K8s實(shí)現(xiàn)nginx泛范、tomcat動(dòng)靜分離

K8s環(huán)境部署nginx候引、tomcat動(dòng)靜分離，部署elk+filebeat日志分析系統(tǒng)敦跌。通過nginx代理連接內(nèi)外網(wǎng)。通過添加節(jié)點(diǎn)標(biāo)簽將nginx及tomcat相關(guān)pod定向調(diào)度至node1節(jié)點(diǎn)逛揩，elk相關(guān)pod定向調(diào)度至node2節(jié)點(diǎn)柠傍，filebeat的kind類型設(shè)置為DaemonSet。

節(jié)點(diǎn)：

master：172.28.9.90

Node1：172.28.9.92

Node2：172.28.9.91

Nginx負(fù)載：172.28.9.93

Nginx辩稽、Tomcat網(wǎng)頁文件目錄：

Node節(jié)點(diǎn)標(biāo)簽：

鏡像下載：

docker pull docker.elastic.co/elasticsearch/elasticsearch:7.11.1

docker pull docker.elastic.co/logstash/logstash:7.11.1

docker pull docker.elastic.co/kibana/kibana:7.11.1

docker pull docker.elastic.co/beats/filebeat:7.11.1

docker pull docker.io/nginx:latest

docker pull docker.io/tomcat:latest

配置文件：

nginx.yaml惧笛、tomcat.yaml、filebeat.yaml逞泄、logstash.yaml患整、elasticsearch.yaml、kibana.yaml

service及pod運(yùn)行狀態(tài)：

Nginx及tomcat網(wǎng)頁：

Elk網(wǎng)頁及nginx日志：

Yaml文件內(nèi)容：

nginx.yaml

---

apiVersion: v1

kind: PersistentVolume

metadata:

??name: nginx-log-pv

??labels:

????name: nginx-log-pv

spec:

??capacity:

????storage: 5Mi

??accessModes:

??- ReadWriteOnce

??persistentVolumeReclaimPolicy: Recycle

??hostPath:

????path: /var/log/nginx/

---

apiVersion: v1

kind: PersistentVolumeClaim

metadata:

??name: nginx-log-pvc

spec:

??accessModes:

??- ReadWriteOnce

??resources:

????requests:

??????storage: 5Mi

??selector:

????matchLabels:

??????name: nginx-log-pv

---

apiVersion: v1

kind: ConfigMap

metadata:

??name: cm-nginx-config

data:

??nginx.conf: |

????user ?nginx;

????worker_processes ?1;

????error_log ?/var/log/nginx/error.log warn;

????pid ???????/var/run/nginx.pid;

????events {

????????worker_connections ?1024;

????}

????http {

????????include ??????/etc/nginx/mime.types;

????????default_type ?application/octet-stream;

????????log_format ?main ?'$remote_addr - $remote_user [$time_local] "$request" '

??????????????????????????'$status $body_bytes_sent "$http_referer" '

??????????????????????????'"$http_user_agent" "$http_x_forwarded_for"';

????????access_log ?/var/log/nginx/access.log ?main;

????????sendfile ???????on;

????????keepalive_timeout ?65;

????????upstream tomcat_server1 {

???????????server tomcat-sts-0.tomcatserver.default:8080;

???????????server tomcat-sts-1.tomcatserver.default:8080;

????????}

????????upstream tomcat_server2 {

???????????server tomcat-sts-0.tomcatserver.default:8081;

???????????server tomcat-sts-1.tomcatserver.default:8081;

????????}

??????????server {

????????????listen ??????80;

????????????server_name ?test1;

????????????location / {

????????????????root ??/usr/share/nginx/html1;

????????????????index ?test1.html;

????????????}

????????????location /docs {

????????????????alias /usr/share/nginx/docs1/;

????????????????index test1-docs.html;

????????????}

????????????location ~ .*.jsp$ {

????????????????proxy_pass http://tomcat_server1;

????????????????proxy_set_header Host $host:$server_port;

????????????????proxy_set_header REMOTE-HOST $remote_addr;

????????????????proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

????????????????proxy_set_header X-Real-IP $remote_addr;

????????????}

??????????}

??????????server {

????????????listen 81;

????????????server_name test2;

????????????location / {

??????????????root ??/usr/share/nginx/html2;

??????????????index ?test2.html;

????????????}

????????????location /docs {

??????????????alias ??/usr/share/nginx/docs2/;

??????????????index ??test2-docs.html;

????????????}

????????????location ~ .*.jsp$ {

???????????????proxy_pass http://tomcat_server2;

????????????????proxy_set_header Host $host:$server_port;

????????????????proxy_set_header REMOTE-HOST $remote_addr;

????????????????proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

????????????????proxy_set_header X-Real-IP $remote_addr;

????????????}

??????????}

????}

---

apiVersion: apps/v1

kind: Deployment

metadata:

??name: nginx-deployment

spec:

??selector:

????matchLabels:

??????app: nginx

??replicas: 2

??template:

????metadata:

??????labels:

????????app: nginx

????spec:

??????containers:

??????- name: nginx

????????image: docker.io/nginx:latest

????????imagePullPolicy: Never

????????command: [ "nginx" ]

????????args:

????????- "-g daemon off;"

????????- -c

????????- /etc/nginx/nginx.conf

????????ports:

????????- containerPort: 80

??????????name: test1

????????- containerPort: 81

??????????name: test2

????????volumeMounts:

????????- name: nginx-config

??????????mountPath: /etc/nginx/nginx.conf

??????????subPath: nginx.conf

????????- name: nginx-html-docs

??????????mountPath: /usr/share/nginx/

????????- name: nginx-log-pvc

??????????mountPath: /var/log/nginx/

??????nodeSelector:

????????type: web

??????volumes:

??????- name: nginx-config

????????configMap:

??????????name: cm-nginx-config

??????- name: nginx-log-pvc

????????persistentVolumeClaim:

??????????claimName: nginx-log-pvc

??????- name: nginx-html-docs

????????hostPath:

??????????path: /usr/share/nginx/

??????????type: Directory

---

apiVersion: v1

kind: Service

metadata:

??name: nginx

spec:

??type: NodePort

??ports:

??- name: nginx1

????port: 80

????nodePort: 30001

??- name: nginx2

????port: 81

????nodePort: 30002

??selector:

????app: nginx

tomcat.yaml

---

apiVersion: v1

kind: PersistentVolume

metadata:

??name: tomcat-log-pv

??labels:

????name: tomcat-log-pv

spec:

??capacity:

????storage: 5Mi

??accessModes:

??- ReadWriteOnce

??persistentVolumeReclaimPolicy: Recycle

??hostPath:

????path: /var/log/tomcat/

---

apiVersion: v1

kind: PersistentVolumeClaim

metadata:

??name: tomcat-log-pvc

spec:

??accessModes:

??- ReadWriteOnce

??resources:

????requests:

??????storage: 5Mi

??selector:

????matchLabels:

??????name: tomcat-log-pv

---

apiVersion: v1

kind: ConfigMap

metadata:

??name: cm-tomcat-server-config

data:

??server.xml: |

????<?xml version='1.0' encoding='utf-8'?>

????<Server port="8005" shutdown="SHUTDOWN">

??????<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />

??????<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />

??????<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />

??????<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />

??????<GlobalNamingResources>

????????<Resource name="UserDatabase" auth="Container"

??????????????????type="org.apache.catalina.UserDatabase"

??????????????????description="User database that can be updated and saved"

??????????????????factory="org.apache.catalina.users.MemoryUserDatabaseFactory"

??????????????????pathname="conf/tomcat-users.xml" />

??????</GlobalNamingResources>

??????<Service name="test1">

????????<Connector port="8080" protocol="HTTP/1.1"

???????????????????connectionTimeout="20000"

???????????????????redirectPort="8443" />

????????<Engine name="test1" defaultHost="test1">

??????????<Realm className="org.apache.catalina.realm.LockOutRealm">

????????????<Realm className="org.apache.catalina.realm.UserDatabaseRealm"

???????????????????resourceName="UserDatabase"/>

??????????</Realm>

??????????<Host name="test1" ?appBase="/usr/share/tomcat/test1"

????????????????unpackWARs="true" autoDeploy="true">

????????????<Valve className="org.apache.catalina.valves.AccessLogValve" directory="/var/log/tomcat/"

???????????????????prefix="test1_access_log" suffix=".txt"

???????????????????pattern="%{X-Forwarded-For}i %h %l %u %t %r %s %b %{Referer}i %{User-Agent}i" />

??????????</Host>

????????</Engine>

??????</Service>

??????<Service name="test2">

????????<Connector port="8081" protocol="HTTP/1.1"

???????????????????connectionTimeout="20000"

???????????????????redirectPort="8443" />

????????<Engine name="test2" defaultHost="test2">

??????????<Realm className="org.apache.catalina.realm.LockOutRealm">

????????????<Realm className="org.apache.catalina.realm.UserDatabaseRealm"

???????????????????resourceName="UserDatabase"/>

??????????</Realm>

??????????<Host name="test2" ?appBase="/usr/share/tomcat/test2"

????????????????unpackWARs="true" autoDeploy="true">

????????????<Valve className="org.apache.catalina.valves.AccessLogValve" directory="/var/log/tomcat/"

???????????????????prefix="test2_access_log" suffix=".txt"

???????????????????pattern="%{X-Forwarded-For}i %h %l %u %t %r %s %b %{Referer}i %{User-Agent}i" />

??????????</Host>

????????</Engine>

??????</Service>

????</Server>

---

apiVersion: apps/v1

kind: StatefulSet

metadata:

??name: tomcat-sts

spec:

??selector:

????matchLabels:

??????app: tomcat

??replicas: 2

??serviceName: tomcatserver

??template:

????metadata:

??????labels:

????????app: tomcat

????spec:

??????containers:

??????- name: tomcat

????????image: docker.io/tomcat:latest

????????imagePullPolicy: Never

????????command: [ "/bin/sh", "-c" ]

????????args:

????????- "bin/catalina.sh run;"

????????ports:

????????- containerPort: 8080

??????????name: test1

????????- containerPort: 8081

??????????name: test2

????????volumeMounts:

????????- name: tomcat-server-config

??????????mountPath: /usr/local/tomcat/conf/server.xml

??????????subPath: server.xml

????????- name: tomcat-webapp

??????????mountPath: /usr/share/tomcat/

????????- name: tomcat-log-pvc

??????????mountPath: /var/log/tomcat/

??????nodeSelector:

????????type: web

??????volumes:

??????- name: tomcat-server-config

????????configMap:

??????????name: cm-tomcat-server-config

??????- name: tomcat-log-pvc

????????persistentVolumeClaim:

??????????claimName: tomcat-log-pvc

??????- name: tomcat-webapp

????????hostPath:

??????????path: /usr/share/tomcat/

??????????type: Directory

---

apiVersion: v1

kind: Service

metadata:

??name: tomcat

??labels:

????app: tomcat

spec:

??clusterIP: None

??ports:

??- port: 8080

????name: test1

??- port: 8081

????name: test2

??selector:

????app: tomcat

filebeat.yaml

---

apiVersion: v1

kind: ConfigMap

metadata:

??name: cm-filebeat-config

data:

??filebeat.yml: |

????filebeat.inputs:

????- type: log

??????enabled: true

??????paths:

??????- /var/log/nginx/*.log

????filebeat.config.modules:

??????path: ${path.config}/modules.d/*.yml

??????reload.enabled: false

????output.logstash:

??????hosts: [ "logstash:5044" ]

---

apiVersion: apps/v1

kind: DaemonSet

metadata:

??name: filebeat

spec:

??selector:

????matchLabels:

??????app: filebeat

??template:

????metadata:

??????labels:

????????app: filebeat

????spec:

??????containers:

??????- name: filebeat

????????image: docker.elastic.co/beats/filebeat:7.11.1

????????imagePullPolicy: Never

????????command: [ "./filebeat" ]

????????args:

????????- -e

????????- -c

????????- filebeat.yml

????????volumeMounts:

????????- name: filebeat-config

??????????mountPath: /usr/share/filebeat/filebeat.yml

??????????subPath: filebeat.yml

????????- name: nginx-log-pvc

??????????mountPath: /var/log/nginx/

??????volumes:

??????- name: filebeat-config

????????configMap:

??????????name: cm-filebeat-config

??????- name: nginx-log-pvc

????????persistentVolumeClaim:

??????????claimName: nginx-log-pvc

logstash.yaml

---

apiVersion: v1

kind: ConfigMap

metadata:

??name: cm-logstash-yml-config

data:

??logstash.yml: |

????http.host: "0.0.0.0"

????xpack.monitoring.elasticsearch.hosts: ["http://elasticsearch:9200"]

---

apiVersion: v1

kind: ConfigMap

metadata:

??name: cm-logstash-config

data:

??logstash.conf: |

????input {

??????beats {

????????port => 5044

??????}

????}

????output {

??????elasticsearch {

????????hosts => "elasticsearch:9200"

????????index => "%{[@metadata][beat]}-%{[@metadata][version]}-%{+YYYY.MM.dd}"

??????}

????}

---

apiVersion: apps/v1

kind: Deployment

metadata:

??name: logstash

spec:

??replicas: 1

??selector:

????matchLabels:

??????app: logstash

??template:

????metadata:

??????labels:

????????app: logstash

????spec:

??????containers:

??????- image: docker.elastic.co/logstash/logstash:7.11.1

????????name: logstash

????????imagePullPolicy: Never

????????command: [ "bin/logstash" ]

????????args:

????????- -f

????????- config/logstash.conf

????????ports:

????????- name: log-es

??????????containerPort: 5044

????????volumeMounts:

????????- name: logstash-yml-config

??????????mountPath: /usr/share/logstash/config/logstash.yml

??????????subPath: logstash.yml

????????- name: logstash-config

??????????mountPath: /usr/share/logstash/config/logstash.conf

??????????subPath: logstash.conf

??????nodeSelector:

????????type: elk

??????volumes:

??????- name: logstash-yml-config

????????configMap:

??????????name: cm-logstash-yml-config

??????- name: logstash-config

????????configMap:

??????????name: cm-logstash-config

---

apiVersion: v1

kind: Service

metadata:

??name: logstash

spec:

??type: ClusterIP

??ports:

??- name: log-es

????port: 5044

??selector:

????app: logstash

elasticsearch.yaml

---

apiVersion: v1

kind: ConfigMap

metadata:

??name: cm-elasticsearch-config

data:

??elasticsearch.yml: |

????network.host: 0.0.0.0

????http.port: 9200

????cluster.initial_master_nodes: '${POD_IP}'

---

apiVersion: apps/v1

kind: Deployment

metadata:

??name: elasticsearch

spec:

??replicas: 1

??selector:

????matchLabels:

??????app: elasticsearch

??template:

????metadata:

??????labels:

????????app: elasticsearch

????spec:

??????containers:

??????- image: docker.elastic.co/elasticsearch/elasticsearch:7.11.1

????????name: elasticsearch

????????imagePullPolicy: Never

????????env:

????????- name: POD_IP

??????????valueFrom:

????????????fieldRef:

??????????????fieldPath: status.podIP

????????ports:

????????- name: es-kibana

??????????containerPort: 9200

????????volumeMounts:

????????- name: elasticsearch-config

??????????mountPath: /usr/share/elasticsearch/config/elasticsearch.yml

??????????subPath: elasticsearch.yml

??????nodeSelector:

????????type: elk

??????volumes:

??????- name: elasticsearch-config

????????configMap:

??????????name: cm-elasticsearch-config

---

apiVersion: v1

kind: Service

metadata:

??name: elasticsearch

spec:

??type: ClusterIP

??ports:

??- name: log

????port: 9200

??selector:

????app: elasticsearch

kibana.yaml

---

apiVersion: v1

kind: ConfigMap

metadata:

??name: cm-kibana-config

data:

??kibana.yml: |

????server.port: 5601

????server.host: "0.0.0.0"

????elasticsearch.hosts: ["http://elasticsearch:9200"]

---

apiVersion: apps/v1

kind: Deployment

metadata:

??name: kibana

spec:

??replicas: 1

??selector:

????matchLabels:

??????app: kibana

??template:

????metadata:

??????labels:

????????app: kibana

????spec:

??????containers:

??????- image: docker.elastic.co/kibana/kibana:7.11.1

????????name: kibana

????????imagePullPolicy: Never

????????command: [ "bin/kibana" ]

????????args:

????????- '--allow-root'

????????ports:

????????- name: web

??????????containerPort: 5601

????????volumeMounts:

????????- name: kibana-config

??????????mountPath: /usr/share/kibana/config/kibana.yml

??????????subPath: kibana.yml

??????nodeSelector:

????????type: elk

??????volumes:

??????- name: kibana-config

????????configMap:

??????????name: cm-kibana-config

---

apiVersion: v1

kind: Service

metadata:

??name: kibana

spec:

??type: NodePort

??ports:

??- name: web

????port: 5601

????nodePort: 30003

??selector:

????app: kibana

最后編輯于：2021.02.28 20:31:02

?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者

人面猴
序言：七十年代末喷众，一起剝皮案震驚了整個(gè)濱河市各谚，隨后出現(xiàn)的幾起案子，更是在濱河造成了極大的恐慌到千，老刑警劉巖昌渤，帶你破解...
沈念sama閱讀 222,729評(píng)論 6贊 517
死咒
序言：濱河連續(xù)發(fā)生了三起死亡事件，死亡現(xiàn)場(chǎng)離奇詭異憔四，居然都是意外死亡膀息，警方通過查閱死者的電腦和手機(jī)，發(fā)現(xiàn)死者居然都...
沈念sama閱讀 95,226評(píng)論 3贊 399
救了他兩次的神仙讓他今天三更去死
文/潘曉璐我一進(jìn)店門了赵，熙熙樓的掌柜王于貴愁眉苦臉地迎上來潜支，“玉大人，你說我怎么就攤上這事柿汛∪吣穑” “怎么了？”我有些...
開封第一講書人閱讀 169,461評(píng)論 0贊 362
道士緝兇錄：失蹤的賣姜人
文/不壞的土叔我叫張陵苛茂，是天一觀的道長(zhǎng)已烤。經(jīng)常有香客問我，道長(zhǎng)妓羊，這世上最難降的妖魔是什么胯究？我笑而不...
開封第一講書人閱讀 60,135評(píng)論 1贊 300
?港島之戀（遺憾婚禮）
正文為了忘掉前任，我火速辦了婚禮躁绸，結(jié)果婚禮上裕循，老公的妹妹穿的比我還像新娘臣嚣。我一直安慰自己，他們只是感情好剥哑，可當(dāng)我...
茶點(diǎn)故事閱讀 69,130評(píng)論 6贊 398
惡毒庶女頂嫁案：這布局不是一般人想出來的
文/花漫我一把揭開白布硅则。她就那樣靜靜地躺著，像睡著了一般株婴。火紅的嫁衣襯著肌膚如雪怎虫。梳的紋絲不亂的頭發(fā)上，一...
開封第一講書人閱讀 52,736評(píng)論 1贊 312
城市分裂傳說
那天困介，我揣著相機(jī)與錄音大审，去河邊找鬼。笑死座哩，一個(gè)胖子當(dāng)著我的面吹牛徒扶，可吹牛的內(nèi)容都是我干的。我是一名探鬼主播根穷，決...
沈念sama閱讀 41,179評(píng)論 3贊 422
雙鴛鴦連環(huán)套：你想象不到人心有多黑
文/蒼蘭香墨我猛地睜開眼姜骡，長(zhǎng)吁一口氣：“原來是場(chǎng)噩夢(mèng)啊……” “哼！你這毒婦竟也來了屿良？” 一聲冷哼從身側(cè)響起圈澈，我...
開封第一講書人閱讀 40,124評(píng)論 0贊 277
萬榮殺人案實(shí)錄
序言：老撾萬榮一對(duì)情侶失蹤，失蹤者是張志新（化名）和其女友劉穎尘惧，沒想到半個(gè)月后士败，有當(dāng)?shù)厝嗽跇淞掷锇l(fā)現(xiàn)了一具尸體，經(jīng)...
沈念sama閱讀 46,657評(píng)論 1贊 320
?護(hù)林員之死
正文獨(dú)居荒郊野嶺守林人離奇死亡褥伴，尸身上長(zhǎng)有42處帶血的膿包…… 初始之章·張勛以下內(nèi)容為張勛視角年9月15日...
茶點(diǎn)故事閱讀 38,723評(píng)論 3贊 342
?白月光啟示錄
正文我和宋清朗相戀三年谅将，在試婚紗的時(shí)候發(fā)現(xiàn)自己被綠了。大學(xué)時(shí)的朋友給我發(fā)了我未婚夫和他白月光在一起吃飯的照片重慢。...
茶點(diǎn)故事閱讀 40,872評(píng)論 1贊 353
活死人
序言：一個(gè)原本活蹦亂跳的男人離奇死亡饥臂，死狀恐怖，靈堂內(nèi)的尸體忽然破棺而出似踱，到底是詐尸還是另有隱情隅熙，我是刑警寧澤，帶...
沈念sama閱讀 36,533評(píng)論 5贊 351
?日本核電站爆炸內(nèi)幕
正文年R本政府宣布核芽，位于F島的核電站囚戚，受9級(jí)特大地震影響，放射性物質(zhì)發(fā)生泄漏轧简。R本人自食惡果不足惜驰坊，卻給世界環(huán)境...
茶點(diǎn)故事閱讀 42,213評(píng)論 3贊 336
男人毒藥：我在死后第九天來索命
文/蒙蒙一、第九天我趴在偏房一處隱蔽的房頂上張望哮独。院中可真熱鬧拳芙，春花似錦察藐、人聲如沸。這莊子的主人今日做“春日...
開封第一講書人閱讀 32,700評(píng)論 0贊 25
一樁弒父案分飞，背后竟有這般陰謀
文/蒼蘭香墨我抬頭看了看天上的太陽。三九已至睹限，卻和暖如春譬猫，著一層夾襖步出監(jiān)牢的瞬間，已是汗流浹背羡疗。一陣腳步聲響...
開封第一講書人閱讀 33,819評(píng)論 1贊 274
情欲美人皮
我被黑心中介騙來泰國(guó)打工删窒，沒想到剛下飛機(jī)就差點(diǎn)兒被人妖公主榨干…… 1. 我叫王不留，地道東北人顺囊。一個(gè)月前我還...
沈念sama閱讀 49,304評(píng)論 3贊 379
代替公主和親
正文我出身青樓，卻偏偏與公主長(zhǎng)得像蕉拢，于是被迫代替她去往敵國(guó)和親特碳。傳聞我的和親對(duì)象是個(gè)殘疾皇子，可洞房花燭夜當(dāng)晚...
茶點(diǎn)故事閱讀 45,876評(píng)論 2贊 361

K8s實(shí)現(xiàn)nginx点骑、tomcat動(dòng)靜分離

K8s實(shí)現(xiàn)nginx泛范、tomcat動(dòng)靜分離

推薦閱讀更多精彩內(nèi)容