首页 > 其他分享 >day09 Helm开发与实践-基于Helm的方式运维管理应用 (3.2-3.3)

day09 Helm开发与实践-基于Helm的方式运维管理应用 (3.2-3.3)

时间:2023-12-02 10:23:41浏览次数:53  
标签:day09 end name 运维 value wordpress Helm Values include

一、Helm开发与实践

1、Helm Chart详解

1.1 Chart 目录结果

# helm create nginx
Creating nginx

# tree nginx
nginx
├── charts
├── Chart.yaml
├── templates
│   ├── deployment.yaml
│   ├── _helpers.tpl
│   ├── hpa.yaml
│   ├── ingress.yaml
│   ├── NOTES.txt
│   ├── serviceaccount.yaml
│   ├── service.yaml
│   └── tests
│       └── test-connection.yaml
└── values.yaml

3 directories, 10 files

1.2 Chart.yaml 文件

# cat Chart.yaml 
apiVersion: v2
name: nginx
description: A Helm chart for Kubernetes

# A chart can be either an 'application' or a 'library' chart.
#
# Application charts are a collection of templates that can be packaged into versioned archives
# to be deployed.
#
# Library charts provide useful utilities or functions for the chart developer. They're included as
# a dependency of application charts to inject those utilities and functions into the rendering
# pipeline. Library charts do not define any templates and therefore cannot be deployed.
type: application

# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.1.0

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.
appVersion: "1.16.0"

1.3 Chart 管理依赖(dependencies)

当前chart依赖的其他chart会在dependencies字段定义为一个列表

dependencies:
  - name: apache
    version: 1.2.3
    repositort: https://example.com/charts
  - name: mysql
    version: 3.2.1
    repositort: https://another.example/charts
  • name: chart的名称
  • version:chart的版本
  • repository:chat 仓库的完整URL。必须使用helm repo add在本地添加仓库,也可以使用仓库的名称代替URL

2、Helm开放实践

基于Helm开放一个常规应用的步骤及YAML文件

2.1 安装Helm

参考官网安装Helm

2.2 创建Helm chart

执行以下命令创建一个新的Helm chart

# helm create app
Creating app

myapp 是chart的名称,可根据需要进行修改

2.3 编辑values.yaml 文件

进入chart目录,编辑values文件,修改配置项,如应用名称、端口号、镜像名称等

# cat values.yaml 
# Default values for app.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.

replicaCount: 1
appName: myapp

image:
  repository: nginx
  pullPolicy: IfNotPresent
  # Overrides the image tag whose default is the chart appVersion.
  tag: "1.25.2"

db:
  host: "192.168.239.128"
  port: "3306"
  user: "root"
  password: "aa123456"

containerPort: 8080
servicePort: 8080

2.4 编辑deployment.yaml 文件

编辑templates/deployment.yaml文件,定义应用的Deployment。

# cat templates/deployment.yaml 
apiVersion: apps/v1
kind: Deployment
metadata:
  name: {{ .Values.appName }}-deployment
spec:
  replicas: {{ .Values.replicaCount }}
  selector:
    matchLabels:
      app: {{ .Values.appName }}
  template:
    metadata:
      labels:
        app: {{ .Values.appName }}
    spec:
      containers:
        - name: {{ .Values.appName }}
          image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
          ports:
            - containerPort: {{ .Values.containerPort }}
          env:
            - name: DB_HOST
              value: {{ .Values.db.host }}
            - name: DB_PORT
              value: "{{ .Values.db.port }}"
            - name: DB_USER
              value: {{ .Values.db.user }}
            - name: DB_PASSWORD
              value: {{ .Values.db.password }}

定义Deployment 使用了values.yaml

文件中定义的配置项。其中,replicas表示副本数,selector表示选择器,template表示Pod模版,containers表示容器列表,env表示环境变量

编辑service.yaml文件

# cat templates/service.yaml 
apiVersion: v1
kind: Service
metadata:
  name: {{ .Values.appName }}
spec:
  ports:
    - port: {{ .Values.servicePort }}
      targetPort: {{ .Values.containerPort }}
      protocol: TCP
      name: http
  selector:
    app: {{ .Values.appName }}
  type: LoadBalancer

定义一个Service,使用values.yaml 文件中定义的配置项。其中selector表示选择器,ports表示端口映射,type表示Service类型。

打包Helm chart

执行以下命令将Helm chart 打包

# helm package app/
Successfully packaged chart and saved it to: /root/Helm/app-0.1.0.tgz

部署Helm chart

执行以下命令部署Helm chart

# helm install myapp --dry-run app
NAME: myapp
LAST DEPLOYED: Fri Dec  1 15:54:39 2023
NAMESPACE: default
STATUS: pending-install
REVISION: 1
TEST SUITE: None
HOOKS:
MANIFEST:
---
# Source: app/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
  name: myapp
spec:
  ports:
    - port: 8080
      targetPort: 8080
      protocol: TCP
      name: http
  selector:
    app: myapp
  type: LoadBalancer
---
# Source: app/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: myapp-deployment
spec:
  replicas: 1
  selector:
    matchLabels:
      app: myapp
  template:
    metadata:
      labels:
        app: myapp
    spec:
      containers:
        - name: myapp
          image: nginx:1.25.2
          ports:
            - containerPort: 8080
          env:
            - name: DB_HOST
              value: 192.168.239.128
            - name: DB_PORT
              value: "3306"
            - name: DB_USER
              value: root
            - name: DB_PASSWORD
              value: aa123456

NOTES:
hank you for installing app.

Your release is named myapp.

To learn more about the release, try:

  $ helm status myapp
  $ helm get all myapp

 

# helm  list
NAME 	NAMESPACE	REVISION	UPDATED                               	STATUS  	CHART    	APP VERSION
myapp	default  	1       	2023-12-01 15:53:03.33850538 +0800 CST	deployed	app-0.1.0	

其中,myapp是部署的名称,可以根据需要进行修改

以上就是基于Helm开发一个常规应用的步骤及所用到的YAML文件。

二、基于Helm的方式运维管理应用

1、基于helm 安装WordPress

1.1 方式一

1、添加WordPress chart 仓库

执行以下命令添加WordPress chart 仓库

# helm repo add bitnami https://charts.bitnami.com/bitnami
"bitnami" has been added to your repositories

创建一个名为wordpress的命名空间

# kubectl  create namespace wordpress
namespace/wordpress created

2、创建values.yaml 文件

在本地创建一个values.yaml文件,用于WordPress的相关参数。

# cat values.yaml 
# WordPress相关配置
wordpressUsername: admin
wordpressPassword: a123456
wordpressEmail: [email protected]
wordpressBlogName: k8syyds Blog

# Service相关配置
service:
  type: NodePort
  port: 80
  nodePorts:
    http: "32088"

# MySQL相关配置
mysql:
  image:
    repository: bitnami/mysql
    tag: 8.0.26-debian-10-r0
    pullPolicy: IfNotPresent
  user: wordpress
  database: wordpress
  port: 3306
  persistence:
    enabled: true
    size: 8Gi
    storageClass: "nfs-storageclass"

# WordPress相关配置
wordpress:
  image:
    repository: bitnami/wordpress
    tag: 5.8.1-debian-10-r0
    pullPolicy: IfNotPresent
  replicaCount: 1
  persistence:
    enabled: true
    size: 8Gi
    storageClass: "nfs-storageclass"

3、安装WordPress

执行以下命令安装WordPress

# helm install k8swordpress1 bitnami/wordpress -f values.yaml
NAME: k8swordpress1
LAST DEPLOYED: Sat Dec  2 09:56:17 2023
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
CHART NAME: wordpress
CHART VERSION: 18.1.11
APP VERSION: 6.4.1

** Please be patient while the chart is being deployed **

Your WordPress site can be accessed through the following DNS name from within your cluster:

    k8swordpress1.default.svc.cluster.local (port 80)

To access your WordPress site from outside the cluster follow the steps below:

1. Get the WordPress URL by running these commands:

   export NODE_PORT=$(kubectl get --namespace default -o jsonpath="{.spec.ports[0].nodePort}" services k8swordpress1)
   export NODE_IP=$(kubectl get nodes --namespace default -o jsonpath="{.items[0].status.addresses[0].address}")
   echo "WordPress URL: http://$NODE_IP:$NODE_PORT/"
   echo "WordPress Admin URL: http://$NODE_IP:$NODE_PORT/admin"

2. Open a browser and access WordPress using the obtained URL.

3. Login with the following credentials below to see your blog:

  echo Username: admin
  echo Password: $(kubectl get secret --namespace default k8swordpress1 -o jsonpath="{.data.wordpress-password}" | base64 -d)

其中,mywordpress01 是安装的WordPress的名称,bitnami/wordpress 是Helm官方提供的WordPress Chart,-f values.yaml 指定使用上一步创建的values.yaml 文件,-n wordpress 指定安装的命名空间位wordpress

 4、查看安装状态

执行以下命令查看安装状态

# kubectl get pods,services,pvc |grep k8s
pod/k8swordpress1-75d9749c9b-rvbdr   1/1     Running   0             2m35s
pod/k8swordpress1-mariadb-0          1/1     Running   0             2m35s
service/k8swordpress1           NodePort    10.100.27.218   <none>        80:32088/TCP,443:32110/TCP   2m35s
service/k8swordpress1-mariadb   ClusterIP   10.102.94.255   <none>        3306/TCP                     2m35s
persistentvolumeclaim/data-k8swordpress1-mariadb-0                  Bound    pvc-a8967458-9ebe-493d-b7c7-1f3aa4f82024   8Gi        RWO            rook-ceph-block    2m35s
persistentvolumeclaim/k8swordpress1                                 Bound    pvc-0d39ae1c-0ab7-4ad7-bde8-4ad17d633e45   10Gi       RWO            rook-ceph-block    2m35s

5、升级WordPress

helm upgrade mywordpress01 bitnami/wordpress -f values.yaml

删除wordpress

helm uninstall mywordpress01

6、访问WordPress

[root@master-1-230 3]# echo "WordPress URL: http://$(kubectl get svc k8swordpress1 -o jsonpath='{.status.loadBalancer.ingress[0].ip}')"
WordPress URL: http://
[root@master-1-230 3]# export NODE_PORT=$(kubectl get --namespace default -o jsonpath="{.spec.ports[0].nodePort}" services k8swordpress1)
[root@master-1-230 3]#    export NODE_IP=$(kubectl get nodes --namespace default -o jsonpath="{.items[0].status.addresses[0].address}")
[root@master-1-230 3]#    echo "WordPress URL: http://$NODE_IP:$NODE_PORT/"
WordPress URL: http://192.168.1.230:32088/
[root@master-1-230 3]#    echo "WordPress Admin URL: http://$NODE_IP:$NODE_PORT/admin"
WordPress Admin URL: http://192.168.1.230:32088/admin

[root@master-1-230 3]# echo Username: admin
Username: admin
[root@master-1-230 3]#   echo Password: $(kubectl get secret --namespace default k8swordpress1 -o jsonpath="{.data.wordpress-password}" | base64 -d)
Password: a123456

1.2 方式二

以下基于Helm的WordPress chart 包的示例

下载WordPress chart

执行以下命令将WordPress chart 下载到本地

 helm fetch bitnami/wordpress

解压WordPress chart

# tar zxvf wordpress-18.1.20.tgz

修改values.yaml 文件

在wordpress目录下,修改values.yaml文件

cat values.yaml |egrep -v "#|^$"
 # cat values.yaml |egrep -v "#|^$"
global:
  imageRegistry: ""
  torageclassmagePullSecrets: []
  storageClass: ""
kubeVersion: ""
nameOverride: ""
fullnameOverride: ""
commonLabels: {}
commonAnnotations: {}
clusterDomain: cluster.local
extraDeploy: []
diagnosticMode:
  enabled: false
  command:
    - sleep
  args:
    - infinity
image:
  registry: docker.io
  repository: bitnami/wordpress
  tag: 6.4.1-debian-11-r11
  digest: ""
  pullPolicy: IfNotPresent
  pullSecrets: []
  debug: false
wordpressUsername: user
wordpressPassword: "123456"
existingSecret: ""
wordpressEmail: [email protected]
wordpressFirstName: FirstName
wordpressLastName: LastName
wordpressBlogName: ikubernetes's Blog!
wordpressTablePrefix: wp_
wordpressScheme: http
wordpressSkipInstall: true
wordpressExtraConfigContent: ""
wordpressConfiguration: ""
existingWordPressConfigurationSecret: ""
wordpressConfigureCache: false
wordpressPlugins: none
apacheConfiguration: ""
existingApacheConfigurationConfigMap: ""
customPostInitScripts: {}
smtpHost: ""
smtpPort: ""
smtpUser: ""
smtpPassword: ""
smtpProtocol: ""
smtpExistingSecret: ""
allowEmptyPassword: true
allowOverrideNone: false
overrideDatabaseSettings: false
htaccessPersistenceEnabled: false
customHTAccessCM: ""
command: []
args: []
extraEnvVars: []
extraEnvVarsCM: ""
extraEnvVarsSecret: ""
multisite:
  enable: false
  host: ""
  networkType: subdomain
  enableNipIoRedirect: false
replicaCount: 1
updateStrategy:
  type: RollingUpdate
schedulerName: ""
terminationGracePeriodSeconds: ""
topologySpreadConstraints: []
priorityClassName: ""
hostAliases:
  - ip: "127.0.0.1"
    hostnames:
      - "status.localhost"
extraVolumes: []
extraVolumeMounts: []
sidecars: []
initContainers: []
podLabels: {}
podAnnotations: {}
podAffinityPreset: ""
podAntiAffinityPreset: soft
nodeAffinityPreset:
  type: ""
  key: ""
  values: []
affinity: {}
nodeSelector: {}
tolerations: []
resources:
  limits: {}
  requests:
    memory: 512Mi
    cpu: 300m
containerPorts:
  http: 8080
  https: 8443
extraContainerPorts: []
podSecurityContext:
  enabled: true
  fsGroup: 1001
containerSecurityContext:
  enabled: true
  runAsUser: 1001
  runAsNonRoot: true
  privileged: false
  readOnlyRootFilesystem: false
  allowPrivilegeEscalation: false
  capabilities:
    drop: ["ALL"]
  seccompProfile:
    type: "RuntimeDefault"
livenessProbe:
  enabled: true
  httpGet:
    path: /wp-admin/install.php
    port: '{{ .Values.wordpressScheme }}'
    scheme: '{{ .Values.wordpressScheme | upper }}'
    httpHeaders: []
  initialDelaySeconds: 120
  periodSeconds: 10
  timeoutSeconds: 5
  failureThreshold: 6
  successThreshold: 1
readinessProbe:
  enabled: true
  httpGet:
    path: /wp-login.php
    port: '{{ .Values.wordpressScheme }}'
    scheme: '{{ .Values.wordpressScheme | upper }}'
    httpHeaders: []
  initialDelaySeconds: 30
  periodSeconds: 10
  timeoutSeconds: 5
  failureThreshold: 6
  successThreshold: 1
startupProbe:
  enabled: false
  httpGet:
    path: /wp-login.php
    port: '{{ .Values.wordpressScheme }}'
    scheme: '{{ .Values.wordpressScheme | upper }}'
    httpHeaders: []
  initialDelaySeconds: 30
  periodSeconds: 10
  timeoutSeconds: 5
  failureThreshold: 6
  successThreshold: 1
customLivenessProbe: {}
customReadinessProbe: {}
customStartupProbe: {}
lifecycleHooks: {}
service:
  type: LoadBalancer
  ports:
    http: 80
    https: 443
  httpsTargetPort: https
  nodePorts:
    http: ""
    https: ""
  sessionAffinity: None
  sessionAffinityConfig: {}
  clusterIP: ""
  loadBalancerIP: ""
  loadBalancerSourceRanges: []
  externalTrafficPolicy: Cluster
  annotations: {}
  extraPorts: []
ingress:
  enabled: false
  pathType: ImplementationSpecific
  apiVersion: ""
  ingressClassName: ""
  hostname: wordpress.local
  path: /
  annotations: {}
  tls: false
  tlsWwwPrefix: false
  selfSigned: false
  extraHosts: []
  extraPaths: []
  extraTls: []
  secrets: []
  extraRules: []
persistence:
  enabled: true
  storageClass: ""
  accessModes:
    - ReadWriteOnce
  accessMode: ReadWriteOnce
  size: 10Gi
  dataSource: {}
  existingClaim: ""
  selector: {}
  annotations: {}
volumePermissions:
  enabled: false
  image:
    registry: docker.io
    repository: bitnami/os-shell
    tag: 11-debian-11-r91
    digest: ""
    pullPolicy: IfNotPresent
    pullSecrets: []
  resources:
    limits: {}
    requests: {}
  containerSecurityContext:
    runAsUser: 0
serviceAccount:
  create: false
  name: ""
  automountServiceAccountToken: true
  annotations: {}
pdb:
  create: false
  minAvailable: 1
  maxUnavailable: ""
autoscaling:
  enabled: false
  minReplicas: 1
  maxReplicas: 11
  targetCPU: 50
  targetMemory: 50
metrics:
  enabled: false
  image:
    registry: docker.io
    repository: bitnami/apache-exporter
    tag: 1.0.3-debian-11-r1
    digest: ""
    pullPolicy: IfNotPresent
    pullSecrets: []
  containerPorts:
    metrics: 9117
  livenessProbe:
    enabled: true
    initialDelaySeconds: 15
    periodSeconds: 10
    timeoutSeconds: 5
    failureThreshold: 3
    successThreshold: 1
  readinessProbe:
    enabled: true
    initialDelaySeconds: 5
    periodSeconds: 10
    timeoutSeconds: 3
    failureThreshold: 3
    successThreshold: 1
  startupProbe:
    enabled: false
    initialDelaySeconds: 10
    periodSeconds: 10
    timeoutSeconds: 1
    failureThreshold: 15
    successThreshold: 1
  customLivenessProbe: {}
  customReadinessProbe: {}
  customStartupProbe: {}
  resources:
    limits: {}
    requests: {}
  service:
    ports:
      metrics: 9150
    annotations:
      prometheus.io/scrape: "true"
      prometheus.io/port: "{{ .Values.metrics.containerPorts.metrics }}"
  serviceMonitor:
    enabled: false
    namespace: ""
    interval: ""
    scrapeTimeout: ""
    labels: {}
    selector: {}
    relabelings: []
    metricRelabelings: []
    honorLabels: false
    jobLabel: ""
networkPolicy:
  enabled: false
  metrics:
    enabled: false
    podSelector: {}
    namespaceSelector: {}
  ingress:
    enabled: false
    podSelector: {}
    namespaceSelector: {}
  ingressRules:
    backendOnlyAccessibleByFrontend: false
    customBackendSelector: {}
    accessOnlyFrom:
      enabled: false
      podSelector: {}
      namespaceSelector: {}
    customRules: {}
  egressRules:
    denyConnectionsToExternal: false
    customRules: {}
mariadb:
  enabled: true
  architecture: standalone
  auth:
    rootPassword: ""
    database: bitnami_wordpress
    username: bn_wordpress
    password: ""
  primary:
    persistence:
      enabled: true
      storageClass: ""
      accessModes:
        - ReadWriteOnce
      size: 8Gi
externalDatabase:
  host: localhost
  port: 3306
  user: bn_wordpress
  password: ""
  database: bitnami_wordpress
  existingSecret: ""
memcached:
  enabled: false
  auth:
    enabled: false
    username: ""
    password: ""
    existingPasswordSecret: ""
  service:
    port: 11211
externalCache:
  host: localhost
  port: 11211

deployment.yaml  

在wordpress/templates目录下,查看deployment.yaml  文件

# cat templates/deployment.yaml
# cat templates/deployment.yaml 
{{- /*
Copyright VMware, Inc.
SPDX-License-Identifier: APACHE-2.0
*/}}

apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }}
kind: Deployment
metadata:
  name: {{ include "common.names.fullname" . }}
  namespace: {{ .Release.Namespace | quote }}
  labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
  {{- if .Values.commonAnnotations }}
  annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
  {{- end }}
spec:
  {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }}
  selector:
    matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }}
  {{- if .Values.updateStrategy }}
  strategy: {{- toYaml .Values.updateStrategy | nindent 4 }}
  {{- end }}
  {{- if not .Values.autoscaling.enabled }}
  replicas: {{ .Values.replicaCount }}
  {{- end }}
  template:
    metadata:
      labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }}
      {{- if or .Values.podAnnotations .Values.metrics.enabled (include "wordpress.createConfigSecret" .) }}
      annotations:
        {{- if .Values.podAnnotations }}
        {{- include "common.tplvalues.render" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }}
        {{- end }}
        {{- if .Values.metrics.podAnnotations }}
        {{- include "common.tplvalues.render" (dict "value" .Values.metrics.podAnnotations "context" $) | nindent 8 }}
        {{- end }}
        {{- if (include "wordpress.createConfigSecret" .) }}
        checksum/config-secret: {{ include (print $.Template.BasePath "/config-secret.yaml") . | sha256sum }}
        {{- end }}
      {{- end }}
    spec:
      {{- include "wordpress.imagePullSecrets" . | nindent 6 }}
      {{- if .Values.hostAliases }}
      # yamllint disable rule:indentation
      hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.hostAliases "context" $) | nindent 8 }}
      # yamllint enable rule:indentation
      {{- end }}
      {{- if .Values.affinity }}
      affinity: {{- include "common.tplvalues.render" (dict "value" .Values.affinity "context" $) | nindent 8 }}
      {{- else }}
      affinity:
        podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAffinityPreset "customLabels" $podLabels "context" $) | nindent 10 }}
        podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAntiAffinityPreset "customLabels" $podLabels "context" $) | nindent 10 }}
        nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.nodeAffinityPreset.type "key" .Values.nodeAffinityPreset.key "values" .Values.nodeAffinityPreset.values) | nindent 10 }}
      {{- end }}
      {{- if .Values.nodeSelector }}
      nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.nodeSelector "context" $) | nindent 8 }}
      {{- end }}
      {{- if .Values.tolerations }}
      tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tolerations "context" $) | nindent 8 }}
      {{- end }}
      {{- if .Values.priorityClassName }}
      priorityClassName: {{ .Values.priorityClassName }}
      {{- end }}
      {{- if .Values.schedulerName }}
      schedulerName: {{ .Values.schedulerName | quote }}
      {{- end }}
      {{- if .Values.podSecurityContext.enabled }}
      securityContext: {{- omit .Values.podSecurityContext "enabled" | toYaml | nindent 8 }}
      {{- end }}
      serviceAccountName: {{ include "wordpress.serviceAccountName" .}}
      {{- if .Values.terminationGracePeriodSeconds }}
      terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }}
      {{- end }}
      {{- if .Values.topologySpreadConstraints }}
      topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.topologySpreadConstraints "context" .) | nindent 8 }}
      {{- end }}
      {{- if or (and .Values.podSecurityContext.enabled .Values.volumePermissions.enabled .Values.persistence.enabled) (.Values.initContainers) }}
      initContainers:
        {{- if and .Values.podSecurityContext.enabled .Values.volumePermissions.enabled .Values.persistence.enabled }}
        - name: volume-permissions
          image: "{{ include "wordpress.volumePermissions.image" . }}"
          imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
          command:
            - /bin/bash
          args:
            - -ec
            - |
              mkdir -p /bitnami/wordpress
              {{- if eq ( toString ( .Values.volumePermissions.containerSecurityContext.runAsUser )) "auto" }}
              find /bitnami/wordpress -mindepth 0 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | xargs -r chown -R $(id -u):$(id -G | cut -d " " -f2)
              {{- else }}
              find /bitnami/wordpress -mindepth 0 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | xargs -r chown -R {{ .Values.containerSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }}
              {{- end }}
          {{- if eq ( toString ( .Values.volumePermissions.containerSecurityContext.runAsUser )) "auto " }}
          securityContext: {{- omit .Values.volumePermissions.containerSecurityContext "runAsUser" | toYaml | nindent 12 }}
          {{- else }}
          securityContext: {{- .Values.volumePermissions.containerSecurityContext | toYaml | nindent 12 }}
          {{- end }}
          {{- if .Values.volumePermissions.resources }}
          resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }}
          {{- end }}
          volumeMounts:
            - mountPath: /bitnami/wordpress
              name: wordpress-data
              subPath: wordpress
        {{- end }}
        {{- if .Values.initContainers }}
          {{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }}
        {{- end }}
      {{- end }}
      containers:
        - name: wordpress
          image: {{ include "wordpress.image" . }}
          imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
          {{- if .Values.diagnosticMode.enabled }}
          command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
          {{- else if .Values.command }}
          command: {{- include "common.tplvalues.render" ( dict "value" .Values.command "context" $) | nindent 12 }}
          {{- end }}
          {{- if .Values.diagnosticMode.enabled }}
          args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }}
          {{- else if .Values.args }}
          args: {{- include "common.tplvalues.render" ( dict "value" .Values.args "context" $) | nindent 12 }}
          {{- end }}
          {{- if .Values.containerSecurityContext.enabled }}
          securityContext: {{- omit .Values.containerSecurityContext "enabled" | toYaml | nindent 12 }}
          {{- end }}
          env:
            - name: BITNAMI_DEBUG
              value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }}
            - name: ALLOW_EMPTY_PASSWORD
              value: {{ ternary "yes" "no" .Values.allowEmptyPassword | quote }}
            - name: MARIADB_HOST
              value: {{ include "wordpress.databaseHost" . | quote }}
            - name: MARIADB_PORT_NUMBER
              value: {{ include "wordpress.databasePort" . | quote }}
            - name: WORDPRESS_DATABASE_NAME
              value: {{ include "wordpress.databaseName" . | quote }}
            - name: WORDPRESS_DATABASE_USER
              value: {{ include "wordpress.databaseUser" . | quote }}
            - name: WORDPRESS_DATABASE_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: {{ include "wordpress.databaseSecretName" . }}
                  key: mariadb-password
            - name: WORDPRESS_USERNAME
              value: {{ .Values.wordpressUsername | quote }}
            - name: WORDPRESS_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: {{ include "wordpress.secretName" . }}
                  key: wordpress-password
            - name: WORDPRESS_EMAIL
              value: {{ .Values.wordpressEmail | quote }}
            - name: WORDPRESS_FIRST_NAME
              value: {{ .Values.wordpressFirstName | quote }}
            - name: WORDPRESS_LAST_NAME
              value: {{ .Values.wordpressLastName | quote }}
            - name: WORDPRESS_HTACCESS_OVERRIDE_NONE
              value: {{ ternary "yes" "no" .Values.allowOverrideNone | quote }}
            - name: WORDPRESS_ENABLE_HTACCESS_PERSISTENCE
              value: {{ ternary "yes" "no" .Values.htaccessPersistenceEnabled | quote }}
            - name: WORDPRESS_BLOG_NAME
              value: {{ .Values.wordpressBlogName | quote }}
            - name: WORDPRESS_SKIP_BOOTSTRAP
              value: {{ ternary "yes" "no" .Values.wordpressSkipInstall | quote }}
            - name: WORDPRESS_TABLE_PREFIX
              value: {{ .Values.wordpressTablePrefix | quote }}
            - name: WORDPRESS_SCHEME
              value: {{ .Values.wordpressScheme | quote }}
            - name: WORDPRESS_EXTRA_WP_CONFIG_CONTENT
              value: {{ .Values.wordpressExtraConfigContent | quote }}
            - name: WORDPRESS_PLUGINS
              value: {{ join "," .Values.wordpressPlugins | quote }}
            - name: APACHE_HTTP_PORT_NUMBER
              value: {{ .Values.containerPorts.http | quote }}
            - name: APACHE_HTTPS_PORT_NUMBER
              value: {{ .Values.containerPorts.https | quote }}
            {{- if .Values.overrideDatabaseSettings }}
            - name: WORDPRESS_OVERRIDE_DATABASE_SETTINGS
              value: "yes"
            {{- end }}
            {{- if .Values.multisite.enable }}
            - name: WORDPRESS_ENABLE_MULTISITE
              value: "yes"
            - name: WORDPRESS_MULTISITE_HOST
              value: {{ .Values.multisite.host | quote }}
            - name: WORDPRESS_MULTISITE_EXTERNAL_HTTP_PORT_NUMBER
              value: {{ .Values.service.ports.http | quote }}
            - name: WORDPRESS_MULTISITE_EXTERNAL_HTTPS_PORT_NUMBER
              value: {{ .Values.service.ports.https | quote }}
            - name: WORDPRESS_MULTISITE_NETWORK_TYPE
              value: {{ .Values.multisite.networkType | quote }}
            - name: WORDPRESS_MULTISITE_ENABLE_NIP_IO_REDIRECTION
              value: {{ ternary "yes" "no" .Values.multisite.enableNipIoRedirect | quote }}
            {{- end }}
            {{- if .Values.smtpHost }}
            - name: SMTP_HOST
              value: {{ .Values.smtpHost | quote }}
            {{- end }}
            {{- if .Values.smtpPort }}
            - name: SMTP_PORT
              value: {{ .Values.smtpPort | quote }}
            {{- end }}
            {{- if .Values.smtpUser }}
            - name: SMTP_USER
              value: {{ .Values.smtpUser | quote }}
            {{- end }}
            {{- if or .Values.smtpPassword .Values.smtpExistingSecret }}
            - name: SMTP_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: {{ include "wordpress.smtpSecretName" . }}
                  key: smtp-password
            {{- end }}
            {{- if .Values.smtpProtocol }}
            - name: SMTP_PROTOCOL
              value: {{ .Values.smtpProtocol | quote }}
            {{- end }}
            {{- if .Values.extraEnvVars }}
            {{- include "common.tplvalues.render" (dict "value" .Values.extraEnvVars "context" $) | nindent 12 }}
            {{- end }}
          envFrom:
            {{- if .Values.extraEnvVarsCM }}
            - configMapRef:
                name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsCM "context" $) }}
            {{- end }}
            {{- if .Values.extraEnvVarsSecret }}
            - secretRef:
                name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsSecret "context" $) }}
            {{- end }}
          ports:
            - name: http
              containerPort: {{ .Values.containerPorts.http }}
            - name: https
              containerPort: {{ .Values.containerPorts.https }}
            {{- if .Values.extraContainerPorts }}
            {{- include "common.tplvalues.render" (dict "value" .Values.extraContainerPorts "context" $) | nindent 12 }}
            {{- end }}
          {{- if .Values.lifecycleHooks }}
          lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.lifecycleHooks "context" $) | nindent 12 }}
          {{- end }}
          {{- if not .Values.diagnosticMode.enabled }}
          {{- if .Values.customLivenessProbe }}
          livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customLivenessProbe "context" $) | nindent 12 }}
          {{- else if .Values.livenessProbe.enabled }}
          livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.livenessProbe "enabled") "context" $) | nindent 12 }}
          {{- end }}
          {{- if .Values.customReadinessProbe }}
          readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customReadinessProbe "context" $) | nindent 12 }}
          {{- else if .Values.readinessProbe.enabled }}
          readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.readinessProbe "enabled") "context" $) | nindent 12 }}
          {{- end }}
          {{- if .Values.customStartupProbe }}
          startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customStartupProbe "context" $) | nindent 12 }}
          {{- else if .Values.startupProbe.enabled }}
          startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.startupProbe "enabled") "context" $) | nindent 12 }}
          {{- end }}
          {{- end }}
          {{- if .Values.resources }}
          resources: {{- toYaml .Values.resources | nindent 12 }}
          {{- end }}
          volumeMounts:
            - mountPath: /bitnami/wordpress
              name: wordpress-data
              subPath: wordpress
            {{- if or .Values.wordpressConfiguration .Values.existingWordPressConfigurationSecret }}
            - name: wordpress-config
              mountPath: /opt/bitnami/wordpress/wp-config.php
              subPath: wp-config.php
            {{- end }}
            {{- if or .Values.apacheConfiguration .Values.existingApacheConfigurationConfigMap }}
            - name: apache-config
              mountPath: /opt/bitnami/apache/conf/httpd.conf
              subPath: httpd.conf
            {{- end }}
            {{- if and (not .Values.allowOverrideNone) .Values.customHTAccessCM }}
            - mountPath: /opt/bitnami/apache/conf/vhosts/htaccess
              name: custom-htaccess
            {{- end }}
            {{- if or .Values.customPostInitScripts .Values.wordpressConfigureCache }}
            - mountPath: /docker-entrypoint-init.d
              name: custom-postinit
            {{- end }}
            {{- if .Values.extraVolumeMounts }}
            {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumeMounts "context" $) | nindent 12 }}
            {{- end }}
        {{- if .Values.metrics.enabled }}
        - name: metrics
          image: {{ include "wordpress.metrics.image" . }}
          imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }}
          {{- if .Values.diagnosticMode.enabled }}
          command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
          args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }}
          {{- else if .Values.diagnosticMode.enabled }}
          command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
          {{- else }}
          command:
            - /bin/apache_exporter
            - --scrape_uri
            - http://status.localhost:8080/server-status/?auto
          {{- end }}
          ports:
            - name: metrics
              containerPort: {{ .Values.metrics.containerPorts.metrics }}
          {{- if not .Values.diagnosticMode.enabled }}
          {{- if .Values.metrics.customLivenessProbe }}
          livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customLivenessProbe "context" $) | nindent 12 }}
          {{- else if .Values.metrics.livenessProbe.enabled }}
          livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.livenessProbe "enabled") "context" $) | nindent 12 }}
            httpGet:
              path: /metrics
              port: metrics
          {{- end }}
          {{- if .Values.metrics.customReadinessProbe }}
          readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customReadinessProbe "context" $) | nindent 12 }}
          {{- else if .Values.metrics.readinessProbe.enabled }}
          readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.readinessProbe "enabled") "context" $) | nindent 12 }}
            httpGet:
              path: /metrics
              port: metrics
          {{- end }}
          {{- if .Values.metrics.customStartupProbe }}
          startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customStartupProbe "context" $) | nindent 12 }}
          {{- else if .Values.metrics.startupProbe.enabled }}
          startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.startupProbe "enabled") "context" $) | nindent 12 }}
            tcpSocket:
              port: metrics
          {{- end }}
          {{- end }}
          {{- if .Values.metrics.resources }}
          resources: {{- toYaml .Values.metrics.resources | nindent 12 }}
          {{- end }}
        {{- end }}
        {{- if .Values.sidecars }}
        {{- include "common.tplvalues.render" (dict "value" .Values.sidecars "context" $) | nindent 8 }}
        {{- end }}
      volumes:
        {{- if or .Values.wordpressConfiguration .Values.existingWordPressConfigurationSecret }}
        - name: wordpress-config
          secret:
            secretName: {{ include "wordpress.configSecretName" . }}
            defaultMode: 0644
        {{- end }}
        {{- if or .Values.apacheConfiguration .Values.existingApacheConfigurationConfigMap }}
        - name: apache-config
          configMap:
            name: {{ include "wordpress.apache.configmapName" . }}
            defaultMode: 0644
        {{- end }}
        {{- if and (not .Values.allowOverrideNone) .Values.customHTAccessCM }}
        - name: custom-htaccess
          configMap:
            name: {{ include "wordpress.customHTAccessCM" . }}
            items:
              - key: wordpress-htaccess.conf
                path: wordpress-htaccess.conf
        {{- end }}
        {{- if or .Values.customPostInitScripts .Values.wordpressConfigureCache }}
        - name: custom-postinit
          configMap:
            name: {{ printf "%s-postinit" (include "common.names.fullname" .) }}
            defaultMode: 0755
        {{- end }}
        - name: wordpress-data
          {{- if .Values.persistence.enabled }}
          persistentVolumeClaim:
            claimName: {{ .Values.persistence.existingClaim | default (include "common.names.fullname" .) }}
          {{- else }}
          emptyDir: {}
          {{- end }}
        {{- if .Values.extraVolumes }}
        {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }}
        {{- end }}

ingress.yaml文件

# cat templates/ingress.yaml
# cat templates/ingress.yaml 
{{- /*
Copyright VMware, Inc.
SPDX-License-Identifier: APACHE-2.0
*/}}

{{- if .Values.ingress.enabled }}
apiVersion: {{ include "common.capabilities.ingress.apiVersion" . }}
kind: Ingress
metadata:
  name: {{ include "common.names.fullname" . }}
  namespace: {{ .Release.Namespace | quote }}
  labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
  {{- if or .Values.ingress.annotations .Values.commonAnnotations }}
  {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.ingress.annotations .Values.commonAnnotations ) "context" . ) }}
  annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }}
  {{- end }}
spec:
  {{- if and .Values.ingress.ingressClassName (eq "true" (include "common.ingress.supportsIngressClassname" .)) }}
  ingressClassName: {{ .Values.ingress.ingressClassName | quote }}
  {{- end }}
  rules:
    {{- if .Values.ingress.hostname }}
    - host: {{ tpl .Values.ingress.hostname $ | quote }}
      http:
        paths:
          {{- if .Values.ingress.extraPaths }}
          {{- toYaml .Values.ingress.extraPaths | nindent 10 }}
          {{- end }}
          - path: {{ .Values.ingress.path }}
            {{- if eq "true" (include "common.ingress.supportsPathType" .) }}
            pathType: {{ .Values.ingress.pathType }}
            {{- end }}
            backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" .) "servicePort" "http" "context" $)  | nindent 14 }}
    {{- end }}
    {{- range .Values.ingress.extraHosts }}
    - host: {{ tpl .name $ | quote }}
      http:
        paths:
          - path: {{ default "/" .path }}
            {{- if eq "true" (include "common.ingress.supportsPathType" $) }}
            pathType: {{ default "ImplementationSpecific" .pathType }}
            {{- end }}
            backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" $) "servicePort" "http" "context" $) | nindent 14 }}
    {{- end }}
    {{- if .Values.ingress.extraRules }}
    {{- include "common.tplvalues.render" (dict "value" .Values.ingress.extraRules "context" $) | nindent 4 }}
    {{- end }}
  {{- if or (and .Values.ingress.tls (or (include "common.ingress.certManagerRequest" ( dict "annotations" .Values.ingress.annotations )) .Values.ingress.selfSigned)) .Values.ingress.extraTls }}
  tls:
    {{- if and .Values.ingress.tls (or (include "common.ingress.certManagerRequest" ( dict "annotations" .Values.ingress.annotations )) .Values.ingress.selfSigned) }}
    - hosts:
        - {{ tpl .Values.ingress.hostname $ | quote }}
        {{- if or (.Values.ingress.tlsWwwPrefix) (eq (index .Values.ingress.annotations "nginx.ingress.kubernetes.io/from-to-www-redirect") "true" ) }}
        - {{ printf "www.%s" (tpl .Values.ingress.hostname $) | quote }}
        {{- end }}
      secretName: {{ printf "%s-tls" (tpl .Values.ingress.hostname $) }}
    {{- end }}
    {{- if .Values.ingress.extraTls }}
    {{- include "common.tplvalues.render" (dict "value" .Values.ingress.extraTls "context" $) | nindent 4 }}
    {{- end }}
  {{- end }}
{{- end }}

pvc.yaml 

# cat templates/pvc.yaml
# cat templates/pvc.yaml 
{{- /*
Copyright VMware, Inc.
SPDX-License-Identifier: APACHE-2.0
*/}}

{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: {{ include "common.names.fullname" . }}
  namespace: {{ .Release.Namespace | quote }}
  labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
  {{- if or .Values.persistence.annotations .Values.commonAnnotations }}
  {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.persistence.annotations .Values.commonAnnotations ) "context" . ) }}
  annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }}
  {{- end }}
spec:
  accessModes:
  {{- if not (empty .Values.persistence.accessModes) }}
  {{- range .Values.persistence.accessModes }}
    - {{ . | quote }}
  {{- end }}
  {{- else }}
    - {{ .Values.persistence.accessMode | quote }}
  {{- end }}
  resources:
    requests:
      storage: {{ .Values.persistence.size | quote }}
  {{- include "common.storage.class" (dict "persistence" .Values.persistence "global" .Values.global) | nindent 2 }}
  {{- if .Values.persistence.selector }}
  selector: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.selector "context" $) | nindent 4 }}
  {{- end -}}
  {{- if .Values.persistence.dataSource }}
  dataSource: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.dataSource "context" $) | nindent 4 }}
  {{- end }}
{{- end }}

secret.yaml 

# cat templates/secrets.yaml
# cat templates/secrets.yaml 
{{- /*
Copyright VMware, Inc.
SPDX-License-Identifier: APACHE-2.0
*/}}

{{- if or (not .Values.existingSecret) (and (not .Values.smtpExistingSecret) .Values.smtpPassword) }}
apiVersion: v1
kind: Secret
metadata:
  name: {{ include "common.names.fullname" . }}
  namespace: {{ .Release.Namespace | quote }}
  labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
  {{- if .Values.commonAnnotations }}
  annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
  {{- end }}
type: Opaque
data:
  {{- if not .Values.existingSecret }}
  wordpress-password: {{ include "common.secrets.passwords.manage" (dict "secret" (include "common.names.fullname" .) "key" "wordpress-password" "providedValues" (list "wordpressPassword") "context" $) }}
  {{- end }}
  {{- if and .Values.smtpPassword (not .Values.smtpExistingSecret) }}
  {{- if .Values.smtpPassword }}
  smtp-password: {{ .Values.smtpPassword | b64enc | quote }}
  {{- end }}
  {{- end }}
{{- end }}

Chart.yaml

# cat Chart.yaml
# cat Chart.yaml 
annotations:
  category: CMS
  images: |
    - name: apache-exporter
      image: docker.io/bitnami/apache-exporter:1.0.3-debian-11-r1
    - name: os-shell
      image: docker.io/bitnami/os-shell:11-debian-11-r91
    - name: wordpress
      image: docker.io/bitnami/wordpress:6.4.1-debian-11-r11
  licenses: Apache-2.0
apiVersion: v2
appVersion: 6.4.1
dependencies:
- condition: memcached.enabled
  name: memcached
  repository: oci://registry-1.docker.io/bitnamicharts
  version: 6.x.x
- condition: mariadb.enabled
  name: mariadb
  repository: oci://registry-1.docker.io/bitnamicharts
  version: 14.x.x
- name: common
  repository: oci://registry-1.docker.io/bitnamicharts
  tags:
  - bitnami-common
  version: 2.x.x
description: WordPress is the world's most popular blogging and content management
  platform. Powerful yet simple, everyone from students to global corporations use
  it to build beautiful, functional websites.
home: https://bitnami.com
icon: https://bitnami.com/assets/stacks/wordpress/img/wordpress-stack-220x234.png
keywords:
- application
- blog
- cms
- http
- php
- web
- wordpress
maintainers:
- name: VMware, Inc.
  url: https://github.com/bitnami/charts
name: wordpress
sources:
- https://github.com/bitnami/charts/tree/main/bitnami/wordpress
version: 18.1.20

文件定义一个名称模版,用于生成应用程序的名称。同时定义wordpress依赖Chart的信息,以及维护者和源代码信息。

_helpers.tpl 

# cat templates/_helpers.tpl
# cat templates/_helpers.tpl 
{{/*
Copyright VMware, Inc.
SPDX-License-Identifier: APACHE-2.0
*/}}

{{/* vim: set filetype=mustache: */}}

{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "wordpress.mariadb.fullname" -}}
{{- include "common.names.dependency.fullname" (dict "chartName" "mariadb" "chartValues" .Values.mariadb "context" $) -}}
{{- end -}}

{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "wordpress.memcached.fullname" -}}
{{- include "common.names.dependency.fullname" (dict "chartName" "memcached" "chartValues" .Values.memcached "context" $) -}}
{{- end -}}

{{/*
Return the proper WordPress image name
*/}}
{{- define "wordpress.image" -}}
{{- include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) -}}
{{- end -}}

{{/*
Return the proper image name (for the metrics image)
*/}}
{{- define "wordpress.metrics.image" -}}
{{- include "common.images.image" (dict "imageRoot" .Values.metrics.image "global" .Values.global) -}}
{{- end -}}

{{/*
Return the proper image name (for the init container volume-permissions image)
*/}}
{{- define "wordpress.volumePermissions.image" -}}
{{- include "common.images.image" ( dict "imageRoot" .Values.volumePermissions.image "global" .Values.global ) -}}
{{- end -}}

{{/*
Return the proper Docker Image Registry Secret Names
*/}}
{{- define "wordpress.imagePullSecrets" -}}
{{- include "common.images.pullSecrets" (dict "images" (list .Values.image .Values.metrics.image .Values.volumePermissions.image) "global" .Values.global) -}}
{{- end -}}

{{/*
 Create the name of the service account to use
 */}}
{{- define "wordpress.serviceAccountName" -}}
{{- if .Values.serviceAccount.create -}}
    {{ default (include "common.names.fullname" .) .Values.serviceAccount.name }}
{{- else -}}
    {{ default "default" .Values.serviceAccount.name }}
{{- end -}}
{{- end -}}

{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "wordpress.customHTAccessCM" -}}
{{- printf "%s" .Values.customHTAccessCM -}}
{{- end -}}

{{/*
Return the WordPress configuration secret
*/}}
{{- define "wordpress.configSecretName" -}}
{{- if .Values.existingWordPressConfigurationSecret -}}
    {{- printf "%s" (tpl .Values.existingWordPressConfigurationSecret $) -}}
{{- else -}}
    {{- printf "%s-configuration" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}

{{/*
Return true if a secret object should be created for WordPress configuration
*/}}
{{- define "wordpress.createConfigSecret" -}}
{{- if and .Values.wordpressConfiguration (not .Values.existingWordPressConfigurationSecret) }}
    {{- true -}}
{{- end -}}
{{- end -}}

{{/*
Return the WordPress Apache configuration configmap
*/}}
{{- define "wordpress.apache.configmapName" -}}
{{- if .Values.existingApacheConfigurationConfigMap -}}
    {{- printf "%s" (tpl .Values.existingApacheConfigurationConfigMap $) -}}
{{- else -}}
    {{- printf "%s-apache-configuration" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}

{{/*
Return true if a secret object should be created for Apache configuration
*/}}
{{- define "wordpress.apache.createConfigmap" -}}
{{- if and .Values.apacheConfiguration (not .Values.existingApacheConfigurationConfigMap) }}
    {{- true -}}
{{- end -}}
{{- end -}}

{{/*
Return the MariaDB Hostname
*/}}
{{- define "wordpress.databaseHost" -}}
{{- if .Values.mariadb.enabled }}
    {{- if eq .Values.mariadb.architecture "replication" }}
        {{- printf "%s-primary" (include "wordpress.mariadb.fullname" .) | trunc 63 | trimSuffix "-" -}}
    {{- else -}}
        {{- printf "%s" (include "wordpress.mariadb.fullname" .) -}}
    {{- end -}}
{{- else -}}
    {{- printf "%s" .Values.externalDatabase.host -}}
{{- end -}}
{{- end -}}

{{/*
Return the MariaDB Port
*/}}
{{- define "wordpress.databasePort" -}}
{{- if .Values.mariadb.enabled }}
    {{- printf "3306" -}}
{{- else -}}
    {{- printf "%d" (.Values.externalDatabase.port | int ) -}}
{{- end -}}
{{- end -}}

{{/*
Return the MariaDB Database Name
*/}}
{{- define "wordpress.databaseName" -}}
{{- if .Values.mariadb.enabled }}
    {{- printf "%s" .Values.mariadb.auth.database -}}
{{- else -}}
    {{- printf "%s" .Values.externalDatabase.database -}}
{{- end -}}
{{- end -}}

{{/*
Return the MariaDB User
*/}}
{{- define "wordpress.databaseUser" -}}
{{- if .Values.mariadb.enabled }}
    {{- printf "%s" .Values.mariadb.auth.username -}}
{{- else -}}
    {{- printf "%s" .Values.externalDatabase.user -}}
{{- end -}}
{{- end -}}

{{/*
Return the MariaDB Secret Name
*/}}
{{- define "wordpress.databaseSecretName" -}}
{{- if .Values.mariadb.enabled }}
    {{- if .Values.mariadb.auth.existingSecret -}}
        {{- printf "%s" .Values.mariadb.auth.existingSecret -}}
    {{- else -}}
        {{- printf "%s" (include "wordpress.mariadb.fullname" .) -}}
    {{- end -}}
{{- else if .Values.externalDatabase.existingSecret -}}
    {{- include "common.tplvalues.render" (dict "value" .Values.externalDatabase.existingSecret "context" $) -}}
{{- else -}}
    {{- printf "%s-externaldb" (include "common.names.fullname" .) -}}
{{- end -}}
{{- end -}}

{{/*
Return the Memcached Hostname
*/}}
{{- define "wordpress.cacheHost" -}}
{{- if .Values.memcached.enabled }}
    {{- $releaseNamespace := .Release.Namespace }}
    {{- $clusterDomain := .Values.clusterDomain }}
    {{- printf "%s.%s.svc.%s" (include "wordpress.memcached.fullname" .) $releaseNamespace $clusterDomain -}}
{{- else -}}
    {{- printf "%s" .Values.externalCache.host -}}
{{- end -}}
{{- end -}}

{{/*
Return the Memcached Port
*/}}
{{- define "wordpress.cachePort" -}}
{{- if .Values.memcached.enabled }}
    {{- printf "11211" -}}
{{- else -}}
    {{- printf "%d" (.Values.externalCache.port | int ) -}}
{{- end -}}
{{- end -}}

{{/*
Return the WordPress Secret Name
*/}}
{{- define "wordpress.secretName" -}}
{{- if .Values.existingSecret }}
    {{- printf "%s" .Values.existingSecret -}}
{{- else -}}
    {{- printf "%s" (include "common.names.fullname" .) -}}
{{- end -}}
{{- end -}}

{{/*
Return the SMTP Secret Name
*/}}
{{- define "wordpress.smtpSecretName" -}}
{{- if .Values.smtpExistingSecret }}
    {{- printf "%s" .Values.smtpExistingSecret -}}
{{- else -}}
    {{- printf "%s" (include "common.names.fullname" .) -}}
{{- end -}}
{{- end -}}

{{/*
Compile all warnings into a single message.
*/}}
{{- define "wordpress.validateValues" -}}
{{- $messages := list -}}
{{- $messages := append $messages (include "wordpress.validateValues.configuration" .) -}}
{{- $messages := append $messages (include "wordpress.validateValues.htaccess" .) -}}
{{- $messages := append $messages (include "wordpress.validateValues.database" .) -}}
{{- $messages := append $messages (include "wordpress.validateValues.cache" .) -}}
{{- $messages := without $messages "" -}}
{{- $message := join "\n" $messages -}}
{{- if $message -}}
{{-   printf "\nVALUES VALIDATION:\n%s" $message | fail -}}
{{- end -}}
{{- end -}}

{{/*
Validate values of WordPress - Custom wp-config.php
*/}}
{{- define "wordpress.validateValues.configuration" -}}
{{- if and (or .Values.wordpressConfiguration .Values.existingWordPressConfigurationSecret) (not .Values.wordpressSkipInstall) -}}
wordpress: wordpressConfiguration
    You are trying to use a wp-config.php file. This setup is only supported
    when skipping wizard installation (--set wordpressSkipInstall=true).
{{- end -}}
{{- end -}}

{{/*
Validate values of WordPress - htaccess configuration
*/}}
{{- define "wordpress.validateValues.htaccess" -}}
{{- if and .Values.customHTAccessCM .Values.allowOverrideNone -}}
wordpress: customHTAccessCM
    You are trying to use custom htaccess rules but Apache was configured
    to prohibit overriding directives with htaccess files. To use this feature,
    allow overriding Apache directives (--set allowOverrideNone=false).
{{- end -}}
{{- end -}}

{{/* Validate values of WordPress - Database */}}
{{- define "wordpress.validateValues.database" -}}
{{- if and (not .Values.mariadb.enabled) (or (empty .Values.externalDatabase.host) (empty .Values.externalDatabase.port) (empty .Values.externalDatabase.database)) -}}
wordpress: database
   You disable the MariaDB installation but you did not provide the required parameters
   to use an external database. To use an external database, please ensure you provide
   (at least) the following values:

       externalDatabase.host=DB_SERVER_HOST
       externalDatabase.database=DB_NAME
       externalDatabase.port=DB_SERVER_PORT
{{- end -}}
{{- end -}}

{{/* Validate values of WordPress - Cache */}}
{{- define "wordpress.validateValues.cache" -}}
{{- if and .Values.wordpressConfigureCache (not .Values.memcached.enabled) (or (empty .Values.externalCache.host) (empty .Values.externalCache.port)) -}}
wordpress: cache
   You enabled cache via W3 Total Cache without but you did not enable the Memcached
   installation nor you did provided the required parameters to use an external cache server.
   Please enable the Memcached installation (--set memcached.enabled=true) or
   provide the external cache server values:

       externalCache.host=CACHE_SERVER_HOST
       externalCache.port=CACHE_SERVER_PORT
{{- end -}}
{{- end -}}

安装Chart

# helm install --dry-run mywordpress wordpress
 [root@master-1-230 3]# helm install --dry-run mywordpress wordpress
NAME: mywordpress
LAST DEPLOYED: Sat Dec  2 10:07:21 2023
NAMESPACE: default
STATUS: pending-install
REVISION: 1
TEST SUITE: None
HOOKS:
MANIFEST:
---
# Source: wordpress/charts/mariadb/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: mywordpress-mariadb
  namespace: "default"
  labels:
    app.kubernetes.io/instance: mywordpress
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: mariadb
    app.kubernetes.io/version: 11.1.3
    helm.sh/chart: mariadb-14.1.4
automountServiceAccountToken: false
---
# Source: wordpress/charts/mariadb/templates/secrets.yaml
apiVersion: v1
kind: Secret
metadata:
  name: mywordpress-mariadb
  namespace: "default"
  labels:
    app.kubernetes.io/instance: mywordpress
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: mariadb
    app.kubernetes.io/version: 11.1.3
    helm.sh/chart: mariadb-14.1.4
type: Opaque
data:
  mariadb-root-password: "YnFkTHZyMnRucA=="
  mariadb-password: "QjBxd2luWGxhSg=="
---
# Source: wordpress/templates/secrets.yaml
apiVersion: v1
kind: Secret
metadata:
  name: mywordpress
  namespace: "default"
  labels:
    app.kubernetes.io/instance: mywordpress
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: wordpress
    app.kubernetes.io/version: 6.4.1
    helm.sh/chart: wordpress-18.1.20
type: Opaque
data:
  wordpress-password: "MTIzNDU2"
---
# Source: wordpress/charts/mariadb/templates/primary/configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
  name: mywordpress-mariadb
  namespace: "default"
  labels:
    app.kubernetes.io/instance: mywordpress
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: mariadb
    app.kubernetes.io/version: 11.1.3
    helm.sh/chart: mariadb-14.1.4
    app.kubernetes.io/component: primary
data:
  my.cnf: |-
    [mysqld]
    skip-name-resolve
    explicit_defaults_for_timestamp
    basedir=/opt/bitnami/mariadb
    datadir=/bitnami/mariadb/data
    plugin_dir=/opt/bitnami/mariadb/plugin
    port=3306
    socket=/opt/bitnami/mariadb/tmp/mysql.sock
    tmpdir=/opt/bitnami/mariadb/tmp
    max_allowed_packet=16M
    bind-address=*
    pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
    log-error=/opt/bitnami/mariadb/logs/mysqld.log
    character-set-server=UTF8
    collation-server=utf8_general_ci
    slow_query_log=0
    long_query_time=10.0
    
    [client]
    port=3306
    socket=/opt/bitnami/mariadb/tmp/mysql.sock
    default-character-set=UTF8
    plugin_dir=/opt/bitnami/mariadb/plugin
    
    [manager]
    port=3306
    socket=/opt/bitnami/mariadb/tmp/mysql.sock
    pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
---
# Source: wordpress/templates/pvc.yaml
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: mywordpress
  namespace: "default"
  labels:
    app.kubernetes.io/instance: mywordpress
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: wordpress
    app.kubernetes.io/version: 6.4.1
    helm.sh/chart: wordpress-18.1.20
spec:
  accessModes:
    - "ReadWriteOnce"
  resources:
    requests:
      storage: "10Gi"
---
# Source: wordpress/charts/mariadb/templates/primary/svc.yaml
apiVersion: v1
kind: Service
metadata:
  name: mywordpress-mariadb
  namespace: "default"
  labels:
    app.kubernetes.io/instance: mywordpress
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: mariadb
    app.kubernetes.io/version: 11.1.3
    helm.sh/chart: mariadb-14.1.4
    app.kubernetes.io/component: primary
  annotations:
spec:
  type: ClusterIP
  sessionAffinity: None
  ports:
    - name: mysql
      port: 3306
      protocol: TCP
      targetPort: mysql
      nodePort: null
  selector:
    app.kubernetes.io/instance: mywordpress
    app.kubernetes.io/name: mariadb
    app.kubernetes.io/component: primary
---
# Source: wordpress/templates/svc.yaml
apiVersion: v1
kind: Service
metadata:
  name: mywordpress
  namespace: "default"
  labels:
    app.kubernetes.io/instance: mywordpress
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: wordpress
    app.kubernetes.io/version: 6.4.1
    helm.sh/chart: wordpress-18.1.20
spec:
  type: LoadBalancer
  externalTrafficPolicy: "Cluster"
  sessionAffinity: None
  ports:
    - name: http
      port: 80
      protocol: TCP
      targetPort: http
    - name: https
      port: 443
      protocol: TCP
      targetPort: https
  selector:
    app.kubernetes.io/instance: mywordpress
    app.kubernetes.io/name: wordpress
---
# Source: wordpress/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: mywordpress
  namespace: "default"
  labels:
    app.kubernetes.io/instance: mywordpress
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: wordpress
    app.kubernetes.io/version: 6.4.1
    helm.sh/chart: wordpress-18.1.20
spec:
  selector:
    matchLabels:
      app.kubernetes.io/instance: mywordpress
      app.kubernetes.io/name: wordpress
  strategy:
    type: RollingUpdate
  replicas: 1
  template:
    metadata:
      labels:
        app.kubernetes.io/instance: mywordpress
        app.kubernetes.io/managed-by: Helm
        app.kubernetes.io/name: wordpress
        app.kubernetes.io/version: 6.4.1
        helm.sh/chart: wordpress-18.1.20
    spec:
      
      # yamllint disable rule:indentation
      hostAliases:
        - hostnames:
          - status.localhost
          ip: 127.0.0.1
      # yamllint enable rule:indentation
      affinity:
        podAffinity:
          
        podAntiAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
            - podAffinityTerm:
                labelSelector:
                  matchLabels:
                    app.kubernetes.io/instance: mywordpress
                    app.kubernetes.io/name: wordpress
                topologyKey: kubernetes.io/hostname
              weight: 1
        nodeAffinity:
          
      securityContext:
        fsGroup: 1001
      serviceAccountName: default
      containers:
        - name: wordpress
          image: docker.io/bitnami/wordpress:6.4.1-debian-11-r11
          imagePullPolicy: "IfNotPresent"
          securityContext:
            allowPrivilegeEscalation: false
            capabilities:
              drop:
              - ALL
            privileged: false
            readOnlyRootFilesystem: false
            runAsNonRoot: true
            runAsUser: 1001
            seccompProfile:
              type: RuntimeDefault
          env:
            - name: BITNAMI_DEBUG
              value: "false"
            - name: ALLOW_EMPTY_PASSWORD
              value: "yes"
            - name: MARIADB_HOST
              value: "mywordpress-mariadb"
            - name: MARIADB_PORT_NUMBER
              value: "3306"
            - name: WORDPRESS_DATABASE_NAME
              value: "bitnami_wordpress"
            - name: WORDPRESS_DATABASE_USER
              value: "bn_wordpress"
            - name: WORDPRESS_DATABASE_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: mywordpress-mariadb
                  key: mariadb-password
            - name: WORDPRESS_USERNAME
              value: "user"
            - name: WORDPRESS_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: mywordpress
                  key: wordpress-password
            - name: WORDPRESS_EMAIL
              value: "[email protected]"
            - name: WORDPRESS_FIRST_NAME
              value: "FirstName"
            - name: WORDPRESS_LAST_NAME
              value: "LastName"
            - name: WORDPRESS_HTACCESS_OVERRIDE_NONE
              value: "no"
            - name: WORDPRESS_ENABLE_HTACCESS_PERSISTENCE
              value: "no"
            - name: WORDPRESS_BLOG_NAME
              value: "ikubernetes's Blog!"
            - name: WORDPRESS_SKIP_BOOTSTRAP
              value: "yes"
            - name: WORDPRESS_TABLE_PREFIX
              value: "wp_"
            - name: WORDPRESS_SCHEME
              value: "http"
            - name: WORDPRESS_EXTRA_WP_CONFIG_CONTENT
              value: ""
            - name: WORDPRESS_PLUGINS
              value: "none"
            - name: APACHE_HTTP_PORT_NUMBER
              value: "8080"
            - name: APACHE_HTTPS_PORT_NUMBER
              value: "8443"
          envFrom:
          ports:
            - name: http
              containerPort: 8080
            - name: https
              containerPort: 8443
          livenessProbe:
            failureThreshold: 6
            httpGet:
              httpHeaders: []
              path: /wp-admin/install.php
              port: 'http'
              scheme: 'HTTP'
            initialDelaySeconds: 120
            periodSeconds: 10
            successThreshold: 1
            timeoutSeconds: 5
          readinessProbe:
            failureThreshold: 6
            httpGet:
              httpHeaders: []
              path: /wp-login.php
              port: 'http'
              scheme: 'HTTP'
            initialDelaySeconds: 30
            periodSeconds: 10
            successThreshold: 1
            timeoutSeconds: 5
          resources:
            limits: {}
            requests:
              cpu: 300m
              memory: 512Mi
          volumeMounts:
            - mountPath: /bitnami/wordpress
              name: wordpress-data
              subPath: wordpress
      volumes:
        - name: wordpress-data
          persistentVolumeClaim:
            claimName: mywordpress
---
# Source: wordpress/charts/mariadb/templates/primary/statefulset.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: mywordpress-mariadb
  namespace: "default"
  labels:
    app.kubernetes.io/instance: mywordpress
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: mariadb
    app.kubernetes.io/version: 11.1.3
    helm.sh/chart: mariadb-14.1.4
    app.kubernetes.io/component: primary
spec:
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app.kubernetes.io/instance: mywordpress
      app.kubernetes.io/name: mariadb
      app.kubernetes.io/component: primary
  serviceName: mywordpress-mariadb
  updateStrategy:
    type: RollingUpdate
  template:
    metadata:
      annotations:
        checksum/configuration: c6a5321161e2df513423ab3854de5e3edd858c8e175cae6bc9074c5e09bffa18
      labels:
        app.kubernetes.io/instance: mywordpress
        app.kubernetes.io/managed-by: Helm
        app.kubernetes.io/name: mariadb
        app.kubernetes.io/version: 11.1.3
        helm.sh/chart: mariadb-14.1.4
        app.kubernetes.io/component: primary
    spec:
      
      serviceAccountName: mywordpress-mariadb
      affinity:
        podAffinity:
          
        podAntiAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
            - podAffinityTerm:
                labelSelector:
                  matchLabels:
                    app.kubernetes.io/instance: mywordpress
                    app.kubernetes.io/name: mariadb
                    app.kubernetes.io/component: primary
                topologyKey: kubernetes.io/hostname
              weight: 1
        nodeAffinity:
          
      securityContext:
        fsGroup: 1001
      containers:
        - name: mariadb
          image: docker.io/bitnami/mariadb:11.1.3-debian-11-r0
          imagePullPolicy: "IfNotPresent"
          securityContext:
            allowPrivilegeEscalation: false
            capabilities:
              drop:
              - ALL
            privileged: false
            runAsNonRoot: true
            runAsUser: 1001
            seccompProfile:
              type: RuntimeDefault
          env:
            - name: BITNAMI_DEBUG
              value: "false"
            - name: MARIADB_ROOT_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: mywordpress-mariadb
                  key: mariadb-root-password
            - name: MARIADB_USER
              value: "bn_wordpress"
            - name: MARIADB_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: mywordpress-mariadb
                  key: mariadb-password
            - name: MARIADB_DATABASE
              value: "bitnami_wordpress"
          ports:
            - name: mysql
              containerPort: 3306
          livenessProbe:
            failureThreshold: 3
            initialDelaySeconds: 120
            periodSeconds: 10
            successThreshold: 1
            timeoutSeconds: 1
            exec:
              command:
                - /bin/bash
                - -ec
                - |
                  password_aux="${MARIADB_ROOT_PASSWORD:-}"
                  if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
                      password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
                  fi
                  mysqladmin status -uroot -p"${password_aux}"
          readinessProbe:
            failureThreshold: 3
            initialDelaySeconds: 30
            periodSeconds: 10
            successThreshold: 1
            timeoutSeconds: 1
            exec:
              command:
                - /bin/bash
                - -ec
                - |
                  password_aux="${MARIADB_ROOT_PASSWORD:-}"
                  if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
                      password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
                  fi
                  mysqladmin status -uroot -p"${password_aux}"
          resources: 
            limits: {}
            requests: {}
          volumeMounts:
            - name: data
              mountPath: /bitnami/mariadb
            - name: config
              mountPath: /opt/bitnami/mariadb/conf/my.cnf
              subPath: my.cnf
      volumes:
        - name: config
          configMap:
            name: mywordpress-mariadb
  volumeClaimTemplates:
    - metadata:
        name: data
        labels:
          app.kubernetes.io/instance: mywordpress
          app.kubernetes.io/name: mariadb
          app.kubernetes.io/component: primary
      spec:
        accessModes:
          - "ReadWriteOnce"
        resources:
          requests:
            storage: "8Gi"

NOTES:
CHART NAME: wordpress
CHART VERSION: 18.1.20
APP VERSION: 6.4.1

** Please be patient while the chart is being deployed **

Your WordPress site can be accessed through the following DNS name from within your cluster:

    mywordpress.default.svc.cluster.local (port 80)

To access your WordPress site from outside the cluster follow the steps below:

1. Get the WordPress URL by running these commands:

  NOTE: It may take a few minutes for the LoadBalancer IP to be available.
        Watch the status with: 'kubectl get svc --namespace default -w mywordpress'

   export SERVICE_IP=$(kubectl get svc --namespace default mywordpress --template "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}")
   echo "WordPress URL: http://$SERVICE_IP/"
   echo "WordPress Admin URL: http://$SERVICE_IP/admin"

2. Open a browser and access WordPress using the obtained URL.

3. Login with the following credentials below to see your blog:

  echo Username: user
  echo Password: $(kubectl get secret --namespace default mywordpress -o jsonpath="{.data.wordpress-password}" | base64 -d)
您在 /var/spool/mail/root 中有新邮件

这个命令会使用values.yaml文件中定义的配置参数,安装一个名为mywordpress的新Chart实例

正式部署:

# helm install mywordpress ./wordpress
NAME: mywordpress
LAST DEPLOYED: Sat Dec  2 10:08:06 2023
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
CHART NAME: wordpress
CHART VERSION: 18.1.20
APP VERSION: 6.4.1

** Please be patient while the chart is being deployed **

Your WordPress site can be accessed through the following DNS name from within your cluster:

    mywordpress.default.svc.cluster.local (port 80)

To access your WordPress site from outside the cluster follow the steps below:

1. Get the WordPress URL by running these commands:

  NOTE: It may take a few minutes for the LoadBalancer IP to be available.
        Watch the status with: 'kubectl get svc --namespace default -w mywordpress'

   export SERVICE_IP=$(kubectl get svc --namespace default mywordpress --template "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}")
   echo "WordPress URL: http://$SERVICE_IP/"
   echo "WordPress Admin URL: http://$SERVICE_IP/admin"

2. Open a browser and access WordPress using the obtained URL.

3. Login with the following credentials below to see your blog:

  echo Username: user
  echo Password: $(kubectl get secret --namespace default mywordpress -o jsonpath="{.data.wordpress-password}" | base64 -d)

 

查看部署状态

# kubectl get pvc |grep mywordpress
data-mywordpress-mariadb-0                    Bound    pvc-8c61cd4a-fa86-416f-9410-1c23f65dff15   8Gi        RWO            rook-ceph-block    30s
mywordpress                                   Bound    pvc-ad265aec-9414-4b73-924a-a536bc98c5d4   10Gi       RWO            rook-ceph-block    30s

# kubectl get pod
NAME                           READY   STATUS    RESTARTS      AGE
mywordpress-5479594584-shd5n   0/1     Running   0             56s
mywordpress-mariadb-0          0/1     Running   0             56s

# kubectl get service |grep word
mywordpress           LoadBalancer   10.111.92.47   192.168.1.201   80:30272/TCP,443:31278/TCP   83s
mywordpress-mariadb   ClusterIP      10.110.74.15   <none>          3306/TCP                     83s

访问WordPress

[root@master-1-230 3]# export SERVICE_IP=$(kubectl get svc --namespace default mywordpress --template "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}")
[root@master-1-230 3]#    echo "WordPress URL: http://$SERVICE_IP/"
WordPress URL: http://192.168.1.201/
[root@master-1-230 3]#    echo "WordPress Admin URL: http://$SERVICE_IP/admin"
WordPress Admin URL: http://192.168.1.201/admin
[root@master-1-230 3]# 
[root@master-1-230 3]# echo Username: user
Username: user
[root@master-1-230 3]#   echo Password: $(kubectl get secret --namespace default mywordpress -o jsonpath="{.data.wordpress-password}" | base64 -d)
Password: 123456

标签:day09,end,name,运维,value,wordpress,Helm,Values,include
From: https://www.cnblogs.com/pythonlx/p/17869608.html

相关文章

  • SRE Google运维解密 第一章
    译者序SRE是一群天生的怀疑论者,我们怀疑一切宣传起来"高大上"的技术,以及任何"神奇"的产品一一我们只想看具体的设计架构、实现细节,以及真实的监控图表。SRE在保障系统可靠性方面并没有什么万能药,有的只是这种极强的务实态度(pragmatic)。这种务实的态度决定了SRE会认真对......
  • openGauss学习笔记-135 openGauss 数据库运维-例行维护-检查openGauss健康状态
    openGauss学习笔记-135openGauss数据库运维-例行维护-检查openGauss健康状态135.1检查办法通过openGauss提供的gs_check工具可以开展openGauss健康状态检查。注意事项扩容新节点检查只能在root用户下执行,其他场景都必须在omm用户下执行。必须指定-i或-e参数,-i会检查指定的......
  • 恒驰服务 | 华为云云上运维服务offering
    恒驰运维服务主要针对运维要求高或自身运维能力有限的客户,通过服务增购的形式,提供运维服务以协助客户做好云上资源运维管理,规避业务风险,降低运维开销,提升客户业务稳定性。适用场景:如何保障业务稳定——系统频繁宕机/网站崩溃如何优化如何提升运维能力——缺少云运维人力和经验如何......
  • linux系统运维-基础
    Linux发展史与安装一、Linux发展史1、Linux前身-Unix1968年 Multics项目MIT、Bell实验室、美国通用电气有限公司走到了一起,致力于开发Multics项目。到后期由于开发进度不是很好,MIT和Bell实验室相继离开这个项目的开发,最终导致项目搁浅。 1970年(Unix元年,时间戳)  Unix诞......
  • openGauss学习笔记-134 openGauss 数据库运维-例行维护-检查操作系统参数
    openGauss学习笔记-134openGauss数据库运维-例行维护-检查操作系统参数134.1检查办法通过openGauss提供的gs_checkos工具可以完成操作系统状态检查。前提条件当前的硬件和网络环境正常。各主机间root互信状态正常。只能使用root用户执行gs_checkos命令。操作步骤以r......
  • 软件运维实施checklist
    软件运维实施checklist可以帮助您确保在部署和维护软件时没有遗漏或错误。以下是一些通用的步骤,可用于创建一个软件运维实施checklist:定义需求:定义您要检查的内容,例如安全、性能、可靠性、兼容性等。确定关键指标:确定关键指标,以便您可以跟踪和分析每个指标的性能。制定操作策略......
  • 运维应急流程
    运维应急流程原创 gaolc888 运维笑谈 2023-11-1608:00 发表于广东收录于合集#运维流程3个1.目的规范IT紧急故障的处理过程,以最快时间诊断和定位故障原因,采取或制定最佳应急方案,在最短时间内恢复系统故障。2.正文2.1术语定义紧急故障处理是运营体系服务保障......
  • 智慧城市大脑,运维无忧!
      运维管理软件在智慧城市中发挥着重要的作用,可以提升IT资源管理效率、保障城市运营安全稳定、实现数据可视化与智能分析、优化资源配置与决策支持、促进智慧城市可持续发展。在智慧城市中,运维管理软件的应用场景非常广泛。以下是其中几个具体应用场景:1. 政务云数据中心:运维管......
  • 运维初级实践——Linux系统命令教程
    区块链运维工程师在Linux环境中常用的命令、快捷键,以及安装软件和文件管理的最佳实践。1.常用Linux命令1.1文件和目录操作ls:列出目录内容cd:更改目录mkdir:创建新目录rm:删除文件或目录cp:复制文件或目录mv:移动或重命名文件或目录#列出当前目录的内容ls......
  • Oracle 数据库表空间运维
    --https://blog.csdn.net/hanjianahanjian/article/details/83871567--1、block:是Oracle中存储数据块的最小单位,所以数据最终都是存储在block中。它也被称为逻辑blocks或是页(pages)。每个操作系统都有自己的blocksize。而这里的block是Oracle自己的,不同2于2、extent:OS的blocks......