From 84f37b69cb2f26adbf25a55c45898e9219fc0035 Mon Sep 17 00:00:00 2001 From: ycz008 Date: Fri, 18 Aug 2023 10:38:24 +0800 Subject: [PATCH] add: prod k8s --- .../mysql/{EventStore => EventStore.sql} | 0 prod-upgrade/kubesphere/k8s-cluster.yaml | 228 ++++++++++++++++++ 2 files changed, 228 insertions(+) rename datatypes/mysql/{EventStore => EventStore.sql} (100%) create mode 100644 prod-upgrade/kubesphere/k8s-cluster.yaml diff --git a/datatypes/mysql/EventStore b/datatypes/mysql/EventStore.sql similarity index 100% rename from datatypes/mysql/EventStore rename to datatypes/mysql/EventStore.sql diff --git a/prod-upgrade/kubesphere/k8s-cluster.yaml b/prod-upgrade/kubesphere/k8s-cluster.yaml new file mode 100644 index 0000000..719ac73 --- /dev/null +++ b/prod-upgrade/kubesphere/k8s-cluster.yaml @@ -0,0 +1,228 @@ +apiVersion: kubekey.kubesphere.io/v1alpha2 +kind: Cluster +metadata: + name: bfs-k8scluster-prod +spec: + hosts: + - {name: bfs-k8smaster-10-2-2-3.hetzner.base.beaconfireinc.com, address: 10.2.2.3, internalAddress: 10.2.2.3, privateKeyPath: "~/.ssh/beaconfireinc-ed25529"} + - {name: bfs-k8smaster-10-2-2-4.hetzner.base.beaconfireinc.com, address: 10.2.2.4, internalAddress: 10.2.2.4, privateKeyPath: "~/.ssh/beaconfireinc-ed25529"} + - {name: bfs-k8smaster-10-2-2-5.hetzner.base.beaconfireinc.com, address: 10.2.2.5, internalAddress: 10.2.2.5, privateKeyPath: "~/.ssh/beaconfireinc-ed25529"} + - {name: bfs-k8snode-10-2-2-6.hetzner.base.beaconfireinc.com, address: 10.2.2.6, internalAddress: 10.2.2.6, privateKeyPath: "~/.ssh/beaconfireinc-ed25529"} + - {name: bfs-k8snode-10-2-2-7.hetzner.base.beaconfireinc.com, address: 10.2.2.7, internalAddress: 10.2.2.7, privateKeyPath: "~/.ssh/beaconfireinc-ed25529"} + - {name: bfs-k8snode-10-2-2-8.hetzner.base.beaconfireinc.com, address: 10.2.2.8, internalAddress: 10.2.2.8, privateKeyPath: "~/.ssh/beaconfireinc-ed25529"} + roleGroups: + etcd: + - bfs-k8smaster-10-2-2-3.hetzner.base.beaconfireinc.com + - bfs-k8smaster-10-2-2-4.hetzner.base.beaconfireinc.com + - bfs-k8smaster-10-2-2-5.hetzner.base.beaconfireinc.com + control-plane: + - bfs-k8smaster-10-2-2-3.hetzner.base.beaconfireinc.com + - bfs-k8smaster-10-2-2-4.hetzner.base.beaconfireinc.com + - bfs-k8smaster-10-2-2-5.hetzner.base.beaconfireinc.com + worker: + - bfs-k8snode-10-2-2-6.hetzner.base.beaconfireinc.com + - bfs-k8snode-10-2-2-7.hetzner.base.beaconfireinc.com + - bfs-k8snode-10-2-2-8.hetzner.base.beaconfireinc.com + controlPlaneEndpoint: + ## Internal loadbalancer for apiservers + # internalLoadbalancer: haproxy + + domain: k8s-prod.beaconfireinc.com + address: "10.2.2.2" + port: 6443 + kubernetes: + version: v1.23.12 + clusterName: cluster.local + autoRenewCerts: true + containerManager: docker + etcd: + type: kubekey + network: + plugin: calico + kubePodsCIDR: 10.233.64.0/18 + kubeServiceCIDR: 10.233.0.0/18 + ## multus support. https://github.com/k8snetworkplumbingwg/multus-cni + multusCNI: + enabled: false + registry: + privateRegistry: "" + namespaceOverride: "" + registryMirrors: [] + insecureRegistries: [] + addons: [] + +--- +apiVersion: installer.kubesphere.io/v1alpha1 +kind: ClusterConfiguration +metadata: + name: ks-installer + namespace: kubesphere-system + labels: + version: v3.3.2 +spec: + persistence: + storageClass: "" + authentication: + jwtSecret: "" + zone: "" + local_registry: "" + namespace_override: "" + # dev_tag: "" + etcd: + monitoring: false + endpointIps: localhost + port: 2379 + tlsEnable: true + common: + core: + console: + enableMultiLogin: true + port: 30880 + type: NodePort + # apiserver: + # resources: {} + # controllerManager: + # resources: {} + redis: + enabled: false + volumeSize: 2Gi + openldap: + enabled: false + volumeSize: 2Gi + minio: + volumeSize: 20Gi + monitoring: + # type: external + endpoint: http://prometheus-operated.kubesphere-monitoring-system.svc:9090 + GPUMonitoring: + enabled: false + gpu: + kinds: + - resourceName: "nvidia.com/gpu" + resourceType: "GPU" + default: true + es: + # master: + # volumeSize: 4Gi + # replicas: 1 + # resources: {} + # data: + # volumeSize: 20Gi + # replicas: 1 + # resources: {} + logMaxAge: 7 + elkPrefix: logstash + basicAuth: + enabled: false + username: "" + password: "" + externalElasticsearchHost: "" + externalElasticsearchPort: "" + alerting: + enabled: false + # thanosruler: + # replicas: 1 + # resources: {} + auditing: + enabled: false + # operator: + # resources: {} + # webhook: + # resources: {} + devops: + enabled: false + # resources: {} + jenkinsMemoryLim: 2Gi + jenkinsMemoryReq: 500Mi + jenkinsVolumeSize: 8Gi + events: + enabled: false + # operator: + # resources: {} + # exporter: + # resources: {} + # ruler: + # enabled: true + # replicas: 2 + # resources: {} + logging: + enabled: false + logsidecar: + enabled: true + replicas: 2 + # resources: {} + metrics_server: + enabled: false + monitoring: + storageClass: "" + node_exporter: + port: 9100 + # resources: {} + # kube_rbac_proxy: + # resources: {} + # kube_state_metrics: + # resources: {} + # prometheus: + # replicas: 1 + # volumeSize: 20Gi + # resources: {} + # operator: + # resources: {} + # alertmanager: + # replicas: 1 + # resources: {} + # notification_manager: + # resources: {} + # operator: + # resources: {} + # proxy: + # resources: {} + gpu: + nvidia_dcgm_exporter: + enabled: false + # resources: {} + multicluster: + clusterRole: none + network: + networkpolicy: + enabled: false + ippool: + type: none + topology: + type: none + openpitrix: + store: + enabled: false + servicemesh: + enabled: false + istio: + components: + ingressGateways: + - name: istio-ingressgateway + enabled: false + cni: + enabled: false + edgeruntime: + enabled: false + kubeedge: + enabled: false + cloudCore: + cloudHub: + advertiseAddress: + - "" + service: + cloudhubNodePort: "30000" + cloudhubQuicNodePort: "30001" + cloudhubHttpsNodePort: "30002" + cloudstreamNodePort: "30003" + tunnelNodePort: "30004" + # resources: {} + # hostNetWork: false + iptables-manager: + enabled: true + mode: "external" + # resources: {} + # edgeService: + # resources: {} + terminal: + timeout: 600 \ No newline at end of file