前言
Nginx-Proxy-Manager 是一个基于 Web 的 Nginx 服务器管理工具,它允许用户通过浏览器界面轻松地管理和监控 Nginx 服务器。通过 Nginx-Proxy-Manager,可以获得受信任的 SSL 证书,并通过单独的配置、自定义和入侵保护来管理多个代理。用户还可以查看服务器的状态、配置、日志以及流量等信息,还可以对服务器进行一键重启、停止等操作。
1、创建命名空间
kubectl create namespace nginx-proxy-manager
2、创建持久化卷(PV)
# 创建编排文件:nginx-proxy-manager-pv.yml
vim /k8s/nginx-proxy-manager-pv.yml
文件内容如下:
apiVersion: v1
kind: PersistentVolume
metadata:name: nginx-proxy-manager-pv
spec:capacity:storage: 500MiaccessModes:- ReadWriteOnce# 这里就用hostPath,指向所在节点的外部主机的相应目录下,如/k8s-pv/nginx-proxy-manager-pv,如果出现节点漂移,数据会无法读取的哦# 建议使用云服务器或者nfshostPath:path: /k8s-pv/nginx-proxy-manager-pv
# 部署持久化卷到k8s
kubectl apply -f /k8s/nginx-proxy-manager-pv.yml
3、创建持久卷申明(PVC)
# 创建编排文件:nginx-proxy-manager-pvc.yml
vim /k8s/nginx-proxy-manager-pvc.yml
文件内容如下:
apiVersion: v1
kind: PersistentVolumeClaim
metadata:name: nginx-proxy-manager-pvcnamespace: nginx-proxy-manager
spec:accessModes:- ReadWriteOnceresources:requests:storage: 500Mi# 指向前面创建的PV的名称volumeName: nginx-proxy-manager-pv
# 部署持久化卷申明到k8s
kubectl apply -f /k8s/nginx-proxy-manager-pvc.yml
4、部署Nginx Proxy Manager
# 创建编排文件:nginx-proxy-manager-deployment.yml
vim /k8s/nginx-proxy-manager-deployment.yml
文件内容如下:
apiVersion: apps/v1
kind: Deployment
metadata:name: nginx-proxy-managernamespace: nginx-proxy-manager
spec:replicas: 1selector:matchLabels:app: nginx-proxy-managertemplate:metadata:labels:app: nginx-proxy-managerspec:containers:- name: nginx-proxy-managerimage: jc21/nginx-proxy-manager:latestports:- containerPort: 80name: http- containerPort: 81name: httpsvolumeMounts:- name: datamountPath: /dataenv:# 这里必须要配置能访问正常的mysql数据库- name: DB_MYSQL_HOSTvalue: "192.168.6.1"- name: DB_MYSQL_PORTvalue: "3306"- name: DB_MYSQL_USERvalue: "root"- name: DB_MYSQL_PASSWORDvalue: "cm207893"- name: DB_MYSQL_NAMEvalue: "npm"volumes:- name: datapersistentVolumeClaim:# 指向前面创建的pvcclaimName: nginx-proxy-manager-pvc
# 部署nginx proxy manager镜像到k8s
kubectl apply -f /k8s/nginx-proxy-manager-deployment.yml
5、创建Service
# 创建编排文件:nginx-proxy-manager-service.yml
vim /k8s/nginx-proxy-manager-service.yml
文件内容如下:
apiVersion: v1
kind: Service
metadata:name: nginx-proxy-managernamespace: nginx-proxy-manager
spec:selector:app: nginx-proxy-managerports:- protocol: TCPport: 80targetPort: 80name: http- protocol: TCPport: 81targetPort: 81name: httpstype: LoadBalancer
# 部署service到k8s
kubectl apply -f /k8s/nginx-proxy-manager-service.yml
这里可能会遇到k8s的端口限制而报错:
[root@master ~]# kubectl apply -f /k8s/nginx-proxy-manager-service.yml
The Service “nginx-proxy-manager” is invalid: spec.ports[0].nodePort: Invalid value: 80: provided port is not in the valid range. The range of valid ports is 30000-32767
解决:
(1)、 编辑 kube-apiserver.yaml文件
vim /etc/kubernetes/manifests/kube-apiserver.yaml
(2)、 找到 --service-cluster-ip-range 这一行,在该行下面1行增加以下内容
- --service-node-port-range=1-65535
如图所示:
(3)、重启 kubelet
systemctl daemon-reload
systemctl restart kubelet
6、创建Ingress
# 创建编排文件:nginx-proxy-manager-ingress.yml
vim /k8s/nginx-proxy-manager-ingress.yml
文件内容如下:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:name: nginx-proxy-manager-ingressnamespace: nginx-proxy-manager
spec:rules:# 这里配置通配符,表示以.felix666.com的都可以访问- host: "*.felix666.com"http:paths:- path: /pathType: Prefixbackend:service:name: nginx-proxy-manager-serviceport:number: 80
# 部署ingress到k8s
kubectl apply -f /k8s/nginx-proxy-manager-ingress.yml
7、测试访问
查看服务端口:
[root@k8s-master k8s]# kubectl get service -n nginx-proxy-manager
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
nginx-proxy-manager LoadBalancer 10.97.63.81 <pending> 80:80/TCP,81:81/TCP 17h
将容器内部nginx-proxy-manager服务所在端口81映射到了外部主机(我的是虚拟机:192.168.6.11)的81端口
所以外部访问地址:http://192.168.6.11:81
默认登陆的用户名:admin@example.com 密码:changeme
