From e0f98eef0a1df7f1fac7cdc89faed874f7082a84 Mon Sep 17 00:00:00 2001 From: gregory hendrickson Date: Fri, 27 Jan 2023 15:28:28 -0800 Subject: [PATCH] switch back to nginx-ingress --- README.md | 44 ++++++++++++- deployments/nginx-ingress-deployment.yaml | 77 +++++++++++++++++++++++ deployments/nginx-proxy-deployment.yaml | 42 ------------- services/nginx-ingress-service.yaml | 21 +++++++ services/nginx-proxy-service.yaml | 16 ----- 5 files changed, 141 insertions(+), 59 deletions(-) create mode 100644 deployments/nginx-ingress-deployment.yaml delete mode 100644 deployments/nginx-proxy-deployment.yaml create mode 100644 services/nginx-ingress-service.yaml delete mode 100644 services/nginx-proxy-service.yaml diff --git a/README.md b/README.md index 107e556..eca8566 100644 --- a/README.md +++ b/README.md @@ -33,9 +33,51 @@ kubectl apply -f ~/config-map_secrets/mysql-config-map.yaml kubectl apply -f ~/config-map_secrets/mysql-secrets.yaml - +gcloud compute disks create --size=50GB --zone='us-central1-c ghost-blog-disk, mysql-disk, nginx-proxy-disk This will create the necessary resources in the cluster, including a deployment for the Ghost app, a service for connecting to the MySQL server, and an ingress service for routing traffic to the Ghost app via the nginx-proxy with https and http. Volumes This configuration is using a Persistent Volume to store the Ghost blog data, this can be done by creating a persistent volume and persistent + +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +To create a Docker image of Ghost-Blog, you will need the following files: + +A Dockerfile which contains the instructions for building the image. +A config.production.json file which contains the configuration settings for your Ghost blog. +The Ghost source files, which can be obtained by downloading the latest version of Ghost from the official website or by cloning the Ghost GitHub repository. +Here's an example of a basic Dockerfile that can be used to build a Ghost image: + +bash +Copy code +FROM node:12 + +ENV NODE_ENV production + +RUN mkdir -p /var/www/ghost +WORKDIR /var/www/ghost + +COPY . . + +RUN npm install --production + +CMD ["npm", "start"] +You can build image with command: + +perl +Copy code +docker build -t my-ghost-blog . +This command will create an image with the name 'my-ghost-blog' using the files in the current directory. + +It is important to note that this is a basic example and you may need to make adjustments to the Dockerfile depending on your specific requirements. + +And you also can use ghost official image from docker hub: + +Copy code +docker pull ghost:3 +and use your config file and custom theme with this command: + +javascript +Copy code +docker run -d --name my-ghost-blog -p 2368:2368 -v /path/to/config.production.json:/var/lib/ghost/config.production.json -v /path/to/content:/var/lib/ghost/content ghost:3 +This will start a container with the name 'my-ghost-blog', map port 2368 on the host to port 2368 in the container, and mount your config.production.json file and a custom theme to the appropriate locations in the container. \ No newline at end of file diff --git a/deployments/nginx-ingress-deployment.yaml b/deployments/nginx-ingress-deployment.yaml new file mode 100644 index 0000000..e9c0b6e --- /dev/null +++ b/deployments/nginx-ingress-deployment.yaml @@ -0,0 +1,77 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: nginx-ingress-controller + namespace: blog +spec: + replicas: 1 + selector: + matchLabels: + app: nginx-ingress-controller + template: + metadata: + labels: + app: nginx-ingress-controller + spec: + serviceAccountName: nginx-ingress-service-account + containers: + - name: nginx-ingress-controller + image: nginx/nginx-ingress:latest + args: + - --default-backend-service=$(POD_NAMESPACE)/default-http-backend + - --enable-ssl-passthrough + - --enable-vts-status + - --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services + - --udp-services-configmap=$(POD_NAMESPACE)/udp-services + - --annotations-prefix=nginx.ingress.kubernetes.io + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + resources: + limits: + cpu: "200m" + memory: "512Mi" + requests: + cpu: "100m" + memory: "256Mi" + ports: + - name: http + containerPort: 80 + - name: https + containerPort: 443 + livenessProbe: + httpGet: + path: /healthz + port: 10254 + initialDelaySeconds: 30 + timeoutSeconds: 5 + readinessProbe: + httpGet: + path: /healthz + port: 10254 + initialDelaySeconds: 30 + timeoutSeconds: 5 + volumeMounts: + - name: config + mountPath: /etc/nginx/nginx.conf + subPath: nginx.conf + - name: ssl-certs + mountPath: /etc/nginx/ssl + - name: default-backend + mountPath: /etc/nginx/default.d + volumes: + - name: config + configMap: + name: nginx-config + - name: ssl-certs + secret: + secretName: nginx-ssl-certs + - name: default-backend + configMap: + name: nginx-default-backend diff --git a/deployments/nginx-proxy-deployment.yaml b/deployments/nginx-proxy-deployment.yaml deleted file mode 100644 index 3288ba8..0000000 --- a/deployments/nginx-proxy-deployment.yaml +++ /dev/null @@ -1,42 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: nginx-proxy-deployment - namespace: blog - labels: - name: nginx-proxy-deployment -spec: - selector: - matchLabels: - app: nginx-proxy - replicas: 1 - template: - metadata: - labels: - app: nginx-proxy - spec: - restartPolicy: Always - containers: - - image: "jwilder/nginx-proxy" - name: "nginx-proxy" - ports: - - containerPort: 443 - - containerPort: 80 - env: - - name: GHOST_SVC - value: ghost - - name: CERTBOT_SVC - value: kubernetes-certbot - - name: HOSTNAME - value: blog.gregattempts.com - resources: - limits: - cpu: 200m - memory: 256Mi - volumeMounts: - - name: nginx-proxy-persistent-storage - mountPath: /etc/nginx/ssl - volumes: - - name: nginx-proxy-persistent-storage - persistentVolumeClaim: - claimName: nginx-proxy-pvc \ No newline at end of file diff --git a/services/nginx-ingress-service.yaml b/services/nginx-ingress-service.yaml new file mode 100644 index 0000000..4ed6ed0 --- /dev/null +++ b/services/nginx-ingress-service.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + name: nginx-ingress-service + namespace: blog +spec: + selector: + app: ghost-blog + ports: + - name: http + port: 80 + targetPort: 2368 + - name: https + port: 443 + targetPort: 2368 + type: LoadBalancer + annotations: + # Enable SSL/TLS termination on the load balancer + service.beta.kubernetes.io/google-load-balancer-ssl-cert: "YOUR_SSL_CERT_NAME" + service.beta.kubernetes.io/google-load-balancer-backend-protocol: "HTTPS" + service.beta.kubernetes.io/google-load-balancer-frontend-protocol: "HTTPS" diff --git a/services/nginx-proxy-service.yaml b/services/nginx-proxy-service.yaml deleted file mode 100644 index faf7a6c..0000000 --- a/services/nginx-proxy-service.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - name: nginx-service - name: nginx-service - namespace: blog -spec: - ports: - - name: http-redirect - port: 80 - - name: ghost-https - port: 443 - selector: - app: nginx-proxy - type: LoadBalancer \ No newline at end of file