kevisual/k8s-docs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix

Browse Source
This commit is contained in:
熊潇
2025-12-05 18:13:42 +08:00
parent 46aac745c2
commit af9e99b444
17 changed files with 291 additions and 120 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
k8s/config Normal file
View File

@@ -0,0 +1,33 @@
apiVersion: v1
clusters:
- cluster:
insecure-skip-tls-verify: true
server: https://light.xiongxiao.me:6443
name: dev-cluster
- cluster:
insecure-skip-tls-verify: true
server: https://kevisual.cn:6443
name: kevisual-cluster
- cluster:
server: ""
name: kevisual-context
contexts:
- context:
cluster: dev-cluster
user: dev-user
name: dev-context
- context:
cluster: kevisual-cluster
user: kevisual-user
name: kevisual-context
current-context: kevisual-context
kind: Config
users:
- name: dev-user
user:
client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJrVENDQVRlZ0F3SUJBZ0lJSDdGcGRsb2tnMm93Q2dZSUtvWkl6ajBFQXdJd0l6RWhNQjhHQTFVRUF3d1kKYXpOekxXTnNhV1Z1ZEMxallVQXhOelkwTVRJek9UVTNNQjRYRFRJMU1URXlOakF5TWpVMU4xb1hEVEkyTVRFeQpOakF5TWpVMU4xb3dNREVYTUJVR0ExVUVDaE1PYzNsemRHVnRPbTFoYzNSbGNuTXhGVEFUQmdOVkJBTVRESE41CmMzUmxiVHBoWkcxcGJqQlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VIQTBJQUJOd3JxcWtlTnV6bVdjWEMKd2pVdi9nOUkyTnE5MmZDcGpGYzRLVjVSMFltMzNIZUZtUEZiaC9KLzM1djJGWG9OSWZBVjRrSlo0RzZSVFZjYgpXZnRiRWhtalNEQkdNQTRHQTFVZER3RUIvd1FFQXdJRm9EQVRCZ05WSFNVRUREQUtCZ2dyQmdFRkJRY0RBakFmCkJnTlZIU01FR0RBV2dCVGRsNkplTEN3YXdyRWtMSkt2ZnZ4NnpRQW4wVEFLQmdncWhrak9QUVFEQWdOSUFEQkYKQWlCNkE4SXZocWRYL2N4VWs1Y1lMMGxOeWkxejl1YUk1R245RGRDTmd0clpRUUloQU56USs4TkUxbVdURDVTdAo4SGxJaXBJcG1NMXZpSGZZcW50MmVtbnJ0QktHCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0KLS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJkakNDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdFkyeHAKWlc1MExXTmhRREUzTmpReE1qTTVOVGN3SGhjTk1qVXhNVEkyTURJeU5UVTNXaGNOTXpVeE1USTBNREl5TlRVMwpXakFqTVNFd0h3WURWUVFEREJock0zTXRZMnhwWlc1MExXTmhRREUzTmpReE1qTTVOVGN3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFUVUY4L3c5aU1oVzNNQnBXTjJRS1NYRHpGVE1CYXNRaFBqZm5BSEJCeVgKeEFsbktWMjhyN2Z4Y1ZiY3hNVGVsOExUZW05RXNncEYwaEFCTGpnQnlHaVhvMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVTNaZWlYaXdzR3NLeEpDeVNyMzc4CmVzMEFKOUV3Q2dZSUtvWkl6ajBFQXdJRFJ3QXdSQUlnQmNpcjUwTk9yeXdBeUNSNkw1dFBnZHIxVGo5MGtFVE0KS1g0emQxcTZCeVFDSUhscWd3ZXdKS2YzYzFxQWZnUkFVZmlSR1lSNXBYQ2o2aE5jdjJwUDdrM3kKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
client-key-data: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSU9oSHRlUFV1WnN6UHRTWU9XbkMrTVEybWZnYU9TaHhBNTdQc2VpQUZFck5vQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFM0N1cXFSNDI3T1paeGNMQ05TLytEMGpZMnIzWjhLbU1WemdwWGxIUmliZmNkNFdZOFZ1SAo4bi9mbS9ZVmVnMGg4QlhpUWxuZ2JwRk5WeHRaKzFzU0dRPT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo=
- name: kevisual-user
user:
client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJrVENDQVRlZ0F3SUJBZ0lJYUV1WVVManBtV0F3Q2dZSUtvWkl6ajBFQXdJd0l6RWhNQjhHQTFVRUF3d1kKYXpOekxXTnNhV1Z1ZEMxallVQXhOelkwT1RJMk5qWTFNQjRYRFRJMU1USXdOVEE1TWpReU5Wb1hEVEkyTVRJdwpOVEE1TWpReU5Wb3dNREVYTUJVR0ExVUVDaE1PYzNsemRHVnRPbTFoYzNSbGNuTXhGVEFUQmdOVkJBTVRESE41CmMzUmxiVHBoWkcxcGJqQlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VIQTBJQUJDMmJGcG5HVGJYRUwxS00KcG5ERkxuQjJ3czd3NTBMSnpqeTZLaDloSnZmYVVtL1RxOVEvYnF6c1RMSWhLQkg0Mlp4ZUFsTTRIWTFGdnVrTwphME40Z2dHalNEQkdNQTRHQTFVZER3RUIvd1FFQXdJRm9EQVRCZ05WSFNVRUREQUtCZ2dyQmdFRkJRY0RBakFmCkJnTlZIU01FR0RBV2dCUVFzYUxiNFpudllkbUtxQjFjT2M5dUZTVVB0akFLQmdncWhrak9QUVFEQWdOSUFEQkYKQWlBeERocitWTHJVMm5lSml4bU5tM1luQ1FPdS8vYnZZRG9vai96endGT2JlUUloQUxZcXhXVlQ4NW9qVUlWcApHSTZTK2sydkZ3Ny9Pb0lOVmVmSTJ1bTl1WHJNCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0KLS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJkakNDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdFkyeHAKWlc1MExXTmhRREUzTmpRNU1qWTJOalV3SGhjTk1qVXhNakExTURreU5ESTFXaGNOTXpVeE1qQXpNRGt5TkRJMQpXakFqTVNFd0h3WURWUVFEREJock0zTXRZMnhwWlc1MExXTmhRREUzTmpRNU1qWTJOalV3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFReENHZE9kSVBtZmRkSTVPUzNqdUtQTGlacSs4MlVsME1TRUJENjRITUIKc3ZNbUxXbzUwK1dwcHllYTV2dlorOHF5TUdaQmx5VVNTUWtoQkxTZDZWemZvMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVUVMR2kyK0daNzJIWmlxZ2RYRG5QCmJoVWxEN1l3Q2dZSUtvWkl6ajBFQXdJRFJ3QXdSQUlnWW42NVZmbXVLNjgzeUhBZ3NRZFlwdmZxbDZxNlY5NTAKSE9laGpyTWhZdzRDSUdXZ05oVEg2NmN5dXlsUk93YjlQbmZnR1JqY2l4UmFoV0pwdWlDbjJuUHgKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
client-key-data: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSUJWV0xHSnZ0S3Rlb3JKdkpFZ3g1VDNiMHVqczdBMnJuZUY0L1RyVG01d2hvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFTFpzV21jWk50Y1F2VW95bWNNVXVjSGJDenZEblFzbk9QTG9xSDJFbTk5cFNiOU9yMUQ5dQpyT3hNc2lFb0VmalpuRjRDVXpnZGpVVys2UTVyUTNpQ0FRPT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo=

11
k8s/kevisual.cn/README.md
View File

@@ -1,12 +1,12 @@
## 安装k3s + calico 网络插件 ## 安装k3s 网络插件
### 安装k3s 同时禁用默认的traefik和flannel ### 安装k3s 同时禁用默认的traefik
```sh ```sh
curl -sfL https://rancher-mirror.rancher.cn/k3s/k3s-install.sh | \ curl -sfL https://rancher-mirror.rancher.cn/k3s/k3s-install.sh | \
INSTALL_K3S_MIRROR=cn \ INSTALL_K3S_MIRROR=cn \
K3S_KUBECONFIG_MODE="644" \ K3S_KUBECONFIG_MODE="644" \
INSTALL_K3S_EXEC="server --disable=traefik --flannel-backend=none" \ INSTALL_K3S_EXEC="server --disable=traefik " \
sh - sh -
``` ```
# 编辑服务文件 # 编辑服务文件
@@ -18,11 +18,6 @@ journalctl -u k3s.service -f
### 安装有问题 ### 安装有问题
https://chat.xiongxiao.me/s/10b9aefa-5ba5-45d6-ba2c-b80c638468f3 https://chat.xiongxiao.me/s/10b9aefa-5ba5-45d6-ba2c-b80c638468f3
### 安装Calico
```sh
curl -sfL https://docs.projectcalico.org/manifests/calico.yaml | kubectl apply -f -
```
### 获取token ### 获取token

4
k8s/kevisual.cn/apps/esm.yaml
View File

@@ -1,9 +1,7 @@
# kubectl create namespace kevisual
apiVersion: apps/v1 apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
name: esm name: esm
namespace: kevisual
labels: labels:
app: esm app: esm
spec: spec:
@@ -39,7 +37,6 @@ apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: esm name: esm
namespace: kevisual
labels: labels:
app: esm app: esm
spec: spec:
@@ -57,7 +54,6 @@ apiVersion: traefik.io/v1alpha1
kind: IngressRoute kind: IngressRoute
metadata: metadata:
name: esm-https name: esm-https
namespace: kevisual
spec: spec:
entryPoints: entryPoints:
- websecure - websecure

3
k8s/kevisual.cn/apps/external/new-api.yaml vendored
View File

@@ -23,6 +23,9 @@ subsets:
- name: http - name: http
port: 3000 port: 3000
protocol: TCP protocol: TCP
---
apiVersion: v1
kind: Endpoints
metadata: metadata:
name: minio-external name: minio-external
namespace: default namespace: default

72
k8s/kevisual.cn/apps/jimeng-api/app.yaml Normal file
View File

@@ -0,0 +1,72 @@
# jimeng-api Deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: jimeng-api
namespace: default
labels:
app: jimeng-api
spec:
replicas: 1
selector:
matchLabels:
app: jimeng-api
template:
metadata:
labels:
app: jimeng-api
spec:
containers:
- name: jimeng-api
image: ghcr.io/iptag/jimeng-api:latest
imagePullPolicy: Always
ports:
- containerPort: 5100
protocol: TCP
resources:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "500m"
nodeSelector:
machine: "kevisual"
---
# jimeng-api Service
apiVersion: v1
kind: Service
metadata:
name: jimeng-api
namespace: default
labels:
app: jimeng-api
spec:
type: ClusterIP
ports:
- name: http
protocol: TCP
port: 5100
targetPort: 5100
selector:
app: jimeng-api
---
# jimeng-api Ingress (Traefik)
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: jimeng-api-https
namespace: default
spec:
entryPoints:
- websecure
routes:
- match: Host(`jimeng-api.kevisual.cn`)
kind: Rule
services:
- name: jimeng-api
port: 5100
tls:
certResolver: letsencrypt

87
k8s/kevisual.cn/apps/nocodb.yaml
View File

@@ -1,43 +1,10 @@
--- ---
apiVersion: v1
kind: Namespace
metadata:
name: nocodb
---
# PostgreSQL Persistent Volume Claim
apiVersion: v1
kind: PersistentVolume
metadata:
name: postgres-pv
namespace: nocodb
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteOnce
storageClassName: local-path
hostPath:
path: /opt/docker/nocodb/postgres_data
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: postgres-pvc
namespace: nocodb
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
volumeName: postgres-pv
---
# PostgreSQL Deployment # PostgreSQL Deployment
apiVersion: apps/v1 apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
name: root-db name: root-db
namespace: nocodb namespace: default
labels: labels:
app: root-db app: root-db
spec: spec:
@@ -90,16 +57,18 @@ spec:
periodSeconds: 5 periodSeconds: 5
timeoutSeconds: 3 timeoutSeconds: 3
volumes: volumes:
- name: postgres-storage - name: postgres-storage
persistentVolumeClaim: hostPath:
claimName: postgres-pvc path: /opt/docker/nocodb/postgres_data
type: Directory
nodeSelector:
machine: "kevisual"
--- ---
# PostgreSQL Service (ClusterIP, internal access) # PostgreSQL Service (ClusterIP, internal access)
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: root-db name: root-db
namespace: nocodb
labels: labels:
app: root-db app: root-db
spec: spec:
@@ -111,40 +80,11 @@ spec:
targetPort: 5432 targetPort: 5432
type: ClusterIP type: ClusterIP
--- ---
# NocoDB Persistent Volume Claim
apiVersion: v1
kind: PersistentVolume
metadata:
name: nc-data-pv
namespace: nocodb
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteOnce
storageClassName: local-path
hostPath:
path: /opt/docker/nocodb/nc_data
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: nc-data-pvc
namespace: nocodb
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
volumeName: nc-data-pv
---
# NocoDB Deployment # NocoDB Deployment
apiVersion: apps/v1 apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
name: nocodb name: nocodb
namespace: nocodb
labels: labels:
app: nocodb app: nocodb
spec: spec:
@@ -164,7 +104,7 @@ spec:
- containerPort: 8080 - containerPort: 8080
env: env:
- name: NC_DB - name: NC_DB
value: "pg://root-db.nocodb.svc.cluster.local:5432?u=postgres&p=abearxiong&d=postgres" value: "pg://root-db:5432?u=postgres&p=abearxiong&d=postgres"
- name: NC_AUTH_JWT_SECRET - name: NC_AUTH_JWT_SECRET
value: "MaCpbZugRlwFWUfpAUNAd7p64V4Yj7Xx" # openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | head -c 32 value: "MaCpbZugRlwFWUfpAUNAd7p64V4Yj7Xx" # openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | head -c 32
volumeMounts: volumeMounts:
@@ -179,16 +119,18 @@ spec:
periodSeconds: 10 periodSeconds: 10
timeoutSeconds: 5 timeoutSeconds: 5
volumes: volumes:
- name: nc-data-storage - name: nc-data-storage
persistentVolumeClaim: hostPath:
claimName: nc-data-pvc path: /opt/docker/nocodb/nc_data
type: Directory
nodeSelector:
machine: "kevisual"
--- ---
# NocoDB Service (NodePort to expose on host:8080) # NocoDB Service (NodePort to expose on host:8080)
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: nocodb name: nocodb
namespace: nocodb
labels: labels:
app: nocodb app: nocodb
spec: spec:
@@ -206,7 +148,6 @@ apiVersion: traefik.io/v1alpha1
kind: IngressRoute kind: IngressRoute
metadata: metadata:
name: nocodb-https name: nocodb-https
namespace: nocodb
spec: spec:
entryPoints: entryPoints:
- websecure - websecure

4
k8s/kevisual.cn/config/master-token.md
View File

@@ -1,10 +1,10 @@
K106e5eb70f699db4a043873e452b636cd50be9a5794ff1a912a7b96f22268eb204::server:afa9aade36b27a6eec44d47983441d59 K109668b353a17ff6ea9d68535255f880cf583c5c83c357d181ac5f963505033af4::server:f95b219abcfe507760f04ff88be52ccd
# Agent 节点安装命令 # Agent 节点安装命令
```sh ```sh
curl -sfL https://rancher-mirror.rancher.cn/k3s/k3s-install.sh | INSTALL_K3S_MIRROR=cn K3S_URL=https://kevisual.cn:6443 K3S_TOKEN=K106e5eb70f699db4a043873e452b636cd50be9a5794ff1a912a7b96f22268eb204::server:afa9aade36b27a6eec44d47983441d59 sh - curl -sfL https://rancher-mirror.rancher.cn/k3s/k3s-install.sh | INSTALL_K3S_MIRROR=cn K3S_URL=https://kevisual.cn:6443 K3S_TOKEN=K109668b353a17ff6ea9d68535255f880cf583c5c83c357d181ac5f963505033af4::server:f95b219abcfe507760f04ff88be52ccd sh -
``` ```
会输出类似 会输出类似

6
k8s/kevisual.cn/ingress/apps-ingressroute.yaml
View File

@@ -1,4 +1,5 @@
# Kevisual - kevisual.cn (支持 WebSocket) # Kevisual - kevisual.cn (支持 WebSocket)
---
apiVersion: traefik.io/v1alpha1 apiVersion: traefik.io/v1alpha1
kind: IngressRoute kind: IngressRoute
metadata: metadata:
@@ -15,7 +16,7 @@ spec:
port: 3005 port: 3005
tls: tls:
certResolver: letsencrypt certResolver: letsencrypt
---
apiVersion: traefik.io/v1alpha1 apiVersion: traefik.io/v1alpha1
kind: IngressRoute kind: IngressRoute
metadata: metadata:
@@ -31,4 +32,5 @@ spec:
- name: kevisual-external - name: kevisual-external
port: 3005 port: 3005
tls: tls:
certResolver: letsencrypt certResolver: letsencrypt
---

31
k8s/kevisual.cn/pro/index.md Normal file
View File

@@ -0,0 +1,31 @@
```sh
# cat /etc/rancher/k3s/registries.yaml
mirrors:
docker.io:
endpoint:
- "https://docker.1ms.run"
- "https://docker.m.daocloud.io"
- "https://dockerproxy.net/"
```
```sh
cat config.toml
disabled_plugins = ["cri"]
[plugins."io.containerd.grpc.v1.cri".registry]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
endpoint = [
"https://docker.1ms.run",
"https://docker.m.daocloud.io",
"https://dockerproxy.net/",
]
# [plugins."io.containerd.grpc.v1.cri".registry.mirrors."registry.k8s.io"]
# endpoint = [
# "https://k8s.m.daocloud.io"
# "https://docker.m.daocloud.io",
# ]
```

21
k8s/kevisual.cn/services/external-services.yaml
View File

@@ -4,25 +4,22 @@ metadata:
name: kevisual-external name: kevisual-external
namespace: default namespace: default
spec: spec:
type: ClusterIP clusterIP: None
ports: ports:
- port: 3005 - port: 3005
targetPort: 3005 targetPort: 3005
protocol: TCP protocol: TCP
name: http name: http
--- ---
apiVersion: discovery.k8s.io/v1 apiVersion: v1
kind: EndpointSlice kind: Endpoints
metadata: metadata:
name: kevisual-external name: kevisual-external
namespace: default namespace: default
labels: subsets:
kubernetes.io/service-name: kevisual-external
addressType: IPv4
ports:
- name: http
protocol: TCP
port: 3005
endpoints:
- addresses: - addresses:
- "118.196.32.29" - ip: 118.196.32.29
ports:
- port: 3005
name: http
protocol: TCP

65
k8s/kevisual.cn/sh/debug-www-kevisual.sh Executable file
View File

@@ -0,0 +1,65 @@
#!/bin/bash
# 诊断 www.kevisual.cn 访问问题
# tags: debug, troubleshooting, traefik, ingress
# description: 诊断 www.kevisual.cn 无法访问的问题
# title: www.kevisual.cn 诊断脚本
# createdAt: 2025-12-05
echo "========================================"
echo "1. 检查 Traefik CRD 是否存在"
echo "========================================"
kubectl api-resources | grep ingressroute
echo ""
echo "========================================"
echo "2. 检查 IngressRoute 资源"
echo "========================================"
kubectl get ingressroute -n default
echo ""
echo "========================================"
echo "3. 检查 kevisual-external 服务"
echo "========================================"
kubectl get svc kevisual-external -n default
echo ""
echo "========================================"
echo "4. 检查 EndpointSlice"
echo "========================================"
kubectl get endpointslice -n default | grep kevisual
echo ""
echo "========================================"
echo "5. 检查 Traefik Pod 状态"
echo "========================================"
kubectl get pod -n traefik
echo ""
echo "========================================"
echo "6. 检查 Traefik 服务"
echo "========================================"
kubectl get svc -n traefik
echo ""
echo "========================================"
echo "7. 描述 www-kevisual-https IngressRoute"
echo "========================================"
kubectl describe ingressroute www-kevisual-https -n default 2>&1
echo ""
echo "========================================"
echo "8. 检查 Traefik 日志最近50行"
echo "========================================"
kubectl logs -n traefik -l app.kubernetes.io/name=traefik --tail=50 2>&1 | grep -i "kevisual\|www.kevisual\|error" || echo "未找到相关日志"
echo ""
echo "========================================"
echo "9. 测试访问 www.kevisual.cn"
echo "========================================"
curl -I https://www.kevisual.cn 2>&1 | head -10
echo ""
echo "========================================"
echo "10. 测试访问 kevisual.cn"
echo "========================================"
curl -I https://kevisual.cn 2>&1 | head -10

11
k8s/kevisual.cn/sh/log/delete.sh Normal file
View File

@@ -0,0 +1,11 @@
# kubectl delete -f ./app.yaml --force --grace-period=0
# log
kubectl logs jimeng-api-cfd7c9578-dkqps
kubectl describe pod jimeng-api-cfd7c9578-dkqps
# kubectl rollout restart deployment jimeng-api -n default
# kubectl get pods -l app=jimeng-api -w

9
k8s/kevisual.cn/sh/log/traefik.sh Normal file
View File

@@ -0,0 +1,9 @@
# !/bin/bash
# 查看 traefik 日志中包含 jimeng 关键词的内容,以及错误信息
kubectl logs -n traefik $(kubectl get pods -n traefik -o name | head
-1) --tail=100 | grep -E "(jimeng|error|Error|ERROR)" -A 2 -B 2
kubectl get svc -n traefik
# 查看 traefik pod 的倒数 100 行日志
kubectl logs -n traefik $(kubectl get pods -n traefik -o name | head -1) --tail=100

15
k8s/kevisual.cn/sh/mirror/proxy-base.sh Normal file
View File

@@ -0,0 +1,15 @@
## k3s ctr 直接下载不了镜像,用其他的方式下载然后导入
# sudo k3s ctr images pull docker.io/rancher/mirrored-pause:3.6
# 1. 使用 Docker pull 镜像
docker pull docker.io/rancher/mirrored-pause:3.6
# 2. 将 Docker 镜像保存为 tar 文件
docker save docker.io/rancher/mirrored-pause:3.6 -o mirrored-pause-3.6.tar
# 3. 使用 K3s 的 ctr 导入镜像
sudo k3s ctr images import mirrored-pause-3.6.tar
# 4. 验证镜像是否导入成功
sudo k3s ctr images ls | grep pause

15
k8s/kevisual.cn/sh/mirror/proxy-jimeng.sh Normal file
View File

@@ -0,0 +1,15 @@
## k3s ctr 直接下载不了镜像,用其他的方式下载然后导入
# sudo k3s ctr images pull docker.io/ghcr.io/iptag/jimeng-api:latest
# 1. 使用 Docker pull 镜像
docker pull docker.io/ghcr.io/iptag/jimeng-api:latest
# 2. 将 Docker 镜像保存为 tar 文件
docker save docker.io/ghcr.io/iptag/jimeng-api:latest -o mirrored-pause-3.6.tar
# 3. 使用 K3s 的 ctr 导入镜像
sudo k3s ctr images import mirrored-pause-3.6.tar
# 4. 验证镜像是否导入成功
sudo k3s ctr images ls | grep pause

5
k8s/kevisual.cn/traefik.yaml
View File

@@ -6,6 +6,11 @@
# description: Traefik 反向代理完整配置,部署在 master 节点,包含自动 SSL 证书支持(Let's Encrypt) # description: Traefik 反向代理完整配置,部署在 master 节点,包含自动 SSL 证书支持(Let's Encrypt)
# title: Traefik 完整部署配置 - 含 SSL 证书(Master 节点部署) # title: Traefik 完整部署配置 - 含 SSL 证书(Master 节点部署)
# createdAt: 2025-11-26 # createdAt: 2025-11-26
# Error from server (NotFound): error when creating "traefik.yaml": the server could not find the requested resource (post ingressroutes.traefik.io)
# 注意: 需要先安装 Traefik CRD 资源定义,
##
# kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.0/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml
##
--- ---
# PersistentVolume 用于存储 ACME 证书数据 # PersistentVolume 用于存储 ACME 证书数据
apiVersion: v1 apiVersion: v1

19
k8s/xiongxiao.me/config/registry.md
View File

@@ -7,16 +7,6 @@ mirrors:
- 'https://docker.1ms.run' - 'https://docker.1ms.run'
- 'https://docker.m.daocloud.io' - 'https://docker.m.daocloud.io'
- 'https://docker.1panel.live' - 'https://docker.1panel.live'
- 'https://docker-0.unsee.tech'
- 'https://dytt.online'
- 'https://lispy.org'
- 'https://docker.xiaogenban1993.com'
- 'https://666860.xyz'
- 'https://hub.rat.dev'
- 'https://demo.52013120.xyz'
- 'https://proxy.vvvv.ee'
- 'https://registry.cyou'
- 'http://hub-mirror.c.163.com'
"registry.k8s.io": "registry.k8s.io":
endpoint: endpoint:
@@ -56,15 +46,6 @@ disabled_plugins = ["cri"]
"https://docker.1ms.run", "https://docker.1ms.run",
"https://docker.m.daocloud.io", "https://docker.m.daocloud.io",
"https://docker.1panel.live", "https://docker.1panel.live",
"https://dytt.online",
"https://docker-0.unsee.tech",
"https://lispy.org",
"https://docker.xiaogenban1993.com",
"https://666860.xyz",
"https://hub.rat.dev",
"https://demo.52013120.xyz",
"https://proxy.vvvv.ee",
"https://registry.cyou"
] ]