blog post see http://blog.dnaroma.eu/2020/07/31/study-k8s-with-microk8s/
Last active
September 19, 2023 14:29
-
-
Save dnaroma/178b3b187aa329c01b27d90a7b38709c to your computer and use it in GitHub Desktop.
Kubernetes MySQL+PhpMyAdmin+Nginx-Ingress
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: cert-manager.io/v1alpha2 | |
kind: Issuer | |
metadata: | |
name: letsencrypt-prod | |
spec: | |
acme: | |
# The ACME server URL | |
server: https://acme-v02.api.letsencrypt.org/directory | |
# Email address used for ACME registration | |
email: [your email address] | |
# Name of a secret used to store the ACME account private key | |
privateKeySecretRef: | |
name: letsencrypt-prod | |
# Enable the HTTP-01 challenge provider | |
solvers: | |
- http01: | |
ingress: | |
class: nginx |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: cert-manager.io/v1alpha2 | |
kind: Issuer | |
metadata: | |
name: letsencrypt-staging | |
spec: | |
acme: | |
# The ACME server URL | |
server: https://acme-staging-v02.api.letsencrypt.org/directory | |
# Email address used for ACME registration | |
email: [your email address] | |
# Name of a secret used to store the ACME account private key | |
privateKeySecretRef: | |
name: letsencrypt-staging | |
# Enable the HTTP-01 challenge provider | |
solvers: | |
- http01: | |
ingress: | |
class: nginx |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: v1 | |
kind: Service | |
metadata: | |
name: mysql | |
labels: | |
app: mysql | |
spec: | |
ports: | |
- port: 3306 | |
targetPort: 3306 | |
name: mysql | |
selector: | |
app: mysql | |
type: ClusterIP | |
--- | |
apiVersion: apps/v1 | |
kind: Deployment | |
metadata: | |
creationTimestamp: null | |
labels: | |
app: mysql | |
name: mysql | |
spec: | |
replicas: 1 | |
selector: | |
matchLabels: | |
app: mysql | |
strategy: | |
type: Recreate # ensure only one instance running | |
template: | |
metadata: | |
creationTimestamp: null | |
labels: | |
app: mysql | |
spec: | |
containers: | |
- image: mysql:5.6 | |
name: mysql | |
env: | |
- name: MYSQL_ROOT_PASSWORD | |
valueFrom: | |
secretKeyRef: | |
name: mysql-secret | |
key: root_password | |
ports: | |
- containerPort: 3306 | |
name: mysql | |
volumeMounts: | |
- name: mysql-persistent-storage | |
mountPath: /var/lib/mysql | |
volumes: | |
- name: mysql-persistent-storage | |
persistentVolumeClaim: | |
claimName: mysql-pv-claim # mount PersistentVolumeClaim here |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: v1 | |
kind: PersistentVolume | |
metadata: | |
name: mysql-pv-volume | |
labels: | |
app: mysql | |
spec: | |
capacity: | |
storage: 2Gi # allocate the space you want | |
volumeMode: Filesystem | |
accessModes: | |
- ReadWriteOnce | |
persistentVolumeReclaimPolicy: Retain | |
storageClassName: manual | |
hostPath: | |
path: /mnt/mysql-data # set the path you want on your machine | |
--- | |
apiVersion: v1 | |
kind: PersistentVolumeClaim | |
metadata: | |
name: mysql-pv-claim | |
spec: | |
accessModes: | |
- ReadWriteOnce | |
resources: | |
requests: | |
storage: 2Gi # how much is claimed | |
storageClassName: manual |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: v1 | |
kind: Secret | |
type: Opaque | |
metadata: | |
creationTimestamp: null | |
name: mysql-secret | |
data: | |
root_password: [base64 encoded password] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
controller: | |
service: | |
type: NodePort | |
externalIPs: | |
- [your external IP] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: apps/v1 | |
kind: Deployment | |
metadata: | |
creationTimestamp: null | |
labels: | |
app: pma | |
name: pma | |
spec: | |
replicas: 1 | |
selector: | |
matchLabels: | |
app: pma | |
# strategy: | |
# type: Recreate | |
template: | |
metadata: | |
creationTimestamp: null | |
labels: | |
app: pma | |
spec: | |
containers: | |
- image: phpmyadmin/phpmyadmin | |
name: phpmyadmin | |
ports: | |
- containerPort: 80 | |
env: | |
- name: PMA_ABSOLUTE_URI | |
value: [your pma uri] | |
- name: PMA_HOST | |
value: mysql | |
- name: PMA_PORT | |
value: "3306" | |
- name: MYSQL_ROOT_PASSWORD | |
valueFrom: | |
secretKeyRef: | |
name: mysql-secret | |
key: root_password | |
--- | |
apiVersion: v1 | |
kind: Service | |
metadata: | |
name: pma-service | |
spec: | |
type: ClusterIP | |
selector: | |
app: pma | |
ports: | |
- protocol: TCP | |
port: 80 | |
targetPort: 80 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: extensions/v1beta1 | |
kind: Ingress | |
metadata: | |
annotations: | |
kubernetes.io/ingress.class: nginx | |
cert-manager.io/issuer: letsencrypt-prod | |
name: pma | |
# namespace: foo | |
spec: | |
rules: | |
- host: [your hostname] | |
http: | |
paths: | |
- backend: | |
serviceName: pma-service | |
servicePort: 80 | |
# This section is only required if TLS is to be enabled for the Ingress | |
tls: | |
- hosts: | |
- [your hostname] | |
secretName: pma-tls |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment