -h $POSTGRES_SECONDARY_FQDN -U postgres -F tar -f "/backup/$(date +%y%m%d-%H%M).tar" todo']
envFrom:
- configMapRef:
name: todo-db-env
env:
- name: PGPASSWORD
valueFrom:
secretKeyRef:
key: POSTGRES_PASSWORD
name: todo-db-secret
volumeMounts:
- name: backup
mountPath: "/backup"
volumes:
- name: backup
persistentVolumeClaim:
claimName: todo-db-backup-pvc

51
learn/learn-kubernetes-master/kiamol/ch08/todo-list/db/replicated/todo-db-config.yaml Normal file
View File

@@ -0,0 +1,51 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: todo-db-config
labels:
kiamol: ch08
data:
primary.conf: |-
listen_addresses = '*'
max_connections = 100
shared_buffers = 128MB
dynamic_shared_memory_type = posix
log_timezone = 'UTC'
datestyle = 'iso, mdy'
timezone = 'UTC'
lc_messages = 'en_US.utf8'
lc_monetary = 'en_US.utf8'
lc_numeric = 'en_US.utf8'
lc_time = 'en_US.utf8'
default_text_search_config = 'pg_catalog.english'
wal_level = hot_standby
max_wal_senders = 5
wal_keep_segments = 32
standby.conf: |-
listen_addresses = '*'
max_connections = 100
shared_buffers = 128MB
dynamic_shared_memory_type = posix
log_timezone = 'UTC'
datestyle = 'iso, mdy'
timezone = 'UTC'
lc_messages = 'en_US.utf8'
lc_monetary = 'en_US.utf8'
lc_numeric = 'en_US.utf8'
lc_time = 'en_US.utf8'
default_text_search_config = 'pg_catalog.english'
hot_standby = on
pg_hba.conf: |-
# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
# Allow replication connections from localhost, by a user with the
# replication privilege.
local replication all trust
host replication all 127.0.0.1/32 trust
host replication all ::1/128 trust
host replication replication all md5
host all all all md5

10
learn/learn-kubernetes-master/kiamol/ch08/todo-list/db/replicated/todo-db-env.yaml Normal file
View File

@@ -0,0 +1,10 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: todo-db-env
labels:
kiamol: ch08
data:
POSTGRES_PRIMARY_NAME: "todo-db-0"
POSTGRES_PRIMARY_FQDN: "todo-db-0.todo-db.default.svc.cluster.local"
POSTGRES_SECONDARY_FQDN: "todo-db-1.todo-db.default.svc.cluster.local"

44
learn/learn-kubernetes-master/kiamol/ch08/todo-list/db/replicated/todo-db-scripts.yaml Normal file
View File

@@ -0,0 +1,44 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: todo-db-scripts
labels:
kiamol: ch08
data:
wait-service.sh: |-
#!/bin/sh
if [ "$HOSTNAME" == "$POSTGRES_PRIMARY_NAME" ]; then
echo '** Postgres primary **'
else
echo '** Postgres standby - waiting on DNS for primary **'
until nslookup ${POSTGRES_PRIMARY_FQDN}; do echo Waiting for ${POSTGRES_PRIMARY_FQDN}; sleep 1; done
fi
initialize-replication.sh: |-
#!/bin/bash
if [ "$HOSTNAME" == "$POSTGRES_PRIMARY_NAME" ]; then
echo '** Postgres primary - creating replication user script **'
cp /scripts/create-replica-user.sh /docker-entrypoint-initdb.d/create-replica-user.sh
ls -l /docker-entrypoint-initdb.d
else
echo '** Postgres standby - waiting on primary **'
until pg_isready -h "$POSTGRES_PRIMARY_FQDN"; do echo Waiting for db to be ready; sleep 1; done
fi
create-replica-user.sh: |-
#!/bin/bash
set -e
psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL
CREATE ROLE replication WITH REPLICATION PASSWORD '$PGPASSWORD' LOGIN
EOSQL
startup.sh: |-
#!/bin/sh
if [ "$HOSTNAME" == "$POSTGRES_PRIMARY_NAME" ]; then
echo '** Postgres primary **'
/docker-entrypoint.sh postgres -c config_file=/conf/primary.conf -c hba_file=/conf/pg_hba.conf
else
echo '** Postgres standby - initializing replication**'
if [ -z "$(ls -A ${PGDATA})" ]; then
pg_basebackup -R -h "$POSTGRES_PRIMARY_FQDN" -D "$PGDATA" -P -U replication
chown -R postgres:postgres $PGDATA
fi
/docker-entrypoint.sh postgres -c config_file=/conf/standby.conf
fi

86
learn/learn-kubernetes-master/kiamol/ch08/todo-list/db/replicated/todo-db.yaml Normal file
View File

@@ -0,0 +1,86 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: todo-db
labels:
kiamol: ch08
spec:
selector:
matchLabels:
app: todo-db
serviceName: todo-db
replicas: 2
template:
metadata:
labels:
app: todo-db
spec:
initContainers:
- name: wait-service
image: kiamol/ch03-sleep
envFrom:
- configMapRef:
name: todo-db-env
command: ['/scripts/wait-service.sh']
volumeMounts:
- name: scripts
mountPath: "/scripts"
- name: initialize-replication
image: postgres:11.6-alpine
envFrom:
- configMapRef:
name: todo-db-env
env:
- name: PGPASSWORD # used as replication password
valueFrom:
secretKeyRef:
key: POSTGRES_PASSWORD
name: todo-db-secret
command: ['/scripts/initialize-replication.sh']
volumeMounts:
- name: scripts
mountPath: "/scripts"
- name: initdb
mountPath: /docker-entrypoint-initdb.d
containers:
- name: db
image: postgres:11.6-alpine
command: ["/scripts/startup.sh"]
envFrom:
- configMapRef:
name: todo-db-env
env:
- name: POSTGRES_PASSWORD_FILE
value: /secrets/postgres_password
- name: PGPASSWORD # used as replication password
valueFrom:
secretKeyRef:
key: POSTGRES_PASSWORD
name: todo-db-secret
volumeMounts:
- name: secret
mountPath: "/secrets"
- name: scripts
mountPath: "/scripts"
- name: config
mountPath: "/conf"
- name: initdb
mountPath: /docker-entrypoint-initdb.d
volumes:
- name: secret
secret:
secretName: todo-db-secret
defaultMode: 0400
items:
- key: POSTGRES_PASSWORD
path: postgres_password
- name: scripts
configMap:
name: todo-db-scripts
defaultMode: 0555
- name: config
configMap:
name: todo-db-config
defaultMode: 0444
- name: initdb
emptyDir: {}

99
learn/learn-kubernetes-master/kiamol/ch08/todo-list/db/replicated/update/todo-db-pvc.yaml Normal file
View File

@@ -0,0 +1,99 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: todo-db
labels:
kiamol: ch08
spec:
selector:
matchLabels:
app: todo-db
serviceName: todo-db
replicas: 2
template:
metadata:
labels:
app: todo-db
spec:
initContainers:
- name: wait-service
image: kiamol/ch03-sleep
envFrom:
- configMapRef:
name: todo-db-env
command: ['/scripts/wait-service.sh']
volumeMounts:
- name: scripts
mountPath: "/scripts"
- name: initialize-replication
image: postgres:11.6-alpine
envFrom:
- configMapRef:
name: todo-db-env
env:
- name: PGPASSWORD # used as replication password
valueFrom:
secretKeyRef:
key: POSTGRES_PASSWORD
name: todo-db-secret
command: ['/scripts/initialize-replication.sh']
volumeMounts:
- name: scripts
mountPath: "/scripts"
- name: initdb
mountPath: /docker-entrypoint-initdb.d
containers:
- name: db
image: postgres:11.6-alpine
command: ["/scripts/startup.sh"]
envFrom:
- configMapRef:
name: todo-db-env
env:
- name: POSTGRES_PASSWORD_FILE
value: /secrets/postgres_password
- name: PGPASSWORD # used as replication password
valueFrom:
secretKeyRef:
key: POSTGRES_PASSWORD
name: todo-db-secret
volumeMounts:
- name: secret
mountPath: "/secrets"
- name: scripts
mountPath: "/scripts"
- name: config
mountPath: "/conf"
- name: initdb
mountPath: /docker-entrypoint-initdb.d
- name: data
mountPath: /var/lib/postgresql/data
volumes:
- name: secret
secret:
secretName: todo-db-secret
defaultMode: 0400
items:
- key: POSTGRES_PASSWORD
path: postgres_password
- name: scripts
configMap:
name: todo-db-scripts
defaultMode: 0555
- name: config
configMap:
name: todo-db-config
defaultMode: 0444
- name: initdb
emptyDir: {}
volumeClaimTemplates:
- metadata:
name: data
labels:
kiamol: ch08
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 50Mi

9
learn/learn-kubernetes-master/kiamol/ch08/todo-list/db/todo-db-secret.yaml Normal file
View File

@@ -0,0 +1,9 @@
apiVersion: v1
kind: Secret
metadata:
name: todo-db-secret
labels:
kiamol: ch08
type: Opaque
stringData:
POSTGRES_PASSWORD: "kiamol-2*2*"

14
learn/learn-kubernetes-master/kiamol/ch08/todo-list/db/todo-db-service.yaml Normal file
View File

@@ -0,0 +1,14 @@
apiVersion: v1
kind: Service
metadata:
name: todo-db
labels:
kiamol: ch08
spec:
ports:
- port: 5432
targetPort: 5432
name: postgres
selector:
app: todo-db
clusterIP: None

34
learn/learn-kubernetes-master/kiamol/ch08/todo-list/db/todo-db.yaml Normal file
View File

@@ -0,0 +1,34 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: todo-db
labels:
kiamol: ch08
spec:
selector:
matchLabels:
app: todo-db
serviceName: todo-db
replicas: 2
template:
metadata:
labels:
app: todo-db
spec:
containers:
- name: db
image: postgres:11.6-alpine
env:
- name: POSTGRES_PASSWORD_FILE
value: /secrets/postgres_password
volumeMounts:
- name: secret
mountPath: "/secrets"
volumes:
- name: secret
secret:
secretName: todo-db-secret
defaultMode: 0400
items:
- key: POSTGRES_PASSWORD
path: postgres_password

16
learn/learn-kubernetes-master/kiamol/ch08/todo-list/web/todo-web-configMap.yaml Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: todo-web-config
labels:
kiamol: ch08
data:
config.json: |-
{
"ConfigController": {
"Enabled" : true
},
"Database" : {
"Provider" : "Postgres"
}
}

15
learn/learn-kubernetes-master/kiamol/ch08/todo-list/web/todo-web-secret.yaml Normal file
View File

@@ -0,0 +1,15 @@
apiVersion: v1
kind: Secret
metadata:
name: todo-web-secret
labels:
kiamol: ch08
type: Opaque
stringData:
secrets.json: |-
{
"ConnectionStrings": {
"ToDoDb": "Server=todo-db-0.todo-db.default.svc.cluster.local;Database=todo;User Id=postgres;Password=kiamol-2*2*;",
"ToDoDb-ReadOnly": "Server=todo-db-1.todo-db.default.svc.cluster.local;Database=todo;User Id=postgres;Password=kiamol-2*2*;"
}
}

13
learn/learn-kubernetes-master/kiamol/ch08/todo-list/web/todo-web-service.yaml Normal file
View File

@@ -0,0 +1,13 @@
apiVersion: v1
kind: Service
metadata:
name: todo-web
labels:
kiamol: ch08
spec:
ports:
- port: 8081
targetPort: 80
selector:
app: todo-web
type: LoadBalancer

42
learn/learn-kubernetes-master/kiamol/ch08/todo-list/web/todo-web.yaml Normal file
View File

@@ -0,0 +1,42 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: todo-web
labels:
kiamol: ch08
spec:
selector:
matchLabels:
app: todo-web
template:
metadata:
labels:
app: todo-web
spec:
containers:
- name: web
image: kiamol/ch04-todo-list
env:
- name: ASPNETCORE_ENVIRONMENT
value: Test
volumeMounts:
- name: config
mountPath: "/app/config"
readOnly: true
- name: secret
mountPath: "/app/secrets"
readOnly: true
volumes:
- name: config
configMap:
name: todo-web-config
items:
- key: config.json
path: config.json
- name: secret
secret:
secretName: todo-web-secret
defaultMode: 0400
items:
- key: secrets.json
path: secrets.json

44
learn/learn-kubernetes-master/kiamol/ch08/todo-list/web/update/todo-web-readonly.yaml Normal file
View File

@@ -0,0 +1,44 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: todo-web
labels:
kiamol: ch08
spec:
selector:
matchLabels:
app: todo-web
template:
metadata:
labels:
app: todo-web
spec:
containers:
- name: web
image: kiamol/ch04-todo-list
env:
- name: ASPNETCORE_ENVIRONMENT
value: Test
- name: Database__ReadOnly
value: "true"
volumeMounts:
- name: config
mountPath: "/app/config"
readOnly: true
- name: secret
mountPath: "/app/secrets"
readOnly: true
volumes:
- name: config
configMap:
name: todo-web-config
items:
- key: config.json
path: config.json
- name: secret
secret:
secretName: todo-web-secret
defaultMode: 0400
items:
- key: secrets.json
path: secrets.json