⽹站建设 WordPress Helm 资产⽂档
Transcript of ⽹站建设 WordPress Helm 资产⽂档
⽹站建设 WordPress Helm 资产⽂档
⼀、资产基本介绍
资产简介
WordPress是⼀款能让您建⽴出⾊⽹站、博客或应⽤程序的开源软件。
WordPress 创建于 2003 年,最初只是⽤来提⾼⽇常写作排版的⼯具,⽤户数扳着⼿指头和脚趾头就能数得做来。从那时起,它逐渐发展成为世界上使⽤最多的⾃助博客⼯具,⽤在数以⼗万计的⽹站中,每天都有数以千万的⽤户在使⽤。
WordPress Helm 模版可以在 Kubernetes 平台上⼀键部署⼀个可扩展的WordPress系统,同时集成时速云公有云 PaaS 平台的运维功能,实现对 WordPress 系统的⾃动化运维。
资产依赖镜像
Wordpress Helm包:192.168.1.52:/root/helm/wordpress-11.1.5.tgz Md5值:3ec619fcdf7144aab25a07852db6ec2cWordpress 镜像:dev-registry.tenxcloud.com/system_containers/wordpress:5.7.2-debian-10-r45镜像ID: 08b8e6db31b3
⼆、资产购买流程
在“云市场”中查询需要购买的资产
查看资产详情
购买资产:在资产详情中点击“购买”
阅读《云原⽣应⽤市场⽤户协议》,同意后勾选“我已阅读并同意...”确认点击“⽀付”
查看已购资产:购买资产后会⾃动跳转到“已购资产”⻚⾯显示被购买的资产
三、资产部署指南
查询购买(或导⼊)WordPress模版
在容器云--交付中⼼--应⽤模版 ⾥搜索 " wordpress ”
如果没有搜到WordPress模版,也可以在容器云--交付中⼼--应⽤模版--私有模版 ⾥导⼊私有WordPress模版
安装 WordPress 模版
点击“部署”, 选择版本开始安装
集群: 选择项⽬所授权的集群
发布名称:指定模版应⽤的名称,如: " wordpress "
描述:模版应⽤的描述信息, 如: " wordpress demo "
配置⽂件:
global:
imageRegistry:
## E.g.
## imagePullSecrets:
## - myRegistryKeySecretName
##
imagePullSecrets: []
storageClass: nfs-94
## @section Common parameters
## @param kubeVersion Override Kubernetes version
##
kubeVersion:
## @param nameOverride String to partially override common.names.fullname
##
nameOverride:
## @param fullnameOverride String to fully override common.names.fullname
##
fullnameOverride:
## @param commonLabels Labels to add to all deployed objects
##
commonLabels: {}
## @param commonAnnotations Annotations to add to all deployed objects
##
commonAnnotations: {}
## @param clusterDomain Kubernetes cluster domain name
##
clusterDomain: cluster.local
## @param extraDeploy Array of extra objects to deploy with the release
##
extraDeploy: []
## @section WordPress Image parameters
## Bitnami WordPress image
## ref: https://hub.docker.com/r/bitnami/wordpress/tags/
## @param image.registry WordPress image registry
## @param image.repository WordPress image repository
## @param image.tag WordPress image tag (immutable tags are recommended)
## @param image.pullPolicy WordPress image pull policy
## @param image.pullSecrets WordPress image pull secrets
## @param image.debug Enable image debug mode
##
image:
registry: dev-registry.tenxcloud.com
repository: system_containers/wordpress
tag: 5.7.2-debian-10-r45
pullPolicy: IfNotPresent
pullSecrets: []
## - myRegistryKeySecretName
## Enable debug mode
debug: false
## @section WordPress Configuration parameters
## WordPress settings based on environment variables
## ref: https://github.com/bitnami/bitnami-docker-wordpress#environment-
variables
## @param wordpressUsername WordPress username
##
wordpressUsername: admin
## @param wordpressPassword WordPress user password
## Defaults to a random 10-character alphanumeric string if not set
##
wordpressPassword: "admin"
## @param existingSecret Name of existing secret containing WordPress
credentials
## NOTE: Must contain key `wordpress-password`
## NOTE: When it's set, the `wordpressPassword` parameter is ignored
##
existingSecret:
## @param wordpressEmail WordPress user email
##
wordpressEmail: [email protected]
## @param wordpressFirstName WordPress user first name
##
wordpressFirstName: FirstName
## @param wordpressLastName WordPress user last name
##
wordpressLastName: LastName
## @param wordpressBlogName Blog name
##
wordpressBlogName: User's Blog!
## @param wordpressTablePrefix Prefix to use for WordPress database tables
##
wordpressTablePrefix: wp_
## @param wordpressScheme Scheme to use to generate WordPress URLs
##
wordpressScheme: http
## @param wordpressSkipInstall Skip wizard installation
## NOTE: useful if you use an external database that already contains
WordPress data
## ref: https://github.com/bitnami/bitnami-docker-wordpress#connect-
wordpress-docker-container-to-an-existing-database
##
wordpressSkipInstall: false
## @param wordpressExtraConfigContent Add extra content to the default wp-
config.php file
## e.g:
## wordpressExtraConfigContent: |
## @ini_set( 'post_max_size', '128M');
## @ini_set( 'memory_limit', '256M' );
##
wordpressExtraConfigContent:
## @param wordpressConfiguration The content for your custom wp-config.php
file (advanced feature)
## NOTE: This will override configuring WordPress based on environment
variables (including those set by the chart)
## NOTE: Currently only supported when `wordpressSkipInstall=true`
##
wordpressConfiguration:
## @param existingWordPressConfigurationSecret The name of an existing
secret with your custom wp-config.php file (advanced feature)
## NOTE: When it's set the `wordpressConfiguration` parameter is ignored
##
existingWordPressConfigurationSecret:
## @param wordpressConfigureCache Enable W3 Total Cache plugin and
configure cache settings
## NOTE: useful if you deploy Memcached for caching database queries or
you use an external cache server
##
wordpressConfigureCache: false
## @param wordpressAutoUpdateLevel Level of auto-updates to allow. Allowed
values: `major`, `minor` or `none`.
##
wordpressAutoUpdateLevel: none
## @param wordpressPlugins Array of plugins to install and activate. Can
be specified as `all` or `none`.
## NOTE: If set to all, only plugins that are already installed will be
activated, and if set to none, no plugins will be activated
##
wordpressPlugins: none
## @param apacheConfiguration The content for your custom httpd.conf file
(advanced feature)
##
apacheConfiguration:
## @param existingApacheConfigurationConfigMap The name of an existing
secret with your custom httpd.conf file (advanced feature)
## NOTE: When it's set the `apacheConfiguration` parameter is ignored
##
existingApacheConfigurationConfigMap:
## @param customPostInitScripts Custom post-init.d user scripts
## ref: https://github.com/bitnami/bitnami-docker-
wordpress/tree/master/5/debian-10/rootfs/post-init.d
## NOTE: supported formats are `.sh`, `.sql` or `.php`
## NOTE: scripts are exclusively executed during the 1st boot of the
container
## e.g:
## customPostInitScripts:
## enable-multisite.sh: |
## #!/bin/bash
## chmod +w /bitnami/wordpress/wp-config.php
## wp core multisite-install --url=example.com --title="Welcome to the
WordPress Multisite" --admin_user="doesntmatternotreallyused" --
admin_password="doesntmatternotreallyused" --
admin_email="[email protected]"
## cat /docker-entrypoint-init.d/.htaccess >
/bitnami/wordpress/.htaccess
## chmod -w bitnami/wordpress/wp-config.php
## .htaccess: |
## RewriteEngine On
## RewriteBase /
## ...
##
customPostInitScripts: {}
## SMTP mail delivery configuration
## ref: https://github.com/bitnami/bitnami-docker-wordpress/#smtp-
configuration
## @param smtpHost SMTP server host
## @param smtpPort SMTP server port
## @param smtpUser SMTP username
## @param smtpPassword SMTP user password
## @param smtpProtocol SMTP protocol
##
smtpHost: ""
smtpPort: ""
smtpUser: ""
smtpPassword: ""
smtpProtocol: ""
## @param smtpExistingSecret The name of an existing secret with SMTP
credentials
## NOTE: Must contain key `smtp-password`
## NOTE: When it's set, the `smtpPassword` parameter is ignored
##
smtpExistingSecret:
## @param allowEmptyPassword Allow the container to be started with blank
passwords
##
allowEmptyPassword: true
## @param allowOverrideNone Configure Apache to prohibit overriding
directives with htaccess files
##
allowOverrideNone: false
## @param htaccessPersistenceEnabled Persist custom changes on htaccess
files
## If `allowOverrideNone` is `false`, it will persist
`/opt/bitnami/wordpress/wordpress-htaccess.conf`
## If `allowOverrideNone` is `true`, it will persist
`/opt/bitnami/wordpress/.htaccess`
##
htaccessPersistenceEnabled: false
## @param customHTAccessCM The name of an existing ConfigMap with custom
htaccess rules
## NOTE: Must contain key `wordpress-htaccess.conf` with the file content
## NOTE: Requires setting `allowOverrideNone=false`
##
customHTAccessCM:
## @param command Override default container command (useful when using
custom images)
##
command: []
## @param args Override default container args (useful when using custom
images)
##
args: []
## @param extraEnvVars Array with extra environment variables to add to
the WordPress container
## e.g:
## extraEnvVars:
## - name: FOO
## value: "bar"
##
extraEnvVars: []
## @param extraEnvVarsCM Name of existing ConfigMap containing extra env
vars
##
extraEnvVarsCM:
## @param extraEnvVarsSecret Name of existing Secret containing extra env
vars
##
extraEnvVarsSecret:
## @section WordPress Multisite Configuration parameters
## ref: https://github.com/bitnami/bitnami-docker-wordpress#multisite-
configuration
## @param multisite.enable Whether to enable WordPress Multisite
configuration.
## @param multisite.host WordPress Multisite hostname/address. This value
is mandatory when enabling Multisite mode.
## @param multisite.networkType WordPress Multisite network type to
enable. Allowed values: `subfolder`, `subdirectory` or `subdomain`.
## @param multisite.enableNipIoRedirect Whether to enable IP address
redirection to nip.io wildcard DNS. Useful when running on an IP address
with subdomain network type.
##
multisite:
enable: false
host: ""
networkType: subdomain
enableNipIoRedirect: false
## @section WordPress deployment parameters
## @param replicaCount Number of WordPress replicas to deploy
## NOTE: ReadWriteMany PVC(s) are required if replicaCount > 1
##
replicaCount: 1
## @param updateStrategy.type WordPress deployment strategy type
## @param updateStrategy.rollingUpdate WordPress deployment rolling update
configuration parameters
## ref:
https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#stra
tegy
## NOTE: Set it to `Recreate` if you use a PV that cannot be mounted on
multiple pods
## e.g:
## updateStrategy:
## type: RollingUpdate
## rollingUpdate:
## maxSurge: 25%
## maxUnavailable: 25%
##
updateStrategy:
type: RollingUpdate
rollingUpdate: {}
## @param schedulerName Alternate scheduler
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-
multiple-schedulers/
##
schedulerName:
## @param serviceAccountName ServiceAccount name
##
serviceAccountName: default
## @param hostAliases [array] WordPress pod host aliases
## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-
pod-etc-hosts-with-host-aliases/
##
hostAliases:
## Required for apache-exporter to work
- ip: "127.0.0.1"
hostnames:
- "status.localhost"
## @param extraVolumes Optionally specify extra list of additional volumes
for WordPress pods
##
extraVolumes: []
## @param extraVolumeMounts Optionally specify extra list of additional
volumeMounts for WordPress container(s)
##
extraVolumeMounts: []
## @param sidecars Add additional sidecar containers to the WordPress pod
## e.g:
## sidecars:
## - name: your-image-name
## image: your-image
## imagePullPolicy: Always
## ports:
## - name: portname
## containerPort: 1234
##
sidecars: {}
## @param initContainers Add additional init containers to the WordPress
pods
## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-
containers/
## e.g:
## initContainers:
## - name: your-image-name
## image: your-image
## imagePullPolicy: Always
## command: ['sh', '-c', 'copy themes and plugins from git and push to
/bitnami/wordpress/wp-content. Should work with extraVolumeMounts and
extraVolumes']
##
initContainers: {}
## @param podLabels Extra labels for WordPress pods
## ref: https://kubernetes.io/docs/concepts/overview/working-with-
objects/labels/
##
podLabels: {}
## @param podAnnotations Annotations for WordPress pods
## ref: https://kubernetes.io/docs/concepts/overview/working-with-
objects/annotations/
##
podAnnotations: {}
## @param podAffinityPreset Pod affinity preset. Ignored if `affinity` is
set. Allowed values: `soft` or `hard`
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-
pod-node/#inter-pod-affinity-and-anti-affinity
##
podAffinityPreset: ""
## @param podAntiAffinityPreset Pod anti-affinity preset. Ignored if
`affinity` is set. Allowed values: `soft` or `hard`
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-
pod-node/#inter-pod-affinity-and-anti-affinity
##
podAntiAffinityPreset: soft
## Node affinity preset
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-
pod-node/#node-affinity
##
nodeAffinityPreset:
## @param nodeAffinityPreset.type Node affinity preset type. Ignored if
`affinity` is set. Allowed values: `soft` or `hard`
##
type: ""
## @param nodeAffinityPreset.key Node label key to match. Ignored if
`affinity` is set
##
key: ""
## @param nodeAffinityPreset.values Node label values to match. Ignored
if `affinity` is set
## E.g.
## values:
## - e2e-az1
## - e2e-az2
##
values: []
## @param affinity Affinity for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-
node/#affinity-and-anti-affinity
## NOTE: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset
will be ignored when it's set
##
affinity: {}
## @param nodeSelector Node labels for pod assignment
## ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## @param tolerations Tolerations for pod assignment
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-
toleration/
##
tolerations: []
## WordPress containers' resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
## @param resources.limits The resources limits for the WordPress
container
## @param resources.requests [object] The requested resources for the
WordPress container
##
resources:
limits: {}
requests:
memory: 512Mi
cpu: 300m
## Container ports
## @param containerPorts.http WordPress HTTP container port
## @param containerPorts.https WordPress HTTPS container port
##
containerPorts:
http: 8080
https: 8443
## Configure Pods Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-
context/#set-the-security-context-for-a-pod
## @param podSecurityContext.enabled Enabled WordPress pods' Security
Context
## @param podSecurityContext.fsGroup Set WordPress pod's Security Context
fsGroup
##
podSecurityContext:
enabled: true
fsGroup: 1001
## Configure Container Security Context (only main container)
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-
context/#set-the-security-context-for-a-container
## @param containerSecurityContext.enabled Enabled WordPress containers'
Security Context
## @param containerSecurityContext.runAsUser Set WordPress container's
Security Context runAsUser
## @param containerSecurityContext.runAsNonRoot Set WordPress container's
Security Context runAsNonRoot
##
containerSecurityContext:
enabled: true
runAsUser: 1001
runAsNonRoot: true
## Configure extra options for WordPress containers' liveness and
readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-
container/configure-liveness-readiness-probes/#configure-probes
## @param livenessProbe.enabled Enable livenessProbe
## @skip livenessProbe.httpGet
## @param livenessProbe.initialDelaySeconds Initial delay seconds for
livenessProbe
## @param livenessProbe.periodSeconds Period seconds for livenessProbe
## @param livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
## @param livenessProbe.failureThreshold Failure threshold for
livenessProbe
## @param livenessProbe.successThreshold Success threshold for
livenessProbe
##
livenessProbe:
enabled: true
httpGet:
path: /wp-admin/install.php
port: http
scheme: HTTP
## If using an HTTPS-terminating load-balancer, the probes may need to
behave
## like the balancer to prevent HTTP 302 responses. According to the
Kubernetes
## docs, 302 should be considered "successful", but this issue on
GitHub
## (https://github.com/kubernetes/kubernetes/issues/47893) shows that
it isn't.
## E.g.
## httpHeaders:
## - name: X-Forwarded-Proto
## value: https
##
httpHeaders: []
initialDelaySeconds: 120
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
## @param readinessProbe.enabled Enable readinessProbe
## @skip readinessProbe.httpGet
## @param readinessProbe.initialDelaySeconds Initial delay seconds for
readinessProbe
## @param readinessProbe.periodSeconds Period seconds for readinessProbe
## @param readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
## @param readinessProbe.failureThreshold Failure threshold for
readinessProbe
## @param readinessProbe.successThreshold Success threshold for
readinessProbe
##
readinessProbe:
enabled: true
httpGet:
path: /wp-login.php
port: http
scheme: HTTP
## If using an HTTPS-terminating load-balancer, the probes may need to
behave
## like the balancer to prevent HTTP 302 responses. According to the
Kubernetes
## docs, 302 should be considered "successful", but this issue on
GitHub
## (https://github.com/kubernetes/kubernetes/issues/47893) shows that
it isn't.
## E.g.
## httpHeaders:
## - name: X-Forwarded-Proto
## value: https
##
httpHeaders: []
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
## @param customLivenessProbe Custom livenessProbe that overrides the
default one
##
customLivenessProbe: {}
## @param customReadinessProbe Custom readinessProbe that overrides the
default one
#
customReadinessProbe: {}
## @section Traffic Exposure Parameters
## WordPress service parameters
##
service:
## @param service.type WordPress service type
##
type: ClusterIP
## @param service.port WordPress service HTTP port
##
port: 8080
## @param service.httpsPort WordPress service HTTPS port
##
httpsPort: 8443
## @param service.httpsTargetPort Target port for HTTPS
##
httpsTargetPort: https
## Node ports to expose
## @param service.nodePorts.http Node port for HTTP
## @param service.nodePorts.https Node port for HTTPS
## NOTE: choose port between <30000-32767>
##
nodePorts:
http:
https:
## @param service.clusterIP WordPress service Cluster IP
## e.g.:
## clusterIP: None
##
clusterIP:
## @param service.loadBalancerIP WordPress service Load Balancer IP
## ref: https://kubernetes.io/docs/concepts/services-
networking/service/#type-loadbalancer
##
loadBalancerIP:
## @param service.loadBalancerSourceRanges WordPress service Load
Balancer sources
## ref: https://kubernetes.io/docs/tasks/access-application-
cluster/configure-cloud-provider-firewall/#restrict-access-for-
loadbalancer-service
## e.g:
## loadBalancerSourceRanges:
## - 10.10.10.0/24
##
loadBalancerSourceRanges: []
## @param service.externalTrafficPolicy WordPress service external
traffic policy
## ref http://kubernetes.io/docs/tasks/access-application-
cluster/create-external-load-balancer/#preserving-the-client-source-ip
##
externalTrafficPolicy: Cluster
## @param service.annotations Additional custom annotations for
WordPress service
##
annotations: {}
## @param service.extraPorts Extra port to expose on WordPress service
##
extraPorts: []
## Configure the ingress resource that allows you to access the WordPress
installation
## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/
##
ingress:
## @param ingress.enabled Enable ingress record generation for WordPress
##
enabled: false
## @param ingress.certManager Add the corresponding annotations for
cert-manager integration
##
certManager: false
## @param ingress.pathType Ingress path type
##
pathType: ImplementationSpecific
## @param ingress.apiVersion Force Ingress API version (automatically
detected if not set)
##
apiVersion:
## @param ingress.ingressClassName IngressClass that will be be used to
implement the Ingress (Kubernetes 1.18+)
## This is supported in Kubernetes 1.18+ and required if you have more
than one IngressClass marked as the default for your cluster .
## ref: https://kubernetes.io/blog/2020/04/02/improvements-to-the-
ingress-api-in-kubernetes-1.18/
##
ingressClassName:
## @param ingress.hostname Default host for the ingress record
##
hostname: wordpress.local
## @param ingress.path Default path for the ingress record
## NOTE: You may need to set this to '/*' in order to use this with ALB
ingress controllers
##
path: /
## @param ingress.annotations Additional custom annotations for the
ingress record
## NOTE: If `ingress.certManager=true`, annotation `kubernetes.io/tls-
acme: "true"` will automatically be added
##
annotations: {}
## @param ingress.tls Enable TLS configuration for the host defined at
`ingress.hostname` parameter
## TLS certificates will be retrieved from a TLS secret with name: `{{-
printf "%s-tls" .Values.ingress.hostname }}`
## You can:
## - Use the `ingress.secrets` parameter to create this TLS secret
## - Relay on cert-manager to create it by setting
`ingress.certManager=true`
## - Relay on Helm to create self-signed certificates by setting
`ingress.tls=true` and `ingress.certManager=false`
##
tls: false
## @param ingress.extraHosts An array with additional hostname(s) to be
covered with the ingress record
## e.g:
## extraHosts:
## - name: wordpress.local
## path: /
##
extraHosts: []
## @param ingress.extraPaths An array with additional arbitrary paths
that may need to be added to the ingress under the main host
## e.g:
## extraPaths:
## - path: /*
## backend:
## serviceName: ssl-redirect
## servicePort: use-annotation
##
extraPaths: []
## @param ingress.extraTls TLS configuration for additional hostname(s)
to be covered with this ingress record
## ref: https://kubernetes.io/docs/concepts/services-
networking/ingress/#tls
## e.g:
## extraTls:
## - hosts:
## - wordpress.local
## secretName: wordpress.local-tls
##
extraTls: []
## @param ingress.secrets Custom TLS certificates as secrets
## NOTE: 'key' and 'certificate' are expected in PEM format
## NOTE: 'name' should line up with a 'secretName' set further up
## If it is not set and you're using cert-manager, this is unneeded, as
it will create a secret for you with valid certificates
## If it is not set and you're NOT using cert-manager either, self-
signed certificates will be created valid for 365 days
## It is also possible to create and manage the certificates outside of
this helm chart
## Please see README.md for more information
## e.g:
## secrets:
## - name: wordpress.local-tls
## key: |-
## -----BEGIN RSA PRIVATE KEY-----
## ...
## -----END RSA PRIVATE KEY-----
## certificate: |-
## -----BEGIN CERTIFICATE-----
## ...
## -----END CERTIFICATE-----
##
secrets: []
## @section Persistence Parameters
## Persistence Parameters
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence:
## @param persistence.enabled Enable persistence using Persistent Volume
Claims
##
enabled: true
## @param persistence.storageClass Persistent Volume storage class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic
provisioning
## If undefined (the default) or set to null, no storageClassName spec
is set, choosing the default provisioner
##
storageClass:
## @param persistence.accessModes [array] Persistent Volume access modes
##
accessModes:
- ReadWriteOnce
## @param persistence.accessMode Persistent Volume access mode
(DEPRECATED: use `persistence.accessModes` instead)
##
accessMode: ReadWriteOnce
## @param persistence.size Persistent Volume size
##
size: 4Gi
## @param persistence.dataSource Custom PVC data source
##
dataSource: {}
## @param persistence.existingClaim The name of an existing PVC to use
for persistence
##
existingClaim:
## 'volumePermissions' init container parameters
## Changes the owner and group of the persistent volume mount point to
runAsUser:fsGroup values
## based on the podSecurityContext/containerSecurityContext parameters
##
volumePermissions:
## @param volumePermissions.enabled Enable init container that changes
the owner/group of the PV mount point to `runAsUser:fsGroup`
##
enabled: false
## Bitnami Shell image
## ref: https://hub.docker.com/r/bitnami/bitnami-shell/tags/
## @param volumePermissions.image.registry Bitnami Shell image registry
## @param volumePermissions.image.repository Bitnami Shell image
repository
## @param volumePermissions.image.tag Bitnami Shell image tag (immutable
tags are recommended)
## @param volumePermissions.image.pullPolicy Bitnami Shell image pull
policy
## @param volumePermissions.image.pullSecrets Bitnami Shell image pull
secrets
##
image:
registry: docker.io
repository: bitnami/bitnami-shell
tag: 10-debian-10-r134
pullPolicy: Always
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-
image-private-registry/
## e.g:
## pullSecrets:
## - myRegistryKeySecretName
##
pullSecrets: []
## Init container's resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
## @param volumePermissions.resources.limits The resources limits for
the init container
## @param volumePermissions.resources.requests The requested resources
for the init container
##
resources:
limits: {}
requests: {}
## Init container Container Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-
container/security-context/#set-the-security-context-for-a-container
## @param volumePermissions.securityContext.runAsUser Set init
container's Security Context runAsUser
## NOTE: when runAsUser is set to special value "auto", init container
will try to chown the
## data folder to auto-determined user&group, using commands: `id -
u`:`id -G | cut -d" " -f2`
## "auto" is especially useful for OpenShift which has scc with
dynamic user ids (and 0 is not allowed)
##
securityContext:
runAsUser: 0
## @section Other Parameters
## Wordpress Pod Disruption Budget configuration
## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
## @param pdb.create Enable a Pod Disruption Budget creation
## @param pdb.minAvailable Minimum number/percentage of pods that should
remain scheduled
## @param pdb.maxUnavailable Maximum number/percentage of pods that may be
made unavailable
##
pdb:
create: false
minAvailable: 1
maxUnavailable:
## Wordpress Autoscaling configuration
## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-
autoscale/
## @param autoscaling.enabled Enable Horizontal POD autoscaling for
WordPress
## @param autoscaling.minReplicas Minimum number of WordPress replicas
## @param autoscaling.maxReplicas Maximum number of WordPress replicas
## @param autoscaling.targetCPU Target CPU utilization percentage
## @param autoscaling.targetMemory Target Memory utilization percentage
##
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 11
targetCPU: 50
targetMemory: 50
## @section Metrics Parameters
## Prometheus Exporter / Metrics configuration
##
metrics:
## @param metrics.enabled Start a sidecar prometheus exporter to expose
metrics
##
enabled: false
## Bitnami Apache Exporter image
## ref: https://hub.docker.com/r/bitnami/apache-exporter/tags/
## @param metrics.image.registry Apache Exporter image registry
## @param metrics.image.repository Apache Exporter image repository
## @param metrics.image.tag Apache Exporter image tag (immutable tags
are recommended)
## @param metrics.image.pullPolicy Apache Exporter image pull policy
## @param metrics.image.pullSecrets Apache Exporter image pull secrets
##
image:
registry: docker.io
repository: bitnami/apache-exporter
tag: 0.9.0-debian-10-r33
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-
image-private-registry/
## e.g:
## pullSecrets:
## - myRegistryKeySecretName
##
pullSecrets: []
## Prometheus exporter container's resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
## @param metrics.resources.limits The resources limits for the
Prometheus exporter container
## @param metrics.resources.requests The requested resources for the
Prometheus exporter container
##
resources:
limits: {}
requests: {}
## Prometheus exporter service parameters
##
service:
## @param metrics.service.port Metrics service port
##
port: 9117
## @param metrics.service.annotations [object] Additional custom
annotations for Metrics service
##
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "{{ .Values.metrics.service.port }}"
## Prometheus Service Monitor
## ref: https://github.com/coreos/prometheus-operator
## https://github.com/coreos/prometheus-
operator/blob/master/Documentation/api.md#endpoint
##
serviceMonitor:
## @param metrics.serviceMonitor.enabled Create ServiceMonitor
Resource for scraping metrics using PrometheusOperator
##
enabled: false
## @param metrics.serviceMonitor.namespace The namespace in which the
ServiceMonitor will be created
##
namespace:
## @param metrics.serviceMonitor.interval The interval at which
metrics should be scraped
##
interval: 30s
## @param metrics.serviceMonitor.scrapeTimeout The timeout after which
the scrape is ended
##
scrapeTimeout:
## @param metrics.serviceMonitor.relabellings Metrics relabellings to
add to the scrape endpoint
##
relabellings:
## @param metrics.serviceMonitor.honorLabels Labels to honor to add to
the scrape endpoint
##
honorLabels: false
## @param metrics.serviceMonitor.additionalLabels Additional custom
labels for the ServiceMonitor
##
additionalLabels: {}
## External Database Configuration
## All of these values are only used if `mariadb.enabled=false`
##
externalDatabase:
## @param externalDatabase.host External Database server host
##
host: gaozh-mysql.gaozh.svc
## @param externalDatabase.port External Database server port
##
port: 3306
## @param externalDatabase.user External Database username
##
user: root
## @param externalDatabase.password External Database user password
##
password: "123456"
## @param externalDatabase.database External Database database name
##
database: wordpress
## @param externalDatabase.existingSecret The name of an existing secret
with database credentials
## NOTE: Must contain key `mariadb-password`
## NOTE: When it's set, the `externalDatabase.password` parameter is
ignored
##
existingSecret:
## External Memcached Configuration
## All of these values are only used if `memcached.enabled=false`
##
externalCache:
## @param externalCache.host External cache server host
基础配置说明: * global.storageClass: 集群使⽤的存储类名称,从“ 容器云--存储管理--存储卷--创建存储卷--存储类下拉列表” 中可以查看到可以使⽤的存储类
* image.registry: Harbor地址,如:"dev-registry.tenxcloud.com" * image.repository: 镜像仓库名称,如: "system_containers/wordpress" * image.tag: 镜像tag,如:"5.7.2-debian-10-r45" * wordpressUsername: wordpress web⻚登陆的⽤户名,如: "admin" *wordpressPassword: wordpress web⻚登陆的密码,如: "admin" * resources.requests: 每个Pod 请求的 CPU、内存资源⼤⼩,推荐使⽤ 1C/2G 配置 * resources.limits: 每个Pod 请求的CPU、内存资源⼤⼩,根据使⽤情况进⾏设置 * persistence.size: 存储⼤⼩,可根据存储的资源情况进⾏设置 * externalDatabase.host: Mysql数据库地址,如:"127.0.0.1" *externalDatabase.port: Mysql数据库端⼝,如:3306 * externalDatabase.user: Mysql数据库⽤户名,如:"root" * externalDatabase.password: Mysql数据库密码,如: "123456" *externalDatabase.database: WordPress的数据库名称,如: "wordpress_db"
点击“确定”:⾃动跳转到 模版应⽤ 菜单
##
host: localhost
## @param externalCache.port External cache server port
##
port: 11211
点击 模版应⽤ 名称,进⼊ 模版应⽤ 详情
查看 实例运⾏ 状态
配置 WordPress 集群外访问
在“容器云--⽹络管理--应⽤路由”⻚⾯,点击“添加路由规则”
在“添加路由规则”⻚⾯,选择⼀个服务出⼝代理 wordpress 服务
规则名称:这条路由规则的名称, 如:"wordpress"选择出⼝:选择⼀个平台的服务访问出⼝选择服务:wordpress 服务, 如:"wordpress"
点击“创建”后,可以看到⽣成的路由规则
验证 WordPress 服务状态
在“容器云--容器应⽤--容器服务”列表中,找到被代理的 wordpress 服务,点击“查看地址”,点击地址旁边的拷⻉图标保存地址信息,⽤于后⾯访问验证。
集群内:在 Kuberenetes 集群内访问 wordpress 服务,使⽤这个地址服务代理-TCP:在 Kuberenetes 集群外访问 wordpress 服务,使⽤这个地址
打开浏览器输⼊集群外访问地址,如"192.168.2.63:63376/login", 默认⽤户名/密码:admin / admin
四、应⽤运维指南;(补充界⾯部署⽅式)
监控信息查看:在“容器云--⼯作负载--部署”,点击进⼊ WordPress 副本集
⽇志信息查看:在“容器云--⼯作负载--部署”,点击进⼊ WordPress 副本集
事件信息查看:在“容器云--⼯作负载--部署”,点击进⼊ WordPress 副本集
审计信息查看:在“安全和运维--平台运维--操作审计--审计记录”,选择“容器云/容器应⽤/模版应⽤”、相应租户、项⽬后点击“⽴即查询”