这里仅仅写部署过程,不写 WHY。
部署服务
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: blog
name: blog
namespace: default
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app: blog
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
annotations:
prometheus.io/port: "9527"
prometheus.io/scrape: "true"
creationTimestamp: null
labels:
app: blog
spec:
containers:
- env:
- name: TZ
value: Asia/Shanghai
image: halohub/halo:latest
imagePullPolicy: IfNotPresent
volumeMounts:
- name: data
mountPath: /root/.halo
lifecycle:
preStop:
exec:
command:
- /bin/sh
- -c
- sleep 15
name: blog
ports:
- containerPort: 8090
name: http
protocol: TCP
securityContext: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
terminationGracePeriodSeconds: 30
volumes:
- name: data
hostPath:
path: /root/.halo
---
apiVersion: v1
kind: Service
metadata:
name: blog
namespace: default
spec:
ports:
- port: 8090
protocol: TCP
targetPort: 8090
selector:
app: blog
sessionAffinity: None
type: ClusterIP
如果是迁移,先将老博客下的.halo 目录打包,放到具体的位置,再启动服务。
暴露服务
使用 Traefik 作为 Kubernetes 入口。
(1)创建证书
kubectl create secret tls blog-tls --key www.coolops.cn.key --cert www.coolops.cn_bundle.crt
(2) 暴露服务
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: www-blog-http
spec:
entryPoints:
- web
routes:
- match: Host(`www.coolops.cn`)
kind: Rule
services:
- name: blog
port: 8090
middlewares:
- name: redirect-https-middleware
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: www-blog-https
spec:
entryPoints:
- websecure
routes:
- match: Host(`www.coolops.cn`)
kind: Rule
services:
- name: blog
port: 8090
tls:
secretName: blog-tls
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: redirect-https-middleware
spec:
redirectScheme:
scheme: https
到此,搭建完成。