update

k8s/xiongxiao.me/apps/chat.yaml

@@ -0,0 +1,45 @@
+---
+# Chat - chat.xiongxiao.me (支持 WebSocket)
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+  name: chat-https
+  namespace: default
+spec:
+  entryPoints:
+    - websecure
+  routes:
+    - match: Host(`chat.xiongxiao.me`)
+      kind: Rule
+      services:
+        - name: chat-external
+          port: 3000
+  tls:
+    certResolver: letsencrypt
+
+---
+# Chat 服务 (端口 3000, 本地)
+apiVersion: v1
+kind: Service
+metadata:
+  name: chat-external
+  namespace: default
+spec:
+  type: ClusterIP
+  ports:
+  - port: 3000
+    targetPort: 3000
+    protocol: TCP
+    name: http
+---
+apiVersion: v1
+kind: Endpoints
+metadata:
+  name: chat-external
+  namespace: default
+subsets:
+- addresses:
+  - ip: 121.4.112.18
+  ports:
+  - port: 3000
+    name: http

k8s/xiongxiao.me/config/registry.md

@@ -88,6 +88,7 @@ sudo ctr -n k8s.io images tag docker.m.daocloud.io/rancher/mirrored-pause:3.6 do
 
 sudo ctr -n k8s.io images delete docker.m.daocloud.io/rancher/mirrored-pause:3.6
 
+
 # 查看镜像
 sudo ctr -n k8s.io images ls | grep pause
 ```
@@ -109,3 +110,4 @@ sudo ctr -n k8s.io images tag k8s.m.daocloud.io/cluster-api/cluster-api-controll
 sudo ctr -n k8s.io images delete k8s.m.daocloud.io/cluster-api/cluster-api-controller:v1.10.6
 
 ```
+

k8s/xiongxiao.me/docs/06-traefik-ssl.md

@@ -174,3 +174,21 @@ tls:
 - [Traefik 官方文档 - Let's Encrypt](https://doc.traefik.io/traefik/https/acme/)
 - [Let's Encrypt 速率限制](https://letsencrypt.org/docs/rate-limits/)
 - [ACME HTTP Challenge](https://letsencrypt.org/docs/challenge-types/#http-01-challenge)
+
+
+
+## 禁用默认的traefik
+
+```bash
+vim /etc/rancher/k3s/config.yaml 
+# 添加以下内容禁用默认traefik
+disable: traefik
+# 重启k3s服务
+systemctl restart k3s
+
+# 删除默认traefik相关资源
+kubectl delete job -n kube-system helm-install-traefik helm-install-traefik-crd
+
+# 安装 Traefik CRD
+kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.0/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml
+```

k8s/xiongxiao.me/docs/09-ipv6-dualstack.md

@@ -30,3 +30,14 @@ tls-san:
 ```
 
 systemctl restart k3s
+
+
+```sh
+
+vim /etc/systemd/system/k3s.service
+
+sudo systemctl daemon-reload
+sudo systemctl start k3s
+
+kubectl get nodes -o wide
+```

k8s/xiongxiao.me/ingress/apps-ingressroute.yaml

@@ -23,24 +23,6 @@ spec:
   tls:
     certResolver: letsencrypt
 ---
-# Chat - chat.xiongxiao.me (支持 WebSocket)
-apiVersion: traefik.io/v1alpha1
-kind: IngressRoute
-metadata:
-  name: chat-https
-  namespace: default
-spec:
-  entryPoints:
-    - websecure
-  routes:
-    - match: Host(`chat.xiongxiao.me`)
-      kind: Rule
-      services:
-        - name: chat-external
-          port: 3000
-  tls:
-    certResolver: letsencrypt
----
 # Kevisual - kevisual.xiongxiao.me (支持 WebSocket)
 apiVersion: traefik.io/v1alpha1
 kind: IngressRoute

k8s/xiongxiao.me/services/external-services.yaml

@@ -31,32 +31,6 @@ subsets:
   - port: 3111
     name: http
 ---
-# Chat 服务 (端口 3000, 本地)
-apiVersion: v1
-kind: Service
-metadata:
-  name: chat-external
-  namespace: default
-spec:
-  type: ClusterIP
-  ports:
-  - port: 3000
-    targetPort: 3000
-    protocol: TCP
-    name: http
----
-apiVersion: v1
-kind: Endpoints
-metadata:
-  name: chat-external
-  namespace: default
-subsets:
-- addresses:
-  - ip: 121.4.112.18
-  ports:
-  - port: 3000
-    name: http
----
 # Kevisual 服务 (端口 3005, 本地)
 apiVersion: v1
 kind: Service