From af9e99b44488f5df6c769bc9f33163d490e994b8 Mon Sep 17 00:00:00 2001 From: abearxiong Date: Fri, 5 Dec 2025 18:13:42 +0800 Subject: [PATCH] fix --- k8s/config | 33 +++++++ k8s/kevisual.cn/README.md | 11 +-- k8s/kevisual.cn/apps/esm.yaml | 4 - k8s/kevisual.cn/apps/external/new-api.yaml | 3 + k8s/kevisual.cn/apps/jimeng-api/app.yaml | 72 +++++++++++++++ k8s/kevisual.cn/apps/nocodb.yaml | 87 +++---------------- k8s/kevisual.cn/config/master-token.md | 4 +- .../ingress/apps-ingressroute.yaml | 6 +- k8s/kevisual.cn/pro/index.md | 31 +++++++ .../services/external-services.yaml | 21 ++--- k8s/kevisual.cn/sh/debug-www-kevisual.sh | 65 ++++++++++++++ k8s/kevisual.cn/sh/log/delete.sh | 11 +++ k8s/kevisual.cn/sh/log/traefik.sh | 9 ++ k8s/kevisual.cn/sh/mirror/proxy-base.sh | 15 ++++ k8s/kevisual.cn/sh/mirror/proxy-jimeng.sh | 15 ++++ k8s/kevisual.cn/traefik.yaml | 5 ++ k8s/xiongxiao.me/config/registry.md | 19 ---- 17 files changed, 291 insertions(+), 120 deletions(-) create mode 100644 k8s/config create mode 100644 k8s/kevisual.cn/apps/jimeng-api/app.yaml create mode 100644 k8s/kevisual.cn/pro/index.md create mode 100755 k8s/kevisual.cn/sh/debug-www-kevisual.sh create mode 100644 k8s/kevisual.cn/sh/log/delete.sh create mode 100644 k8s/kevisual.cn/sh/log/traefik.sh create mode 100644 k8s/kevisual.cn/sh/mirror/proxy-base.sh create mode 100644 k8s/kevisual.cn/sh/mirror/proxy-jimeng.sh diff --git a/k8s/config b/k8s/config new file mode 100644 index 0000000..82104b3 --- /dev/null +++ b/k8s/config @@ -0,0 +1,33 @@ +apiVersion: v1 +clusters: +- cluster: + insecure-skip-tls-verify: true + server: https://light.xiongxiao.me:6443 + name: dev-cluster +- cluster: + insecure-skip-tls-verify: true + server: https://kevisual.cn:6443 + name: kevisual-cluster +- cluster: + server: "" + name: kevisual-context +contexts: +- context: + cluster: dev-cluster + user: dev-user + name: dev-context +- context: + cluster: kevisual-cluster + user: kevisual-user + name: kevisual-context +current-context: kevisual-context +kind: Config +users: +- name: dev-user + user: + client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJrVENDQVRlZ0F3SUJBZ0lJSDdGcGRsb2tnMm93Q2dZSUtvWkl6ajBFQXdJd0l6RWhNQjhHQTFVRUF3d1kKYXpOekxXTnNhV1Z1ZEMxallVQXhOelkwTVRJek9UVTNNQjRYRFRJMU1URXlOakF5TWpVMU4xb1hEVEkyTVRFeQpOakF5TWpVMU4xb3dNREVYTUJVR0ExVUVDaE1PYzNsemRHVnRPbTFoYzNSbGNuTXhGVEFUQmdOVkJBTVRESE41CmMzUmxiVHBoWkcxcGJqQlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VIQTBJQUJOd3JxcWtlTnV6bVdjWEMKd2pVdi9nOUkyTnE5MmZDcGpGYzRLVjVSMFltMzNIZUZtUEZiaC9KLzM1djJGWG9OSWZBVjRrSlo0RzZSVFZjYgpXZnRiRWhtalNEQkdNQTRHQTFVZER3RUIvd1FFQXdJRm9EQVRCZ05WSFNVRUREQUtCZ2dyQmdFRkJRY0RBakFmCkJnTlZIU01FR0RBV2dCVGRsNkplTEN3YXdyRWtMSkt2ZnZ4NnpRQW4wVEFLQmdncWhrak9QUVFEQWdOSUFEQkYKQWlCNkE4SXZocWRYL2N4VWs1Y1lMMGxOeWkxejl1YUk1R245RGRDTmd0clpRUUloQU56USs4TkUxbVdURDVTdAo4SGxJaXBJcG1NMXZpSGZZcW50MmVtbnJ0QktHCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0KLS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJkakNDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdFkyeHAKWlc1MExXTmhRREUzTmpReE1qTTVOVGN3SGhjTk1qVXhNVEkyTURJeU5UVTNXaGNOTXpVeE1USTBNREl5TlRVMwpXakFqTVNFd0h3WURWUVFEREJock0zTXRZMnhwWlc1MExXTmhRREUzTmpReE1qTTVOVGN3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFUVUY4L3c5aU1oVzNNQnBXTjJRS1NYRHpGVE1CYXNRaFBqZm5BSEJCeVgKeEFsbktWMjhyN2Z4Y1ZiY3hNVGVsOExUZW05RXNncEYwaEFCTGpnQnlHaVhvMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVTNaZWlYaXdzR3NLeEpDeVNyMzc4CmVzMEFKOUV3Q2dZSUtvWkl6ajBFQXdJRFJ3QXdSQUlnQmNpcjUwTk9yeXdBeUNSNkw1dFBnZHIxVGo5MGtFVE0KS1g0emQxcTZCeVFDSUhscWd3ZXdKS2YzYzFxQWZnUkFVZmlSR1lSNXBYQ2o2aE5jdjJwUDdrM3kKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= + client-key-data: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSU9oSHRlUFV1WnN6UHRTWU9XbkMrTVEybWZnYU9TaHhBNTdQc2VpQUZFck5vQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFM0N1cXFSNDI3T1paeGNMQ05TLytEMGpZMnIzWjhLbU1WemdwWGxIUmliZmNkNFdZOFZ1SAo4bi9mbS9ZVmVnMGg4QlhpUWxuZ2JwRk5WeHRaKzFzU0dRPT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo= +- name: kevisual-user + user: + client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJrVENDQVRlZ0F3SUJBZ0lJYUV1WVVManBtV0F3Q2dZSUtvWkl6ajBFQXdJd0l6RWhNQjhHQTFVRUF3d1kKYXpOekxXTnNhV1Z1ZEMxallVQXhOelkwT1RJMk5qWTFNQjRYRFRJMU1USXdOVEE1TWpReU5Wb1hEVEkyTVRJdwpOVEE1TWpReU5Wb3dNREVYTUJVR0ExVUVDaE1PYzNsemRHVnRPbTFoYzNSbGNuTXhGVEFUQmdOVkJBTVRESE41CmMzUmxiVHBoWkcxcGJqQlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VIQTBJQUJDMmJGcG5HVGJYRUwxS00KcG5ERkxuQjJ3czd3NTBMSnpqeTZLaDloSnZmYVVtL1RxOVEvYnF6c1RMSWhLQkg0Mlp4ZUFsTTRIWTFGdnVrTwphME40Z2dHalNEQkdNQTRHQTFVZER3RUIvd1FFQXdJRm9EQVRCZ05WSFNVRUREQUtCZ2dyQmdFRkJRY0RBakFmCkJnTlZIU01FR0RBV2dCUVFzYUxiNFpudllkbUtxQjFjT2M5dUZTVVB0akFLQmdncWhrak9QUVFEQWdOSUFEQkYKQWlBeERocitWTHJVMm5lSml4bU5tM1luQ1FPdS8vYnZZRG9vai96endGT2JlUUloQUxZcXhXVlQ4NW9qVUlWcApHSTZTK2sydkZ3Ny9Pb0lOVmVmSTJ1bTl1WHJNCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0KLS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJkakNDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdFkyeHAKWlc1MExXTmhRREUzTmpRNU1qWTJOalV3SGhjTk1qVXhNakExTURreU5ESTFXaGNOTXpVeE1qQXpNRGt5TkRJMQpXakFqTVNFd0h3WURWUVFEREJock0zTXRZMnhwWlc1MExXTmhRREUzTmpRNU1qWTJOalV3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFReENHZE9kSVBtZmRkSTVPUzNqdUtQTGlacSs4MlVsME1TRUJENjRITUIKc3ZNbUxXbzUwK1dwcHllYTV2dlorOHF5TUdaQmx5VVNTUWtoQkxTZDZWemZvMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVUVMR2kyK0daNzJIWmlxZ2RYRG5QCmJoVWxEN1l3Q2dZSUtvWkl6ajBFQXdJRFJ3QXdSQUlnWW42NVZmbXVLNjgzeUhBZ3NRZFlwdmZxbDZxNlY5NTAKSE9laGpyTWhZdzRDSUdXZ05oVEg2NmN5dXlsUk93YjlQbmZnR1JqY2l4UmFoV0pwdWlDbjJuUHgKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= + client-key-data: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSUJWV0xHSnZ0S3Rlb3JKdkpFZ3g1VDNiMHVqczdBMnJuZUY0L1RyVG01d2hvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFTFpzV21jWk50Y1F2VW95bWNNVXVjSGJDenZEblFzbk9QTG9xSDJFbTk5cFNiOU9yMUQ5dQpyT3hNc2lFb0VmalpuRjRDVXpnZGpVVys2UTVyUTNpQ0FRPT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo= \ No newline at end of file diff --git a/k8s/kevisual.cn/README.md b/k8s/kevisual.cn/README.md index a389475..cb6a5fb 100644 --- a/k8s/kevisual.cn/README.md +++ b/k8s/kevisual.cn/README.md @@ -1,12 +1,12 @@ -## 安装k3s + calico 网络插件 -### 安装k3s 同时禁用默认的traefik和flannel +## 安装k3s 网络插件 +### 安装k3s 同时禁用默认的traefik ```sh curl -sfL https://rancher-mirror.rancher.cn/k3s/k3s-install.sh | \ INSTALL_K3S_MIRROR=cn \ K3S_KUBECONFIG_MODE="644" \ -INSTALL_K3S_EXEC="server --disable=traefik --flannel-backend=none" \ +INSTALL_K3S_EXEC="server --disable=traefik " \ sh - ``` # 编辑服务文件 @@ -18,11 +18,6 @@ journalctl -u k3s.service -f ### 安装有问题 https://chat.xiongxiao.me/s/10b9aefa-5ba5-45d6-ba2c-b80c638468f3 -### 安装Calico - -```sh -curl -sfL https://docs.projectcalico.org/manifests/calico.yaml | kubectl apply -f - -``` ### 获取token diff --git a/k8s/kevisual.cn/apps/esm.yaml b/k8s/kevisual.cn/apps/esm.yaml index 07cbc19..1655006 100644 --- a/k8s/kevisual.cn/apps/esm.yaml +++ b/k8s/kevisual.cn/apps/esm.yaml @@ -1,9 +1,7 @@ -# kubectl create namespace kevisual apiVersion: apps/v1 kind: Deployment metadata: name: esm - namespace: kevisual labels: app: esm spec: @@ -39,7 +37,6 @@ apiVersion: v1 kind: Service metadata: name: esm - namespace: kevisual labels: app: esm spec: @@ -57,7 +54,6 @@ apiVersion: traefik.io/v1alpha1 kind: IngressRoute metadata: name: esm-https - namespace: kevisual spec: entryPoints: - websecure diff --git a/k8s/kevisual.cn/apps/external/new-api.yaml b/k8s/kevisual.cn/apps/external/new-api.yaml index 17f17ea..51bb696 100644 --- a/k8s/kevisual.cn/apps/external/new-api.yaml +++ b/k8s/kevisual.cn/apps/external/new-api.yaml @@ -23,6 +23,9 @@ subsets: - name: http port: 3000 protocol: TCP +--- +apiVersion: v1 +kind: Endpoints metadata: name: minio-external namespace: default diff --git a/k8s/kevisual.cn/apps/jimeng-api/app.yaml b/k8s/kevisual.cn/apps/jimeng-api/app.yaml new file mode 100644 index 0000000..145f993 --- /dev/null +++ b/k8s/kevisual.cn/apps/jimeng-api/app.yaml @@ -0,0 +1,72 @@ +# jimeng-api Deployment +apiVersion: apps/v1 +kind: Deployment +metadata: + name: jimeng-api + namespace: default + labels: + app: jimeng-api +spec: + replicas: 1 + selector: + matchLabels: + app: jimeng-api + template: + metadata: + labels: + app: jimeng-api + spec: + containers: + - name: jimeng-api + image: ghcr.io/iptag/jimeng-api:latest + imagePullPolicy: Always + ports: + - containerPort: 5100 + protocol: TCP + resources: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "512Mi" + cpu: "500m" + nodeSelector: + machine: "kevisual" +--- +# jimeng-api Service +apiVersion: v1 +kind: Service +metadata: + name: jimeng-api + namespace: default + labels: + app: jimeng-api +spec: + type: ClusterIP + ports: + - name: http + protocol: TCP + port: 5100 + targetPort: 5100 + selector: + app: jimeng-api + + +--- +# jimeng-api Ingress (Traefik) +apiVersion: traefik.io/v1alpha1 +kind: IngressRoute +metadata: + name: jimeng-api-https + namespace: default +spec: + entryPoints: + - websecure + routes: + - match: Host(`jimeng-api.kevisual.cn`) + kind: Rule + services: + - name: jimeng-api + port: 5100 + tls: + certResolver: letsencrypt diff --git a/k8s/kevisual.cn/apps/nocodb.yaml b/k8s/kevisual.cn/apps/nocodb.yaml index 752c99a..cd4603c 100644 --- a/k8s/kevisual.cn/apps/nocodb.yaml +++ b/k8s/kevisual.cn/apps/nocodb.yaml @@ -1,43 +1,10 @@ --- -apiVersion: v1 -kind: Namespace -metadata: - name: nocodb ---- -# PostgreSQL Persistent Volume Claim -apiVersion: v1 -kind: PersistentVolume -metadata: - name: postgres-pv - namespace: nocodb -spec: - capacity: - storage: 1Gi - accessModes: - - ReadWriteOnce - storageClassName: local-path - hostPath: - path: /opt/docker/nocodb/postgres_data ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: postgres-pvc - namespace: nocodb -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1Gi - volumeName: postgres-pv ---- # PostgreSQL Deployment apiVersion: apps/v1 kind: Deployment metadata: name: root-db - namespace: nocodb + namespace: default labels: app: root-db spec: @@ -90,16 +57,18 @@ spec: periodSeconds: 5 timeoutSeconds: 3 volumes: - - name: postgres-storage - persistentVolumeClaim: - claimName: postgres-pvc + - name: postgres-storage + hostPath: + path: /opt/docker/nocodb/postgres_data + type: Directory + nodeSelector: + machine: "kevisual" --- # PostgreSQL Service (ClusterIP, internal access) apiVersion: v1 kind: Service metadata: name: root-db - namespace: nocodb labels: app: root-db spec: @@ -111,40 +80,11 @@ spec: targetPort: 5432 type: ClusterIP --- -# NocoDB Persistent Volume Claim -apiVersion: v1 -kind: PersistentVolume -metadata: - name: nc-data-pv - namespace: nocodb -spec: - capacity: - storage: 1Gi - accessModes: - - ReadWriteOnce - storageClassName: local-path - hostPath: - path: /opt/docker/nocodb/nc_data ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: nc-data-pvc - namespace: nocodb -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1Gi - volumeName: nc-data-pv ---- # NocoDB Deployment apiVersion: apps/v1 kind: Deployment metadata: name: nocodb - namespace: nocodb labels: app: nocodb spec: @@ -164,7 +104,7 @@ spec: - containerPort: 8080 env: - name: NC_DB - value: "pg://root-db.nocodb.svc.cluster.local:5432?u=postgres&p=abearxiong&d=postgres" + value: "pg://root-db:5432?u=postgres&p=abearxiong&d=postgres" - name: NC_AUTH_JWT_SECRET value: "MaCpbZugRlwFWUfpAUNAd7p64V4Yj7Xx" # openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | head -c 32 volumeMounts: @@ -179,16 +119,18 @@ spec: periodSeconds: 10 timeoutSeconds: 5 volumes: - - name: nc-data-storage - persistentVolumeClaim: - claimName: nc-data-pvc + - name: nc-data-storage + hostPath: + path: /opt/docker/nocodb/nc_data + type: Directory + nodeSelector: + machine: "kevisual" --- # NocoDB Service (NodePort to expose on host:8080) apiVersion: v1 kind: Service metadata: name: nocodb - namespace: nocodb labels: app: nocodb spec: @@ -206,7 +148,6 @@ apiVersion: traefik.io/v1alpha1 kind: IngressRoute metadata: name: nocodb-https - namespace: nocodb spec: entryPoints: - websecure diff --git a/k8s/kevisual.cn/config/master-token.md b/k8s/kevisual.cn/config/master-token.md index e6e2c48..d595357 100644 --- a/k8s/kevisual.cn/config/master-token.md +++ b/k8s/kevisual.cn/config/master-token.md @@ -1,10 +1,10 @@ -K106e5eb70f699db4a043873e452b636cd50be9a5794ff1a912a7b96f22268eb204::server:afa9aade36b27a6eec44d47983441d59 +K109668b353a17ff6ea9d68535255f880cf583c5c83c357d181ac5f963505033af4::server:f95b219abcfe507760f04ff88be52ccd # Agent 节点安装命令 ```sh -curl -sfL https://rancher-mirror.rancher.cn/k3s/k3s-install.sh | INSTALL_K3S_MIRROR=cn K3S_URL=https://kevisual.cn:6443 K3S_TOKEN=K106e5eb70f699db4a043873e452b636cd50be9a5794ff1a912a7b96f22268eb204::server:afa9aade36b27a6eec44d47983441d59 sh - +curl -sfL https://rancher-mirror.rancher.cn/k3s/k3s-install.sh | INSTALL_K3S_MIRROR=cn K3S_URL=https://kevisual.cn:6443 K3S_TOKEN=K109668b353a17ff6ea9d68535255f880cf583c5c83c357d181ac5f963505033af4::server:f95b219abcfe507760f04ff88be52ccd sh - ``` 会输出类似 diff --git a/k8s/kevisual.cn/ingress/apps-ingressroute.yaml b/k8s/kevisual.cn/ingress/apps-ingressroute.yaml index d66dc30..e515309 100644 --- a/k8s/kevisual.cn/ingress/apps-ingressroute.yaml +++ b/k8s/kevisual.cn/ingress/apps-ingressroute.yaml @@ -1,4 +1,5 @@ # Kevisual - kevisual.cn (支持 WebSocket) +--- apiVersion: traefik.io/v1alpha1 kind: IngressRoute metadata: @@ -15,7 +16,7 @@ spec: port: 3005 tls: certResolver: letsencrypt - +--- apiVersion: traefik.io/v1alpha1 kind: IngressRoute metadata: @@ -31,4 +32,5 @@ spec: - name: kevisual-external port: 3005 tls: - certResolver: letsencrypt \ No newline at end of file + certResolver: letsencrypt +--- \ No newline at end of file diff --git a/k8s/kevisual.cn/pro/index.md b/k8s/kevisual.cn/pro/index.md new file mode 100644 index 0000000..4fee631 --- /dev/null +++ b/k8s/kevisual.cn/pro/index.md @@ -0,0 +1,31 @@ + +```sh +# cat /etc/rancher/k3s/registries.yaml +mirrors: + docker.io: + endpoint: + - "https://docker.1ms.run" + - "https://docker.m.daocloud.io" + - "https://dockerproxy.net/" +``` + +```sh +cat config.toml +disabled_plugins = ["cri"] + +[plugins."io.containerd.grpc.v1.cri".registry] + [plugins."io.containerd.grpc.v1.cri".registry.mirrors] + [plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"] + endpoint = [ + "https://docker.1ms.run", + "https://docker.m.daocloud.io", + "https://dockerproxy.net/", + ] + + +# [plugins."io.containerd.grpc.v1.cri".registry.mirrors."registry.k8s.io"] +# endpoint = [ +# "https://k8s.m.daocloud.io" +# "https://docker.m.daocloud.io", +# ] +``` \ No newline at end of file diff --git a/k8s/kevisual.cn/services/external-services.yaml b/k8s/kevisual.cn/services/external-services.yaml index 43fb8a3..958016f 100644 --- a/k8s/kevisual.cn/services/external-services.yaml +++ b/k8s/kevisual.cn/services/external-services.yaml @@ -4,25 +4,22 @@ metadata: name: kevisual-external namespace: default spec: - type: ClusterIP + clusterIP: None ports: - port: 3005 targetPort: 3005 protocol: TCP name: http --- -apiVersion: discovery.k8s.io/v1 -kind: EndpointSlice +apiVersion: v1 +kind: Endpoints metadata: name: kevisual-external namespace: default - labels: - kubernetes.io/service-name: kevisual-external -addressType: IPv4 -ports: -- name: http - protocol: TCP - port: 3005 -endpoints: +subsets: - addresses: - - "118.196.32.29" \ No newline at end of file + - ip: 118.196.32.29 + ports: + - port: 3005 + name: http + protocol: TCP \ No newline at end of file diff --git a/k8s/kevisual.cn/sh/debug-www-kevisual.sh b/k8s/kevisual.cn/sh/debug-www-kevisual.sh new file mode 100755 index 0000000..a55ad8c --- /dev/null +++ b/k8s/kevisual.cn/sh/debug-www-kevisual.sh @@ -0,0 +1,65 @@ +#!/bin/bash +# 诊断 www.kevisual.cn 访问问题 +# tags: debug, troubleshooting, traefik, ingress +# description: 诊断 www.kevisual.cn 无法访问的问题 +# title: www.kevisual.cn 诊断脚本 +# createdAt: 2025-12-05 + +echo "========================================" +echo "1. 检查 Traefik CRD 是否存在" +echo "========================================" +kubectl api-resources | grep ingressroute + +echo "" +echo "========================================" +echo "2. 检查 IngressRoute 资源" +echo "========================================" +kubectl get ingressroute -n default + +echo "" +echo "========================================" +echo "3. 检查 kevisual-external 服务" +echo "========================================" +kubectl get svc kevisual-external -n default + +echo "" +echo "========================================" +echo "4. 检查 EndpointSlice" +echo "========================================" +kubectl get endpointslice -n default | grep kevisual + +echo "" +echo "========================================" +echo "5. 检查 Traefik Pod 状态" +echo "========================================" +kubectl get pod -n traefik + +echo "" +echo "========================================" +echo "6. 检查 Traefik 服务" +echo "========================================" +kubectl get svc -n traefik + +echo "" +echo "========================================" +echo "7. 描述 www-kevisual-https IngressRoute" +echo "========================================" +kubectl describe ingressroute www-kevisual-https -n default 2>&1 + +echo "" +echo "========================================" +echo "8. 检查 Traefik 日志(最近50行)" +echo "========================================" +kubectl logs -n traefik -l app.kubernetes.io/name=traefik --tail=50 2>&1 | grep -i "kevisual\|www.kevisual\|error" || echo "未找到相关日志" + +echo "" +echo "========================================" +echo "9. 测试访问 www.kevisual.cn" +echo "========================================" +curl -I https://www.kevisual.cn 2>&1 | head -10 + +echo "" +echo "========================================" +echo "10. 测试访问 kevisual.cn" +echo "========================================" +curl -I https://kevisual.cn 2>&1 | head -10 diff --git a/k8s/kevisual.cn/sh/log/delete.sh b/k8s/kevisual.cn/sh/log/delete.sh new file mode 100644 index 0000000..080a07a --- /dev/null +++ b/k8s/kevisual.cn/sh/log/delete.sh @@ -0,0 +1,11 @@ +# kubectl delete -f ./app.yaml --force --grace-period=0 + +# log + +kubectl logs jimeng-api-cfd7c9578-dkqps + +kubectl describe pod jimeng-api-cfd7c9578-dkqps + +# kubectl rollout restart deployment jimeng-api -n default + +# kubectl get pods -l app=jimeng-api -w \ No newline at end of file diff --git a/k8s/kevisual.cn/sh/log/traefik.sh b/k8s/kevisual.cn/sh/log/traefik.sh new file mode 100644 index 0000000..539deb2 --- /dev/null +++ b/k8s/kevisual.cn/sh/log/traefik.sh @@ -0,0 +1,9 @@ +# !/bin/bash + +# 查看 traefik 日志中包含 jimeng 关键词的内容,以及错误信息 +kubectl logs -n traefik $(kubectl get pods -n traefik -o name | head +-1) --tail=100 | grep -E "(jimeng|error|Error|ERROR)" -A 2 -B 2 +kubectl get svc -n traefik + +# 查看 traefik pod 的倒数 100 行日志 +kubectl logs -n traefik $(kubectl get pods -n traefik -o name | head -1) --tail=100 \ No newline at end of file diff --git a/k8s/kevisual.cn/sh/mirror/proxy-base.sh b/k8s/kevisual.cn/sh/mirror/proxy-base.sh new file mode 100644 index 0000000..8469b2b --- /dev/null +++ b/k8s/kevisual.cn/sh/mirror/proxy-base.sh @@ -0,0 +1,15 @@ +## k3s ctr 直接下载不了镜像,用其他的方式下载然后导入 +# sudo k3s ctr images pull docker.io/rancher/mirrored-pause:3.6 + + +# 1. 使用 Docker pull 镜像 +docker pull docker.io/rancher/mirrored-pause:3.6 + +# 2. 将 Docker 镜像保存为 tar 文件 +docker save docker.io/rancher/mirrored-pause:3.6 -o mirrored-pause-3.6.tar + +# 3. 使用 K3s 的 ctr 导入镜像 +sudo k3s ctr images import mirrored-pause-3.6.tar + +# 4. 验证镜像是否导入成功 +sudo k3s ctr images ls | grep pause \ No newline at end of file diff --git a/k8s/kevisual.cn/sh/mirror/proxy-jimeng.sh b/k8s/kevisual.cn/sh/mirror/proxy-jimeng.sh new file mode 100644 index 0000000..e5540f3 --- /dev/null +++ b/k8s/kevisual.cn/sh/mirror/proxy-jimeng.sh @@ -0,0 +1,15 @@ +## k3s ctr 直接下载不了镜像,用其他的方式下载然后导入 +# sudo k3s ctr images pull docker.io/ghcr.io/iptag/jimeng-api:latest + + +# 1. 使用 Docker pull 镜像 +docker pull docker.io/ghcr.io/iptag/jimeng-api:latest + +# 2. 将 Docker 镜像保存为 tar 文件 +docker save docker.io/ghcr.io/iptag/jimeng-api:latest -o mirrored-pause-3.6.tar + +# 3. 使用 K3s 的 ctr 导入镜像 +sudo k3s ctr images import mirrored-pause-3.6.tar + +# 4. 验证镜像是否导入成功 +sudo k3s ctr images ls | grep pause \ No newline at end of file diff --git a/k8s/kevisual.cn/traefik.yaml b/k8s/kevisual.cn/traefik.yaml index 66bbcd2..ef6b846 100644 --- a/k8s/kevisual.cn/traefik.yaml +++ b/k8s/kevisual.cn/traefik.yaml @@ -6,6 +6,11 @@ # description: Traefik 反向代理完整配置,部署在 master 节点,包含自动 SSL 证书支持(Let's Encrypt) # title: Traefik 完整部署配置 - 含 SSL 证书(Master 节点部署) # createdAt: 2025-11-26 +# Error from server (NotFound): error when creating "traefik.yaml": the server could not find the requested resource (post ingressroutes.traefik.io) +# 注意: 需要先安装 Traefik CRD 资源定义, +## +# kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.0/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml +## --- # PersistentVolume 用于存储 ACME 证书数据 apiVersion: v1 diff --git a/k8s/xiongxiao.me/config/registry.md b/k8s/xiongxiao.me/config/registry.md index 91b4898..db8162a 100644 --- a/k8s/xiongxiao.me/config/registry.md +++ b/k8s/xiongxiao.me/config/registry.md @@ -7,16 +7,6 @@ mirrors: - 'https://docker.1ms.run' - 'https://docker.m.daocloud.io' - 'https://docker.1panel.live' - - 'https://docker-0.unsee.tech' - - 'https://dytt.online' - - 'https://lispy.org' - - 'https://docker.xiaogenban1993.com' - - 'https://666860.xyz' - - 'https://hub.rat.dev' - - 'https://demo.52013120.xyz' - - 'https://proxy.vvvv.ee' - - 'https://registry.cyou' - - 'http://hub-mirror.c.163.com' "registry.k8s.io": endpoint: @@ -56,15 +46,6 @@ disabled_plugins = ["cri"] "https://docker.1ms.run", "https://docker.m.daocloud.io", "https://docker.1panel.live", - "https://dytt.online", - "https://docker-0.unsee.tech", - "https://lispy.org", - "https://docker.xiaogenban1993.com", - "https://666860.xyz", - "https://hub.rat.dev", - "https://demo.52013120.xyz", - "https://proxy.vvvv.ee", - "https://registry.cyou" ]