官网参考:概述
若是担心内容存在出入可使用内容对比工具在线文本比对工具 | 菜鸟工具
替换内容确定后会自动安装相关插件
apiVersion: installer.kubesphere.io/v1alpha1
kind: ClusterConfiguration
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: >
{"apiVersion":"installer.kubesphere.io/v1alpha1","kind":"ClusterConfiguration","metadata":{"annotations":{},"labels":{"version":"v3.3.2"},"name":"ks-installer","namespace":"kubesphere-system"},"spec":{"alerting":{"enabled":false},"auditing":{"enabled":false},"authentication":{"jwtSecret":""},"common":{"core":{"console":{"enableMultiLogin":true,"port":30880,"type":"NodePort"}},"es":{"basicAuth":{"enabled":false,"password":"","username":""},"elkPrefix":"logstash","externalElasticsearchHost":"","externalElasticsearchPort":"","logMaxAge":7},"gpu":{"kinds":[{"default":true,"resourceName":"nvidia.com/gpu","resourceType":"GPU"}]},"minio":{"volumeSize":"20Gi"},"monitoring":{"GPUMonitoring":{"enabled":false},"endpoint":"http://prometheus-operated.kubesphere-monitoring-system.svc:9090"},"openldap":{"enabled":false,"volumeSize":"2Gi"},"redis":{"enabled":false,"volumeSize":"2Gi"}},"devops":{"enabled":false,"jenkinsMemoryLim":"8Gi","jenkinsMemoryReq":"4Gi","jenkinsVolumeSize":"8Gi"},"edgeruntime":{"enabled":false,"kubeedge":{"cloudCore":{"cloudHub":{"advertiseAddress":[""]},"service":{"cloudhubHttpsNodePort":"30002","cloudhubNodePort":"30000","cloudhubQuicNodePort":"30001","cloudstreamNodePort":"30003","tunnelNodePort":"30004"}},"enabled":false,"iptables-manager":{"enabled":true,"mode":"external"}}},"etcd":{"endpointIps":"192.168.31.21,192.168.31.22,192.168.31.23","monitoring":false,"port":2379,"tlsEnable":true},"events":{"enabled":false},"logging":{"enabled":false,"logsidecar":{"enabled":true,"replicas":2}},"metrics_server":{"enabled":false},"monitoring":{"gpu":{"nvidia_dcgm_exporter":{"enabled":false}},"node_exporter":{"port":9100},"storageClass":""},"multicluster":{"clusterRole":"none"},"network":{"ippool":{"type":"none"},"networkpolicy":{"enabled":false},"topology":{"type":"none"}},"openpitrix":{"store":{"enabled":false}},"persistence":{"storageClass":""},"servicemesh":{"enabled":false,"istio":{"components":{"cni":{"enabled":false},"ingressGateways":[{"enabled":false,"name":"istio-ingressgateway"}]}}},"terminal":{"timeout":600},"zone":"cn"}}
labels:
version: v3.3.2
name: ks-installer
namespace: kubesphere-system
spec:
alerting:
enabled: true
auditing:
enabled: true
authentication:
jwtSecret: ''
common:
core:
console:
enableMultiLogin: true
port: 30880
type: NodePort
es:
basicAuth:
enabled: false
password: ''
username: ''
elkPrefix: logstash
externalElasticsearchHost: ''
externalElasticsearchPort: ''
logMaxAge: 7
gpu:
kinds:
- default: true
resourceName: nvidia.com/gpu
resourceType: GPU
minio:
volumeSize: 20Gi
monitoring:
GPUMonitoring:
enabled: false
endpoint: 'http://prometheus-operated.kubesphere-monitoring-system.svc:9090'
openldap:
enabled: false
volumeSize: 2Gi
redis:
enabled: false
volumeSize: 2Gi
devops:
enabled: true
jenkinsMemoryLim: 8Gi
jenkinsMemoryReq: 2Gi
jenkinsVolumeSize: 8Gi
edgeruntime:
enabled: false
kubeedge:
cloudCore:
cloudHub:
advertiseAddress:
- ''
service:
cloudhubHttpsNodePort: '30002'
cloudhubNodePort: '30000'
cloudhubQuicNodePort: '30001'
cloudstreamNodePort: '30003'
tunnelNodePort: '30004'
enabled: false
iptables-manager:
enabled: true
mode: external
etcd:
endpointIps: '192.168.31.21,192.168.31.22,192.168.31.23'
monitoring: false
port: 2379
tlsEnable: true
events:
enabled: true
logging:
enabled: true
logsidecar:
enabled: true
replicas: 2
metrics_server:
enabled: true
monitoring:
gpu:
nvidia_dcgm_exporter:
enabled: false
node_exporter:
port: 9100
storageClass: ''
multicluster:
clusterRole: none
network:
ippool:
type: calico
networkpolicy:
enabled: true
topology:
type: weave-scope
openpitrix:
store:
enabled: true
persistence:
storageClass: ''
servicemesh:
enabled: false
istio:
components:
cni:
enabled: false
ingressGateways:
- enabled: false
name: istio-ingressgateway
terminal:
timeout: 600
zone: cn
kubectl logs -n kubesphere-system $(kubectl get pod -n kubesphere-system -l 'app in (ks-install, ks-installer)' -o jsonpath='{.items[0].metadata.name}') -f
点击编辑外部访问,选择NodePort,随机分配暴露端口
进入应用商店搜索OpenELB进行安装,安装0.2.6版本,无需修改配置直接安装
0.5.0版本会出现连接失败问题,导致容器不同重启
apiVersion: network.kubesphere.io/v1alpha2
kind: Eip
metadata:
name: layer2-eip
spec:
address: 192.168.31.11-192.168.31.13
interface: ens192
protocol: layer2
kubectl apply -f layer2-eip.yaml
[root@ksmaster21 yaml]# kubectl get eip
NAME CIDR USAGE TOTAL
layer2-eip 192.168.31.11-192.168.31.13 3 3
lb.kubesphere.io/v1alpha1:openelb
protocol.openelb.kubesphere.io/v1alpha1:layer2
eip.openelb.kubesphere.io/v1alpha2:layer2-eip
本质是ingress-nginx,适合http类型的请求进行转发
当上图网关地址出现信息则表格成功
mysql、redis需通过tcp连接,需在服务中配置外部访问
lb.kubesphere.io/v1alpha1:openelb
protocol.openelb.kubesphere.io/v1alpha1:layer2
eip.openelb.kubesphere.io/v1alpha2:layer2-eip
运维相关基础设施特点是部署后基本就不会再动,出于稳定性考虑,可以考虑部署在k8s集群之外,好处在于:
汉化版:https://github.com/twang2218/gitlab-ce-zh
docker-compose.yaml
version: '2'
services:
gitlab:
image: 'twang2218/gitlab-ce-zh:11.1.4'
restart: unless-stopped
hostname: 'gitlab.example.com'
environment:
TZ: 'Asia/Shanghai'
GITLAB_OMNIBUS_CONFIG: |
# 使用服务内部域名
external_url 'http://192.168.31.8'
gitlab_rails['time_zone'] = 'Asia/Shanghai'
# 需要配置到 gitlab.rb 中的配置可以在这里配置,每个配置一行,注意缩进。
# 比如下面的电子邮件的配置:
# gitlab_rails['smtp_enable'] = true
# gitlab_rails['smtp_address'] = "smtp.exmail.qq.com"
# gitlab_rails['smtp_port'] = 465
# gitlab_rails['smtp_user_name'] = "xxxx@xx.com"
# gitlab_rails['smtp_password'] = "password"
# gitlab_rails['smtp_authentication'] = "login"
# gitlab_rails['smtp_enable_starttls_auto'] = true
# gitlab_rails['smtp_tls'] = true
# gitlab_rails['gitlab_email_from'] = 'xxxx@xx.com'
ports:
- '1000:80'
- '1001:443'
- '1002:22'
volumes:
- config:/etc/gitlab
- data:/var/opt/gitlab
- logs:/var/log/gitlab
volumes:
config:
data:
logs:
登录http://192.168.31.8后台修改密码
访问地址: http://ip:8081/
3.17版本密码改成随即的了,而且登录时候提示密码在/nexus-data/admin.password里
version: "3.3"
services:
nexus:
image: sonatype/nexus3
container_name: nexus3
restart: always
environment:
- TZ=Asia/Shanghai
ports:
- 1003:8081
volumes:
- ./nexus-data:/nexus-data
注意:最好使用mkdir创建nexus-data目,并使用chmod -R 777设置权限,不然启动会报错
通过应用商店部署,核心在于TLS/SSL的配置,若是不清楚可采用docekr-compose进行部署修改。
自行选择版本:https://github.com/goharbor/harbor/releases
迅雷下载:https://storage.googleapis.com/harbor-releases/release-2.10.0/harbor-offline-installer-v2.10.0.tgz
Docker-compose部署Harbor实操
官网安装文档
helm部署harbor参考:【K8S教程】Helm方式部署Harbor
wget https://storage.googleapis.com/harbor-releases/release-2.10.0/harbor-offline-installer-v2.10.0.tgz
tar -xzvf harbor-offline-installer-v2.10.0.tgz
将 harbor.yml.tmpl命名为harbor.yml,主要修改配置如下:
hostname: 域名或ip
https:
port: 443
# 证书路径
certificate: /data/harbor/cart/harbor.crt
private_key: /data/harbor/cart/harbor.key
harbor_admin_password: 登录密码
database:
password: 数据库密码
data_volume: /data/harbor
./install.sh
安装后会生成docker-compse.yaml文件 ,若出现端口冲突问题请修改docker-compse.yaml文件修改nginx端口为1004
./prepare
研发相关的基础设施特点:
研发相关组件mysql、redis、nacos等,这儿不详细介绍,部署方式介绍两种: