部署数据库 #
一、数据库部署概述 #
在Kubernetes中部署数据库需要考虑数据持久化、高可用、备份恢复等问题。
1.1 部署考虑因素 #
text
数据库部署考虑因素
│
├── 数据持久化
│ ├── PV/PVC
│ └── StorageClass
│
├── 高可用性
│ ├── 主从复制
│ └── 集群模式
│
├── 备份恢复
│ ├── 定期备份
│ └── 快照恢复
│
└── 安全配置
├── 认证授权
└── 网络隔离
1.2 部署方式 #
| 方式 | 适用场景 |
|---|---|
| 单实例 | 开发测试环境 |
| 主从复制 | 生产环境 |
| 集群模式 | 高可用生产环境 |
二、部署MySQL #
2.1 单实例MySQL #
yaml
apiVersion: v1
kind: Secret
metadata:
name: mysql-secret
type: Opaque
stringData:
mysql-root-password: rootpassword
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: mysql-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: mysql
spec:
serviceName: mysql
replicas: 1
selector:
matchLabels:
app: mysql
template:
metadata:
labels:
app: mysql
spec:
containers:
- name: mysql
image: mysql:8.0
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-secret
key: mysql-root-password
ports:
- containerPort: 3306
volumeMounts:
- name: data
mountPath: /var/lib/mysql
livenessProbe:
exec:
command:
- mysqladmin
- ping
- -h
- localhost
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
exec:
command:
- mysql
- -h
- 127.0.0.1
- -e
- SELECT 1
initialDelaySeconds: 5
periodSeconds: 2
volumes:
- name: data
persistentVolumeClaim:
claimName: mysql-pvc
---
apiVersion: v1
kind: Service
metadata:
name: mysql
spec:
selector:
app: mysql
ports:
- port: 3306
2.2 MySQL主从复制 #
yaml
# 主节点配置
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: mysql-master
spec:
serviceName: mysql-master
replicas: 1
template:
spec:
containers:
- name: mysql
image: mysql:8.0
env:
- name: MYSQL_ROOT_PASSWORD
value: rootpassword
- name: MYSQL_REPLICATION_MODE
value: "master"
- name: MYSQL_REPLICATION_USER
value: "repl"
- name: MYSQL_REPLICATION_PASSWORD
value: "replpassword"
args:
- --server-id=1
- --log-bin=mysql-bin
- --binlog-format=ROW
---
# 从节点配置
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: mysql-slave
spec:
serviceName: mysql-slave
replicas: 2
template:
spec:
containers:
- name: mysql
image: mysql:8.0
env:
- name: MYSQL_ROOT_PASSWORD
value: rootpassword
- name: MYSQL_REPLICATION_MODE
value: "slave"
- name: MYSQL_MASTER_HOST
value: "mysql-master"
- name: MYSQL_MASTER_USER
value: "repl"
- name: MYSQL_MASTER_PASSWORD
value: "replpassword"
args:
- --server-id=2
- --relay-log=relay-bin
三、部署PostgreSQL #
3.1 单实例PostgreSQL #
yaml
apiVersion: v1
kind: Secret
metadata:
name: postgres-secret
type: Opaque
stringData:
postgres-password: postgrespassword
postgres-user: appuser
postgres-db: appdb
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: postgres-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: postgres
spec:
serviceName: postgres
replicas: 1
selector:
matchLabels:
app: postgres
template:
metadata:
labels:
app: postgres
spec:
containers:
- name: postgres
image: postgres:15
env:
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: postgres-secret
key: postgres-password
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: postgres-secret
key: postgres-user
- name: POSTGRES_DB
valueFrom:
secretKeyRef:
name: postgres-secret
key: postgres-db
ports:
- containerPort: 5432
volumeMounts:
- name: data
mountPath: /var/lib/postgresql/data
livenessProbe:
exec:
command:
- pg_isready
- -U
- postgres
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
exec:
command:
- pg_isready
- -U
- postgres
initialDelaySeconds: 5
periodSeconds: 5
volumes:
- name: data
persistentVolumeClaim:
claimName: postgres-pvc
---
apiVersion: v1
kind: Service
metadata:
name: postgres
spec:
selector:
app: postgres
ports:
- port: 5432
四、部署MongoDB #
4.1 单实例MongoDB #
yaml
apiVersion: v1
kind: Secret
metadata:
name: mongo-secret
type: Opaque
stringData:
mongo-root-username: admin
mongo-root-password: adminpassword
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: mongo-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: mongodb
spec:
serviceName: mongodb
replicas: 1
selector:
matchLabels:
app: mongodb
template:
metadata:
labels:
app: mongodb
spec:
containers:
- name: mongodb
image: mongo:6.0
env:
- name: MONGO_INITDB_ROOT_USERNAME
valueFrom:
secretKeyRef:
name: mongo-secret
key: mongo-root-username
- name: MONGO_INITDB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mongo-secret
key: mongo-root-password
ports:
- containerPort: 27017
volumeMounts:
- name: data
mountPath: /data/db
livenessProbe:
exec:
command:
- mongosh
- --eval
- "db.adminCommand('ping')"
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
exec:
command:
- mongosh
- --eval
- "db.adminCommand('ping')"
initialDelaySeconds: 5
periodSeconds: 5
volumes:
- name: data
persistentVolumeClaim:
claimName: mongo-pvc
---
apiVersion: v1
kind: Service
metadata:
name: mongodb
spec:
selector:
app: mongodb
ports:
- port: 27017
五、部署Redis #
5.1 单实例Redis #
yaml
apiVersion: v1
kind: Secret
metadata:
name: redis-secret
type: Opaque
stringData:
redis-password: redispassword
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: redis
spec:
replicas: 1
selector:
matchLabels:
app: redis
template:
metadata:
labels:
app: redis
spec:
containers:
- name: redis
image: redis:7.0
command:
- redis-server
- --requirepass
- $(REDIS_PASSWORD)
env:
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secret
key: redis-password
ports:
- containerPort: 6379
livenessProbe:
exec:
command:
- redis-cli
- ping
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
exec:
command:
- redis-cli
- ping
initialDelaySeconds: 5
periodSeconds: 5
---
apiVersion: v1
kind: Service
metadata:
name: redis
spec:
selector:
app: redis
ports:
- port: 6379
5.2 Redis Sentinel高可用 #
yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: redis
spec:
serviceName: redis
replicas: 3
selector:
matchLabels:
app: redis
template:
metadata:
labels:
app: redis
spec:
containers:
- name: redis
image: redis:7.0
ports:
- containerPort: 6379
- containerPort: 26379
六、数据库备份 #
6.1 MySQL备份 #
yaml
apiVersion: batch/v1
kind: CronJob
metadata:
name: mysql-backup
spec:
schedule: "0 2 * * *"
jobTemplate:
spec:
template:
spec:
containers:
- name: backup
image: mysql:8.0
command:
- /bin/sh
- -c
- |
mysqldump -h mysql -u root -p${MYSQL_ROOT_PASSWORD} --all-databases > /backup/backup-$(date +%Y%m%d).sql
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-secret
key: mysql-root-password
volumeMounts:
- name: backup
mountPath: /backup
volumes:
- name: backup
persistentVolumeClaim:
claimName: backup-pvc
restartPolicy: OnFailure
6.2 PostgreSQL备份 #
yaml
apiVersion: batch/v1
kind: CronJob
metadata:
name: postgres-backup
spec:
schedule: "0 2 * * *"
jobTemplate:
spec:
template:
spec:
containers:
- name: backup
image: postgres:15
command:
- /bin/sh
- -c
- |
pg_dumpall -h postgres -U postgres > /backup/backup-$(date +%Y%m%d).sql
env:
- name: PGPASSWORD
valueFrom:
secretKeyRef:
name: postgres-secret
key: postgres-password
volumeMounts:
- name: backup
mountPath: /backup
volumes:
- name: backup
persistentVolumeClaim:
claimName: backup-pvc
restartPolicy: OnFailure
七、最佳实践 #
7.1 资源配置 #
yaml
resources:
requests:
cpu: 500m
memory: 512Mi
limits:
cpu: 1
memory: 1Gi
7.2 安全配置 #
yaml
# 网络策略
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: mysql-network-policy
spec:
podSelector:
matchLabels:
app: mysql
policyTypes:
- Ingress
ingress:
- from:
- podSelector:
matchLabels:
app: api
ports:
- protocol: TCP
port: 3306
7.3 监控配置 #
yaml
# Prometheus监控
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "9104"
八、总结 #
8.1 数据库部署要点 #
| 数据库 | 推荐部署方式 | 存储要求 |
|---|---|---|
| MySQL | StatefulSet | ReadWriteOnce |
| PostgreSQL | StatefulSet | ReadWriteOnce |
| MongoDB | StatefulSet | ReadWriteOnce |
| Redis | Deployment/StatefulSet | 可选持久化 |
8.2 下一步 #
让我们学习 微服务架构,了解微服务应用的部署方法。
最后更新:2026-03-28