From e28cb7088b748f2f8a7992447c3568756f49dbf5 Mon Sep 17 00:00:00 2001 From: abearxiong Date: Thu, 27 Nov 2025 17:24:12 +0800 Subject: [PATCH] update --- k8s/kevisual.cn/apps/external/new-api.yaml | 47 ++++ k8s/kevisual.cn/apps/nocodb.yaml | 220 ++++++++++++++++++ .../ingress/apps-ingressroute.yaml | 17 ++ .../services/external-services.yaml | 18 +- 4 files changed, 295 insertions(+), 7 deletions(-) create mode 100644 k8s/kevisual.cn/apps/external/new-api.yaml create mode 100644 k8s/kevisual.cn/apps/nocodb.yaml diff --git a/k8s/kevisual.cn/apps/external/new-api.yaml b/k8s/kevisual.cn/apps/external/new-api.yaml new file mode 100644 index 0000000..bd993bf --- /dev/null +++ b/k8s/kevisual.cn/apps/external/new-api.yaml @@ -0,0 +1,47 @@ +apiVersion: v1 +kind: Service +metadata: + name: newapi-external + namespace: default +spec: + type: ClusterIP + ports: + - port: 3000 + targetPort: 3000 + protocol: TCP + name: http +--- +apiVersion: discovery.k8s.io/v1 +kind: EndpointSlice +metadata: + name: newapi-external + namespace: default + labels: + kubernetes.io/service-name: newapi-external +addressType: IPv4 +ports: +- name: http + protocol: TCP + port: 3000 +endpoints: +- addresses: + - "118.196.32.29" + +--- +# Kevisual - newapi.kevisual.cn (支持 WebSocket) +apiVersion: traefik.io/v1alpha1 +kind: IngressRoute +metadata: + name: newapi-https + namespace: default +spec: + entryPoints: + - websecure + routes: + - match: Host(`newapi.kevisual.cn`) + kind: Rule + services: + - name: newapi-external + port: 3000 + tls: + certResolver: letsencrypt \ No newline at end of file diff --git a/k8s/kevisual.cn/apps/nocodb.yaml b/k8s/kevisual.cn/apps/nocodb.yaml new file mode 100644 index 0000000..752c99a --- /dev/null +++ b/k8s/kevisual.cn/apps/nocodb.yaml @@ -0,0 +1,220 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: nocodb +--- +# PostgreSQL Persistent Volume Claim +apiVersion: v1 +kind: PersistentVolume +metadata: + name: postgres-pv + namespace: nocodb +spec: + capacity: + storage: 1Gi + accessModes: + - ReadWriteOnce + storageClassName: local-path + hostPath: + path: /opt/docker/nocodb/postgres_data +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: postgres-pvc + namespace: nocodb +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + volumeName: postgres-pv +--- +# PostgreSQL Deployment +apiVersion: apps/v1 +kind: Deployment +metadata: + name: root-db + namespace: nocodb + labels: + app: root-db +spec: + replicas: 1 + selector: + matchLabels: + app: root-db + template: + metadata: + labels: + app: root-db + spec: + containers: + - name: postgres + image: postgres:17.6 + ports: + - containerPort: 5432 + env: + - name: POSTGRES_DB + value: "postgres" + - name: POSTGRES_USER + value: "postgres" + - name: POSTGRES_PASSWORD + value: "abearxiong" + volumeMounts: + - name: postgres-storage + mountPath: /var/lib/postgresql/data + # Health check (liveness/readiness) + livenessProbe: + exec: + command: + - pg_isready + - "-U" + - "postgres" + - "-d" + - "postgres" + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 3 + readinessProbe: + exec: + command: + - pg_isready + - "-U" + - "postgres" + - "-d" + - "postgres" + initialDelaySeconds: 10 + periodSeconds: 5 + timeoutSeconds: 3 + volumes: + - name: postgres-storage + persistentVolumeClaim: + claimName: postgres-pvc +--- +# PostgreSQL Service (ClusterIP, internal access) +apiVersion: v1 +kind: Service +metadata: + name: root-db + namespace: nocodb + labels: + app: root-db +spec: + selector: + app: root-db + ports: + - protocol: TCP + port: 5432 + targetPort: 5432 + type: ClusterIP +--- +# NocoDB Persistent Volume Claim +apiVersion: v1 +kind: PersistentVolume +metadata: + name: nc-data-pv + namespace: nocodb +spec: + capacity: + storage: 1Gi + accessModes: + - ReadWriteOnce + storageClassName: local-path + hostPath: + path: /opt/docker/nocodb/nc_data +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: nc-data-pvc + namespace: nocodb +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + volumeName: nc-data-pv +--- +# NocoDB Deployment +apiVersion: apps/v1 +kind: Deployment +metadata: + name: nocodb + namespace: nocodb + labels: + app: nocodb +spec: + replicas: 1 + selector: + matchLabels: + app: nocodb + template: + metadata: + labels: + app: nocodb + spec: + containers: + - name: nocodb + image: nocodb/nocodb:latest + ports: + - containerPort: 8080 + env: + - name: NC_DB + value: "pg://root-db.nocodb.svc.cluster.local:5432?u=postgres&p=abearxiong&d=postgres" + - name: NC_AUTH_JWT_SECRET + value: "MaCpbZugRlwFWUfpAUNAd7p64V4Yj7Xx" # openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | head -c 32 + volumeMounts: + - name: nc-data-storage + mountPath: /usr/app/data + # NocoDB 可能需要一些启动时间,可选添加 readinessProbe + readinessProbe: + httpGet: + path: /api/v1/health + port: 8080 + initialDelaySeconds: 60 + periodSeconds: 10 + timeoutSeconds: 5 + volumes: + - name: nc-data-storage + persistentVolumeClaim: + claimName: nc-data-pvc +--- +# NocoDB Service (NodePort to expose on host:8080) +apiVersion: v1 +kind: Service +metadata: + name: nocodb + namespace: nocodb + labels: + app: nocodb +spec: + selector: + app: nocodb + ports: + - protocol: TCP + port: 8080 + targetPort: 8080 + type: NodePort + +--- +# NocoDB Ingress (optional, requires Ingress controller) +apiVersion: traefik.io/v1alpha1 +kind: IngressRoute +metadata: + name: nocodb-https + namespace: nocodb +spec: + entryPoints: + - websecure + routes: + - match: Host(`nocodb.kevisual.cn`) + kind: Rule + services: + - name: nocodb + port: 8080 + tls: + certResolver: letsencrypt \ No newline at end of file diff --git a/k8s/kevisual.cn/ingress/apps-ingressroute.yaml b/k8s/kevisual.cn/ingress/apps-ingressroute.yaml index 27c12b5..d66dc30 100644 --- a/k8s/kevisual.cn/ingress/apps-ingressroute.yaml +++ b/k8s/kevisual.cn/ingress/apps-ingressroute.yaml @@ -13,5 +13,22 @@ spec: services: - name: kevisual-external port: 3005 + tls: + certResolver: letsencrypt + +apiVersion: traefik.io/v1alpha1 +kind: IngressRoute +metadata: + name: www-kevisual-https + namespace: default +spec: + entryPoints: + - websecure + routes: + - match: Host(`www.kevisual.cn`) + kind: Rule + services: + - name: kevisual-external + port: 3005 tls: certResolver: letsencrypt \ No newline at end of file diff --git a/k8s/kevisual.cn/services/external-services.yaml b/k8s/kevisual.cn/services/external-services.yaml index 4bfc591..43fb8a3 100644 --- a/k8s/kevisual.cn/services/external-services.yaml +++ b/k8s/kevisual.cn/services/external-services.yaml @@ -11,14 +11,18 @@ spec: protocol: TCP name: http --- -apiVersion: v1 -kind: Endpoints +apiVersion: discovery.k8s.io/v1 +kind: EndpointSlice metadata: name: kevisual-external namespace: default -subsets: + labels: + kubernetes.io/service-name: kevisual-external +addressType: IPv4 +ports: +- name: http + protocol: TCP + port: 3005 +endpoints: - addresses: - - ip: 118.196.32.29 - ports: - - port: 3005 - name: http \ No newline at end of file + - "118.196.32.29" \ No newline at end of file