Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openeuler
infrastructure
提交
15d1e2a7
I
infrastructure
项目概览
openeuler
/
infrastructure
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
I
infrastructure
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
15d1e2a7
编写于
6月 09, 2020
作者:
O
openeuler-ci-bot
提交者:
Gitee
6月 09, 2020
浏览文件
操作
浏览文件
下载
差异文件
!342 香港repo的部署yaml更新到了github opensourceways下面,删除本仓库中yaml。
Merge pull request !342 from TommyLike/feature/remove-hk-repo
上级
6c45686f
e7c3f876
变更
1
隐藏空白更改
内联
并排
Showing
1 changed file
with
0 addition
and
244 deletion
+0
-244
cd/repo/openeuler.org.hk/deployment_with_rsync_client.yaml
cd/repo/openeuler.org.hk/deployment_with_rsync_client.yaml
+0
-244
未找到文件。
cd/repo/openeuler.org.hk/deployment_with_rsync_client.yaml
已删除
100644 → 0
浏览文件 @
6c45686f
---
apiVersion
:
v1
kind
:
ConfigMap
metadata
:
name
:
openeuler-configmap
namespace
:
repo-mirror
data
:
ssh.pub
:
|
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQChSk+/FF79F8ut0hpNuYQ4uhAgUSY4hzRIPvQ2uVTukP0B0A99NYPfDNICp7gLa6e7yzaj+bvCpgWZoZCNAWTBWkq+zHTgDDHrLtUE4zPC1guzuR+Gz3yeIzSt0iAzi9uG2p+qh7jUfl8QAwNOs3wosNenoZj7NmgsCF9M1o85msimRc8Roxnn5caao1RtdNkDHDqhw5QiS9doSUjoxT+esD0CI7RHAyMgMCfSlXXl/phpdSU2hVJSFXsHVBTiymkuMQe8Ylmls+OEmCe8Cy7lIqE/Q+56l62Pxv4UJpOWs9T/SrOEr5vtEPGghZzgo5ViewzAs3dGMaODSO25XhrIiRZ7hjBK9tjLOX7ZXfAsb4DpJljq2aPCrlEaGJsHc2laixKIOKogDbqFffM3eXwgEAxPUevX/mYnuyhAVrsRUl8HXIQnTuVIEeYVdmn2MA8I/y6MPWdN5VbLR5gOiNLOuSVhCq3sQLpTZ9CONF+zq+1layCoaGMIZw5JwYgWCQgCGNclbx8eMVY3+J3slH6VjzE/05Eys18HtpuAMCivBLGgpBGeCVdpQqkHodTn5ZjNZEBAgzHypiOgR/txMHhkTi4+1ZvTmSRWs9hggv4/IcDQFaj1f2JVds6lxGvJyOnoy9k1VUC0q4N6sptpJ/n+ElCJ4UaHE48La3Mu79R6+Q== openeuler_hosts
default.conf
:
|
server {
listen 80;
if ($time_iso8601 ~ "^(\d{4})-(\d{2})-(\d{2})") {
set $year $1;
set $month $2;
set $day $3;
}
access_log /var/log/nginx/access.log.$year$month$day main;
server_name *.openeuler.org;
location / {
root /repo/openeuler;
fancyindex on;
fancyindex_exact_size off;
autoindex on;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
}
server {
if ($time_iso8601 ~ "^(\d{4})-(\d{2})-(\d{2})") {
set $year $1;
set $month $2;
set $day $3;
}
access_log /var/log/nginx/access.log.$year$month$day main;
listen 443 ssl;
server_name *.openeuler.org;
ssl on;
ssl_certificate /etc/nginx/conf/ssl/fullchain.pem;
ssl_certificate_key /etc/nginx/conf/ssl/privkey.pem;
location / {
root /repo/openeuler;
fancyindex on;
fancyindex_exact_size off;
autoindex on;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
}
nginx.conf
:
|-
user root;
worker_processes 4;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/conf/mime.types;
default_type application/octet-stream;
server_tokens off;
# used for geoip2
geoip2 /etc/nginx/geoip/country/GeoLite2-Country.mmdb {
$geoip2_metadata_country_build metadata build_epoch;
$geoip2_data_country_code default=US source=$remote_addr country iso_code;
$geoip2_data_country_name country names en;
}
geoip2 /etc/nginx/geoip/city/GeoLite2-City.mmdb {
$geoip2_data_city_name default=ShenZhen city names en;
$geoip2_data_location_latitude location latitude;
$geoip2_data_location_longitude location longitude;
}
# the cidr used for elb cluster
set_real_ip_from 100.125.0.0/16;
real_ip_recursive on;
real_ip_header X-Forwarded-For;
log_format main '$remote_addr <$geoip2_data_country_code, $geoip2_data_country_name, $geoip2_data_city_name, $geoip2_data_location_latitude, $geoip2_data_location_longitude> '
'[$time_local] "$request" $status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $request_filename';
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf/conf.d/*.conf;
}
---
apiVersion
:
v1
kind
:
PersistentVolumeClaim
metadata
:
name
:
openeuler-data-volume
namespace
:
repo-mirror
spec
:
accessModes
:
-
ReadWriteMany
resources
:
requests
:
storage
:
4000Gi
storageClassName
:
ssd
# Deployment for repo service
---
kind
:
Deployment
apiVersion
:
apps/v1
metadata
:
name
:
openeuler
namespace
:
repo-mirror
labels
:
app
:
repo-nginx-server
spec
:
replicas
:
1
selector
:
matchLabels
:
app
:
repo-nginx-pod
template
:
metadata
:
labels
:
app
:
repo-nginx-pod
spec
:
containers
:
-
name
:
repo-nginx
image
:
swr.cn-north-1.myhuaweicloud.com/mindspore/nginx-extras:1.10.3
imagePullPolicy
:
"
Always"
volumeMounts
:
-
name
:
website-secrets-volume
mountPath
:
/etc/nginx/conf/ssl/fullchain.pem
subPath
:
fullchain.pem
-
name
:
website-secrets-volume
mountPath
:
/etc/nginx/conf/ssl/privkey.pem
subPath
:
privkey.pem
-
mountPath
:
/etc/nginx/conf/nginx.conf
name
:
repo-nginx-configmap-volume
subPath
:
nginx.conf
-
mountPath
:
/etc/nginx/conf/conf.d/default.conf
name
:
repo-nginx-configmap-volume
subPath
:
default.conf
-
mountPath
:
/repo/openeuler
name
:
openeuler-data-volume
-
mountPath
:
/var/log/nginx
name
:
openeuler-log-volume
env
:
-
name
:
TZ
value
:
Asia/Shanghai
resources
:
requests
:
cpu
:
4000m
memory
:
6000Mi
-
name
:
rsync-client
image
:
swr.cn-north-4.myhuaweicloud.com/openeuler/rsyncd:0.0.5
imagePullPolicy
:
"
Always"
volumeMounts
:
-
mountPath
:
/etc/rsyncd.secrets.ro
name
:
website-secrets-volume
subPath
:
rsyncd_secrets
-
mountPath
:
/repo/openeuler
name
:
openeuler-data-volume
-
mountPath
:
/root/.ssh/authorized_keys.ro
name
:
repo-nginx-configmap-volume
subPath
:
ssh.pub
resources
:
requests
:
cpu
:
2000m
memory
:
6000Mi
# Use the combination of sync & sleep to sync the repo from main repo periodically
command
:
-
/bin/sh
-
-c
-
|
cp /etc/rsyncd.secrets.ro /etc/rsyncd.secrets
chmod 0400 /etc/rsyncd.secrets
cp /root/.ssh/authorized_keys.ro /root/.ssh/authorized_keys
chmod 0400 /root/.ssh/authorized_keys
chown root:root /root/.ssh/authorized_keys
/usr/sbin/sshd &
while :; do echo "Starting to sync repos @ $(date)"; rsync -av --partial --progress --password-file=/etc/rsyncd.secrets rsync://root@121.36.97.194/openeuler /repo/openeuler; sleep 86400; done
volumes
:
-
name
:
repo-nginx-configmap-volume
configMap
:
name
:
openeuler-configmap
-
name
:
openeuler-data-volume
persistentVolumeClaim
:
claimName
:
openeuler-data-volume
-
name
:
openeuler-log-volume
persistentVolumeClaim
:
claimName
:
cce-obs-import-openeuler-repo-mirror
-
name
:
website-secrets-volume
secret
:
secretName
:
website-secrets
---
apiVersion
:
v1
kind
:
Service
metadata
:
name
:
openeuler-service
namespace
:
repo-mirror
annotations
:
kubernetes.io/elb.class
:
union
kubernetes.io/elb.id
:
eb5f0ba1-4472-45e0-ab8e-9aa38dc82705
kubernetes.io/elb.lb-algorithm
:
ROUND_ROBIN
spec
:
#We need set this into 'Local' since we need get the client IP of elb.
externalTrafficPolicy
:
Local
ports
:
-
port
:
443
name
:
nginx-repo-https
targetPort
:
443
-
port
:
873
name
:
rsync-server-port
targetPort
:
873
-
port
:
22
name
:
rsync-ssh-server-port
targetPort
:
22
-
port
:
80
name
:
nginx-repo-http
targetPort
:
80
selector
:
app
:
repo-nginx-pod
type
:
LoadBalancer
loadBalancerIP
:
119.8.119.83
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录