摘要
在这片文章中,我将展示如何在nextcloud搭建在kubernetes上。本文不叙述如何安装搭建docker和kubernetes,有关详情请上网查阅!
部署+服务:MariaDB
首先创建文件夹nextcloud,下载预定义的MariaDB描述。根据需要进行调整并部署:
mkdir nextcloud
cd nextcloud
wget https://raw.githubusercontent.com/andremotz/nextcloud-kubernetes/master/kubernetes-yaml/db-deployment.yaml
vim db-deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
labels:
app: db
name: db
spec:
replicas: 1
strategy:
type: Recreate
template:
metadata:
labels:
app: db
spec:
containers:
- env:
- name: MYSQL_DATABASE
value: nextcloud
- name: MYSQL_PASSWORD
value: <someMySqlPass> #在这里更改MYSQL_PASSWORD
- name: MYSQL_USER
value: nextcloud
- name: MYSQL_ROOT_PASSWORD
value: <someMySqlRootPass> #在这里更改MYSQL_ROOT_PASSWORD
image: mariadb
name: db
volumeMounts:
- mountPath: /var/lib/mysql
name: db
restartPolicy: Always
volumes:
- name: db
hostPath:
path: "/home/<someFolderLocation>/db-pv" #在这里更改db的HostPath,它应该是'nc-deployment'/db-pv的绝对位置(例如/home/andremotz/nc-deployment/db-pv)
更改完成后进行部署,并部署其服务
kubectl create -f db-deployment.yaml
wget https://raw.githubusercontent.com/andremotz/nextcloud-kubernetes/master/kubernetes-yaml/db-svc.yaml
kubectl create -f db-svc.yaml
部署+服务:Nextcloud:
接下来下载Nextcloud描述,调整它们并部署:
wget https://raw.githubusercontent.com/andremotz/nextcloud-kubernetes/master/kubernetes-yaml/nc-deployment.yaml
vim nc-deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
labels:
app: nc
name: nc
spec:
replicas: 1
strategy:
type: Recreate
template:
metadata:
labels:
app: nc
spec:
containers:
- env:
- name: TZ
value: Europe/Berlin
- name: DEBUG
value: "false"
- name: NEXTCLOUD_URL
value: http://<someDomain> #输入域名
- name: NEXTCLOUD_ADMIN_USER
value: admin
- name: NEXTCLOUD_ADMIN_PASSWORD
value: <someNextCloudAdminPass> #输入NEXTCLOUD_ADMIN_PASSWORD
- name: NEXTCLOUD_UPLOAD_MAX_FILESIZE
value: 4G
- name: NEXTCLOUD_MAX_FILE_UPLOADS
value: "20"
- name: MYSQL_DATABASE
value: nextcloud
- name: MYSQL_HOST
value: db
- name: MYSQL_PASSWORD
value: <someMysqlPass> #更改MYSQL_PASSWORD(您之前输入的值)
- name: MYSQL_USER
value: nextcloud
name: nc
image: nextcloud
ports:
- containerPort: 80
protocol: TCP
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/www/html
name: html
restartPolicy: Always
volumes:
- name: html
hostPath:
path: "/home/<someFolderLocation>/nc-pv" #更改html的hostPath(例如更改为/home/andremotz/nc-deployment/nc-pv)
更改完成后进行部署,并部署其服务
kubectl create -f nc-deployment.yaml
wget https://raw.githubusercontent.com/andremotz/nextcloud-kubernetes/master/kubernetes-yaml/nc-svc.yaml #编辑下载完成的nc-svc.yaml把type: NodePort打开!最后通过这个随机端口进行访问!
kubectl create -f nc-svc.yaml
创建自签名证书
OMGWTFSSL-Docker镜像提供易于使用的证书创建。这里我们只使用Pod,而不是部署。创建证书后,Pod将停止。
wget https://raw.githubusercontent.com/andremotz/nextcloud-kubernetes/master/kubernetes-yaml/omgwtfssl-pod.yaml
vim omgwtfssl-pod.yaml
apiVersion: v1
kind: Pod
metadata:
labels:
app: omgwtfssl
name: omgwtfssl
spec:
restartPolicy: Never
containers:
- env:
- name: SSL_SUBJECT
value: <my-server-name> #输入服务器名称
- name: CA_SUBJECT
value: <my-email> #输入邮件地址
- name: SSL_KEY
value: /certs/<my-server-name>.key #更改为正确的文件名
- name: SSL_CSR
value: /certs/<my-server-name>.csr #更改为正确的文件名
- name: SSL_CERT
value: /certs/<my-server-name>.crt #更改为正确的文件名
name: omgwtfssl
image: paulczar/omgwtfssl
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: certs
name: certs
volumes:
- name: certs
hostPath:
path: "/home/<someFolderLocation>/certs-pv" #更改cert的hostPath(例如/home/andremotz/nc-deployment/certs-pv)
更改完成后进行部署,并部署其服务
kubectl create -f omgwtfssl-pod.yaml
部署+服务:Nginx反向代理
接下来下载nginx并修改
wget https://raw.githubusercontent.com/andremotz/nextcloud-kubernetes/master/kubernetes-yaml/nginx.conf
vim nginx.conf
# Kubernetes proxy-config
#
# used for adding https security
user www-data;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
keepalive_timeout 65;
server {
listen 80;
server_name <my-server-name>; #更改域名
return 301 https://$server_name$request_uri;
#rewrite ^/(.*)$ https://nc/$1 permanent;
}
server {
listen 443 ssl;
access_log /var/log/nginx/access.log;
#root /var/www/html;
# [warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead
# ssl on;
server_name <my-server-name>; #更改域名
ssl_certificate /etc/nginx/certs/<my-server-name>.crt; #更改为正确名字
ssl_certificate_key /etc/nginx/certs/<my-server-name>.key; #更改为正确名字
location / {
proxy_pass http://nc;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_buffering off;
proxy_request_buffering off;
}
}
}
下载proxy并修改
wget https://raw.githubusercontent.com/andremotz/nextcloud-kubernetes/master/kubernetes-yaml/proxy-pod.yaml
vim proxy.yaml
apiVersion: v1
kind: Pod
metadata:
labels:
app: proxy
name: proxy
spec:
containers:
- env:
- name: TZ
value: Europe/Berlin
name: proxy
image: nginx
ports:
- containerPort: 80
protocol: TCP
hostPort: 80
- containerPort: 443
protocol: TCP
hostPort: 443
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/nginx/certs
name: certs
- mountPath: /tmp/docker.sock
name: docker-socket
- mountPath: /etc/nginx/nginx.conf
name: nginx-config
- mountPath: /var/log/nginx
name: nginx-logs
restartPolicy: Always
volumes:
- name: certs
hostPath:
path: "/home/<someFolderLocation>/certs-pv" #将cert的hostPath更改为之前提供的位置--->将nginx-config的主机路径更改为之前存储
nginx.conf的位置(例如/home/andremotz/nc-deployment/nginx.conf)
- name: docker-socket
hostPath:
path: "/var/run/docker.sock"
type: Socket
- name: nginx-config
hostPath:
path: "/home/<someFolderLocation>/nginx.conf" #刚刚下载nginx.conf的位置
type: File
- name: nginx-logs
hostPath:
path: "/home/<someFolderLocation>/nginx-logs" #更改为正确的位置,如/var/log/nginx.log
更改完成后进行部署
kubectl create -f proxy-pod.yaml
现在可以通过浏览器指向http://<yourserver>:NodePort并在kubernetes dashboard上查看到位于default下的实例!
可参考本人已完成的配置文件(链接:https://pan.baidu.com/s/1ele1F0xD7-GMPzVMG9xEGA
提取码:4sos )
这时候可能会出现如下失败效果
图片.png
没关系!不要慌!这个问题不是问题!我们来看看怎么解决这个问题
找到我们刚才下载的配置文件nc-deployment.yaml,查看这个配置文件的HostPath存放目录,编辑该文件,我这里存放在/opt/nc-pv/config/config.php 找到如下字段添加上刚才配置的域名重新刷新网页即可!
'trusted_domains' =>
array (
'lijian.cloud.com',
),
展示图
图片.png
网友评论