# Kubernetes集群中怎么部署PHP應用
## 前言
在現代云原生應用開發中,Kubernetes已成為容器編排的事實標準。對于PHP開發者而言,將傳統PHP應用遷移到Kubernetes集群可以獲得彈性伸縮、高可用性和簡化運維等顯著優勢。本文將詳細介紹從準備到優化的完整部署流程。
## 一、環境準備
### 1.1 基礎條件
- 正常運行中的Kubernetes集群(Minikube、kubeadm或托管服務如EKS/GKE)
- 已安裝kubectl命令行工具
- Docker環境(用于構建鏡像)
- 代碼版本控制工具(如Git)
### 1.2 推薦組件
```bash
# 驗證集群狀態
kubectl cluster-info
kubectl get nodes
# 可選:安裝Ingress Controller
kubectl apply -f https://projectcontour.io/quickstart/contour.yaml
# 基礎鏡像選擇(根據需求選擇不同版本)
FROM php:8.2-fpm-alpine
# 安裝系統依賴
RUN apk add --no-cache \
nginx \
supervisor \
libzip-dev \
libpng-dev \
libjpeg-turbo-dev \
freetype-dev
# 安裝PHP擴展
RUN docker-php-ext-configure gd --with-freetype --with-jpeg \
&& docker-php-ext-install -j$(nproc) gd pdo pdo_mysql zip opcache
# 配置PHP
COPY config/php.ini /usr/local/etc/php/conf.d/custom.ini
# 復制應用代碼
COPY --chown=www-data:www-data . /var/www/html
# 配置Nginx和Supervisor
COPY config/nginx.conf /etc/nginx/nginx.conf
COPY config/supervisord.conf /etc/supervisor/conf.d/supervisord.conf
# 暴露端口
EXPOSE 80
# 啟動命令
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf"]
docker build -t your-registry/php-app:v1 .
docker push your-registry/php-app:v1
創建deployment.yaml:
apiVersion: apps/v1
kind: Deployment
metadata:
name: php-app
labels:
app: php-app
spec:
replicas: 3
selector:
matchLabels:
app: php-app
template:
metadata:
labels:
app: php-app
spec:
containers:
- name: php-app
image: your-registry/php-app:v1
ports:
- containerPort: 80
resources:
requests:
cpu: "100m"
memory: "128Mi"
limits:
cpu: "500m"
memory: "512Mi"
livenessProbe:
httpGet:
path: /healthz
port: 80
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
httpGet:
path: /readiness
port: 80
initialDelaySeconds: 5
periodSeconds: 5
imagePullSecrets:
- name: regcred # 私有倉庫認證
創建service.yaml:
apiVersion: v1
kind: Service
metadata:
name: php-app-service
spec:
selector:
app: php-app
ports:
- protocol: TCP
port: 80
targetPort: 80
type: ClusterIP
創建ingress.yaml:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: php-app-ingress
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: php-app.example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: php-app-service
port:
number: 80
對于需要持久化的文件(如上傳目錄):
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: php-app-storage
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 5Gi
storageClassName: nfs-client # 根據實際存儲類調整
在Deployment中掛載:
volumeMounts:
- name: app-storage
mountPath: /var/www/html/uploads
volumes:
- name: app-storage
persistentVolumeClaim:
claimName: php-app-storage
apiVersion: apps/v1
kind: Deployment
metadata:
name: mysql
spec:
selector:
matchLabels:
app: mysql
strategy:
type: Recreate
template:
metadata:
labels:
app: mysql
spec:
containers:
- name: mysql
image: mysql:8.0
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-secrets
key: rootPassword
ports:
- containerPort: 3306
volumeMounts:
- name: mysql-persistent-storage
mountPath: /var/lib/mysql
volumes:
- name: mysql-persistent-storage
persistentVolumeClaim:
claimName: mysql-pv-claim
在PHP應用的Deployment中添加環境變量:
env:
- name: DB_HOST
value: "mysql-service"
- name: DB_NAME
value: "app_db"
- name: DB_USER
value: "app_user"
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-secrets
key: appPassword
kubectl apply -f deployment.yaml
kubectl apply -f service.yaml
kubectl apply -f ingress.yaml
# 查看Pod狀態
kubectl get pods -l app=php-app
# 檢查日志
kubectl logs -f <pod-name>
# 臨時端口轉發測試
kubectl port-forward svc/php-app-service 8080:80
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: php-app-hpa
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: php-app
minReplicas: 2
maxReplicas: 10
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 70
apiVersion: v1
kind: ConfigMap
metadata:
name: php-app-config
data:
app.env: |
APP_ENV=production
APP_DEBUG=false
SESSION_DRIVER=redis
# 在Deployment中添加注解
metadata:
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "80"
prometheus.io/path: "/metrics"
# 使用Fluentd sidecar模式
- name: fluentd-logger
image: fluent/fluentd:v1.14-debian-1
volumeMounts:
- name: varlog
mountPath: /var/log
- name: fluentd-config
mountPath: /fluentd/etc
volumes:
- name: fluentd-config
configMap:
name: fluentd-config
name: Deploy to Kubernetes
on:
push:
branches: [ main ]
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Build Docker image
run: docker build -t your-registry/php-app:${{ github.sha }} .
- name: Login to Docker Hub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}
- name: Push Docker image
run: docker push your-registry/php-app:${{ github.sha }}
- name: Install kubectl
uses: azure/setup-kubectl@v1
- name: Deploy to Cluster
run: |
kubectl set image deployment/php-app php-app=your-registry/php-app:${{ github.sha }}
kubectl rollout status deployment/php-app
OPcache配置:
opcache.enable=1
opcache.memory_consumption=128
opcache.max_accelerated_files=10000
opcache.validate_timestamps=0 # 生產環境推薦
PHP-FPM調優:
pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 2
pm.max_spare_servers = 8
# 查看事件日志
kubectl get events --sort-by=.metadata.creationTimestamp
# 進入容器調試
kubectl exec -it <pod-name> -- /bin/sh
# 查看資源使用情況
kubectl top pods
