feat(k3s): app版本升级 & 安装优化
这个提交包含在:
rohow
@@ -103,8 +103,6 @@ kubectl get nodes
|
||||
| 变量 | 必须 | 说明 |
|
||||
|------|------|------|
|
||||
| `TAILSCALE_AUTH_KEY` | ✅ | Tailscale Auth Key |
|
||||
| `K3S_TOKEN` | 单独添加节点时 | 集群 Token (完整安装时自动获取) |
|
||||
| `K3S_SERVER_URL` | 单独添加节点时 | API Server 地址 (完整安装时自动设置) |
|
||||
| `SSH_PASSWORD` | 首次安装 | SSH 密码 |
|
||||
| `SSH_PUBKEY` | - | SSH 公钥 (默认 ~/.ssh/id_rsa.pub) |
|
||||
|
||||
|
||||
@@ -17,6 +17,15 @@
|
||||
path: /usr/local/bin/k3s
|
||||
register: k3s_binary
|
||||
|
||||
# 检查当前K3s版本
|
||||
- name: Check current K3s version
|
||||
ansible.builtin.command:
|
||||
cmd: /usr/local/bin/k3s --version
|
||||
register: k3s_current_version
|
||||
failed_when: false
|
||||
changed_when: false
|
||||
when: k3s_binary.stat.exists
|
||||
|
||||
# 部署配置文件(注册变更状态)
|
||||
- name: Deploy K3s server config
|
||||
ansible.builtin.template:
|
||||
@@ -42,9 +51,16 @@
|
||||
when: use_mirror | default(false)
|
||||
|
||||
# 判断是否需要安装/重启
|
||||
# 使用 -e force_reinstall=true 可强制重新安装
|
||||
- name: Set K3s installation flag
|
||||
ansible.builtin.set_fact:
|
||||
k3s_needs_install: "{{ not k3s_binary.stat.exists or (k3s_server_config.changed | default(false)) or (k3s_agent_config.changed | default(false)) }}"
|
||||
k3s_needs_install: "{{
|
||||
not k3s_binary.stat.exists or
|
||||
(force_reinstall | default(false) | bool) or
|
||||
(k3s_server_config.changed | default(false)) or
|
||||
(k3s_agent_config.changed | default(false)) or
|
||||
(k3s_binary.stat.exists and k3s_current_version.stdout is defined and k3s_version not in k3s_current_version.stdout)
|
||||
}}"
|
||||
|
||||
# 设置安装变量
|
||||
- name: Set K3s install variables
|
||||
|
||||
@@ -21,11 +21,23 @@ spec:
|
||||
operator: In
|
||||
values:
|
||||
- clawhk
|
||||
instances: 1
|
||||
imageName: ghcr.io/cloudnative-pg/postgresql:17.4
|
||||
enableSuperuserAccess: true
|
||||
enablePDB: false
|
||||
instances: 1
|
||||
storage:
|
||||
size: 10Gi
|
||||
postgresql:
|
||||
parameters:
|
||||
archive_timeout: 30min
|
||||
env:
|
||||
- name: AWS_REQUEST_CHECKSUM_CALCULATION
|
||||
value: when_required
|
||||
- name: AWS_RESPONSE_CHECKSUM_VALIDATION
|
||||
value: when_required
|
||||
plugins:
|
||||
- name: barman-cloud.cloudnative-pg.io
|
||||
isWALArchiver: true
|
||||
parameters:
|
||||
barmanObjectName: cnpg17-objectstore-hw
|
||||
serverName: cnpg17-cluster-hk
|
||||
|
||||
@@ -21,11 +21,23 @@ spec:
|
||||
operator: In
|
||||
values:
|
||||
- homea
|
||||
instances: 1
|
||||
imageName: ghcr.io/cloudnative-pg/postgresql:17.4
|
||||
enableSuperuserAccess: true
|
||||
enablePDB: false
|
||||
instances: 1
|
||||
storage:
|
||||
size: 10Gi
|
||||
postgresql:
|
||||
parameters:
|
||||
archive_timeout: 30min
|
||||
env:
|
||||
- name: AWS_REQUEST_CHECKSUM_CALCULATION
|
||||
value: when_required
|
||||
- name: AWS_RESPONSE_CHECKSUM_VALIDATION
|
||||
value: when_required
|
||||
plugins:
|
||||
- name: barman-cloud.cloudnative-pg.io
|
||||
isWALArchiver: true
|
||||
parameters:
|
||||
barmanObjectName: cnpg17-objectstore-hw
|
||||
serverName: cnpg17-cluster-sh
|
||||
+2
-1
@@ -1,7 +1,7 @@
|
||||
apiVersion: barmancloud.cnpg.io/v1
|
||||
kind: ObjectStore
|
||||
metadata:
|
||||
name: devcm-hw
|
||||
name: cnpg17-objectstore-hw
|
||||
namespace: infra-data
|
||||
spec:
|
||||
retentionPolicy: "7d"
|
||||
@@ -17,3 +17,4 @@ spec:
|
||||
key: ACCESS_SECRET_KEY
|
||||
wal:
|
||||
compression: gzip
|
||||
maxParallel: 8
|
||||
@@ -1,7 +1,7 @@
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: ClusterIssuer
|
||||
metadata:
|
||||
name: cert-manager-webhook-dnspod
|
||||
name: dnspod
|
||||
labels:
|
||||
app: cert-manager-webhook-dnspod
|
||||
spec:
|
||||
|
||||
@@ -44,7 +44,7 @@ spec:
|
||||
# 在删除证书时同时删除secret
|
||||
enableCertificateOwnerRef: true
|
||||
prometheus:
|
||||
enabled: false
|
||||
enabled: true
|
||||
servicemonitor:
|
||||
enabled: true
|
||||
interval: 300s
|
||||
|
||||
@@ -7,7 +7,7 @@ spec:
|
||||
repo: https://dl.gitea.com/charts
|
||||
chart: gitea
|
||||
targetNamespace: infra-gitops
|
||||
version: 12.3.0
|
||||
version: 12.5.0
|
||||
valuesContent: |-
|
||||
affinity:
|
||||
podAffinity:
|
||||
@@ -36,7 +36,7 @@ spec:
|
||||
postgresql-ha:
|
||||
enabled: false
|
||||
image:
|
||||
tag: 1.25.3
|
||||
tag: 1.25.4
|
||||
ingress:
|
||||
enabled: true
|
||||
className: nginx
|
||||
|
||||
@@ -7,7 +7,7 @@ spec:
|
||||
repo: https://grafana.github.io/helm-charts
|
||||
chart: loki
|
||||
targetNamespace: infra-monitor
|
||||
version: 6.49.0
|
||||
version: 6.53.0
|
||||
valuesContent: |-
|
||||
deploymentMode: SingleBinary
|
||||
gateway:
|
||||
|
||||
@@ -7,7 +7,7 @@ spec:
|
||||
repo: https://prometheus-community.github.io/helm-charts
|
||||
chart: kube-prometheus-stack
|
||||
targetNamespace: infra-monitor
|
||||
version: 81.5.0
|
||||
version: 81.6.5
|
||||
valuesContent: |-
|
||||
kubeControllerManager:
|
||||
enabled: false
|
||||
|
||||
@@ -7,11 +7,11 @@ spec:
|
||||
repo: https://crowdsecurity.github.io/helm-charts
|
||||
chart: crowdsec
|
||||
targetNamespace: infra-net
|
||||
version: 0.21.1
|
||||
version: 0.22.0
|
||||
valuesContent: |-
|
||||
container_runtime: containerd
|
||||
image:
|
||||
tag: v1.7.4
|
||||
tag: v1.7.6
|
||||
agent:
|
||||
affinity:
|
||||
podAffinity:
|
||||
|
||||
在新议题中引用
屏蔽一个用户