kubernetes上部署 wiki.js
裴翰学
背景
wiki.js 是优秀的开源 wiki 系统,相较于 xwiki ,功能目前性上比 xwiki 不够完善,但也在不断进步。 wiki 写作、分项、权限管理功能还是有的,胜在 UI 设计很漂亮,能满足小团队的基本知识管理需求。
以下工作是在 kubernetes 1.23.0 + helm 3 已经部署好的情况下进行的。部署 kubernetes 可以参考我另外的文章 “kubesphere 多节点集群安装”
准备storageclass
我们使用 openebs 作为存储,openebs 默认安装的 local storageclass 在 pod 销毁后自动删除,不适合用于我的 mysql 存储,我们在 local storageclass 基础上稍作修改,创建新的 storageclass,允许 pod 销毁后,pv 内容继续保留,手动决定怎么处理。
apiVersion: v1
items:
- apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
annotations:
cas.openebs.io/config: |
- name: StorageType
value: "hostpath"
- name: BasePath
value: "/var/openebs/localretain/"
openebs.io/cas-type: local
storageclass.beta.kubernetes.io/is-default-class: "false"
storageclass.kubesphere.io/supported-access-modes: '["ReadWriteOnce"]'
name: localretain
provisioner: openebs.io/local
reclaimPolicy: Retain
volumeBindingMode: WaitForFirstConsumer
kind: List
metadata:
resourceVersion: ""
selfLink: ""
部署 postgresql
我们团队其他项目中也需要使用 postgresql, 为了提高 postgresql 数据库的利用率和统一管理,我们独立部署 postgresql, 并在安装 wiki.js 时,配置外部数据库。
准备用户名密码配置
我们使用 secret 保存 postgres 用户密码等敏感信息。
kind: Secret
apiVersion: v1
metadata:
name: postgres-prod
data:
POSTGRES_PASSWORD: 自行填写
type: Opaque
准备数据库初始化脚本
使用 configmap 保存数据库初始化脚本,在 数据库创建时,将 configmap 中的数据库初始化脚本挂载到 /docker-entrypoint-initdb.d, 容器初始化时会自动执行该脚本。
apiVersion: v1
kind: ConfigMap
metadata:
name: wikijs-postgres-init
data:
init.sql: |-
CREATE DATABASE wikijs;
CREATE USER wikijs with password '自行填写';
GRANT CONNECT ON DATABASE wikijs to wikijs;
GRANT USAGE ON SCHEMA public TO wikijs;
GRANT SELECT,update,INSERT,delete ON ALL TABLES IN SCHEMA public TO wikijs;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO wikijs;
准备存储
我们使用 openesb 来提供存储服务。可以通过 创建 pvc 来提供持久化存储。
这里声明一个 10G 的 pvc
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: postgres-prod-data
finalizers:
- kubernetes.io/pvc-protection
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
storageClassName: localretain
volumeMode: Filesystem
部署 postgresql 数据库
在前面的步骤准备好各种配置信息和存储后,就可以开始部署 postgresql 服务了。
我们的 kubernetes 没有配置 存储阵列,使用的是 openesb 作为存储,我们使用 deployment 来部署 postgresql 服务。
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: postgres-prod
name: postgres-prod
spec:
replicas: 1
selector:
matchLabels:
app: postgres-prod
template:
metadata:
labels:
app: postgres-prod
spec:
containers:
- name: db
imagePullPolicy: IfNotPresent
image: 'postgres:14.2-alpine'
ports:
- name: tcp-5432
protocol: TCP
containerPort: 5432
envFrom:
- secretRef:
name: postgres-prod
volumeMounts:
- name: postgres-prod-data
readOnly: false
mountPath: /var/lib/postgresql/data
- name: wikijs-postgres-init
readOnly: true
mountPath: /docker-entrypoint-initdb.d
volumes:
- name: postgres-prod-data
persistentVolumeClaim:
claimName: postgres-prod-data
- name: wikijs-postgres-init
configMap:
name: wikijs-postgres-init
创建供其他 pod 访问的 service
apiVersion: v1
kind: Service
metadata:
name: postgres-prod
spec:
selector:
app: postgres-prod
ports:
- protocol: TCP
port: 5432
targetPort: tcp-5432
完成 postgres 部署。
测试略
安装 adminer
adminer 是 php 语言的 数据库管理工具,可以在浏览器上管理数据库,因为我们的数据库部署在 kubernetes ,配套使用基于浏览器的 数据库管理工具,可以更方便的管理,而且不需要把安装在 kubernetes 集群里的数据库暴露出来,提高了数据保密性。
准备配置文件
我们使用 configmap 保存 adminer 需要的环境变量。比如通过 ADMINER_DESIGN 设置皮肤,通过 ADMINER_PLUGINS 设置需要加载的插件。
apiVersion: v1
kind: ConfigMap
metadata:
name: adminer
data:
ADMINER_DESIGN: pappu687
ADMINER_PLUGINS: tables-filter
在前面的步骤准备好各种配置信息和存储后,就可以开始部署 adminer 服务了。
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: adminer
name: adminer
spec:
replicas: 1
selector:
matchLabels:
app: adminer
template:
metadata:
labels:
app: adminer
spec:
containers:
- name: adminer
image: 'adminer'
ports:
- name: http-9000
protocol: TCP
containerPort: 9000
envFrom:
- configMapRef:
name: adminer
创建供集群内访问的 service
apiVersion: v1
kind: Service
metadata:
name: adminer
spec:
selector:
app: adminer
ports:
- protocol: TCP
port: 9000
targetPort: http-9000
创建集群外访问的 Ingress
kind: Ingress
apiVersion: networking.k8s.io/v1
metadata:
name: adminer
spec:
ingressClassName: nginx
rules:
- host: adminer.xyz.cn
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: adminer
port:
number: 9000
验证
略
部署 wiki.js
准备用户名密码配置
我们使用 secret 保存 wiki.js 用于连接数据库的用户名密码等敏感信息。
apiVersion: v1
kind: Secret
metadata:
name: wikijs
data:
DB_USER: d2lraWpz
DB_PASS: 自行填写
type: Opaque
准备数据库连接配置
我们使用 configmap 保存 wiki.js 的数据库连接信息。
apiVersion: v1
kind: ConfigMap
metadata:
name: wikijs
data:
DB_TYPE: postgres
DB_HOST: postgres-prod.infra
DB_PORT: "5432"
DB_NAME: wikijs
HA_ACTIVE: "true"
创建数据库用户和数据库
如果 postgresql 数据库里没有创建 wikijs 用户和数据 ,需要手工完成一下工作:
通过 adminer 连接 postgresql 数据库,执行一下 sql 语句,完成数据库和用户的创建、授权
CREATE DATABASE wikijs;
CREATE USER wikijs with password '自行填写';
GRANT CONNECT ON DATABASE wikijs to wikijs;
GRANT USAGE ON SCHEMA public TO wikijs;
GRANT SELECT,update,INSERT,delete ON ALL TABLES IN SCHEMA public TO wikijs;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO wikijs;
部署 wiki.js
在前面的步骤准备好各种配置信息和存储后,就可以开始部署 wiki.js 服务了。
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: wikijs
name: wikijs
spec:
replicas: 1
selector:
matchLabels:
app: wikijs
template:
metadata:
labels:
app: wikijs
spec:
containers:
- name: wikijs
image: 'requarks/wiki:2'
ports:
- name: http-3000
protocol: TCP
containerPort: 3000
envFrom:
- secretRef:
name: wikijs
- configMapRef:
name: wikijs
创建供 wiki.js 的 service
apiVersion: v1
kind: Service
metadata:
name: wikijs
spec:
selector:
app: wikijs
ports:
- protocol: TCP
port: 3000
targetPort: http-3000
创建集群外访问的 Ingress
kind: Ingress
apiVersion: networking.k8s.io/v1
metadata:
name: wikijs
spec:
ingressClassName: nginx
rules:
- host: wiki.xyz.cn
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: wikijs
port:
number: 3000
完整的 yaml 文件
以下是完整的通过 deployment 部署 mysql 数据库和 xwiki 的 yaml 文件,保存为 xwiki.yaml 。
apiVersion: v1
items:
- apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
annotations:
cas.openebs.io/config: |
- name: StorageType
value: "hostpath"
- name: BasePath
value: "/var/openebs/localretain/"
openebs.io/cas-type: local
storageclass.beta.kubernetes.io/is-default-class: "false"
storageclass.kubesphere.io/supported-access-modes: '["ReadWriteOnce"]'
name: localretain
provisioner: openebs.io/local
reclaimPolicy: Retain
volumeBindingMode: WaitForFirstConsumer
kind: List
metadata:
resourceVersion: ""
selfLink: ""
---
kind: Secret
apiVersion: v1
metadata:
name: postgres-prod
data:
POSTGRES_PASSWORD: 自行填写
type: Opaque
---
apiVersion: v1
kind: ConfigMap
metadata:
name: wikijs-postgres-init
data:
init.sql: |-
CREATE DATABASE wikijs;
CREATE USER wikijs with password '自行填写';
GRANT CONNECT ON DATABASE wikijs to wikijs;
GRANT USAGE ON SCHEMA public TO wikijs;
GRANT SELECT,update,INSERT,delete ON ALL TABLES IN SCHEMA public TO wikijs;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO wikijs;
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: postgres-prod-data
finalizers:
- kubernetes.io/pvc-protection
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
storageClassName: localretain
volumeMode: Filesystem
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: postgres-prod
name: postgres-prod
spec:
replicas: 1
selector:
matchLabels:
app: postgres-prod
template:
metadata:
labels:
app: postgres-prod
spec:
containers:
- name: db
imagePullPolicy: IfNotPresent
image: 'postgres:14.2-alpine'
ports:
- name: tcp-5432
protocol: TCP
containerPort: 5432
envFrom:
- secretRef:
name: postgres-prod
volumeMounts:
- name: postgres-prod-data
readOnly: false
mountPath: /var/lib/postgresql/data
- name: wikijs-postgres-init
readOnly: true
mountPath: /docker-entrypoint-initdb.d
volumes:
- name: postgres-prod-data
persistentVolumeClaim:
claimName: postgres-prod-data
- name: wikijs-postgres-init
configMap:
name: wikijs-postgres-init
---
apiVersion: v1
kind: Service
metadata:
name: postgres-prod
spec:
selector:
app: postgres-prod
ports:
- protocol: TCP
port: 5432
targetPort: tcp-5432
---
apiVersion: v1
kind: ConfigMap
metadata:
name: adminer
data:
ADMINER_DESIGN: pappu687
ADMINER_PLUGINS: tables-filter
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: adminer
name: adminer
spec:
replicas: 1
selector:
matchLabels:
app: adminer
template:
metadata:
labels:
app: adminer
spec:
containers:
- name: adminer
image: 'adminer'
ports:
- name: http-9000
protocol: TCP
containerPort: 9000
envFrom:
- configMapRef:
name: adminer
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: adminer
name: adminer
spec:
replicas: 1
selector:
matchLabels:
app: adminer
template:
metadata:
labels:
app: adminer
spec:
containers:
- name: adminer
image: 'adminer'
ports:
- name: http-9000
protocol: TCP
containerPort: 9000
envFrom:
- configMapRef:
name: adminer
---
apiVersion: v1
kind: Service
metadata:
name: adminer
spec:
selector:
app: adminer
ports:
- protocol: TCP
port: 9000
targetPort: http-9000
---
kind: Ingress
apiVersion: networking.k8s.io/v1
metadata:
name: adminer
spec:
ingressClassName: nginx
rules:
- host: adminer.xyz.cn
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: adminer
port:
number: 9000
---
apiVersion: v1
kind: Secret
metadata:
name: wikijs
data:
DB_USER: d2lraWpz
DB_PASS: 自行填写
type: Opaque
---
apiVersion: v1
kind: ConfigMap
metadata:
name: wikijs
data:
DB_TYPE: postgres
DB_HOST: postgres-prod.infra
DB_PORT: "5432"
DB_NAME: wikijs
HA_ACTIVE: "true"
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: wikijs
name: wikijs
spec:
replicas: 1
selector:
matchLabels:
app: wikijs
template:
metadata:
labels:
app: wikijs
spec:
containers:
- name: wikijs
image: 'requarks/wiki:2'
ports:
- name: http-3000
protocol: TCP
containerPort: 3000
envFrom:
- secretRef:
name: wikijs
- configMapRef:
name: wikijs
---
apiVersion: v1
kind: Service
metadata:
name: wikijs
spec:
selector:
app: wikijs
ports:
- protocol: TCP
port: 3000
targetPort: http-3000
---
kind: Ingress
apiVersion: networking.k8s.io/v1
metadata:
name: wikijs
spec:
ingressClassName: nginx
rules:
- host: wiki.xyz.cn
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: wikijs
port:
number: 3000
直接执行可以创建好 wiki.js
kubectl apply -f wikijs.yaml
类似资料: