dev.cm/k3s
1
0
派生 0
代码 议题 拉取请求 活动

feat(deploy): 优化配置

浏览代码
这个提交包含在:
rohow
2024-04-09 10:40:43 +08:00
未验证
父节点 6aed27e158
当前提交 15d9d4ff7a
修改 8 个文件,包含 34 行新增24 行删除
下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件
apps/cert-manager/helmchart-dnspod.yaml
+1 -2
查看文件
@@ -1,5 +1,4 @@
# 需要提前安装crds # 安装后需要将clusterIssuer的cnameStrategy策略设置为Follow
# kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.14.4/cert-manager.crds.yaml
apiVersion: helm.cattle.io/v1 apiVersion: helm.cattle.io/v1
kind: HelmChart kind: HelmChart
metadata: metadata:
apps/postgresql-ha/helmchart.yaml
+10 -7
查看文件
@@ -7,31 +7,34 @@ spec:
chart: oci://registry-1.docker.io/bitnamicharts/postgresql-ha chart: oci://registry-1.docker.io/bitnamicharts/postgresql-ha
targetNamespace: infra-data targetNamespace: infra-data
valuesContent: |- valuesContent: |-
tolerations:
- key: "node-role.kubernetes.io/master"
operator: "Exists"
effect: "NoSchedule"
global: global:
postgresql: postgresql:
username: rohow username: rohow
password: L#GRtTR2QuL@20pm6+c~ password: L#GRtTR2QuL@20pm6+c~
postgresql: postgresql:
image: image:
debug: true debug: false
postgresPassword: L#GRtTR2QuL@20pm6+c~ postgresPassword: L#GRtTR2QuL@20pm6+c~
nodeAffinityPreset: nodeAffinityPreset:
type: "hard" type: "hard"
key: "topology.kubernetes.io/region" key: "topology.kubernetes.io/region"
values: values:
- "cn-sh" - "cn-sh"
tolerations:
- key: "node-role.kubernetes.io/master"
operator: "Exists"
effect: "NoSchedule"
pgpool: pgpool:
image: image:
debug: true debug: false
nodeAffinityPreset: nodeAffinityPreset:
type: "hard" type: "hard"
key: "topology.kubernetes.io/region" key: "topology.kubernetes.io/region"
values: values:
- "cn-sh" - "cn-sh"
tolerations:
- key: "node-role.kubernetes.io/master"
operator: "Exists"
effect: "NoSchedule"
core/traefik/certs/certificate-dev-cm.yaml → certs/certificate-dev-cm.yaml
查看文件
core/traefik/certs/certificate-fillcode-com.yaml → certs/certificate-fillcode-com.yaml
查看文件
core/traefik/helmchartconfig.yaml
+10 -5
查看文件
@@ -18,6 +18,10 @@ spec:
- key: "node-role.kubernetes.io/master" - key: "node-role.kubernetes.io/master"
operator: "Exists" operator: "Exists"
effect: "NoSchedule" effect: "NoSchedule"
updateStrategy:
rollingUpdate:
maxUnavailable: 1
maxSurge: 0
deployment: deployment:
kind: DaemonSet kind: DaemonSet
dnsPolicy: None dnsPolicy: None
@@ -46,8 +50,9 @@ spec:
port: 8022 port: 8022
expose: true expose: true
exposedPort: 22 exposedPort: 22
experimental:
updateStrategy: plugins:
rollingUpdate: enabled: true
maxUnavailable: 1 souin:
maxSurge: 0 moduleName: github.com/darkweak/souin
version: v1.6.47
install/README.md
+9 -6
查看文件
@@ -1,5 +1,7 @@
### 替换hostname ### 替换hostname
hostnamectl set-hostname node && reboot export HOSTNAME=node
hostnamectl set-hostname $HOSTNAME && reboot
vim /etc/hosts
### 安装tailscale ### 安装tailscale
curl -fsSL https://tailscale.com/install.sh | sh curl -fsSL https://tailscale.com/install.sh | sh
@@ -8,21 +10,22 @@ curl -fsSL https://tailscale.com/install.sh | sh
tailscale set --auto-update tailscale set --auto-update
### 开启ip转发 ### 开启ip转发
echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.d/99-tailscale.conf echo 'net.ipv4.ip_forward = 1' | tee -a /etc/sysctl.d/99-tailscale.conf
echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.d/99-tailscale.conf echo 'net.ipv6.conf.all.forwarding = 1' | tee -a /etc/sysctl.d/99-tailscale.conf
sudo sysctl -p /etc/sysctl.d/99-tailscale.conf sysctl -p /etc/sysctl.d/99-tailscale.conf
### 新建目录 将不同节点类型的config写入 ### 新建目录 将不同节点类型的config写入
mkdir -p /etc/rancher/k3s && nano /etc/rancher/k3s/config.yaml mkdir -p /etc/rancher/k3s && vim /etc/rancher/k3s/config.yaml
### 安装k3s 此处注意安装类型 是server 还是 agent ### 安装k3s 此处注意安装类型 是server 还是 agent
curl -sfL https://get.k3s.io | \ curl -sfL https://get.k3s.io | \
INSTALL_K3S_VERSION=v1.28.8 \
INSTALL_K3S_MIRROR=cn \ INSTALL_K3S_MIRROR=cn \
sh -s - server sh -s - server
### 国内安装加速 & 镜像加速地址 ### 国内安装加速 & 镜像加速地址
https://rancher-mirror.rancher.cn/k3s/k3s-install.sh https://rancher-mirror.rancher.cn/k3s/k3s-install.sh
nano /etc/rancher/k3s/registries.yaml vim /etc/rancher/k3s/registries.yaml
### 查看serverToken 记得在config中替换最新的token ### 查看serverToken 记得在config中替换最新的token
cat /var/lib/rancher/k3s/server/node-token cat /var/lib/rancher/k3s/server/node-token
install/agent.config.yaml
+3 -3
查看文件
@@ -1,10 +1,10 @@
# worker 工作节点 # worker 工作节点
server: "https://k3s.dev.cm:6443" server: "https://k3s.dev.cm:6443"
token: "K10cdbe82226583b6e0c8f80c203f3a2d79580aaf9c2f61d0aebea4a28c1ff3897f::server:35e7d0dc0b8c2427fdb42bb90bb85d5a" token: "K1012101b9ab5a404897d6a0530f9dac014b571b374251e3741c95fd74e86cee2e5::server:97760133590f01e7a94ab320dfdbfe96"
# 网络相关 # 网络相关
vpn-auth: "name=tailscale,joinKey=tskey-auth-ksJXXH4CNTRL-4WRkX448yC6W6yhytK1FD68HMDK4zStw" vpn-auth: "name=tailscale,joinKey=tskey-auth-ksJXXH4CNTRL-4WRkX448yC6W6yhytK1FD68HMDK4zStw"
# 节点相关 # 节点相关
# 保留节点资源 根据节点做不同配置 如不需要可以注释掉 # 保留节点资源 根据节点做不同配置
kubelet-arg: kube-reserved=cpu=5000 # kubelet-arg: kube-reserved=cpu=5000
install/master.config.yaml
+1 -1
查看文件
@@ -1,6 +1,6 @@
# server 从节点 # server 从节点
server: "https://tca:6443" server: "https://tca:6443"
token: "K10cdbe82226583b6e0c8f80c203f3a2d79580aaf9c2f61d0aebea4a28c1ff3897f::server:35e7d0dc0b8c2427fdb42bb90bb85d5a" token: "K1012101b9ab5a404897d6a0530f9dac014b571b374251e3741c95fd74e86cee2e5::server:97760133590f01e7a94ab320dfdbfe96"
tls-san: tls-san:
- "k3s.dev.cm,k3s.fillcode.com" - "k3s.dev.cm,k3s.fillcode.com"