一、Helm开发与实践
1、Helm Chart详解
1.1 Chart 目录结果
# helm create nginx
Creating nginx
# tree nginx
nginx
├── charts
├── Chart.yaml
├── templates
│ ├── deployment.yaml
│ ├── _helpers.tpl
│ ├── hpa.yaml
│ ├── ingress.yaml
│ ├── NOTES.txt
│ ├── serviceaccount.yaml
│ ├── service.yaml
│ └── tests
│ └── test-connection.yaml
└── values.yaml
3 directories, 10 files1.2 Chart.yaml 文件
# cat Chart.yaml
apiVersion: v2
name: nginx
description: A Helm chart for Kubernetes
# A chart can be either an 'application' or a 'library' chart.
#
# Application charts are a collection of templates that can be packaged into versioned archives
# to be deployed.
#
# Library charts provide useful utilities or functions for the chart developer. They're included as
# a dependency of application charts to inject those utilities and functions into the rendering
# pipeline. Library charts do not define any templates and therefore cannot be deployed.
type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.1.0
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.
appVersion: "1.16.0"1.3 Chart 管理依赖(dependencies)
当前chart依赖的其他chart会在dependencies字段定义为一个列表
dependencies:
- name: apache
version: 1.2.3
repositort: https://example.com/charts
- name: mysql
version: 3.2.1
repositort: https://another.example/charts- name: chart的名称
- version:chart的版本
- repository:chat 仓库的完整URL。必须使用helm repo add在本地添加仓库,也可以使用仓库的名称代替URL
2、Helm开放实践
基于Helm开放一个常规应用的步骤及YAML文件
2.1 安装Helm
参考官网安装Helm
2.2 创建Helm chart
执行以下命令创建一个新的Helm chart
# helm create app
Creating appmyapp 是chart的名称,可根据需要进行修改
2.3 编辑values.yaml 文件
进入chart目录,编辑values文件,修改配置项,如应用名称、端口号、镜像名称等
# cat values.yaml
# Default values for app.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
replicaCount: 1
appName: myapp
image:
repository: nginx
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
tag: "1.25.2"
db:
host: "192.168.239.128"
port: "3306"
user: "root"
password: "aa123456"
containerPort: 8080
servicePort: 80802.4 编辑deployment.yaml 文件
编辑templates/deployment.yaml文件,定义应用的Deployment。
# cat templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Values.appName }}-deployment
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
app: {{ .Values.appName }}
template:
metadata:
labels:
app: {{ .Values.appName }}
spec:
containers:
- name: {{ .Values.appName }}
image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
ports:
- containerPort: {{ .Values.containerPort }}
env:
- name: DB_HOST
value: {{ .Values.db.host }}
- name: DB_PORT
value: "{{ .Values.db.port }}"
- name: DB_USER
value: {{ .Values.db.user }}
- name: DB_PASSWORD
value: {{ .Values.db.password }}定义Deployment 使用了values.yaml
文件中定义的配置项。其中,replicas表示副本数,selector表示选择器,template表示Pod模版,containers表示容器列表,env表示环境变量
编辑service.yaml文件
# cat templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: {{ .Values.appName }}
spec:
ports:
- port: {{ .Values.servicePort }}
targetPort: {{ .Values.containerPort }}
protocol: TCP
name: http
selector:
app: {{ .Values.appName }}
type: LoadBalancer定义一个Service,使用values.yaml 文件中定义的配置项。其中selector表示选择器,ports表示端口映射,type表示Service类型。
打包Helm chart
执行以下命令将Helm chart 打包
# helm package app/
Successfully packaged chart and saved it to: /root/Helm/app-0.1.0.tgz部署Helm chart
执行以下命令部署Helm chart
# helm install myapp --dry-run app
NAME: myapp
LAST DEPLOYED: Fri Dec 1 15:54:39 2023
NAMESPACE: default
STATUS: pending-install
REVISION: 1
TEST SUITE: None
HOOKS:
MANIFEST:
---
# Source: app/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: myapp
spec:
ports:
- port: 8080
targetPort: 8080
protocol: TCP
name: http
selector:
app: myapp
type: LoadBalancer
---
# Source: app/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: myapp-deployment
spec:
replicas: 1
selector:
matchLabels:
app: myapp
template:
metadata:
labels:
app: myapp
spec:
containers:
- name: myapp
image: nginx:1.25.2
ports:
- containerPort: 8080
env:
- name: DB_HOST
value: 192.168.239.128
- name: DB_PORT
value: "3306"
- name: DB_USER
value: root
- name: DB_PASSWORD
value: aa123456
NOTES:
hank you for installing app.
Your release is named myapp.
To learn more about the release, try:
$ helm status myapp
$ helm get all myapp 
# helm list
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
myapp default 1 2023-12-01 15:53:03.33850538 +0800 CST deployed app-0.1.0 其中,myapp是部署的名称,可以根据需要进行修改
以上就是基于Helm开发一个常规应用的步骤及所用到的YAML文件。
二、基于Helm的方式运维管理应用
1、基于helm 安装WordPress
1.1 方式一
1、添加WordPress chart 仓库
执行以下命令添加WordPress chart 仓库
# helm repo add bitnami https://charts.bitnami.com/bitnami
"bitnami" has been added to your repositories创建一个名为wordpress的命名空间
# kubectl create namespace wordpress
namespace/wordpress created2、创建values.yaml 文件
在本地创建一个values.yaml文件,用于WordPress的相关参数。
# cat values.yaml
# WordPress相关配置
wordpressUsername: admin
wordpressPassword: a123456
wordpressEmail: [email protected]
wordpressBlogName: k8syyds Blog
# Service相关配置
service:
type: NodePort
port: 80
nodePorts:
http: "32088"
# MySQL相关配置
mysql:
image:
repository: bitnami/mysql
tag: 8.0.26-debian-10-r0
pullPolicy: IfNotPresent
user: wordpress
database: wordpress
port: 3306
persistence:
enabled: true
size: 8Gi
storageClass: "nfs-storageclass"
# WordPress相关配置
wordpress:
image:
repository: bitnami/wordpress
tag: 5.8.1-debian-10-r0
pullPolicy: IfNotPresent
replicaCount: 1
persistence:
enabled: true
size: 8Gi
storageClass: "nfs-storageclass"3、安装WordPress
执行以下命令安装WordPress
# helm install k8swordpress1 bitnami/wordpress -f values.yaml
NAME: k8swordpress1
LAST DEPLOYED: Sat Dec 2 09:56:17 2023
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
CHART NAME: wordpress
CHART VERSION: 18.1.11
APP VERSION: 6.4.1
** Please be patient while the chart is being deployed **
Your WordPress site can be accessed through the following DNS name from within your cluster:
k8swordpress1.default.svc.cluster.local (port 80)
To access your WordPress site from outside the cluster follow the steps below:
1. Get the WordPress URL by running these commands:
export NODE_PORT=$(kubectl get --namespace default -o jsonpath="{.spec.ports[0].nodePort}" services k8swordpress1)
export NODE_IP=$(kubectl get nodes --namespace default -o jsonpath="{.items[0].status.addresses[0].address}")
echo "WordPress URL: http://$NODE_IP:$NODE_PORT/"
echo "WordPress Admin URL: http://$NODE_IP:$NODE_PORT/admin"
2. Open a browser and access WordPress using the obtained URL.
3. Login with the following credentials below to see your blog:
echo Username: admin
echo Password: $(kubectl get secret --namespace default k8swordpress1 -o jsonpath="{.data.wordpress-password}" | base64 -d)其中,mywordpress01 是安装的WordPress的名称,bitnami/wordpress 是Helm官方提供的WordPress Chart,-f values.yaml 指定使用上一步创建的values.yaml 文件,-n wordpress 指定安装的命名空间位wordpress
4、查看安装状态
执行以下命令查看安装状态
# kubectl get pods,services,pvc |grep k8s
pod/k8swordpress1-75d9749c9b-rvbdr 1/1 Running 0 2m35s
pod/k8swordpress1-mariadb-0 1/1 Running 0 2m35s
service/k8swordpress1 NodePort 10.100.27.218 <none> 80:32088/TCP,443:32110/TCP 2m35s
service/k8swordpress1-mariadb ClusterIP 10.102.94.255 <none> 3306/TCP 2m35s
persistentvolumeclaim/data-k8swordpress1-mariadb-0 Bound pvc-a8967458-9ebe-493d-b7c7-1f3aa4f82024 8Gi RWO rook-ceph-block 2m35s
persistentvolumeclaim/k8swordpress1 Bound pvc-0d39ae1c-0ab7-4ad7-bde8-4ad17d633e45 10Gi RWO rook-ceph-block 2m35s5、升级WordPress
helm upgrade mywordpress01 bitnami/wordpress -f values.yaml删除wordpress
helm uninstall mywordpress016、访问WordPress
[root@master-1-230 3]# echo "WordPress URL: http://$(kubectl get svc k8swordpress1 -o jsonpath='{.status.loadBalancer.ingress[0].ip}')"
WordPress URL: http://
[root@master-1-230 3]# export NODE_PORT=$(kubectl get --namespace default -o jsonpath="{.spec.ports[0].nodePort}" services k8swordpress1)
[root@master-1-230 3]# export NODE_IP=$(kubectl get nodes --namespace default -o jsonpath="{.items[0].status.addresses[0].address}")
[root@master-1-230 3]# echo "WordPress URL: http://$NODE_IP:$NODE_PORT/"
WordPress URL: http://192.168.1.230:32088/
[root@master-1-230 3]# echo "WordPress Admin URL: http://$NODE_IP:$NODE_PORT/admin"
WordPress Admin URL: http://192.168.1.230:32088/admin
[root@master-1-230 3]# echo Username: admin
Username: admin
[root@master-1-230 3]# echo Password: $(kubectl get secret --namespace default k8swordpress1 -o jsonpath="{.data.wordpress-password}" | base64 -d)
Password: a123456
1.2 方式二
以下基于Helm的WordPress chart 包的示例
下载WordPress chart
执行以下命令将WordPress chart 下载到本地
helm fetch bitnami/wordpress解压WordPress chart
# tar zxvf wordpress-18.1.20.tgz修改values.yaml 文件
在wordpress目录下,修改values.yaml文件
cat values.yaml |egrep -v "#|^$"
# cat values.yaml |egrep -v "#|^$"
global:
imageRegistry: ""
torageclassmagePullSecrets: []
storageClass: ""
kubeVersion: ""
nameOverride: ""
fullnameOverride: ""
commonLabels: {}
commonAnnotations: {}
clusterDomain: cluster.local
extraDeploy: []
diagnosticMode:
enabled: false
command:
- sleep
args:
- infinity
image:
registry: docker.io
repository: bitnami/wordpress
tag: 6.4.1-debian-11-r11
digest: ""
pullPolicy: IfNotPresent
pullSecrets: []
debug: false
wordpressUsername: user
wordpressPassword: "123456"
existingSecret: ""
wordpressEmail: [email protected]
wordpressFirstName: FirstName
wordpressLastName: LastName
wordpressBlogName: ikubernetes's Blog!
wordpressTablePrefix: wp_
wordpressScheme: http
wordpressSkipInstall: true
wordpressExtraConfigContent: ""
wordpressConfiguration: ""
existingWordPressConfigurationSecret: ""
wordpressConfigureCache: false
wordpressPlugins: none
apacheConfiguration: ""
existingApacheConfigurationConfigMap: ""
customPostInitScripts: {}
smtpHost: ""
smtpPort: ""
smtpUser: ""
smtpPassword: ""
smtpProtocol: ""
smtpExistingSecret: ""
allowEmptyPassword: true
allowOverrideNone: false
overrideDatabaseSettings: false
htaccessPersistenceEnabled: false
customHTAccessCM: ""
command: []
args: []
extraEnvVars: []
extraEnvVarsCM: ""
extraEnvVarsSecret: ""
multisite:
enable: false
host: ""
networkType: subdomain
enableNipIoRedirect: false
replicaCount: 1
updateStrategy:
type: RollingUpdate
schedulerName: ""
terminationGracePeriodSeconds: ""
topologySpreadConstraints: []
priorityClassName: ""
hostAliases:
- ip: "127.0.0.1"
hostnames:
- "status.localhost"
extraVolumes: []
extraVolumeMounts: []
sidecars: []
initContainers: []
podLabels: {}
podAnnotations: {}
podAffinityPreset: ""
podAntiAffinityPreset: soft
nodeAffinityPreset:
type: ""
key: ""
values: []
affinity: {}
nodeSelector: {}
tolerations: []
resources:
limits: {}
requests:
memory: 512Mi
cpu: 300m
containerPorts:
http: 8080
https: 8443
extraContainerPorts: []
podSecurityContext:
enabled: true
fsGroup: 1001
containerSecurityContext:
enabled: true
runAsUser: 1001
runAsNonRoot: true
privileged: false
readOnlyRootFilesystem: false
allowPrivilegeEscalation: false
capabilities:
drop: ["ALL"]
seccompProfile:
type: "RuntimeDefault"
livenessProbe:
enabled: true
httpGet:
path: /wp-admin/install.php
port: '{{ .Values.wordpressScheme }}'
scheme: '{{ .Values.wordpressScheme | upper }}'
httpHeaders: []
initialDelaySeconds: 120
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
readinessProbe:
enabled: true
httpGet:
path: /wp-login.php
port: '{{ .Values.wordpressScheme }}'
scheme: '{{ .Values.wordpressScheme | upper }}'
httpHeaders: []
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
startupProbe:
enabled: false
httpGet:
path: /wp-login.php
port: '{{ .Values.wordpressScheme }}'
scheme: '{{ .Values.wordpressScheme | upper }}'
httpHeaders: []
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
customLivenessProbe: {}
customReadinessProbe: {}
customStartupProbe: {}
lifecycleHooks: {}
service:
type: LoadBalancer
ports:
http: 80
https: 443
httpsTargetPort: https
nodePorts:
http: ""
https: ""
sessionAffinity: None
sessionAffinityConfig: {}
clusterIP: ""
loadBalancerIP: ""
loadBalancerSourceRanges: []
externalTrafficPolicy: Cluster
annotations: {}
extraPorts: []
ingress:
enabled: false
pathType: ImplementationSpecific
apiVersion: ""
ingressClassName: ""
hostname: wordpress.local
path: /
annotations: {}
tls: false
tlsWwwPrefix: false
selfSigned: false
extraHosts: []
extraPaths: []
extraTls: []
secrets: []
extraRules: []
persistence:
enabled: true
storageClass: ""
accessModes:
- ReadWriteOnce
accessMode: ReadWriteOnce
size: 10Gi
dataSource: {}
existingClaim: ""
selector: {}
annotations: {}
volumePermissions:
enabled: false
image:
registry: docker.io
repository: bitnami/os-shell
tag: 11-debian-11-r91
digest: ""
pullPolicy: IfNotPresent
pullSecrets: []
resources:
limits: {}
requests: {}
containerSecurityContext:
runAsUser: 0
serviceAccount:
create: false
name: ""
automountServiceAccountToken: true
annotations: {}
pdb:
create: false
minAvailable: 1
maxUnavailable: ""
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 11
targetCPU: 50
targetMemory: 50
metrics:
enabled: false
image:
registry: docker.io
repository: bitnami/apache-exporter
tag: 1.0.3-debian-11-r1
digest: ""
pullPolicy: IfNotPresent
pullSecrets: []
containerPorts:
metrics: 9117
livenessProbe:
enabled: true
initialDelaySeconds: 15
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 3
failureThreshold: 3
successThreshold: 1
startupProbe:
enabled: false
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 1
failureThreshold: 15
successThreshold: 1
customLivenessProbe: {}
customReadinessProbe: {}
customStartupProbe: {}
resources:
limits: {}
requests: {}
service:
ports:
metrics: 9150
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "{{ .Values.metrics.containerPorts.metrics }}"
serviceMonitor:
enabled: false
namespace: ""
interval: ""
scrapeTimeout: ""
labels: {}
selector: {}
relabelings: []
metricRelabelings: []
honorLabels: false
jobLabel: ""
networkPolicy:
enabled: false
metrics:
enabled: false
podSelector: {}
namespaceSelector: {}
ingress:
enabled: false
podSelector: {}
namespaceSelector: {}
ingressRules:
backendOnlyAccessibleByFrontend: false
customBackendSelector: {}
accessOnlyFrom:
enabled: false
podSelector: {}
namespaceSelector: {}
customRules: {}
egressRules:
denyConnectionsToExternal: false
customRules: {}
mariadb:
enabled: true
architecture: standalone
auth:
rootPassword: ""
database: bitnami_wordpress
username: bn_wordpress
password: ""
primary:
persistence:
enabled: true
storageClass: ""
accessModes:
- ReadWriteOnce
size: 8Gi
externalDatabase:
host: localhost
port: 3306
user: bn_wordpress
password: ""
database: bitnami_wordpress
existingSecret: ""
memcached:
enabled: false
auth:
enabled: false
username: ""
password: ""
existingPasswordSecret: ""
service:
port: 11211
externalCache:
host: localhost
port: 11211deployment.yaml
在wordpress/templates目录下,查看deployment.yaml 文件
# cat templates/deployment.yaml
# cat templates/deployment.yaml
{{- /*
Copyright VMware, Inc.
SPDX-License-Identifier: APACHE-2.0
*/}}
apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }}
kind: Deployment
metadata:
name: {{ include "common.names.fullname" . }}
namespace: {{ .Release.Namespace | quote }}
labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
spec:
{{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }}
selector:
matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }}
{{- if .Values.updateStrategy }}
strategy: {{- toYaml .Values.updateStrategy | nindent 4 }}
{{- end }}
{{- if not .Values.autoscaling.enabled }}
replicas: {{ .Values.replicaCount }}
{{- end }}
template:
metadata:
labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }}
{{- if or .Values.podAnnotations .Values.metrics.enabled (include "wordpress.createConfigSecret" .) }}
annotations:
{{- if .Values.podAnnotations }}
{{- include "common.tplvalues.render" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.metrics.podAnnotations }}
{{- include "common.tplvalues.render" (dict "value" .Values.metrics.podAnnotations "context" $) | nindent 8 }}
{{- end }}
{{- if (include "wordpress.createConfigSecret" .) }}
checksum/config-secret: {{ include (print $.Template.BasePath "/config-secret.yaml") . | sha256sum }}
{{- end }}
{{- end }}
spec:
{{- include "wordpress.imagePullSecrets" . | nindent 6 }}
{{- if .Values.hostAliases }}
# yamllint disable rule:indentation
hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.hostAliases "context" $) | nindent 8 }}
# yamllint enable rule:indentation
{{- end }}
{{- if .Values.affinity }}
affinity: {{- include "common.tplvalues.render" (dict "value" .Values.affinity "context" $) | nindent 8 }}
{{- else }}
affinity:
podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAffinityPreset "customLabels" $podLabels "context" $) | nindent 10 }}
podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAntiAffinityPreset "customLabels" $podLabels "context" $) | nindent 10 }}
nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.nodeAffinityPreset.type "key" .Values.nodeAffinityPreset.key "values" .Values.nodeAffinityPreset.values) | nindent 10 }}
{{- end }}
{{- if .Values.nodeSelector }}
nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.nodeSelector "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.tolerations }}
tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tolerations "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.priorityClassName }}
priorityClassName: {{ .Values.priorityClassName }}
{{- end }}
{{- if .Values.schedulerName }}
schedulerName: {{ .Values.schedulerName | quote }}
{{- end }}
{{- if .Values.podSecurityContext.enabled }}
securityContext: {{- omit .Values.podSecurityContext "enabled" | toYaml | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "wordpress.serviceAccountName" .}}
{{- if .Values.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }}
{{- end }}
{{- if .Values.topologySpreadConstraints }}
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.topologySpreadConstraints "context" .) | nindent 8 }}
{{- end }}
{{- if or (and .Values.podSecurityContext.enabled .Values.volumePermissions.enabled .Values.persistence.enabled) (.Values.initContainers) }}
initContainers:
{{- if and .Values.podSecurityContext.enabled .Values.volumePermissions.enabled .Values.persistence.enabled }}
- name: volume-permissions
image: "{{ include "wordpress.volumePermissions.image" . }}"
imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
command:
- /bin/bash
args:
- -ec
- |
mkdir -p /bitnami/wordpress
{{- if eq ( toString ( .Values.volumePermissions.containerSecurityContext.runAsUser )) "auto" }}
find /bitnami/wordpress -mindepth 0 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | xargs -r chown -R $(id -u):$(id -G | cut -d " " -f2)
{{- else }}
find /bitnami/wordpress -mindepth 0 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | xargs -r chown -R {{ .Values.containerSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }}
{{- end }}
{{- if eq ( toString ( .Values.volumePermissions.containerSecurityContext.runAsUser )) "auto " }}
securityContext: {{- omit .Values.volumePermissions.containerSecurityContext "runAsUser" | toYaml | nindent 12 }}
{{- else }}
securityContext: {{- .Values.volumePermissions.containerSecurityContext | toYaml | nindent 12 }}
{{- end }}
{{- if .Values.volumePermissions.resources }}
resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }}
{{- end }}
volumeMounts:
- mountPath: /bitnami/wordpress
name: wordpress-data
subPath: wordpress
{{- end }}
{{- if .Values.initContainers }}
{{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }}
{{- end }}
{{- end }}
containers:
- name: wordpress
image: {{ include "wordpress.image" . }}
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
{{- if .Values.diagnosticMode.enabled }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
{{- else if .Values.command }}
command: {{- include "common.tplvalues.render" ( dict "value" .Values.command "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.diagnosticMode.enabled }}
args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }}
{{- else if .Values.args }}
args: {{- include "common.tplvalues.render" ( dict "value" .Values.args "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.containerSecurityContext "enabled" | toYaml | nindent 12 }}
{{- end }}
env:
- name: BITNAMI_DEBUG
value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }}
- name: ALLOW_EMPTY_PASSWORD
value: {{ ternary "yes" "no" .Values.allowEmptyPassword | quote }}
- name: MARIADB_HOST
value: {{ include "wordpress.databaseHost" . | quote }}
- name: MARIADB_PORT_NUMBER
value: {{ include "wordpress.databasePort" . | quote }}
- name: WORDPRESS_DATABASE_NAME
value: {{ include "wordpress.databaseName" . | quote }}
- name: WORDPRESS_DATABASE_USER
value: {{ include "wordpress.databaseUser" . | quote }}
- name: WORDPRESS_DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "wordpress.databaseSecretName" . }}
key: mariadb-password
- name: WORDPRESS_USERNAME
value: {{ .Values.wordpressUsername | quote }}
- name: WORDPRESS_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "wordpress.secretName" . }}
key: wordpress-password
- name: WORDPRESS_EMAIL
value: {{ .Values.wordpressEmail | quote }}
- name: WORDPRESS_FIRST_NAME
value: {{ .Values.wordpressFirstName | quote }}
- name: WORDPRESS_LAST_NAME
value: {{ .Values.wordpressLastName | quote }}
- name: WORDPRESS_HTACCESS_OVERRIDE_NONE
value: {{ ternary "yes" "no" .Values.allowOverrideNone | quote }}
- name: WORDPRESS_ENABLE_HTACCESS_PERSISTENCE
value: {{ ternary "yes" "no" .Values.htaccessPersistenceEnabled | quote }}
- name: WORDPRESS_BLOG_NAME
value: {{ .Values.wordpressBlogName | quote }}
- name: WORDPRESS_SKIP_BOOTSTRAP
value: {{ ternary "yes" "no" .Values.wordpressSkipInstall | quote }}
- name: WORDPRESS_TABLE_PREFIX
value: {{ .Values.wordpressTablePrefix | quote }}
- name: WORDPRESS_SCHEME
value: {{ .Values.wordpressScheme | quote }}
- name: WORDPRESS_EXTRA_WP_CONFIG_CONTENT
value: {{ .Values.wordpressExtraConfigContent | quote }}
- name: WORDPRESS_PLUGINS
value: {{ join "," .Values.wordpressPlugins | quote }}
- name: APACHE_HTTP_PORT_NUMBER
value: {{ .Values.containerPorts.http | quote }}
- name: APACHE_HTTPS_PORT_NUMBER
value: {{ .Values.containerPorts.https | quote }}
{{- if .Values.overrideDatabaseSettings }}
- name: WORDPRESS_OVERRIDE_DATABASE_SETTINGS
value: "yes"
{{- end }}
{{- if .Values.multisite.enable }}
- name: WORDPRESS_ENABLE_MULTISITE
value: "yes"
- name: WORDPRESS_MULTISITE_HOST
value: {{ .Values.multisite.host | quote }}
- name: WORDPRESS_MULTISITE_EXTERNAL_HTTP_PORT_NUMBER
value: {{ .Values.service.ports.http | quote }}
- name: WORDPRESS_MULTISITE_EXTERNAL_HTTPS_PORT_NUMBER
value: {{ .Values.service.ports.https | quote }}
- name: WORDPRESS_MULTISITE_NETWORK_TYPE
value: {{ .Values.multisite.networkType | quote }}
- name: WORDPRESS_MULTISITE_ENABLE_NIP_IO_REDIRECTION
value: {{ ternary "yes" "no" .Values.multisite.enableNipIoRedirect | quote }}
{{- end }}
{{- if .Values.smtpHost }}
- name: SMTP_HOST
value: {{ .Values.smtpHost | quote }}
{{- end }}
{{- if .Values.smtpPort }}
- name: SMTP_PORT
value: {{ .Values.smtpPort | quote }}
{{- end }}
{{- if .Values.smtpUser }}
- name: SMTP_USER
value: {{ .Values.smtpUser | quote }}
{{- end }}
{{- if or .Values.smtpPassword .Values.smtpExistingSecret }}
- name: SMTP_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "wordpress.smtpSecretName" . }}
key: smtp-password
{{- end }}
{{- if .Values.smtpProtocol }}
- name: SMTP_PROTOCOL
value: {{ .Values.smtpProtocol | quote }}
{{- end }}
{{- if .Values.extraEnvVars }}
{{- include "common.tplvalues.render" (dict "value" .Values.extraEnvVars "context" $) | nindent 12 }}
{{- end }}
envFrom:
{{- if .Values.extraEnvVarsCM }}
- configMapRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsCM "context" $) }}
{{- end }}
{{- if .Values.extraEnvVarsSecret }}
- secretRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsSecret "context" $) }}
{{- end }}
ports:
- name: http
containerPort: {{ .Values.containerPorts.http }}
- name: https
containerPort: {{ .Values.containerPorts.https }}
{{- if .Values.extraContainerPorts }}
{{- include "common.tplvalues.render" (dict "value" .Values.extraContainerPorts "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.lifecycleHooks }}
lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.lifecycleHooks "context" $) | nindent 12 }}
{{- end }}
{{- if not .Values.diagnosticMode.enabled }}
{{- if .Values.customLivenessProbe }}
livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customLivenessProbe "context" $) | nindent 12 }}
{{- else if .Values.livenessProbe.enabled }}
livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.livenessProbe "enabled") "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.customReadinessProbe }}
readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customReadinessProbe "context" $) | nindent 12 }}
{{- else if .Values.readinessProbe.enabled }}
readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.readinessProbe "enabled") "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.customStartupProbe }}
startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customStartupProbe "context" $) | nindent 12 }}
{{- else if .Values.startupProbe.enabled }}
startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.startupProbe "enabled") "context" $) | nindent 12 }}
{{- end }}
{{- end }}
{{- if .Values.resources }}
resources: {{- toYaml .Values.resources | nindent 12 }}
{{- end }}
volumeMounts:
- mountPath: /bitnami/wordpress
name: wordpress-data
subPath: wordpress
{{- if or .Values.wordpressConfiguration .Values.existingWordPressConfigurationSecret }}
- name: wordpress-config
mountPath: /opt/bitnami/wordpress/wp-config.php
subPath: wp-config.php
{{- end }}
{{- if or .Values.apacheConfiguration .Values.existingApacheConfigurationConfigMap }}
- name: apache-config
mountPath: /opt/bitnami/apache/conf/httpd.conf
subPath: httpd.conf
{{- end }}
{{- if and (not .Values.allowOverrideNone) .Values.customHTAccessCM }}
- mountPath: /opt/bitnami/apache/conf/vhosts/htaccess
name: custom-htaccess
{{- end }}
{{- if or .Values.customPostInitScripts .Values.wordpressConfigureCache }}
- mountPath: /docker-entrypoint-init.d
name: custom-postinit
{{- end }}
{{- if .Values.extraVolumeMounts }}
{{- include "common.tplvalues.render" (dict "value" .Values.extraVolumeMounts "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.metrics.enabled }}
- name: metrics
image: {{ include "wordpress.metrics.image" . }}
imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }}
{{- if .Values.diagnosticMode.enabled }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }}
{{- else if .Values.diagnosticMode.enabled }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
{{- else }}
command:
- /bin/apache_exporter
- --scrape_uri
- http://status.localhost:8080/server-status/?auto
{{- end }}
ports:
- name: metrics
containerPort: {{ .Values.metrics.containerPorts.metrics }}
{{- if not .Values.diagnosticMode.enabled }}
{{- if .Values.metrics.customLivenessProbe }}
livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customLivenessProbe "context" $) | nindent 12 }}
{{- else if .Values.metrics.livenessProbe.enabled }}
livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.livenessProbe "enabled") "context" $) | nindent 12 }}
httpGet:
path: /metrics
port: metrics
{{- end }}
{{- if .Values.metrics.customReadinessProbe }}
readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customReadinessProbe "context" $) | nindent 12 }}
{{- else if .Values.metrics.readinessProbe.enabled }}
readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.readinessProbe "enabled") "context" $) | nindent 12 }}
httpGet:
path: /metrics
port: metrics
{{- end }}
{{- if .Values.metrics.customStartupProbe }}
startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customStartupProbe "context" $) | nindent 12 }}
{{- else if .Values.metrics.startupProbe.enabled }}
startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.startupProbe "enabled") "context" $) | nindent 12 }}
tcpSocket:
port: metrics
{{- end }}
{{- end }}
{{- if .Values.metrics.resources }}
resources: {{- toYaml .Values.metrics.resources | nindent 12 }}
{{- end }}
{{- end }}
{{- if .Values.sidecars }}
{{- include "common.tplvalues.render" (dict "value" .Values.sidecars "context" $) | nindent 8 }}
{{- end }}
volumes:
{{- if or .Values.wordpressConfiguration .Values.existingWordPressConfigurationSecret }}
- name: wordpress-config
secret:
secretName: {{ include "wordpress.configSecretName" . }}
defaultMode: 0644
{{- end }}
{{- if or .Values.apacheConfiguration .Values.existingApacheConfigurationConfigMap }}
- name: apache-config
configMap:
name: {{ include "wordpress.apache.configmapName" . }}
defaultMode: 0644
{{- end }}
{{- if and (not .Values.allowOverrideNone) .Values.customHTAccessCM }}
- name: custom-htaccess
configMap:
name: {{ include "wordpress.customHTAccessCM" . }}
items:
- key: wordpress-htaccess.conf
path: wordpress-htaccess.conf
{{- end }}
{{- if or .Values.customPostInitScripts .Values.wordpressConfigureCache }}
- name: custom-postinit
configMap:
name: {{ printf "%s-postinit" (include "common.names.fullname" .) }}
defaultMode: 0755
{{- end }}
- name: wordpress-data
{{- if .Values.persistence.enabled }}
persistentVolumeClaim:
claimName: {{ .Values.persistence.existingClaim | default (include "common.names.fullname" .) }}
{{- else }}
emptyDir: {}
{{- end }}
{{- if .Values.extraVolumes }}
{{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }}
{{- end }}ingress.yaml文件
# cat templates/ingress.yaml
# cat templates/ingress.yaml
{{- /*
Copyright VMware, Inc.
SPDX-License-Identifier: APACHE-2.0
*/}}
{{- if .Values.ingress.enabled }}
apiVersion: {{ include "common.capabilities.ingress.apiVersion" . }}
kind: Ingress
metadata:
name: {{ include "common.names.fullname" . }}
namespace: {{ .Release.Namespace | quote }}
labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- if or .Values.ingress.annotations .Values.commonAnnotations }}
{{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.ingress.annotations .Values.commonAnnotations ) "context" . ) }}
annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }}
{{- end }}
spec:
{{- if and .Values.ingress.ingressClassName (eq "true" (include "common.ingress.supportsIngressClassname" .)) }}
ingressClassName: {{ .Values.ingress.ingressClassName | quote }}
{{- end }}
rules:
{{- if .Values.ingress.hostname }}
- host: {{ tpl .Values.ingress.hostname $ | quote }}
http:
paths:
{{- if .Values.ingress.extraPaths }}
{{- toYaml .Values.ingress.extraPaths | nindent 10 }}
{{- end }}
- path: {{ .Values.ingress.path }}
{{- if eq "true" (include "common.ingress.supportsPathType" .) }}
pathType: {{ .Values.ingress.pathType }}
{{- end }}
backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" .) "servicePort" "http" "context" $) | nindent 14 }}
{{- end }}
{{- range .Values.ingress.extraHosts }}
- host: {{ tpl .name $ | quote }}
http:
paths:
- path: {{ default "/" .path }}
{{- if eq "true" (include "common.ingress.supportsPathType" $) }}
pathType: {{ default "ImplementationSpecific" .pathType }}
{{- end }}
backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" $) "servicePort" "http" "context" $) | nindent 14 }}
{{- end }}
{{- if .Values.ingress.extraRules }}
{{- include "common.tplvalues.render" (dict "value" .Values.ingress.extraRules "context" $) | nindent 4 }}
{{- end }}
{{- if or (and .Values.ingress.tls (or (include "common.ingress.certManagerRequest" ( dict "annotations" .Values.ingress.annotations )) .Values.ingress.selfSigned)) .Values.ingress.extraTls }}
tls:
{{- if and .Values.ingress.tls (or (include "common.ingress.certManagerRequest" ( dict "annotations" .Values.ingress.annotations )) .Values.ingress.selfSigned) }}
- hosts:
- {{ tpl .Values.ingress.hostname $ | quote }}
{{- if or (.Values.ingress.tlsWwwPrefix) (eq (index .Values.ingress.annotations "nginx.ingress.kubernetes.io/from-to-www-redirect") "true" ) }}
- {{ printf "www.%s" (tpl .Values.ingress.hostname $) | quote }}
{{- end }}
secretName: {{ printf "%s-tls" (tpl .Values.ingress.hostname $) }}
{{- end }}
{{- if .Values.ingress.extraTls }}
{{- include "common.tplvalues.render" (dict "value" .Values.ingress.extraTls "context" $) | nindent 4 }}
{{- end }}
{{- end }}
{{- end }}pvc.yaml
# cat templates/pvc.yaml
# cat templates/pvc.yaml
{{- /*
Copyright VMware, Inc.
SPDX-License-Identifier: APACHE-2.0
*/}}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ include "common.names.fullname" . }}
namespace: {{ .Release.Namespace | quote }}
labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- if or .Values.persistence.annotations .Values.commonAnnotations }}
{{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.persistence.annotations .Values.commonAnnotations ) "context" . ) }}
annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }}
{{- end }}
spec:
accessModes:
{{- if not (empty .Values.persistence.accessModes) }}
{{- range .Values.persistence.accessModes }}
- {{ . | quote }}
{{- end }}
{{- else }}
- {{ .Values.persistence.accessMode | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
{{- include "common.storage.class" (dict "persistence" .Values.persistence "global" .Values.global) | nindent 2 }}
{{- if .Values.persistence.selector }}
selector: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.selector "context" $) | nindent 4 }}
{{- end -}}
{{- if .Values.persistence.dataSource }}
dataSource: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.dataSource "context" $) | nindent 4 }}
{{- end }}
{{- end }}secret.yaml
# cat templates/secrets.yaml
# cat templates/secrets.yaml
{{- /*
Copyright VMware, Inc.
SPDX-License-Identifier: APACHE-2.0
*/}}
{{- if or (not .Values.existingSecret) (and (not .Values.smtpExistingSecret) .Values.smtpPassword) }}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "common.names.fullname" . }}
namespace: {{ .Release.Namespace | quote }}
labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
type: Opaque
data:
{{- if not .Values.existingSecret }}
wordpress-password: {{ include "common.secrets.passwords.manage" (dict "secret" (include "common.names.fullname" .) "key" "wordpress-password" "providedValues" (list "wordpressPassword") "context" $) }}
{{- end }}
{{- if and .Values.smtpPassword (not .Values.smtpExistingSecret) }}
{{- if .Values.smtpPassword }}
smtp-password: {{ .Values.smtpPassword | b64enc | quote }}
{{- end }}
{{- end }}
{{- end }}Chart.yaml
# cat Chart.yaml
# cat Chart.yaml
annotations:
category: CMS
images: |
- name: apache-exporter
image: docker.io/bitnami/apache-exporter:1.0.3-debian-11-r1
- name: os-shell
image: docker.io/bitnami/os-shell:11-debian-11-r91
- name: wordpress
image: docker.io/bitnami/wordpress:6.4.1-debian-11-r11
licenses: Apache-2.0
apiVersion: v2
appVersion: 6.4.1
dependencies:
- condition: memcached.enabled
name: memcached
repository: oci://registry-1.docker.io/bitnamicharts
version: 6.x.x
- condition: mariadb.enabled
name: mariadb
repository: oci://registry-1.docker.io/bitnamicharts
version: 14.x.x
- name: common
repository: oci://registry-1.docker.io/bitnamicharts
tags:
- bitnami-common
version: 2.x.x
description: WordPress is the world's most popular blogging and content management
platform. Powerful yet simple, everyone from students to global corporations use
it to build beautiful, functional websites.
home: https://bitnami.com
icon: https://bitnami.com/assets/stacks/wordpress/img/wordpress-stack-220x234.png
keywords:
- application
- blog
- cms
- http
- php
- web
- wordpress
maintainers:
- name: VMware, Inc.
url: https://github.com/bitnami/charts
name: wordpress
sources:
- https://github.com/bitnami/charts/tree/main/bitnami/wordpress
version: 18.1.20文件定义一个名称模版,用于生成应用程序的名称。同时定义wordpress依赖Chart的信息,以及维护者和源代码信息。
_helpers.tpl
# cat templates/_helpers.tpl
# cat templates/_helpers.tpl
{{/*
Copyright VMware, Inc.
SPDX-License-Identifier: APACHE-2.0
*/}}
{{/* vim: set filetype=mustache: */}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "wordpress.mariadb.fullname" -}}
{{- include "common.names.dependency.fullname" (dict "chartName" "mariadb" "chartValues" .Values.mariadb "context" $) -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "wordpress.memcached.fullname" -}}
{{- include "common.names.dependency.fullname" (dict "chartName" "memcached" "chartValues" .Values.memcached "context" $) -}}
{{- end -}}
{{/*
Return the proper WordPress image name
*/}}
{{- define "wordpress.image" -}}
{{- include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) -}}
{{- end -}}
{{/*
Return the proper image name (for the metrics image)
*/}}
{{- define "wordpress.metrics.image" -}}
{{- include "common.images.image" (dict "imageRoot" .Values.metrics.image "global" .Values.global) -}}
{{- end -}}
{{/*
Return the proper image name (for the init container volume-permissions image)
*/}}
{{- define "wordpress.volumePermissions.image" -}}
{{- include "common.images.image" ( dict "imageRoot" .Values.volumePermissions.image "global" .Values.global ) -}}
{{- end -}}
{{/*
Return the proper Docker Image Registry Secret Names
*/}}
{{- define "wordpress.imagePullSecrets" -}}
{{- include "common.images.pullSecrets" (dict "images" (list .Values.image .Values.metrics.image .Values.volumePermissions.image) "global" .Values.global) -}}
{{- end -}}
{{/*
Create the name of the service account to use
*/}}
{{- define "wordpress.serviceAccountName" -}}
{{- if .Values.serviceAccount.create -}}
{{ default (include "common.names.fullname" .) .Values.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "wordpress.customHTAccessCM" -}}
{{- printf "%s" .Values.customHTAccessCM -}}
{{- end -}}
{{/*
Return the WordPress configuration secret
*/}}
{{- define "wordpress.configSecretName" -}}
{{- if .Values.existingWordPressConfigurationSecret -}}
{{- printf "%s" (tpl .Values.existingWordPressConfigurationSecret $) -}}
{{- else -}}
{{- printf "%s-configuration" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{/*
Return true if a secret object should be created for WordPress configuration
*/}}
{{- define "wordpress.createConfigSecret" -}}
{{- if and .Values.wordpressConfiguration (not .Values.existingWordPressConfigurationSecret) }}
{{- true -}}
{{- end -}}
{{- end -}}
{{/*
Return the WordPress Apache configuration configmap
*/}}
{{- define "wordpress.apache.configmapName" -}}
{{- if .Values.existingApacheConfigurationConfigMap -}}
{{- printf "%s" (tpl .Values.existingApacheConfigurationConfigMap $) -}}
{{- else -}}
{{- printf "%s-apache-configuration" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{/*
Return true if a secret object should be created for Apache configuration
*/}}
{{- define "wordpress.apache.createConfigmap" -}}
{{- if and .Values.apacheConfiguration (not .Values.existingApacheConfigurationConfigMap) }}
{{- true -}}
{{- end -}}
{{- end -}}
{{/*
Return the MariaDB Hostname
*/}}
{{- define "wordpress.databaseHost" -}}
{{- if .Values.mariadb.enabled }}
{{- if eq .Values.mariadb.architecture "replication" }}
{{- printf "%s-primary" (include "wordpress.mariadb.fullname" .) | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s" (include "wordpress.mariadb.fullname" .) -}}
{{- end -}}
{{- else -}}
{{- printf "%s" .Values.externalDatabase.host -}}
{{- end -}}
{{- end -}}
{{/*
Return the MariaDB Port
*/}}
{{- define "wordpress.databasePort" -}}
{{- if .Values.mariadb.enabled }}
{{- printf "3306" -}}
{{- else -}}
{{- printf "%d" (.Values.externalDatabase.port | int ) -}}
{{- end -}}
{{- end -}}
{{/*
Return the MariaDB Database Name
*/}}
{{- define "wordpress.databaseName" -}}
{{- if .Values.mariadb.enabled }}
{{- printf "%s" .Values.mariadb.auth.database -}}
{{- else -}}
{{- printf "%s" .Values.externalDatabase.database -}}
{{- end -}}
{{- end -}}
{{/*
Return the MariaDB User
*/}}
{{- define "wordpress.databaseUser" -}}
{{- if .Values.mariadb.enabled }}
{{- printf "%s" .Values.mariadb.auth.username -}}
{{- else -}}
{{- printf "%s" .Values.externalDatabase.user -}}
{{- end -}}
{{- end -}}
{{/*
Return the MariaDB Secret Name
*/}}
{{- define "wordpress.databaseSecretName" -}}
{{- if .Values.mariadb.enabled }}
{{- if .Values.mariadb.auth.existingSecret -}}
{{- printf "%s" .Values.mariadb.auth.existingSecret -}}
{{- else -}}
{{- printf "%s" (include "wordpress.mariadb.fullname" .) -}}
{{- end -}}
{{- else if .Values.externalDatabase.existingSecret -}}
{{- include "common.tplvalues.render" (dict "value" .Values.externalDatabase.existingSecret "context" $) -}}
{{- else -}}
{{- printf "%s-externaldb" (include "common.names.fullname" .) -}}
{{- end -}}
{{- end -}}
{{/*
Return the Memcached Hostname
*/}}
{{- define "wordpress.cacheHost" -}}
{{- if .Values.memcached.enabled }}
{{- $releaseNamespace := .Release.Namespace }}
{{- $clusterDomain := .Values.clusterDomain }}
{{- printf "%s.%s.svc.%s" (include "wordpress.memcached.fullname" .) $releaseNamespace $clusterDomain -}}
{{- else -}}
{{- printf "%s" .Values.externalCache.host -}}
{{- end -}}
{{- end -}}
{{/*
Return the Memcached Port
*/}}
{{- define "wordpress.cachePort" -}}
{{- if .Values.memcached.enabled }}
{{- printf "11211" -}}
{{- else -}}
{{- printf "%d" (.Values.externalCache.port | int ) -}}
{{- end -}}
{{- end -}}
{{/*
Return the WordPress Secret Name
*/}}
{{- define "wordpress.secretName" -}}
{{- if .Values.existingSecret }}
{{- printf "%s" .Values.existingSecret -}}
{{- else -}}
{{- printf "%s" (include "common.names.fullname" .) -}}
{{- end -}}
{{- end -}}
{{/*
Return the SMTP Secret Name
*/}}
{{- define "wordpress.smtpSecretName" -}}
{{- if .Values.smtpExistingSecret }}
{{- printf "%s" .Values.smtpExistingSecret -}}
{{- else -}}
{{- printf "%s" (include "common.names.fullname" .) -}}
{{- end -}}
{{- end -}}
{{/*
Compile all warnings into a single message.
*/}}
{{- define "wordpress.validateValues" -}}
{{- $messages := list -}}
{{- $messages := append $messages (include "wordpress.validateValues.configuration" .) -}}
{{- $messages := append $messages (include "wordpress.validateValues.htaccess" .) -}}
{{- $messages := append $messages (include "wordpress.validateValues.database" .) -}}
{{- $messages := append $messages (include "wordpress.validateValues.cache" .) -}}
{{- $messages := without $messages "" -}}
{{- $message := join "\n" $messages -}}
{{- if $message -}}
{{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}}
{{- end -}}
{{- end -}}
{{/*
Validate values of WordPress - Custom wp-config.php
*/}}
{{- define "wordpress.validateValues.configuration" -}}
{{- if and (or .Values.wordpressConfiguration .Values.existingWordPressConfigurationSecret) (not .Values.wordpressSkipInstall) -}}
wordpress: wordpressConfiguration
You are trying to use a wp-config.php file. This setup is only supported
when skipping wizard installation (--set wordpressSkipInstall=true).
{{- end -}}
{{- end -}}
{{/*
Validate values of WordPress - htaccess configuration
*/}}
{{- define "wordpress.validateValues.htaccess" -}}
{{- if and .Values.customHTAccessCM .Values.allowOverrideNone -}}
wordpress: customHTAccessCM
You are trying to use custom htaccess rules but Apache was configured
to prohibit overriding directives with htaccess files. To use this feature,
allow overriding Apache directives (--set allowOverrideNone=false).
{{- end -}}
{{- end -}}
{{/* Validate values of WordPress - Database */}}
{{- define "wordpress.validateValues.database" -}}
{{- if and (not .Values.mariadb.enabled) (or (empty .Values.externalDatabase.host) (empty .Values.externalDatabase.port) (empty .Values.externalDatabase.database)) -}}
wordpress: database
You disable the MariaDB installation but you did not provide the required parameters
to use an external database. To use an external database, please ensure you provide
(at least) the following values:
externalDatabase.host=DB_SERVER_HOST
externalDatabase.database=DB_NAME
externalDatabase.port=DB_SERVER_PORT
{{- end -}}
{{- end -}}
{{/* Validate values of WordPress - Cache */}}
{{- define "wordpress.validateValues.cache" -}}
{{- if and .Values.wordpressConfigureCache (not .Values.memcached.enabled) (or (empty .Values.externalCache.host) (empty .Values.externalCache.port)) -}}
wordpress: cache
You enabled cache via W3 Total Cache without but you did not enable the Memcached
installation nor you did provided the required parameters to use an external cache server.
Please enable the Memcached installation (--set memcached.enabled=true) or
provide the external cache server values:
externalCache.host=CACHE_SERVER_HOST
externalCache.port=CACHE_SERVER_PORT
{{- end -}}
{{- end -}}安装Chart
# helm install --dry-run mywordpress wordpress
[root@master-1-230 3]# helm install --dry-run mywordpress wordpress
NAME: mywordpress
LAST DEPLOYED: Sat Dec 2 10:07:21 2023
NAMESPACE: default
STATUS: pending-install
REVISION: 1
TEST SUITE: None
HOOKS:
MANIFEST:
---
# Source: wordpress/charts/mariadb/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: mywordpress-mariadb
namespace: "default"
labels:
app.kubernetes.io/instance: mywordpress
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: mariadb
app.kubernetes.io/version: 11.1.3
helm.sh/chart: mariadb-14.1.4
automountServiceAccountToken: false
---
# Source: wordpress/charts/mariadb/templates/secrets.yaml
apiVersion: v1
kind: Secret
metadata:
name: mywordpress-mariadb
namespace: "default"
labels:
app.kubernetes.io/instance: mywordpress
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: mariadb
app.kubernetes.io/version: 11.1.3
helm.sh/chart: mariadb-14.1.4
type: Opaque
data:
mariadb-root-password: "YnFkTHZyMnRucA=="
mariadb-password: "QjBxd2luWGxhSg=="
---
# Source: wordpress/templates/secrets.yaml
apiVersion: v1
kind: Secret
metadata:
name: mywordpress
namespace: "default"
labels:
app.kubernetes.io/instance: mywordpress
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: wordpress
app.kubernetes.io/version: 6.4.1
helm.sh/chart: wordpress-18.1.20
type: Opaque
data:
wordpress-password: "MTIzNDU2"
---
# Source: wordpress/charts/mariadb/templates/primary/configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: mywordpress-mariadb
namespace: "default"
labels:
app.kubernetes.io/instance: mywordpress
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: mariadb
app.kubernetes.io/version: 11.1.3
helm.sh/chart: mariadb-14.1.4
app.kubernetes.io/component: primary
data:
my.cnf: |-
[mysqld]
skip-name-resolve
explicit_defaults_for_timestamp
basedir=/opt/bitnami/mariadb
datadir=/bitnami/mariadb/data
plugin_dir=/opt/bitnami/mariadb/plugin
port=3306
socket=/opt/bitnami/mariadb/tmp/mysql.sock
tmpdir=/opt/bitnami/mariadb/tmp
max_allowed_packet=16M
bind-address=*
pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
log-error=/opt/bitnami/mariadb/logs/mysqld.log
character-set-server=UTF8
collation-server=utf8_general_ci
slow_query_log=0
long_query_time=10.0
[client]
port=3306
socket=/opt/bitnami/mariadb/tmp/mysql.sock
default-character-set=UTF8
plugin_dir=/opt/bitnami/mariadb/plugin
[manager]
port=3306
socket=/opt/bitnami/mariadb/tmp/mysql.sock
pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
---
# Source: wordpress/templates/pvc.yaml
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: mywordpress
namespace: "default"
labels:
app.kubernetes.io/instance: mywordpress
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: wordpress
app.kubernetes.io/version: 6.4.1
helm.sh/chart: wordpress-18.1.20
spec:
accessModes:
- "ReadWriteOnce"
resources:
requests:
storage: "10Gi"
---
# Source: wordpress/charts/mariadb/templates/primary/svc.yaml
apiVersion: v1
kind: Service
metadata:
name: mywordpress-mariadb
namespace: "default"
labels:
app.kubernetes.io/instance: mywordpress
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: mariadb
app.kubernetes.io/version: 11.1.3
helm.sh/chart: mariadb-14.1.4
app.kubernetes.io/component: primary
annotations:
spec:
type: ClusterIP
sessionAffinity: None
ports:
- name: mysql
port: 3306
protocol: TCP
targetPort: mysql
nodePort: null
selector:
app.kubernetes.io/instance: mywordpress
app.kubernetes.io/name: mariadb
app.kubernetes.io/component: primary
---
# Source: wordpress/templates/svc.yaml
apiVersion: v1
kind: Service
metadata:
name: mywordpress
namespace: "default"
labels:
app.kubernetes.io/instance: mywordpress
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: wordpress
app.kubernetes.io/version: 6.4.1
helm.sh/chart: wordpress-18.1.20
spec:
type: LoadBalancer
externalTrafficPolicy: "Cluster"
sessionAffinity: None
ports:
- name: http
port: 80
protocol: TCP
targetPort: http
- name: https
port: 443
protocol: TCP
targetPort: https
selector:
app.kubernetes.io/instance: mywordpress
app.kubernetes.io/name: wordpress
---
# Source: wordpress/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: mywordpress
namespace: "default"
labels:
app.kubernetes.io/instance: mywordpress
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: wordpress
app.kubernetes.io/version: 6.4.1
helm.sh/chart: wordpress-18.1.20
spec:
selector:
matchLabels:
app.kubernetes.io/instance: mywordpress
app.kubernetes.io/name: wordpress
strategy:
type: RollingUpdate
replicas: 1
template:
metadata:
labels:
app.kubernetes.io/instance: mywordpress
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: wordpress
app.kubernetes.io/version: 6.4.1
helm.sh/chart: wordpress-18.1.20
spec:
# yamllint disable rule:indentation
hostAliases:
- hostnames:
- status.localhost
ip: 127.0.0.1
# yamllint enable rule:indentation
affinity:
podAffinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/instance: mywordpress
app.kubernetes.io/name: wordpress
topologyKey: kubernetes.io/hostname
weight: 1
nodeAffinity:
securityContext:
fsGroup: 1001
serviceAccountName: default
containers:
- name: wordpress
image: docker.io/bitnami/wordpress:6.4.1-debian-11-r11
imagePullPolicy: "IfNotPresent"
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: false
runAsNonRoot: true
runAsUser: 1001
seccompProfile:
type: RuntimeDefault
env:
- name: BITNAMI_DEBUG
value: "false"
- name: ALLOW_EMPTY_PASSWORD
value: "yes"
- name: MARIADB_HOST
value: "mywordpress-mariadb"
- name: MARIADB_PORT_NUMBER
value: "3306"
- name: WORDPRESS_DATABASE_NAME
value: "bitnami_wordpress"
- name: WORDPRESS_DATABASE_USER
value: "bn_wordpress"
- name: WORDPRESS_DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: mywordpress-mariadb
key: mariadb-password
- name: WORDPRESS_USERNAME
value: "user"
- name: WORDPRESS_PASSWORD
valueFrom:
secretKeyRef:
name: mywordpress
key: wordpress-password
- name: WORDPRESS_EMAIL
value: "[email protected]"
- name: WORDPRESS_FIRST_NAME
value: "FirstName"
- name: WORDPRESS_LAST_NAME
value: "LastName"
- name: WORDPRESS_HTACCESS_OVERRIDE_NONE
value: "no"
- name: WORDPRESS_ENABLE_HTACCESS_PERSISTENCE
value: "no"
- name: WORDPRESS_BLOG_NAME
value: "ikubernetes's Blog!"
- name: WORDPRESS_SKIP_BOOTSTRAP
value: "yes"
- name: WORDPRESS_TABLE_PREFIX
value: "wp_"
- name: WORDPRESS_SCHEME
value: "http"
- name: WORDPRESS_EXTRA_WP_CONFIG_CONTENT
value: ""
- name: WORDPRESS_PLUGINS
value: "none"
- name: APACHE_HTTP_PORT_NUMBER
value: "8080"
- name: APACHE_HTTPS_PORT_NUMBER
value: "8443"
envFrom:
ports:
- name: http
containerPort: 8080
- name: https
containerPort: 8443
livenessProbe:
failureThreshold: 6
httpGet:
httpHeaders: []
path: /wp-admin/install.php
port: 'http'
scheme: 'HTTP'
initialDelaySeconds: 120
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
readinessProbe:
failureThreshold: 6
httpGet:
httpHeaders: []
path: /wp-login.php
port: 'http'
scheme: 'HTTP'
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
resources:
limits: {}
requests:
cpu: 300m
memory: 512Mi
volumeMounts:
- mountPath: /bitnami/wordpress
name: wordpress-data
subPath: wordpress
volumes:
- name: wordpress-data
persistentVolumeClaim:
claimName: mywordpress
---
# Source: wordpress/charts/mariadb/templates/primary/statefulset.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: mywordpress-mariadb
namespace: "default"
labels:
app.kubernetes.io/instance: mywordpress
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: mariadb
app.kubernetes.io/version: 11.1.3
helm.sh/chart: mariadb-14.1.4
app.kubernetes.io/component: primary
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/instance: mywordpress
app.kubernetes.io/name: mariadb
app.kubernetes.io/component: primary
serviceName: mywordpress-mariadb
updateStrategy:
type: RollingUpdate
template:
metadata:
annotations:
checksum/configuration: c6a5321161e2df513423ab3854de5e3edd858c8e175cae6bc9074c5e09bffa18
labels:
app.kubernetes.io/instance: mywordpress
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: mariadb
app.kubernetes.io/version: 11.1.3
helm.sh/chart: mariadb-14.1.4
app.kubernetes.io/component: primary
spec:
serviceAccountName: mywordpress-mariadb
affinity:
podAffinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/instance: mywordpress
app.kubernetes.io/name: mariadb
app.kubernetes.io/component: primary
topologyKey: kubernetes.io/hostname
weight: 1
nodeAffinity:
securityContext:
fsGroup: 1001
containers:
- name: mariadb
image: docker.io/bitnami/mariadb:11.1.3-debian-11-r0
imagePullPolicy: "IfNotPresent"
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
runAsNonRoot: true
runAsUser: 1001
seccompProfile:
type: RuntimeDefault
env:
- name: BITNAMI_DEBUG
value: "false"
- name: MARIADB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mywordpress-mariadb
key: mariadb-root-password
- name: MARIADB_USER
value: "bn_wordpress"
- name: MARIADB_PASSWORD
valueFrom:
secretKeyRef:
name: mywordpress-mariadb
key: mariadb-password
- name: MARIADB_DATABASE
value: "bitnami_wordpress"
ports:
- name: mysql
containerPort: 3306
livenessProbe:
failureThreshold: 3
initialDelaySeconds: 120
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
exec:
command:
- /bin/bash
- -ec
- |
password_aux="${MARIADB_ROOT_PASSWORD:-}"
if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
fi
mysqladmin status -uroot -p"${password_aux}"
readinessProbe:
failureThreshold: 3
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
exec:
command:
- /bin/bash
- -ec
- |
password_aux="${MARIADB_ROOT_PASSWORD:-}"
if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
fi
mysqladmin status -uroot -p"${password_aux}"
resources:
limits: {}
requests: {}
volumeMounts:
- name: data
mountPath: /bitnami/mariadb
- name: config
mountPath: /opt/bitnami/mariadb/conf/my.cnf
subPath: my.cnf
volumes:
- name: config
configMap:
name: mywordpress-mariadb
volumeClaimTemplates:
- metadata:
name: data
labels:
app.kubernetes.io/instance: mywordpress
app.kubernetes.io/name: mariadb
app.kubernetes.io/component: primary
spec:
accessModes:
- "ReadWriteOnce"
resources:
requests:
storage: "8Gi"
NOTES:
CHART NAME: wordpress
CHART VERSION: 18.1.20
APP VERSION: 6.4.1
** Please be patient while the chart is being deployed **
Your WordPress site can be accessed through the following DNS name from within your cluster:
mywordpress.default.svc.cluster.local (port 80)
To access your WordPress site from outside the cluster follow the steps below:
1. Get the WordPress URL by running these commands:
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
Watch the status with: 'kubectl get svc --namespace default -w mywordpress'
export SERVICE_IP=$(kubectl get svc --namespace default mywordpress --template "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}")
echo "WordPress URL: http://$SERVICE_IP/"
echo "WordPress Admin URL: http://$SERVICE_IP/admin"
2. Open a browser and access WordPress using the obtained URL.
3. Login with the following credentials below to see your blog:
echo Username: user
echo Password: $(kubectl get secret --namespace default mywordpress -o jsonpath="{.data.wordpress-password}" | base64 -d)
您在 /var/spool/mail/root 中有新邮件这个命令会使用values.yaml文件中定义的配置参数,安装一个名为mywordpress的新Chart实例
正式部署:
# helm install mywordpress ./wordpress
NAME: mywordpress
LAST DEPLOYED: Sat Dec 2 10:08:06 2023
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
CHART NAME: wordpress
CHART VERSION: 18.1.20
APP VERSION: 6.4.1
** Please be patient while the chart is being deployed **
Your WordPress site can be accessed through the following DNS name from within your cluster:
mywordpress.default.svc.cluster.local (port 80)
To access your WordPress site from outside the cluster follow the steps below:
1. Get the WordPress URL by running these commands:
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
Watch the status with: 'kubectl get svc --namespace default -w mywordpress'
export SERVICE_IP=$(kubectl get svc --namespace default mywordpress --template "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}")
echo "WordPress URL: http://$SERVICE_IP/"
echo "WordPress Admin URL: http://$SERVICE_IP/admin"
2. Open a browser and access WordPress using the obtained URL.
3. Login with the following credentials below to see your blog:
echo Username: user
echo Password: $(kubectl get secret --namespace default mywordpress -o jsonpath="{.data.wordpress-password}" | base64 -d)
查看部署状态
# kubectl get pvc |grep mywordpress
data-mywordpress-mariadb-0 Bound pvc-8c61cd4a-fa86-416f-9410-1c23f65dff15 8Gi RWO rook-ceph-block 30s
mywordpress Bound pvc-ad265aec-9414-4b73-924a-a536bc98c5d4 10Gi RWO rook-ceph-block 30s
# kubectl get pod
NAME READY STATUS RESTARTS AGE
mywordpress-5479594584-shd5n 0/1 Running 0 56s
mywordpress-mariadb-0 0/1 Running 0 56s
# kubectl get service |grep word
mywordpress LoadBalancer 10.111.92.47 192.168.1.201 80:30272/TCP,443:31278/TCP 83s
mywordpress-mariadb ClusterIP 10.110.74.15 <none> 3306/TCP 83s访问WordPress
[root@master-1-230 3]# export SERVICE_IP=$(kubectl get svc --namespace default mywordpress --template "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}")
[root@master-1-230 3]# echo "WordPress URL: http://$SERVICE_IP/"
WordPress URL: http://192.168.1.201/
[root@master-1-230 3]# echo "WordPress Admin URL: http://$SERVICE_IP/admin"
WordPress Admin URL: http://192.168.1.201/admin
[root@master-1-230 3]#
[root@master-1-230 3]# echo Username: user
Username: user
[root@master-1-230 3]# echo Password: $(kubectl get secret --namespace default mywordpress -o jsonpath="{.data.wordpress-password}" | base64 -d)
Password: 123456