1. На сервере должен быть поднят nfs сервер и настроен на опеределенный каталог и нужно дать доступ(/etc/exports) до nfs нашему k8s
2. В k8s должен быть создан Storage Classes и добавлен наш nfs, я использовал этот helm chart nfs-subdir-external-provisioner-4.0.16
3. Storage Classes создан в namespace default, чтоб nfs был доступен всем
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: blog-wp-pvc-1
namespace: blog
spec:
accessModes:
- ReadWriteOnce
storageClassName: nfs
resources:
requests:
storage: 10Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: blog-db-pvc-2
namespace: blog
spec:
accessModes:
- ReadWriteOnce
storageClassName: nfs
resources:
requests:
storage: 10Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: blog-wp-pvc-3
namespace: blog
spec:
accessModes:
- ReadWriteOnce
storageClassName: nfs
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: Secret
metadata:
name: mysql-secret
namespace: blog
type: kubernetes.io/basic-auth
stringData:
password: 12345678
---
apiVersion: v1
kind: Service
metadata:
name: wp-mysqldb-svc
namespace: blog
spec:
ports:
- name: tcp
port: 3306
protocol: TCP
targetPort: 3306
selector:
app: wp-mysql
tier: mysql
clusterIP: None
sessionAffinity: None
type: ClusterIP
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: wp-mysql
namespace: blog
labels:
app: wp-mysql
spec:
selector:
matchLabels:
app: wp-mysql
tier: mysql
strategy:
type: Recreate
template:
metadata:
labels:
app: wp-mysql
tier: mysql
spec:
containers:
- image: mysql:5.6
name: wp-mysql
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-secret
key: password
ports:
- containerPort: 3306
name: wp-mysql
volumeMounts:
- name: blog-db-pvc-2
mountPath: /var/lib/mysql
volumes:
- name: blog-db-pvc-2
persistentVolumeClaim:
claimName: blog-db-pvc-2
---
apiVersion: v1
kind: Service
metadata:
name: wp-svc
namespace: blog
spec:
ports:
- name: tcp
port: 9000
protocol: TCP
targetPort: 9000
selector:
app: wp
tier: frontend
clusterIP: None
sessionAffinity: None
type: ClusterIP
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: wp
namespace: blog
labels:
app: wp
spec:
selector:
matchLabels:
app: wp
tier: frontend
strategy:
type: Recreate
template:
metadata:
labels:
app: wp
tier: frontend
spec:
containers:
- image: wordpress:php8.1-fpm
name: wp
env:
- name: WORDPRESS_DB_HOST
value: wp-mysqldb-svc
- name: WORDPRESS_DB_USER
value: root
- name: WORDPRESS_DB_NAME
value: wordpress
- name: WORDPRESS_DB_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-secret
key: password
ports:
- containerPort: 9000
volumeMounts:
- name: blog-wp-pvc-1
mountPath: /var/www/html
volumes:
- name: blog-wp-pvc-1
persistentVolumeClaim:
claimName: blog-wp-pvc-1
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: wp-nginx
namespace: blog
labels:
app: wp-nginx
spec:
selector:
matchLabels:
app: wp-nginx
replicas: 1
template:
metadata:
labels:
app: wp-nginx
spec:
containers:
- name: wp-nginx
image: "nginx:latest"
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
volumeMounts:
- mountPath: /etc/nginx
name: config-nginx
- mountPath: /var/www/html
name: web-nginx
volumes:
- name: config-nginx
persistentVolumeClaim:
claimName: blog-wp-pvc-3
- name: web-nginx
persistentVolumeClaim:
claimName: blog-wp-pvc-1
---
kind: Service
apiVersion: v1
metadata:
name: wp-nginx-svc
namespace: blog
spec:
type: NodePort
selector:
app: wp-nginx
ports:
- protocol: TCP
nodePort: 30008
port: 443
Заходим в под wp и правим фаил wp-config-docker.php , прописываем пути до базы
// ** Database settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define( 'DB_NAME', getenv_docker('WORDPRESS_DB_NAME', 'wordpress') );
/** Database username */
define( 'DB_USER', getenv_docker('WORDPRESS_DB_USER', 'root') );
/** Database password */
define( 'DB_PASSWORD', getenv_docker('WORDPRESS_DB_PASSWORD', '12345678') );
/**
* Docker image fallback values above are sourced from the official WordPress installation wizard:
* https://github.com/WordPress/WordPress/blob/f9cc35ebad82753e9c86de322ea5c76a9001c7e2/wp-admin/setup-config.php#L216-L230
* (However, using "example username" and "example password" in your database is strongly discouraged. Please use strong, random credentials!)
*/
/** Database hostname */
define( 'DB_HOST', getenv_docker('WORDPRESS_DB_HOST', 'wp-mysqldb-svc') );
/** Database charset to use in creating database tables. */
define( 'DB_CHARSET', getenv_docker('WORDPRESS_DB_CHARSET', 'utf8') );
/** The database collate type. Don't change this if in doubt. */
define( 'DB_COLLATE', getenv_docker('WORDPRESS_DB_COLLATE', '') );
Примерный конфиг nginx
server {
listen 443 ssl;
server_name rrr54.wps.fvds.ru;
ssl_certificate /etc/nginx/public.pem;
ssl_certificate_key /etc/nginx/private.pem;
#ssl_verify_client off;
root /var/www/html;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~* /wp-sitemap.*\.xml {
try_files $uri $uri/ /index.php$is_args$args;
}
client_max_body_size 100M;
location ~ \.php$ {
fastcgi_pass wp-svc:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 128k;
fastcgi_intercept_errors on;
}
gzip on;
gzip_comp_level 6;
gzip_min_length 1000;
gzip_proxied any;
gzip_disable "msie6";
gzip_types
application/atom+xml
application/geo+json
application/javascript
application/x-javascript
application/json
application/ld+json
application/manifest+json
application/rdf+xml
application/rss+xml
application/xhtml+xml
application/xml
font/eot
font/otf
font/ttf
image/svg+xml
text/css
text/javascript
text/plain
text/xml;
# assets, media
location ~* \.(?:css(\.map)?|js(\.map)?|jpe?g|png|gif|ico|cur|heic|webp|tiff?|mp3|m4a|aac|ogg|midi?|wav|mp4|mov|webm|mpe?g|avi|ogv|flv|wmv)$ {
expires 90d;
access_log off;
}
# svg, fonts
location ~* \.(?:svgz?|ttf|ttc|otf|eot|woff2?)$ {
add_header Access-Control-Allow-Origin "*";
expires 90d;
access_log off;
}
location ~ /\.ht {
access_log off;
log_not_found off;
deny all;
}
}