kevisual/datapod-helm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
熊潇
2026-01-14 12:37:31 +08:00
commit 01d1a49a59
22 changed files with 1037 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
.cnb.yml Normal file
View File

@@ -0,0 +1,43 @@
# .cnb.yml
include:
- https://cnb.cool/kevisual/cnb/-/blob/main/.cnb/template.yml
.common_env: &common_env
env:
TO_REPO: kevisual/cnb
TO_URL: git.xiongxiao.me
imports:
- https://cnb.cool/kevisual/env/-/blob/main/.env.development
$:
vscode:
- docker:
image: docker.cnb.cool/kevisual/dev-env:latest
services:
- vscode
- docker
imports: !reference [.common_env, imports]
# 开发环境启动后会执行的任务
# stages:
# - name: pnpm install
# script: pnpm install
.common_sync_to_gitea: &common_sync_to_gitea
- <<: *common_env
services: !reference [.common_sync_to_gitea_template, services]
stages: !reference [.common_sync_to_gitea_template, stages]
.common_sync_from_gitea: &common_sync_from_gitea
- <<: *common_env
services: !reference [.common_sync_from_gitea_template, services]
stages: !reference [.common_sync_from_gitea_template, stages]
main:
web_trigger_sync_to_gitea:
- <<: *common_sync_to_gitea
web_trigger_sync_from_gitea:
- <<: *common_sync_from_gitea
api_trigger_sync_to_gitea:
- <<: *common_sync_to_gitea
api_trigger_sync_from_gitea:
- <<: *common_sync_from_gitea

1
.gitignore vendored Normal file
View File

@@ -0,0 +1 @@
node_modules

54
PRD.md Normal file
View File

@@ -0,0 +1,54 @@
# PocketBase Helm Chart 设计文档
## 概述
使用 Helm Chart 管理多个 PocketBase 实例,每个实例对应独立的域名。
使用k3s集群部署Traefik作为Ingress控制器SQLite作为本地存储。
## 需求
- 批量部署多个 PocketBase Pod
- 每个实例绑定独立域名:`{id}.pb.xiongxiao.me`
- 使用 Traefik 作为反向代理和入口控制器
- 通过 Helm 实现统一配置管理
- 使用 SQLite 本地存储(默认)
## 架构
```
Traefik Ingress
┌─────────────────────────────────────┐
│ Helm Release (values.id) │
│ ├── pocketbase-{id} Service │
│ │ │ │
│ │ ▼ │
│ │ pocketbase-{id} Pod │
│ │ │ │
│ └─────────┼──→ {id}.pb.xiongxiao.me
SQLite (本地存储)
```
## 配置方式
通过 `values.yaml` 配置实例列表:
```yaml
instances:
- id: "app1"
domain: "app1.pb.xiongxiao.me"
replicaCount: 1
- id: "app2"
domain: "app2.pb.xiongxiao.me"
replicaCount: 1
```
## 部署命令
```bash
helm install pocketbase ./pocketbase -f values.yaml
```

22
docker/Dockerfile Normal file
View File

@@ -0,0 +1,22 @@
FROM alpine:latest
ARG PB_VERSION=0.35.1
RUN apk add --no-cache \
unzip \
ca-certificates
# download and unzip PocketBase
ADD https://github.com/pocketbase/pocketbase/releases/download/v${PB_VERSION}/pocketbase_${PB_VERSION}_linux_amd64.zip /tmp/pb.zip
RUN unzip /tmp/pb.zip -d /pb/
# uncomment to copy the local pb_migrations dir into the image
# COPY ./pb_migrations /pb/pb_migrations
# uncomment to copy the local pb_hooks dir into the image
# COPY ./pb_hooks /pb/pb_hooks
EXPOSE 8080
# start PocketBase
CMD ["/pb/pocketbase", "serve", "--http=0.0.0.0:8080"]

13
package.json Normal file
View File

@@ -0,0 +1,13 @@
{
"name": "datapod-helm",
"version": "1.0.0",
"description": "",
"main": "index.js",
"scripts": {
"test": "echo \"Error: no test specified\" && exit 1"
},
"keywords": [],
"author": "",
"license": "ISC",
"packageManager": "pnpm@10.26.0"
}

23
pocketbase/.helmignore Normal file
View File

@@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

16
pocketbase/Chart.yaml Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: v2
name: pocketbase
description: PocketBase Helm Chart - Deploy multiple PocketBase instances with Traefik ingress
type: application
version: 0.1.0
appVersion: "0.35.1"
home: https://pocketbase.io/
icon: https://pocketbase.io/images/logo.png
keywords:
- pocketbase
- backend
- database
- traefik
maintainers:
- name: datapod
email: admin@xiongxiao.me

71
pocketbase/README.md Normal file
View File

@@ -0,0 +1,71 @@
# PocketBase Helm Chart
部署多个 PocketBase 实例,支持 Traefik ingress。
## 前置条件
- Kubernetes 1.19+
- Helm 3.2.0+
- Traefik ingress 控制器
- StorageClass用于持久化存储
## 安装
```bash
helm install my-pocketbase ./pocketbase -f values.yaml
```
## 配置
### instances
部署的 PocketBase 实例列表:
```yaml
instances:
- id: "app1"
domain: "app1.pb.xiongxiao.me"
replicaCount: 1
resources:
requests:
cpu: 100m
memory: 256Mi
limits:
cpu: 500m
memory: 512Mi
- id: "app2"
domain: "app2.pb.xiongxiao.me"
replicaCount: 1
```
### persistence
持久化配置:
```yaml
persistence:
enabled: true
storageClass: "local-path"
size: 5Gi
accessMode: ReadWriteOnce
```
## 升级
```bash
helm upgrade my-pocketbase ./pocketbase -f values.yaml
```
## 卸载
```bash
helm uninstall my-pocketbase
```
这将删除所有 PocketBase 实例及其 PVC。
## 技术说明
- **数据库**: 使用 SQLite 本地存储,数据保存在 `/pb/pb_data` 目录
- **持久化**: 通过 PVC 实现数据持久化
- **入口**: 使用 Traefik IngressRoute 配置路由

25
pocketbase/templates/NOTES.txt Normal file
View File

@@ -0,0 +1,25 @@
PocketBase Helm Chart
{{- if not .Values.instances }}
WARNING: No instances configured! Add instances to your values.yaml file.
Example:
instances:
- id: "app1"
domain: "app1.pb.xiongxiao.me"
replicaCount: 1
{{- else }}
{{- range .Values.instances }}
PocketBase instance "{{ .id }}" has been deployed!
Access it at: https://{{ .domain }}
Admin UI: https://{{ .domain }}/_/
- Email: Check the secret: pocketbase-{{ .id }}-secrets
- Password: Check the secret: pocketbase-{{ .id }}-secrets
To get the admin password:
kubectl get secret pocketbase-{{ .id }}-secrets -o jsonpath='{.data.admin-password}' | base64 -d
{{- end }}
{{- end }}

49
pocketbase/templates/_helpers.tpl Normal file
View File

@@ -0,0 +1,49 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "pocketbase.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
*/}}
{{- define "pocketbase.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "pocketbase.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "pocketbase.labels" -}}
helm.sh/chart: {{ include "pocketbase.chart" . }}
{{ include "pocketbase.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "pocketbase.selectorLabels" -}}
app.kubernetes.io/name: {{ include "pocketbase.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}

24
pocketbase/templates/configmap.yaml Normal file
View File

@@ -0,0 +1,24 @@
{{- /*
Generate config for each PocketBase instance
*/ -}}
{{- range .Values.instances }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: pocketbase-{{ .id }}-config
labels:
app: pocketbase
instance: {{ .id }}
{{- include "pocketbase.labels" $ | nindent 4 }}
data:
PB_DATA: /pb/pb_data
PB_STATIC: /pb/static
# SMTP Configuration (optional)
{{- if .smtp }}
PB_EMAIL_SMTP_HOST: {{ .smtp.host | quote }}
PB_EMAIL_SMTP_PORT: {{ .smtp.port | quote }}
PB_EMAIL_SMTP_USERNAME: {{ .smtp.username | quote }}
PB_EMAIL_SMTP_PASSWORD: {{ .smtp.password | quote }}
{{- end }}
{{- end }}

185
pocketbase/templates/deployment.yaml Normal file
View File

@@ -0,0 +1,185 @@
{{- /*
Generate deployments for each PocketBase instance
*/ -}}
{{- $global := .Values.global }}
{{- $image := .Values.image }}
{{- $persistence := .Values.persistence }}
{{- $securityContext := .Values.securityContext }}
{{- $podSecurityContext := .Values.podSecurityContext }}
{{- $resources := .Values.resources }}
{{- range .Values.instances }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: pocketbase-{{ .id }}
labels:
app: pocketbase
instance: {{ .id }}
{{- include "pocketbase.labels" $ | nindent 4 }}
spec:
replicas: {{ .replicaCount | default 1 }}
selector:
matchLabels:
app: pocketbase
instance: {{ .id }}
template:
metadata:
labels:
app: pocketbase
instance: {{ .id }}
{{- include "pocketbase.labels" $ | nindent 8 }}
annotations:
checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") $ | sha256sum }}
spec:
{{- $instanceId := .id }}
{{- with $.Values.serviceAccount }}
{{- $serviceAccountName := $.Values.serviceAccount.name }}
{{- if not $serviceAccountName }}
{{- $serviceAccountName = printf "pocketbase-%s" $instanceId }}
{{- end }}
serviceAccountName: {{ $serviceAccountName }}
{{- end }}
{{- with $global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
securityContext:
{{- toYaml $podSecurityContext | nindent 8 }}
containers:
- name: pocketbase
image: {{ $image.repository }}:{{ $image.tag }}
imagePullPolicy: {{ $image.pullPolicy }}
command:
- /pocketbase
- serve
- --http=0.0.0.0:8090
ports:
- name: http
containerPort: 8090
protocol: TCP
env:
# Admin email (optional - set via admin creation API)
- name: PB_ADMIN_EMAIL
value: "admin@{{ .domain }}"
- name: PB_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
name: pocketbase-{{ .id }}-secrets
key: admin-password
{{- if $persistence.enabled }}
volumeMounts:
- name: data
mountPath: /pb/pb_data
- name: static
mountPath: /pb/static
{{- end }}
livenessProbe:
httpGet:
path: /api/health
port: http
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
readinessProbe:
httpGet:
path: /api/health
port: http
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 3
failureThreshold: 3
{{- if .resources }}
resources:
{{- toYaml .resources | nindent 12 }}
{{- else }}
resources:
{{- toYaml $resources | nindent 12 }}
{{- end }}
securityContext:
{{- toYaml $securityContext | nindent 12 }}
{{- if $persistence.enabled }}
volumes:
- name: data
persistentVolumeClaim:
claimName: pocketbase-{{ .id }}-pvc
- name: static
persistentVolumeClaim:
claimName: pocketbase-{{ .id }}-static-pvc
{{- end }}
{{- with $.Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with $.Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with $.Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with $.Values.topologySpreadConstraints }}
topologySpreadConstraints:
{{- toYaml . | nindent 8 }}
{{- end }}
---
{{- /*
Create Secret for each instance
*/ -}}
apiVersion: v1
kind: Secret
metadata:
name: pocketbase-{{ .id }}-secrets
labels:
app: pocketbase
instance: {{ .id }}
{{- include "pocketbase.labels" $ | nindent 4 }}
type: Opaque
stringData:
admin-password: {{ randAlphaNum 16 | quote }}
---
{{- /*
Create PVC for each instance
*/ -}}
{{- if $persistence.enabled }}
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: pocketbase-{{ .id }}-pvc
labels:
app: pocketbase
instance: {{ .id }}
type: data
{{- include "pocketbase.labels" $ | nindent 4 }}
spec:
accessModes:
- {{ $persistence.accessMode | default "ReadWriteOnce" }}
resources:
requests:
storage: {{ $persistence.size | default "1Gi" }}
{{- if $persistence.storageClass }}
storageClassName: {{ $persistence.storageClass }}
{{- end }}
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: pocketbase-{{ .id }}-static-pvc
labels:
app: pocketbase
instance: {{ .id }}
type: static
{{- include "pocketbase.labels" $ | nindent 4 }}
spec:
accessModes:
- {{ $persistence.accessMode | default "ReadWriteOnce" }}
resources:
requests:
storage: 100Mi
{{- if $persistence.storageClass }}
storageClassName: {{ $persistence.storageClass }}
{{- end }}
{{- end }}
{{- end }}

40
pocketbase/templates/hpa.yaml Normal file
View File

@@ -0,0 +1,40 @@
{{- /*
Generate HPA for each PocketBase instance
*/ -}}
{{- if .Values.autoscaling.enabled }}
{{- range .Values.instances }}
---
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: pocketbase-{{ .id }}
labels:
app: pocketbase
instance: {{ .id }}
{{- include "pocketbase.labels" $ | nindent 4 }}
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: pocketbase-{{ .id }}
minReplicas: {{ .replicaCount | default 1 }}
maxReplicas: {{ $.Values.autoscaling.maxReplicas }}
metrics:
{{- if $.Values.autoscaling.targetCPUUtilizationPercentage }}
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: {{ $.Values.autoscaling.targetCPUUtilizationPercentage }}
{{- end }}
{{- if $.Values.autoscaling.targetMemoryUtilizationPercentage }}
- type: Resource
resource:
name: memory
target:
type: Utilization
averageUtilization: {{ $.Values.autoscaling.targetMemoryUtilizationPercentage }}
{{- end }}
{{- end }}
{{- end }}

29
pocketbase/templates/httproute.yaml Normal file
View File

@@ -0,0 +1,29 @@
{{- /*
HTTPRoute for Gateway API (alternative to IngressRoute)
Unused when Traefik IngressRoute is enabled
*/ -}}
{{- /*
{{- range .Values.instances }}
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: pocketbase-{{ .id }}
labels:
app: pocketbase
instance: {{ .id }}
{{- include "pocketbase.labels" $ | nindent 4 }}
spec:
parentRefs:
- name: {{ $.Values.httpRoute.gatewayName | default "traefik-gateway" }}
hostnames:
- {{ .domain }}
rules:
- matches:
- path:
value: /
backendRefs:
- name: pocketbase-{{ .id }}
port: 80
{{- end }}
*/ -}}

54
pocketbase/templates/ingress.yaml Normal file
View File

@@ -0,0 +1,54 @@
{{- /*
Generate IngressRoute for Traefik for each PocketBase instance
*/ -}}
{{- $ingress := .Values.ingress }}
{{- range .Values.instances }}
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: pocketbase-{{ .id }}
labels:
app: pocketbase
instance: {{ .id }}
{{- include "pocketbase.labels" $ | nindent 4 }}
{{- with $ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
entryPoints:
- web
- websecure
routes:
- match: Host(`{{ .domain }}`)
kind: Rule
services:
- name: pocketbase-{{ .id }}
port: 80
middlewares:
- name: pocketbase-{{ .id }}-headers
namespace: default
---
{{- /*
Middleware for security headers
*/ -}}
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: pocketbase-{{ .id }}-headers
labels:
app: pocketbase
instance: {{ .id }}
{{- include "pocketbase.labels" $ | nindent 4 }}
spec:
headers:
stsSeconds: 31536000
stsIncludeSubdomains: true
stsPreload: true
forceSTSHeader: true
contentTypeNosniff: true
browserXssFilter: true
referrerPolicy: "strict-origin-when-cross-origin"
customFrameOptionsValue: "SAMEORIGIN"
{{- end }}

27
pocketbase/templates/service.yaml Normal file
View File

@@ -0,0 +1,27 @@
{{- /*
Generate services for each PocketBase instance
*/ -}}
{{- $root := . }}
{{- range .Values.instances }}
---
apiVersion: v1
kind: Service
metadata:
name: pocketbase-{{ .id }}
labels:
app: pocketbase
instance: {{ .id }}
{{- include "pocketbase.labels" $root | nindent 4 }}
annotations:
{{- toYaml $root.Values.ingress.annotations | nindent 4 }}
spec:
type: ClusterIP
selector:
app: pocketbase
instance: {{ .id }}
ports:
- name: http
port: 80
targetPort: http
protocol: TCP
{{- end }}

23
pocketbase/templates/serviceaccount.yaml Normal file
View File

@@ -0,0 +1,23 @@
{{- /*
Generate ServiceAccount for each PocketBase instance
*/ -}}
{{- if .Values.serviceAccount.create }}
{{- range .Values.instances }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: pocketbase-{{ .id }}
labels:
app: pocketbase
instance: {{ .id }}
{{- include "pocketbase.labels" $ | nindent 4 }}
{{- with $.Values.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- if $.Values.serviceAccount.automount }}
automountServiceAccountToken: {{ $.Values.serviceAccount.automount }}
{{- end }}
{{- end }}
{{- end }}

24
pocketbase/templates/tests/test-connection.yaml Normal file
View File

@@ -0,0 +1,24 @@
{{- /*
Test connection to PocketBase instances
Run with: helm test <release-name>
*/ -}}
{{- range .Values.instances }}
---
apiVersion: v1
kind: Pod
metadata:
name: "{{ $.Release.Name }}-test-connection-{{ .id }}"
labels:
app: pocketbase
instance: {{ .id }}
{{- include "pocketbase.labels" $ | nindent 4 }}
annotations:
"helm.sh/hook": test
spec:
containers:
- name: wget
image: busybox
command: ['wget']
args: ['-q', '--spider', 'http://pocketbase-{{ .id }}/api/health']
restartPolicy: Never
{{- end }}

82
pocketbase/values-production.yaml Normal file
View File

@@ -0,0 +1,82 @@
# Production values.yaml example
# Copy this file and modify as needed
global:
domainSuffix: "pb.xiongxiao.me"
image:
repository: pocketbase/pocketbase
tag: "0.22.21"
pullPolicy: IfNotPresent
# List of PocketBase instances
instances:
- id: "app1"
domain: "app1.pb.xiongxiao.me"
replicaCount: 2
resources:
requests:
cpu: 200m
memory: 512Mi
limits:
cpu: 1000m
memory: 1Gi
- id: "app2"
domain: "app2.pb.xiongxiao.me"
replicaCount: 1
resources:
requests:
cpu: 100m
memory: 256Mi
limits:
cpu: 500m
memory: 512Mi
- id: "test"
domain: "test.pb.xiongxiao.me"
replicaCount: 1
# Resource settings for instances without explicit resources
resources:
requests:
cpu: 100m
memory: 256Mi
limits:
cpu: 500m
memory: 512Mi
# Persistence
persistence:
enabled: true
storageClass: "local-path"
size: 5Gi
accessMode: ReadWriteOnce
# PostgreSQL
postgresql:
enabled: false
host: "postgresql.postgres.svc.cluster.local"
port: 5432
database: "pocketbase"
username: "postgres"
passwordSecret:
name: "postgresql-credentials"
key: "password"
# Traefik Ingress
ingress:
className: "traefik"
enabled: true
annotations: {}
# Security
podSecurityContext:
runAsUser: 1000
runAsGroup: 1000
fsGroup: 1000
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: false
capabilities:
drop:
- ALL

101
pocketbase/values.yaml Normal file
View File

@@ -0,0 +1,101 @@
# Default configuration for PocketBase instances
# Customize this file or override with your own values.yaml
# Global settings
global:
imageRegistry: ""
imagePullSecrets: []
storageClass: ""
domainSuffix: "pb.xiongxiao.me"
# Image configuration
image:
repository: pocketbase/pocketbase
tag: "0.35.1"
pullPolicy: IfNotPresent
# Service account configuration
serviceAccount:
create: true
name: ""
annotations: {}
# List of PocketBase instances to deploy
# instances: []
# Example:
# - id: "app1"
# domain: "app1.pb.xiongxiao.me"
# replicaCount: 1
# resources:
# requests:
# cpu: 100m
# memory: 256Mi
# limits:
# cpu: 500m
# memory: 512Mi
# - id: "app2"
# domain: "app2.pb.xiongxiao.me"
# replicaCount: 1
instances:
- id: "app1"
domain: "app1.pb.xiongxiao.me"
replicaCount: 1
- id: "app2"
domain: "app2.pb.xiongxiao.me"
replicaCount: 1
# Default resource settings (applied to all instances unless overridden)
resources:
requests:
cpu: 100m
memory: 256Mi
limits:
cpu: 500m
memory: 512Mi
# Persistence configuration (SQLite data storage)
persistence:
enabled: false
storageClass: ""
size: 1Gi
accessMode: ReadWriteOnce
# Traefik IngressRoute configuration
ingress:
className: "traefik"
enabled: true
annotations: {}
# Pod security context
podSecurityContext:
runAsUser: 1000
runAsGroup: 1000
fsGroup: 1000
# Container security context
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: false
capabilities:
drop:
- ALL
# Node selector
nodeSelector: {}
# Tolerations
tolerations: []
# Affinity
affinity: {}
# Topology spread constraints
topologySpreadConstraints: []
# Autoscaling configuration
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 10
targetCPUUtilizationPercentage: 80
targetMemoryUtilizationPercentage: 80

110
readme.md Normal file
View File

@@ -0,0 +1,110 @@
# datapod-helm
Kubernetes Helm Charts 部署配置。
## PocketBase Chart
部署多个 PocketBase 实例,支持 Traefik ingress。
### 前置条件
- Kubernetes 1.19+
- Helm 3.2.0+
- Traefik ingress 控制器
- StorageClass用于持久化存储
### 快速开始
```bash
# 安装 Helm
brew install helm
```
### 部署 PocketBase
1. **配置实例** 编辑 `pocketbase/values.yaml`:
```yaml
instances:
- id: "app1"
domain: "app1.pb.xiongxiao.me"
replicaCount: 1
resources:
requests:
cpu: 100m
memory: 256Mi
limits:
cpu: 500m
memory: 512Mi
- id: "app2"
domain: "app2.pb.xiongxiao.me"
replicaCount: 1
```
2. **安装** chart:
```bash
# 本地 chart 安装
helm install my-pocketbase ./pocketbase -f pocketbase/values.yaml
# 使用生产环境配置
helm install my-pocketbase ./pocketbase -f pocketbase/values-production.yaml
```
首次安装
```
helm install my-pocketbase ./pocketbase -f pocketbase/values.yaml
```
3. **获取 admin 密码**:
```bash
kubectl get secret pocketbase-app1-secrets -o jsonpath='{.data.admin-password}' | base64 -d
```
4. **访问** Admin UI:
- 地址: `https://app1.pb.xiongxiao.me/_/`
- 邮箱: 查看 secret
- 密码: 查看 secret
### 配置参数
| 参数 | 说明 | 默认值 |
|------|------|--------|
| `instances` | PocketBase 实例列表 | `[]` |
| `instances[].id` | 实例唯一标识 | - |
| `instances[].domain` | 实例完整域名 | - |
| `instances[].replicaCount` | 副本数量 | `1` |
| `persistence.enabled` | 启用数据持久化 | `true` |
| `persistence.size` | PVC 大小 | `1Gi` |
| `persistence.storageClass` | StorageClass 名称 | - |
### 升级
```bash
helm upgrade my-pocketbase ./pocketbase -f pocketbase/values.yaml
```
### 卸载
```bash
helm uninstall my-pocketbase
```
### 常用命令
```bash
# Lint 检查
helm lint ./pocketbase
# 模板渲染测试
helm template test-release ./pocketbase -f ./pocketbase/values-production.yaml
# 模拟安装(调试模式)
helm install --dry-run --debug my-pocketbase ./pocketbase -f ./pocketbase/values-production.yaml
```
### 技术说明
- **数据库**: 使用 SQLite 本地存储,数据保存在 `/pb/pb_data` 目录
- **持久化**: 通过 PVC 实现数据持久化
- **入口**: 使用 Traefik IngressRoute 配置路由

21
常用命令.md Normal file
View File

@@ -0,0 +1,21 @@
kubectl get pods -l app.kubernetes.io/instance=my-pocketbase
# 查看 app1 日志
kubectl logs -l app=my-pocketbase-app1 -f
# 查看 Helm 部署状态详情
helm status my-pocketbase -n default
# 查看所有资源
kubectl get all -n default -l app.kubernetes.io/instance=my-pocketbase
kubectl get pods -n default | grep pocketbase
kubectl get pods -n default -o wide | grep -E "pocketbase|app1|app2"
kubectl get deployment pocketbase-app1 pocketbase-app2 -n default -o yaml | grep -A 50 "conditions:"
helm install my-pocketbase ./pocketbase -f pocketbase/values.yaml
helm upgrade my-pocketbase pocketbase/ -n default