Offends/Kubernetes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

synchronization

Browse Source
This commit is contained in:
offends
2025-08-25 17:53:08 +08:00
commit c201eb5ef9
318 changed files with 23092 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
资源部署/Chatgpt-Pandora.md Normal file
View File

@@ -0,0 +1,66 @@
> 本文作者:丁辉
# Chatgpt-Pandora
> 丝滑访问 Chatgpt 方法如下
1. 部署
```bash
kubectl create -f https://gitee.com/offends/Kubernetes/raw/main/File/Yaml/chatgpt-pandora.yaml
```
2. 创建 Secret
```bash
kubectl create secret tls chat-tls --key nginx.key --cert nginx.pem -n tools
```
3. 创建 Ingress
```bash
vi chatgpt-pandora-ingress.yaml
```
内容如下
```yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: chatgpt-ingress
namespace: chatgpt
spec:
ingressClassName: nginx
rules:
- host: #域名
http:
paths:
- pathType: Prefix
backend:
service:
name: chatgpt-web
port:
number: 80
path: /
tls:
- hosts:
- #域名
secretName: chat-ssl
```
4. 部署
```bash
kubectl apply -f chatgpt-pandora-ingress.yaml
```
5. 获取
> 在官方获取 accessToken、或登录账号访问 ChatGpt
```bash
https://chat.openai.com/api/auth/session
```

240
资源部署/Helm私有仓库部署.md Normal file
View File

@@ -0,0 +1,240 @@
> 本文作者:丁辉
# Helm私有仓库部署
## 开始部署
1. 部署
```bash
kubectl create -f https://gitee.com/offends/Kubernetes/raw/main/File/Yaml/chartmuseum.yaml
```
2. 配置内部域名
```bash
echo $(kubectl get svc -n helm | grep chartmuseum | awk '{print $3}') chartmuseum.local.com >> /etc/hosts
```
3. 检查
```bash
curl http://chartmuseum.local.com:8080/api/charts
```
## 使用
1. 添加仓库
```bash
helm repo add localrepo http://chartmuseum.local.com:8080
```
2. 创建 Helm 文件
```bash
helm create demo
```
3. 打包
- 打包:不指定版本 默认生成 0.1.0 版本
```bash
helm package demo/
```
- 打包: 指定版本 0.1.1
```bash
helm package demo/ --version 0.1.1
```
4. 查看详情
```bash
helm show chart demo
```
## Helm push 插件操作命令
1. 添加公共仓库
```bash
helm repo add stable http://mirror.azure.cn/kubernetes/charts
```
> 也可以换成微软的源,速度快,内容和官方同步的
>
> ```bash
> helm repo add aliyun https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
> ```
2. Helm安装 push 插件
```bash
helm plugin install https://github.com/chartmuseum/helm-push
```
3. Cm-push chats包到Chartmuseum
- 添加 cm-push 插件
```bash
helm plugin install https://github.com/chartmuseum/helm-push
```
- 使用 cm-push 上传 chat 包
```bash
helm cm-push demo-0.1.0.tgz localrepo
```
- 使用 cm-push 上传 chat 目录
```bash
helm cm-push ./demo localrepo
```
4. 查看结果
```bash
curl http://chartmuseum.local.com:8080/api/charts |jq
```
5. 更新
```bash
helm repo update
```
6. 检查
```bash
helm search repo demo
```
## 复用harbor仓库
> harbor 自带 helm 私有仓库的功能不需要再部署一个helm 私有仓库,在这里给大家介绍一下 helm 如何上传chart包到 harbor
1. 添加私有仓库harbor
添加 repo
```bash
helm repo add harbor https://harbor.com/chartrepo/library --username xxx --password xxx
```
2. 使用 cm-push 命令 上传 chat 包
```bash
helm cm-push demo-0.1.0.tgz harbor
```
3. 上传 cm-push chat 目录
```bash
helm cm-push ./demo harbor
```
4. push chats 包到 harbor 使用 oci 协议
登录到注册中心
```bash
helm registry login -u helmchart harbor.com -p xxxxxx
```
5. 使用 push 命令上传 chat 包
```bash
helm push demo-0.1.0.tgz oci://harbor.com/helmchart
```
6. 使用 pull 下载包
```bash
helm pull oci://harbor.com/helmchart/mychart --version 0.1.0
```
7. 查看 chat 信息
```bash
helm show all oci://harbor.com/helmchart/mychart --version 0.1.0
```
## Chartmuseum和curl的使用
### 添加Chartmuseum到Helm repo
- 登录
```bash
helm repo add chartmuseum http://chartmuseum.local.com:8080 --username admin --password admin
```
- 上传
```bash
curl -u admin:admin --data-binary "@demo-0.1.0.tgz" http://chartmuseum.local.com:8080/api/charts
```
- 下载
```bash
curl -O -u admin:admin http://chartmuseum.local.com:8080/charts/demo-0.1.0.tgz
```
### chartmuseum其他API
- `GET /index.yaml` 得到 chartmuseum 的全部 charts
```bash
curl http://chartmuseum.local.com:8080/index.yaml -u admin:admin
```
- `GET /charts/demo-0.1.0.tgz` 下载 charts 中的 demo
```bash
curl -O http://chartmuseum.local.com:8080/charts/demo-0.1.0.tgz -u admin:admin
```
- `POST /api/charts` 上传一个新的chart版本
```bash
curl -X POST --data-binary '@demo-0.2.0.tgz' http://chartmuseum.local.com:8080/api/charts -u admin:admin
```
- `DELETE /api/charts/<name>/<version>` 删除一个 chart 版本
```bash
curl -s -X DELETE http://chartmuseum.local.com:8080/api/charts/demo/0.2.0 -u admin:admin | jq
```
- `GET /api/charts` 列出所有的charts
```bash
curl -s http://chartmuseum.local.com:8080/api/charts -u admin:admin | jq
```
- `GET /api/chatts/<name>` 列出chart的所有版本
```bash
curl -s http://chartmuseum.local.com:8080/api/charts/demo -u admin:admin | jq
```
- `GET /api/charts/<name>/<version>` 对一个chart版本的描述
```bash
curl -s http://chartmuseum.local.com:8080/api/charts/demo/0.2.0 -u admin:admin | jq
```
- `GET /health` return 200 OK
```bash
curl http://chartmuseum.local.com:8080/health
```

35
资源部署/Kubernetes部署Registry镜像仓库缓存服务.md Normal file
View File

@@ -0,0 +1,35 @@
> 本文作者:丁辉
# Kubernetes部署Registry镜像仓库缓存服务
1. 下载 YAMl 文件
```bash
wget https://gitee.com/offends/Kubernetes/raw/main/File/Yaml/registry-proxy-ds.yaml
wget https://gitee.com/offends/Kubernetes/raw/main/File/Yaml/registry-proxy-ingress.yaml
```
2. 修改 registry-proxy.yaml 文件
- 修改 PersistentVolumeClaim storageClassName 字段
- 修改 DaemonSet env 字段
3. 修改 ingress.yaml 文件
- 修改 ingressClassName 字段
4. 部署服务
```bash
kubectl apply -f registry-proxy-ds.yaml
```
5. 部署对外访问 Ingress
> 请根据自己环境情况修改 `registry-proxy-ingress.yaml`
```bash
kubectl apply -f registry-proxy-ingress.yaml
```

60
资源部署/Kubernetes部署Simplex.md Normal file
View File

@@ -0,0 +1,60 @@
> 本文作者:丁辉
# Kubernetes部署Simplex服务器SMP/XFTP服务
## 开始部署
1. 创建命名空间
```bash
kubectl create namespace simplex
```
2. 创建 Secret
```bash
kubectl create secret generic simplex-secret --from-literal=ADDR=${值} --from-literal=PASS=${值} -n simplex
```
**`ADDR`**: 用于指定服务绑定的 IP 地址或域名。这通常是服务对外公开访问的地址。
**`PASS`**: 这是用于设置某种形式的密码或访问密钥的变量。它通常用于身份验证或授权,以保护服务不被未经授权的访问。
3. 部署 SMP 服务
```bash
kubectl apply -f https://gitee.com/offends/Kubernetes/raw/main/File/Yaml/simplex-smp.yaml
```
4. 部署 XFTP 服务
```bash
kubectl apply -f https://gitee.com/offends/Kubernetes/raw/main/File/Yaml/simplex-xftp.yaml
```
5. 部署对外访问端口
- SMP5223
- XFTP5233
## 卸载
1. 卸载
```bash
kubectl delete -f https://gitee.com/offends/Kubernetes/raw/main/File/Yaml/simplex-xftp.yaml
```
2. 卸载
```bash
kubectl delete -f https://gitee.com/offends/Kubernetes/raw/main/File/Yaml/simplex-smp.yaml
```
3. 删除 Secret
```bash
kubectl delete secret simplex-secret -n simplex
```

105
资源部署/部署Kubernetes仪表板.md Normal file
View File

@@ -0,0 +1,105 @@
> 本文作者:丁辉
# 部署Kubernetes仪表板
[官方文档](https://kubernetes.io/zh-cn/docs/tasks/access-application-cluster/web-ui-dashboard/)
[Github文档](https://github.com/kubernetes/dashboard/blob/master/docs/user/access-control/creating-sample-user.md)
1. 部署 Dashboard UI
```bash
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml
```
2. 编辑对外 svc 文件
```bash
vi kubernetes-dashboard-svc.yaml
```
内容如下
```yaml
apiVersion: v1
kind: Service
metadata:
name: kubernetes-dashboard-40000
labels:
k8s-app: kubernetes-dashboard
namespace: kubernetes-dashboard
spec:
ports:
- name: kubernetes-dashboard
nodePort: 40000
port: 443
protocol: TCP
targetPort: 8443
selector:
k8s-app: kubernetes-dashboard
type: NodePort
```
3. 部署
```bash
kubectl apply -f kubernetes-dashboard-svc.yaml
```
4. 查看状态
```bash
kubectl get all -n kubernetes-dashboard
```
5. 获取长期令牌
```bash
vi kubernetes-dashboard-token.yaml
```
内容如下
```yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kubernetes-dashboard
---
apiVersion: v1
kind: Secret
metadata:
name: admin-user
namespace: kubernetes-dashboard
annotations:
kubernetes.io/service-account.name: "admin-user"
type: kubernetes.io/service-account-token
```
6. 创建
```bash
kubectl apply -f kubernetes-dashboard-token.yaml
```
7. 查看 token
```bash
kubectl get secret admin-user -n kubernetes-dashboard -o jsonpath={".data.token"} | base64 -d
```

354
资源部署/部署Mysql主从.md Normal file
View File

@@ -0,0 +1,354 @@
> 本文作者:丁辉
# 部署Mysql主从
## 基础准备
创建命名空间
```bash
kubectl create ns mysql
```
## 开始部署
### 主节点配置
1. 编辑 mysql 配置文件
```bash
vi my.cnf
```
内容如下
```bash
[mysqld]
pid-file = /var/run/mysqld/mysqld.pid
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
secure-file-priv= NULL
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
# 服务端默认utf8编码
character-set-server=utf8mb4
# 默认存储引擎
default-storage-engine=INNODB
# 主从配置
log-bin=binlog
server-id=121
gtid-mode=on
enforce-gtid-consistency=on
log-slave-updates=on
expire_logs_days=14
# Compatible with versions before 8.0
default_authentication_plugin=mysql_native_password
skip-host-cache
skip-name-resolve
[client]
#设置客户端编码
default-character-set=utf8mb4
[mysql]
# 设置mysql客户端默认编码
default-character-set=utf8mb4
# Custom config should go here
!includedir /etc/mysql/conf.d/
# Custom config should go here
!includedir /etc/mysql/conf.d/
```
2. 创建 configmap
```bash
kubectl create configmap mysql-master-conf --from-file=./my.cnf -n mysql
```
3. 编辑 Yaml
```bash
vi mysql-master.yaml
```
内容如下
```yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
namespace: mysql
name: mysql-master
spec:
replicas: 1
serviceName: mysql-master-service
selector:
matchLabels:
app: mysql-master
template:
metadata:
labels:
app: mysql-master
spec:
containers:
- name: mysql-master
image: mysql:8.0
env:
- name: MYSQL_ROOT_PASSWORD
value: password
volumeMounts:
- mountPath: /var/lib/mysql
name: data
- name: file
mountPath: /etc/mysql/my.cnf
subPath: my.cnf
ports:
- containerPort: 3306
protocol: TCP
livenessProbe:
exec:
command:
- mysql
- --user=root
- --password=password
- --execute=SELECT 1
initialDelaySeconds: 10 #启动后等待10秒开始检测
periodSeconds: 10 #每隔10秒检测一次
nodeName: #node1
volumes:
- name: data
hostPath:
path: /opt/mysql/data
- name: file
configMap:
name: mysql-master-conf
---
apiVersion: v1
kind: Service
metadata:
namespace: mysql
name: mysql-master-service
spec:
selector:
app: mysql-master
ports:
- port: 3306
targetPort: 3306
protocol: TCP
type: ClusterIP
```
4. 部署数据库主
```bash
kubectl apply -f mysql-master.yaml
```
### 从节点配置
1. 编辑 mysql 配置文件
```bash
vi my.cnf
```
内容如下
```bash
[mysqld]
pid-file = /var/run/mysqld/mysqld.pid
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
secure-file-priv= NULL
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
# 服务端默认utf8编码
character-set-server=utf8mb4
# 默认存储引擎
default-storage-engine=INNODB
# 主从配置
server-id=122
gtid-mode=on
enforce-gtid-consistency=on
log-slave-updates=on
expire_logs_days=14
# Compatible with versions before 8.0
default_authentication_plugin=mysql_native_password
skip-host-cache
skip-name-resolve
[client]
#设置客户端编码
default-character-set=utf8mb4
[mysql]
# 设置mysql客户端默认编码
default-character-set=utf8mb4
# Custom config should go here
!includedir /etc/mysql/conf.d/
# Custom config should go here
!includedir /etc/mysql/conf.d/
```
2. 创建 configmap
```bash
kubectl create configmap mysql-slave-conf --from-file=./my.cnf -n mysql
```
3. 编辑 Yaml
```bash
vi mysql-slave.yaml
```
内容如下
```yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
namespace: mysql
name: mysql-slave
spec:
replicas: 1
serviceName: mysql-slave-service
selector:
matchLabels:
app: mysql-slave
template:
metadata:
labels:
app: mysql-slave
spec:
containers:
- name: mysql-slave
image: mysql:8.0
env:
- name: MYSQL_ROOT_PASSWORD
value: password
volumeMounts:
- mountPath: /var/lib/mysql
name: data
- name: file
mountPath: /etc/mysql/my.cnf
subPath: my.cnf
ports:
- containerPort: 3306
protocol: TCP
livenessProbe:
exec:
command:
- mysql
- --user=root
- --password=password
- --execute=SELECT 1
initialDelaySeconds: 10 #启动后等待10秒开始检测
periodSeconds: 10 #每隔10秒检测一次
nodeName: #node2
volumes:
- name: data
hostPath:
path: /opt/mysql/data
- name: file
configMap:
name: mysql-slave-conf
---
apiVersion: v1
kind: Service
metadata:
namespace: mysql
name: mysql-slave-service
spec:
selector:
app: mysql-slave
ports:
- port: 3306
targetPort: 3306
protocol: TCP
type: ClusterIP
```
4. 部署数据库从
```bash
kubectl apply -f mysql-slave.yaml
```
### 配置主从同步
1. 登录主节点
```bash
kubectl exec -it mysql-master-0 -n mysql bash
```
2. 登录数据库
```bash
mysql -u root -ppassword
```
3. 配置
```bash
CREATE USER 'slave'@'%' IDENTIFIED WITH mysql_native_password BY 'slave';
GRANT REPLICATION SLAVE ON *.* TO 'slave'@'%';
flush privileges;
SHOW MASTER STATUS;
```
4. 登录从节点
```bash
kubectl exec -it mysql-slave-0 -n mysql bash
```
5. 登录数据库
```bash
mysql -u root -ppassword
```
6. 配置
```bash
CHANGE MASTER TO
MASTER_HOST='IP',
MASTER_USER='slave',
MASTER_PASSWORD='slave',
MASTER_PORT=3306,
MASTER_LOG_FILE='binlog.00000*', #列binlog.000001
MASTER_LOG_POS=***; #列868
```
7. 开启主从同步
```bash
start slave;
```
8. 查看同步状态
```bash
show slave status\G;
```
> 查看到这两个参数为 Yes 则代表配置成功
- Slave_IO_Running: Yes
- Slave_SQL_Running: Yes
9. 登录主节点,创建数据库
```bash
create database console;
create database region;
```
> 从节点查看仓库是否已同步

47
资源部署/阿里云盘配合容器化客户端使用.md Normal file
View File

@@ -0,0 +1,47 @@
> 本文作者:丁辉
# 阿里云盘配合容器化客户端使用
[官方仓库](https://github.com/tickstep/aliyunpan)
阿里云盘同步备份功能支持备份本地文件到云盘备份云盘文件到本地双向同步备份三种模式。支持JavaScript插件对备份文件进行过滤。
备份功能支持以下三种模式:
1. 备份本地文件,即上传本地文件到网盘,始终保持本地文件有一个完整的备份在网盘
2. 备份云盘文件,即下载网盘文件到本地,始终保持网盘的文件有一个完整的备份在本地
3. 双向备份,保持网盘文件和本地文件严格一致
备份功能一般用于NAS等系统进行文件备份。比如备份照片就可以使用这个功能定期备份照片到云盘十分好用。
1. 创建命名空间
```bash
kubectl create ns aliyunpan
```
2. 打开 [阿里云盘网页](https://www.aliyundrive.com/drive/file/backup) 右键打开检查,点击 Console, 输入此命令获取值
```bash
JSON.parse(localStorage.getItem("token")).refresh_token
```
3. 创建 Secret
```bash
kubectl create secret generic aliyunpan-token --from-literal=ALIYUNPAN_REFRESH_TOKEN=${值} -n aliyunpan
```
4. 部署
```bash
kubectl create --edit -f https://gitee.com/offends/Kubernetes/raw/main/File/Yaml/aliyun-sync.yaml
```
> 注意修改变量 `ALIYUNPAN_PAN_DIR`
**参数解释**
- ALIYUNPAN_PAN_DIR云盘目录
- ALIYUNPAN_REFRESH_TOKENRefreshToken
- ALIYUNPAN_SYNC_MODE备份模式支持三种: upload(备份本地文件到云盘),download(备份云盘文件到本地),sync(双向同步备份)