⽹站建设 WordPress Helm 资产⽂档

⼀、资产基本介绍

资产简介

WordPress是⼀款能让您建⽴出⾊⽹站、博客或应⽤程序的开源软件。

WordPress 创建于 2003 年，最初只是⽤来提⾼⽇常写作排版的⼯具，⽤户数扳着⼿指头和脚趾头就能数得做来。从那时起，它逐渐发展成为世界上使⽤最多的⾃助博客⼯具，⽤在数以⼗万计的⽹站中，每天都有数以千万的⽤户在使⽤。

WordPress Helm 模版可以在 Kubernetes 平台上⼀键部署⼀个可扩展的WordPress系统，同时集成时速云公有云 PaaS 平台的运维功能，实现对 WordPress 系统的⾃动化运维。

资产依赖镜像

Wordpress Helm包：192.168.1.52:/root/helm/wordpress-11.1.5.tgz Md5值:3ec619fcdf7144aab25a07852db6ec2cWordpress 镜像：dev-registry.tenxcloud.com/system_containers/wordpress:5.7.2-debian-10-r45镜像ID: 08b8e6db31b3

⼆、资产购买流程

在“云市场”中查询需要购买的资产

查看资产详情

购买资产：在资产详情中点击“购买”

阅读《云原⽣应⽤市场⽤户协议》，同意后勾选“我已阅读并同意...”确认点击“⽀付”

查看已购资产：购买资产后会⾃动跳转到“已购资产”⻚⾯显示被购买的资产

三、资产部署指南

查询购买(或导⼊)WordPress模版

在容器云--交付中⼼--应⽤模版 ⾥搜索 " wordpress ”

如果没有搜到WordPress模版，也可以在容器云--交付中⼼--应⽤模版--私有模版 ⾥导⼊私有WordPress模版

安装 WordPress 模版

点击“部署”, 选择版本开始安装

集群: 选择项⽬所授权的集群

发布名称：指定模版应⽤的名称，如: " wordpress "

描述：模版应⽤的描述信息, 如: " wordpress demo "

配置⽂件：

global:

imageRegistry:

## E.g.

## imagePullSecrets:

## - myRegistryKeySecretName

##

imagePullSecrets: []

storageClass: nfs-94

## @section Common parameters

## @param kubeVersion Override Kubernetes version

##

kubeVersion:

## @param nameOverride String to partially override common.names.fullname

##

nameOverride:

## @param fullnameOverride String to fully override common.names.fullname

##

fullnameOverride:

## @param commonLabels Labels to add to all deployed objects

##

commonLabels: {}

## @param commonAnnotations Annotations to add to all deployed objects

##

commonAnnotations: {}

## @param clusterDomain Kubernetes cluster domain name

##

clusterDomain: cluster.local

## @param extraDeploy Array of extra objects to deploy with the release

##

extraDeploy: []

## @section WordPress Image parameters

## Bitnami WordPress image

## ref: https://hub.docker.com/r/bitnami/wordpress/tags/

## @param image.registry WordPress image registry

## @param image.repository WordPress image repository

## @param image.tag WordPress image tag (immutable tags are recommended)

## @param image.pullPolicy WordPress image pull policy

## @param image.pullSecrets WordPress image pull secrets

## @param image.debug Enable image debug mode

##

image:

registry: dev-registry.tenxcloud.com

repository: system_containers/wordpress

tag: 5.7.2-debian-10-r45

pullPolicy: IfNotPresent

pullSecrets: []

## - myRegistryKeySecretName

## Enable debug mode

debug: false

## @section WordPress Configuration parameters

## WordPress settings based on environment variables

## ref: https://github.com/bitnami/bitnami-docker-wordpress#environment-

variables

## @param wordpressUsername WordPress username

##

wordpressUsername: admin

## @param wordpressPassword WordPress user password

## Defaults to a random 10-character alphanumeric string if not set

##

wordpressPassword: "admin"

## @param existingSecret Name of existing secret containing WordPress

credentials

## NOTE: Must contain key `wordpress-password`

## NOTE: When it's set, the `wordpressPassword` parameter is ignored

##

existingSecret:

## @param wordpressEmail WordPress user email

##

wordpressEmail: user@example.com

## @param wordpressFirstName WordPress user first name

##

wordpressFirstName: FirstName

## @param wordpressLastName WordPress user last name

##

wordpressLastName: LastName

## @param wordpressBlogName Blog name

##

wordpressBlogName: User's Blog!

## @param wordpressTablePrefix Prefix to use for WordPress database tables

##

wordpressTablePrefix: wp_

## @param wordpressScheme Scheme to use to generate WordPress URLs

##

wordpressScheme: http

## @param wordpressSkipInstall Skip wizard installation

## NOTE: useful if you use an external database that already contains

WordPress data

## ref: https://github.com/bitnami/bitnami-docker-wordpress#connect-

wordpress-docker-container-to-an-existing-database

##

wordpressSkipInstall: false

## @param wordpressExtraConfigContent Add extra content to the default wp-

config.php file

## e.g:

## wordpressExtraConfigContent: |

## @ini_set( 'post_max_size', '128M');

## @ini_set( 'memory_limit', '256M' );

##

wordpressExtraConfigContent:

## @param wordpressConfiguration The content for your custom wp-config.php

file (advanced feature)

## NOTE: This will override configuring WordPress based on environment

variables (including those set by the chart)

## NOTE: Currently only supported when `wordpressSkipInstall=true`

##

wordpressConfiguration:

## @param existingWordPressConfigurationSecret The name of an existing

secret with your custom wp-config.php file (advanced feature)

## NOTE: When it's set the `wordpressConfiguration` parameter is ignored

##

existingWordPressConfigurationSecret:

## @param wordpressConfigureCache Enable W3 Total Cache plugin and

configure cache settings

## NOTE: useful if you deploy Memcached for caching database queries or

you use an external cache server

##

wordpressConfigureCache: false

## @param wordpressAutoUpdateLevel Level of auto-updates to allow. Allowed

values: `major`, `minor` or `none`.

##

wordpressAutoUpdateLevel: none

## @param wordpressPlugins Array of plugins to install and activate. Can

be specified as `all` or `none`.

## NOTE: If set to all, only plugins that are already installed will be

activated, and if set to none, no plugins will be activated

##

wordpressPlugins: none

## @param apacheConfiguration The content for your custom httpd.conf file

(advanced feature)

##

apacheConfiguration:

## @param existingApacheConfigurationConfigMap The name of an existing

secret with your custom httpd.conf file (advanced feature)

## NOTE: When it's set the `apacheConfiguration` parameter is ignored

##

existingApacheConfigurationConfigMap:

## @param customPostInitScripts Custom post-init.d user scripts

## ref: https://github.com/bitnami/bitnami-docker-

wordpress/tree/master/5/debian-10/rootfs/post-init.d

## NOTE: supported formats are `.sh`, `.sql` or `.php`

## NOTE: scripts are exclusively executed during the 1st boot of the

container

## e.g:

## customPostInitScripts:

## enable-multisite.sh: |

## #!/bin/bash

## chmod +w /bitnami/wordpress/wp-config.php

## wp core multisite-install --url=example.com --title="Welcome to the

WordPress Multisite" --admin_user="doesntmatternotreallyused" --

admin_password="doesntmatternotreallyused" --

admin_email="user@example.com"

## cat /docker-entrypoint-init.d/.htaccess >

/bitnami/wordpress/.htaccess

## chmod -w bitnami/wordpress/wp-config.php

## .htaccess: |

## RewriteEngine On

## RewriteBase /

## ...

##

customPostInitScripts: {}

## SMTP mail delivery configuration

## ref: https://github.com/bitnami/bitnami-docker-wordpress/#smtp-

configuration

## @param smtpHost SMTP server host

## @param smtpPort SMTP server port

## @param smtpUser SMTP username

## @param smtpPassword SMTP user password

## @param smtpProtocol SMTP protocol

##

smtpHost: ""

smtpPort: ""

smtpUser: ""

smtpPassword: ""

smtpProtocol: ""

## @param smtpExistingSecret The name of an existing secret with SMTP

credentials

## NOTE: Must contain key `smtp-password`

## NOTE: When it's set, the `smtpPassword` parameter is ignored

##

smtpExistingSecret:

## @param allowEmptyPassword Allow the container to be started with blank

passwords

##

allowEmptyPassword: true

## @param allowOverrideNone Configure Apache to prohibit overriding

directives with htaccess files

##

allowOverrideNone: false

## @param htaccessPersistenceEnabled Persist custom changes on htaccess

files

## If `allowOverrideNone` is `false`, it will persist

`/opt/bitnami/wordpress/wordpress-htaccess.conf`

## If `allowOverrideNone` is `true`, it will persist

`/opt/bitnami/wordpress/.htaccess`

##

htaccessPersistenceEnabled: false

## @param customHTAccessCM The name of an existing ConfigMap with custom

htaccess rules

## NOTE: Must contain key `wordpress-htaccess.conf` with the file content

## NOTE: Requires setting `allowOverrideNone=false`

##

customHTAccessCM:

## @param command Override default container command (useful when using

custom images)

##

command: []

## @param args Override default container args (useful when using custom

images)

##

args: []

## @param extraEnvVars Array with extra environment variables to add to

the WordPress container

## e.g:

## extraEnvVars:

## - name: FOO

## value: "bar"

##

extraEnvVars: []

## @param extraEnvVarsCM Name of existing ConfigMap containing extra env

vars

##

extraEnvVarsCM:

## @param extraEnvVarsSecret Name of existing Secret containing extra env

vars

##

extraEnvVarsSecret:

## @section WordPress Multisite Configuration parameters

## ref: https://github.com/bitnami/bitnami-docker-wordpress#multisite-

configuration

## @param multisite.enable Whether to enable WordPress Multisite

configuration.

## @param multisite.host WordPress Multisite hostname/address. This value

is mandatory when enabling Multisite mode.

## @param multisite.networkType WordPress Multisite network type to

enable. Allowed values: `subfolder`, `subdirectory` or `subdomain`.

## @param multisite.enableNipIoRedirect Whether to enable IP address

redirection to nip.io wildcard DNS. Useful when running on an IP address

with subdomain network type.

##

multisite:

enable: false

host: ""

networkType: subdomain

enableNipIoRedirect: false

## @section WordPress deployment parameters

## @param replicaCount Number of WordPress replicas to deploy

## NOTE: ReadWriteMany PVC(s) are required if replicaCount > 1

##

replicaCount: 1

## @param updateStrategy.type WordPress deployment strategy type

## @param updateStrategy.rollingUpdate WordPress deployment rolling update

configuration parameters

## ref:

https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#stra

tegy

## NOTE: Set it to `Recreate` if you use a PV that cannot be mounted on

multiple pods

## e.g:

## updateStrategy:

## type: RollingUpdate

## rollingUpdate:

## maxSurge: 25%

## maxUnavailable: 25%

##

updateStrategy:

type: RollingUpdate

rollingUpdate: {}

## @param schedulerName Alternate scheduler

## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-

multiple-schedulers/

##

schedulerName:

## @param serviceAccountName ServiceAccount name

##

serviceAccountName: default

## @param hostAliases [array] WordPress pod host aliases

## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-

pod-etc-hosts-with-host-aliases/

##

hostAliases:

## Required for apache-exporter to work

- ip: "127.0.0.1"

hostnames:

- "status.localhost"

## @param extraVolumes Optionally specify extra list of additional volumes

for WordPress pods

##

extraVolumes: []

## @param extraVolumeMounts Optionally specify extra list of additional

volumeMounts for WordPress container(s)

##

extraVolumeMounts: []

## @param sidecars Add additional sidecar containers to the WordPress pod

## e.g:

## sidecars:

## - name: your-image-name

## image: your-image

## imagePullPolicy: Always

## ports:

## - name: portname

## containerPort: 1234

##

sidecars: {}

## @param initContainers Add additional init containers to the WordPress

pods

## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-

containers/

## e.g:

## initContainers:

## - name: your-image-name

## image: your-image

## imagePullPolicy: Always

## command: ['sh', '-c', 'copy themes and plugins from git and push to

/bitnami/wordpress/wp-content. Should work with extraVolumeMounts and

extraVolumes']

##

initContainers: {}

## @param podLabels Extra labels for WordPress pods

## ref: https://kubernetes.io/docs/concepts/overview/working-with-

objects/labels/

##

podLabels: {}

## @param podAnnotations Annotations for WordPress pods

## ref: https://kubernetes.io/docs/concepts/overview/working-with-

objects/annotations/

##

podAnnotations: {}

## @param podAffinityPreset Pod affinity preset. Ignored if `affinity` is

set. Allowed values: `soft` or `hard`

## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-

pod-node/#inter-pod-affinity-and-anti-affinity

##

podAffinityPreset: ""

## @param podAntiAffinityPreset Pod anti-affinity preset. Ignored if

`affinity` is set. Allowed values: `soft` or `hard`

## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-

pod-node/#inter-pod-affinity-and-anti-affinity

##

podAntiAffinityPreset: soft

## Node affinity preset

## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-

pod-node/#node-affinity

##

nodeAffinityPreset:

## @param nodeAffinityPreset.type Node affinity preset type. Ignored if

`affinity` is set. Allowed values: `soft` or `hard`

##

type: ""

## @param nodeAffinityPreset.key Node label key to match. Ignored if

`affinity` is set

##

key: ""

## @param nodeAffinityPreset.values Node label values to match. Ignored

if `affinity` is set

## E.g.

## values:

## - e2e-az1

## - e2e-az2

##

values: []

## @param affinity Affinity for pod assignment

## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-

node/#affinity-and-anti-affinity

## NOTE: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset

will be ignored when it's set

##

affinity: {}

## @param nodeSelector Node labels for pod assignment

## ref: https://kubernetes.io/docs/user-guide/node-selection/

##

nodeSelector: {}

## @param tolerations Tolerations for pod assignment

## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-

toleration/

##

tolerations: []

## WordPress containers' resource requests and limits

## ref: http://kubernetes.io/docs/user-guide/compute-resources/

## @param resources.limits The resources limits for the WordPress

container

## @param resources.requests [object] The requested resources for the

WordPress container

##

resources:

limits: {}

requests:

memory: 512Mi

cpu: 300m

## Container ports

## @param containerPorts.http WordPress HTTP container port

## @param containerPorts.https WordPress HTTPS container port

##

containerPorts:

http: 8080

https: 8443

## Configure Pods Security Context

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-

context/#set-the-security-context-for-a-pod

## @param podSecurityContext.enabled Enabled WordPress pods' Security

Context

## @param podSecurityContext.fsGroup Set WordPress pod's Security Context

fsGroup

##

podSecurityContext:

enabled: true

fsGroup: 1001

## Configure Container Security Context (only main container)

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-

context/#set-the-security-context-for-a-container

## @param containerSecurityContext.enabled Enabled WordPress containers'

Security Context

## @param containerSecurityContext.runAsUser Set WordPress container's

Security Context runAsUser

## @param containerSecurityContext.runAsNonRoot Set WordPress container's

Security Context runAsNonRoot

##

containerSecurityContext:

enabled: true

runAsUser: 1001

runAsNonRoot: true

## Configure extra options for WordPress containers' liveness and

readiness probes

## ref: https://kubernetes.io/docs/tasks/configure-pod-

container/configure-liveness-readiness-probes/#configure-probes

## @param livenessProbe.enabled Enable livenessProbe

## @skip livenessProbe.httpGet

## @param livenessProbe.initialDelaySeconds Initial delay seconds for

livenessProbe

## @param livenessProbe.periodSeconds Period seconds for livenessProbe

## @param livenessProbe.timeoutSeconds Timeout seconds for livenessProbe

## @param livenessProbe.failureThreshold Failure threshold for

livenessProbe

## @param livenessProbe.successThreshold Success threshold for

livenessProbe

##

livenessProbe:

enabled: true

httpGet:

path: /wp-admin/install.php

port: http

scheme: HTTP

## If using an HTTPS-terminating load-balancer, the probes may need to

behave

## like the balancer to prevent HTTP 302 responses. According to the

Kubernetes

## docs, 302 should be considered "successful", but this issue on

GitHub

## (https://github.com/kubernetes/kubernetes/issues/47893) shows that

it isn't.

## E.g.

## httpHeaders:

## - name: X-Forwarded-Proto

## value: https

##

httpHeaders: []

initialDelaySeconds: 120

periodSeconds: 10

timeoutSeconds: 5

failureThreshold: 6

successThreshold: 1

## @param readinessProbe.enabled Enable readinessProbe

## @skip readinessProbe.httpGet

## @param readinessProbe.initialDelaySeconds Initial delay seconds for

readinessProbe

## @param readinessProbe.periodSeconds Period seconds for readinessProbe

## @param readinessProbe.timeoutSeconds Timeout seconds for readinessProbe

## @param readinessProbe.failureThreshold Failure threshold for

readinessProbe

## @param readinessProbe.successThreshold Success threshold for

readinessProbe

##

readinessProbe:

enabled: true

httpGet:

path: /wp-login.php

port: http

scheme: HTTP

## If using an HTTPS-terminating load-balancer, the probes may need to

behave

## like the balancer to prevent HTTP 302 responses. According to the

Kubernetes

## docs, 302 should be considered "successful", but this issue on

GitHub

## (https://github.com/kubernetes/kubernetes/issues/47893) shows that

it isn't.

## E.g.

## httpHeaders:

## - name: X-Forwarded-Proto

## value: https

##

httpHeaders: []

initialDelaySeconds: 30

periodSeconds: 10

timeoutSeconds: 5

failureThreshold: 6

successThreshold: 1

## @param customLivenessProbe Custom livenessProbe that overrides the

default one

##

customLivenessProbe: {}

## @param customReadinessProbe Custom readinessProbe that overrides the

default one

#

customReadinessProbe: {}

## @section Traffic Exposure Parameters

## WordPress service parameters

##

service:

## @param service.type WordPress service type

##

type: ClusterIP

## @param service.port WordPress service HTTP port

##

port: 8080

## @param service.httpsPort WordPress service HTTPS port

##

httpsPort: 8443

## @param service.httpsTargetPort Target port for HTTPS

##

httpsTargetPort: https

## Node ports to expose

## @param service.nodePorts.http Node port for HTTP

## @param service.nodePorts.https Node port for HTTPS

## NOTE: choose port between <30000-32767>

##

nodePorts:

http:

https:

## @param service.clusterIP WordPress service Cluster IP

## e.g.:

## clusterIP: None

##

clusterIP:

## @param service.loadBalancerIP WordPress service Load Balancer IP

## ref: https://kubernetes.io/docs/concepts/services-

networking/service/#type-loadbalancer

##

loadBalancerIP:

## @param service.loadBalancerSourceRanges WordPress service Load

Balancer sources

## ref: https://kubernetes.io/docs/tasks/access-application-

cluster/configure-cloud-provider-firewall/#restrict-access-for-

loadbalancer-service

## e.g:

## loadBalancerSourceRanges:

## - 10.10.10.0/24

##

loadBalancerSourceRanges: []

## @param service.externalTrafficPolicy WordPress service external

traffic policy

## ref http://kubernetes.io/docs/tasks/access-application-

cluster/create-external-load-balancer/#preserving-the-client-source-ip

##

externalTrafficPolicy: Cluster

## @param service.annotations Additional custom annotations for

WordPress service

##

annotations: {}

## @param service.extraPorts Extra port to expose on WordPress service

##

extraPorts: []

## Configure the ingress resource that allows you to access the WordPress

installation

## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/

##

ingress:

## @param ingress.enabled Enable ingress record generation for WordPress

##

enabled: false

## @param ingress.certManager Add the corresponding annotations for

cert-manager integration

##

certManager: false

## @param ingress.pathType Ingress path type

##

pathType: ImplementationSpecific

## @param ingress.apiVersion Force Ingress API version (automatically

detected if not set)

##

apiVersion:

## @param ingress.ingressClassName IngressClass that will be be used to

implement the Ingress (Kubernetes 1.18+)

## This is supported in Kubernetes 1.18+ and required if you have more

than one IngressClass marked as the default for your cluster .

## ref: https://kubernetes.io/blog/2020/04/02/improvements-to-the-

ingress-api-in-kubernetes-1.18/

##

ingressClassName:

## @param ingress.hostname Default host for the ingress record

##

hostname: wordpress.local

## @param ingress.path Default path for the ingress record

## NOTE: You may need to set this to '/*' in order to use this with ALB

ingress controllers

##

path: /

## @param ingress.annotations Additional custom annotations for the

ingress record

## NOTE: If `ingress.certManager=true`, annotation `kubernetes.io/tls-

acme: "true"` will automatically be added

##

annotations: {}

## @param ingress.tls Enable TLS configuration for the host defined at

`ingress.hostname` parameter

## TLS certificates will be retrieved from a TLS secret with name: `{{-

printf "%s-tls" .Values.ingress.hostname }}`

## You can:

## - Use the `ingress.secrets` parameter to create this TLS secret

## - Relay on cert-manager to create it by setting

`ingress.certManager=true`

## - Relay on Helm to create self-signed certificates by setting

`ingress.tls=true` and `ingress.certManager=false`

##

tls: false

## @param ingress.extraHosts An array with additional hostname(s) to be

covered with the ingress record

## e.g:

## extraHosts:

## - name: wordpress.local

## path: /

##

extraHosts: []

## @param ingress.extraPaths An array with additional arbitrary paths

that may need to be added to the ingress under the main host

## e.g:

## extraPaths:

## - path: /*

## backend:

## serviceName: ssl-redirect

## servicePort: use-annotation

##

extraPaths: []

## @param ingress.extraTls TLS configuration for additional hostname(s)

to be covered with this ingress record

## ref: https://kubernetes.io/docs/concepts/services-

networking/ingress/#tls

## e.g:

## extraTls:

## - hosts:

## - wordpress.local

## secretName: wordpress.local-tls

##

extraTls: []

## @param ingress.secrets Custom TLS certificates as secrets

## NOTE: 'key' and 'certificate' are expected in PEM format

## NOTE: 'name' should line up with a 'secretName' set further up

## If it is not set and you're using cert-manager, this is unneeded, as

it will create a secret for you with valid certificates

## If it is not set and you're NOT using cert-manager either, self-

signed certificates will be created valid for 365 days

## It is also possible to create and manage the certificates outside of

this helm chart

## Please see README.md for more information

## e.g:

## secrets:

## - name: wordpress.local-tls

## key: |-

## -----BEGIN RSA PRIVATE KEY-----

## ...

## -----END RSA PRIVATE KEY-----

## certificate: |-

## -----BEGIN CERTIFICATE-----

## ...

## -----END CERTIFICATE-----

##

secrets: []

## @section Persistence Parameters

## Persistence Parameters

## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/

##

persistence:

## @param persistence.enabled Enable persistence using Persistent Volume

Claims

##

enabled: true

## @param persistence.storageClass Persistent Volume storage class

## If defined, storageClassName: <storageClass>

## If set to "-", storageClassName: "", which disables dynamic

provisioning

## If undefined (the default) or set to null, no storageClassName spec

is set, choosing the default provisioner

##

storageClass:

## @param persistence.accessModes [array] Persistent Volume access modes

##

accessModes:

- ReadWriteOnce

## @param persistence.accessMode Persistent Volume access mode

(DEPRECATED: use `persistence.accessModes` instead)

##

accessMode: ReadWriteOnce

## @param persistence.size Persistent Volume size

##

size: 4Gi

## @param persistence.dataSource Custom PVC data source

##

dataSource: {}

## @param persistence.existingClaim The name of an existing PVC to use

for persistence

##

existingClaim:

## 'volumePermissions' init container parameters

## Changes the owner and group of the persistent volume mount point to

runAsUser:fsGroup values

## based on the podSecurityContext/containerSecurityContext parameters

##

volumePermissions:

## @param volumePermissions.enabled Enable init container that changes

the owner/group of the PV mount point to `runAsUser:fsGroup`

##

enabled: false

## Bitnami Shell image

## ref: https://hub.docker.com/r/bitnami/bitnami-shell/tags/

## @param volumePermissions.image.registry Bitnami Shell image registry

## @param volumePermissions.image.repository Bitnami Shell image

repository

## @param volumePermissions.image.tag Bitnami Shell image tag (immutable

tags are recommended)

## @param volumePermissions.image.pullPolicy Bitnami Shell image pull

policy

## @param volumePermissions.image.pullSecrets Bitnami Shell image pull

secrets

##

image:

registry: docker.io

repository: bitnami/bitnami-shell

tag: 10-debian-10-r134

pullPolicy: Always

## Optionally specify an array of imagePullSecrets.

## Secrets must be manually created in the namespace.

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-

image-private-registry/

## e.g:

## pullSecrets:

## - myRegistryKeySecretName

##

pullSecrets: []

## Init container's resource requests and limits

## ref: http://kubernetes.io/docs/user-guide/compute-resources/

## @param volumePermissions.resources.limits The resources limits for

the init container

## @param volumePermissions.resources.requests The requested resources

for the init container

##

resources:

limits: {}

requests: {}

## Init container Container Security Context

## ref: https://kubernetes.io/docs/tasks/configure-pod-

container/security-context/#set-the-security-context-for-a-container

## @param volumePermissions.securityContext.runAsUser Set init

container's Security Context runAsUser

## NOTE: when runAsUser is set to special value "auto", init container

will try to chown the

## data folder to auto-determined user&group, using commands: `id -

u`:`id -G | cut -d" " -f2`

## "auto" is especially useful for OpenShift which has scc with

dynamic user ids (and 0 is not allowed)

##

securityContext:

runAsUser: 0

## @section Other Parameters

## Wordpress Pod Disruption Budget configuration

## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/

## @param pdb.create Enable a Pod Disruption Budget creation

## @param pdb.minAvailable Minimum number/percentage of pods that should

remain scheduled

## @param pdb.maxUnavailable Maximum number/percentage of pods that may be

made unavailable

##

pdb:

create: false

minAvailable: 1

maxUnavailable:

## Wordpress Autoscaling configuration

## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-

autoscale/

## @param autoscaling.enabled Enable Horizontal POD autoscaling for

WordPress

## @param autoscaling.minReplicas Minimum number of WordPress replicas

## @param autoscaling.maxReplicas Maximum number of WordPress replicas

## @param autoscaling.targetCPU Target CPU utilization percentage

## @param autoscaling.targetMemory Target Memory utilization percentage

##

autoscaling:

enabled: false

minReplicas: 1

maxReplicas: 11

targetCPU: 50

targetMemory: 50

## @section Metrics Parameters

## Prometheus Exporter / Metrics configuration

##

metrics:

## @param metrics.enabled Start a sidecar prometheus exporter to expose

metrics

##

enabled: false

## Bitnami Apache Exporter image

## ref: https://hub.docker.com/r/bitnami/apache-exporter/tags/

## @param metrics.image.registry Apache Exporter image registry

## @param metrics.image.repository Apache Exporter image repository

## @param metrics.image.tag Apache Exporter image tag (immutable tags

are recommended)

## @param metrics.image.pullPolicy Apache Exporter image pull policy

## @param metrics.image.pullSecrets Apache Exporter image pull secrets

##

image:

registry: docker.io

repository: bitnami/apache-exporter

tag: 0.9.0-debian-10-r33

pullPolicy: IfNotPresent

## Optionally specify an array of imagePullSecrets.

## Secrets must be manually created in the namespace.

## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-

image-private-registry/

## e.g:

## pullSecrets:

## - myRegistryKeySecretName

##

pullSecrets: []

## Prometheus exporter container's resource requests and limits

## ref: http://kubernetes.io/docs/user-guide/compute-resources/

## @param metrics.resources.limits The resources limits for the

Prometheus exporter container

## @param metrics.resources.requests The requested resources for the

Prometheus exporter container

##

resources:

limits: {}

requests: {}

## Prometheus exporter service parameters

##

service:

## @param metrics.service.port Metrics service port

##

port: 9117

## @param metrics.service.annotations [object] Additional custom

annotations for Metrics service

##

annotations:

prometheus.io/scrape: "true"

prometheus.io/port: "{{ .Values.metrics.service.port }}"

## Prometheus Service Monitor

## ref: https://github.com/coreos/prometheus-operator

## https://github.com/coreos/prometheus-

operator/blob/master/Documentation/api.md#endpoint

##

serviceMonitor:

## @param metrics.serviceMonitor.enabled Create ServiceMonitor

Resource for scraping metrics using PrometheusOperator

##

enabled: false

## @param metrics.serviceMonitor.namespace The namespace in which the

ServiceMonitor will be created

##

namespace:

## @param metrics.serviceMonitor.interval The interval at which

metrics should be scraped

##

interval: 30s

## @param metrics.serviceMonitor.scrapeTimeout The timeout after which

the scrape is ended

##

scrapeTimeout:

## @param metrics.serviceMonitor.relabellings Metrics relabellings to

add to the scrape endpoint

##

relabellings:

## @param metrics.serviceMonitor.honorLabels Labels to honor to add to

the scrape endpoint

##

honorLabels: false

## @param metrics.serviceMonitor.additionalLabels Additional custom

labels for the ServiceMonitor

##

additionalLabels: {}

## External Database Configuration

## All of these values are only used if `mariadb.enabled=false`

##

externalDatabase:

## @param externalDatabase.host External Database server host

##

host: gaozh-mysql.gaozh.svc

## @param externalDatabase.port External Database server port

##

port: 3306

## @param externalDatabase.user External Database username

##

user: root

## @param externalDatabase.password External Database user password

##

password: "123456"

## @param externalDatabase.database External Database database name

##

database: wordpress

## @param externalDatabase.existingSecret The name of an existing secret

with database credentials

## NOTE: Must contain key `mariadb-password`

## NOTE: When it's set, the `externalDatabase.password` parameter is

ignored

##

existingSecret:

## External Memcached Configuration

## All of these values are only used if `memcached.enabled=false`

##

externalCache:

## @param externalCache.host External cache server host

基础配置说明： * global.storageClass: 集群使⽤的存储类名称，从“ 容器云--存储管理--存储卷--创建存储卷--存储类下拉列表” 中可以查看到可以使⽤的存储类

* image.registry: Harbor地址，如："dev-registry.tenxcloud.com" * image.repository: 镜像仓库名称，如： "system_containers/wordpress" * image.tag: 镜像tag，如："5.7.2-debian-10-r45" * wordpressUsername: wordpress web⻚登陆的⽤户名，如: "admin" *wordpressPassword: wordpress web⻚登陆的密码，如: "admin" * resources.requests: 每个Pod 请求的 CPU、内存资源⼤⼩，推荐使⽤ 1C/2G 配置 * resources.limits: 每个Pod 请求的CPU、内存资源⼤⼩，根据使⽤情况进⾏设置 * persistence.size: 存储⼤⼩，可根据存储的资源情况进⾏设置 * externalDatabase.host: Mysql数据库地址，如："127.0.0.1" *externalDatabase.port: Mysql数据库端⼝，如：3306 * externalDatabase.user: Mysql数据库⽤户名，如："root" * externalDatabase.password: Mysql数据库密码，如: "123456" *externalDatabase.database: WordPress的数据库名称，如: "wordpress_db"

点击“确定”：⾃动跳转到 模版应⽤ 菜单

##

host: localhost

## @param externalCache.port External cache server port

##

port: 11211

点击 模版应⽤ 名称，进⼊ 模版应⽤ 详情

查看 实例运⾏ 状态

配置 WordPress 集群外访问

在“容器云--⽹络管理--应⽤路由”⻚⾯，点击“添加路由规则”

在“添加路由规则”⻚⾯，选择⼀个服务出⼝代理 wordpress 服务

规则名称：这条路由规则的名称, 如："wordpress"选择出⼝：选择⼀个平台的服务访问出⼝选择服务：wordpress 服务, 如："wordpress"

点击“创建”后，可以看到⽣成的路由规则

验证 WordPress 服务状态

在“容器云--容器应⽤--容器服务”列表中，找到被代理的 wordpress 服务，点击“查看地址”，点击地址旁边的拷⻉图标保存地址信息，⽤于后⾯访问验证。

集群内：在 Kuberenetes 集群内访问 wordpress 服务，使⽤这个地址服务代理-TCP：在 Kuberenetes 集群外访问 wordpress 服务，使⽤这个地址

打开浏览器输⼊集群外访问地址，如"192.168.2.63:63376/login", 默认⽤户名/密码：admin / admin

四、应⽤运维指南；（补充界⾯部署⽅式）

监控信息查看：在“容器云--⼯作负载--部署”，点击进⼊ WordPress 副本集

⽇志信息查看：在“容器云--⼯作负载--部署”，点击进⼊ WordPress 副本集

事件信息查看：在“容器云--⼯作负载--部署”，点击进⼊ WordPress 副本集

审计信息查看：在“安全和运维--平台运维--操作审计--审计记录”，选择“容器云/容器应⽤/模版应⽤”、相应租户、项⽬后点击“⽴即查询”