Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openeuler
infrastructure
提交
35573537
I
infrastructure
项目概览
openeuler
/
infrastructure
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
I
infrastructure
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
35573537
编写于
2月 03, 2020
作者:
T
TommyLike
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Add rsync server
上级
a57864f0
变更
13
显示空白变更内容
内联
并排
Showing
13 changed file
with
98 addition
and
407 deletion
+98
-407
cd/repo/README.md
cd/repo/README.md
+15
-31
cd/repo/dockerfiles/Dockerfile
cd/repo/dockerfiles/Dockerfile
+0
-18
cd/repo/openeuler.org/deployment.yaml
cd/repo/openeuler.org/deployment.yaml
+0
-240
cd/repo/openeuler.org/deployment_with_rsync_server.yaml
cd/repo/openeuler.org/deployment_with_rsync_server.yaml
+2
-2
cd/repo/repo-chart/config/default.conf
cd/repo/repo-chart/config/default.conf
+1
-7
cd/repo/repo-chart/config/rsyncd.conf
cd/repo/repo-chart/config/rsyncd.conf
+17
-0
cd/repo/repo-chart/config/rsyncd.secrets
cd/repo/repo-chart/config/rsyncd.secrets
+1
-0
cd/repo/repo-chart/config/ssh.pub
cd/repo/repo-chart/config/ssh.pub
+1
-0
cd/repo/repo-chart/templates/config.yaml
cd/repo/repo-chart/templates/config.yaml
+3
-26
cd/repo/repo-chart/templates/deployment.yaml
cd/repo/repo-chart/templates/deployment.yaml
+43
-65
cd/repo/repo-chart/templates/namespace.yaml
cd/repo/repo-chart/templates/namespace.yaml
+0
-7
cd/repo/repo-chart/templates/service.yaml
cd/repo/repo-chart/templates/service.yaml
+6
-3
cd/repo/repo-chart/values.yaml
cd/repo/repo-chart/values.yaml
+9
-8
未找到文件。
cd/repo/README.md
浏览文件 @
35573537
# Notice
# Notice
This folder used to generate final yaml that can be used to setup the openeuler rpm repo service.
This folder used to generate final yaml that can be used to setup the openeuler rpm repo service.
Please update the
`values.yaml`
at least with key and cert file before applying yaml.
```
$xslt
keyFile: "please update this with correct key file url"
certFile: "please update this with correct cert file url"
loadBalancerIP: "EIP for load balancer"
elbID: "load balancer ID"
```
# Dockerfile
# Dockerfile
There are 3 images used for repo service and they are:
There are 2 images used for repo service and they are:
1.
``Dockerfile``
: it's a repo tool image which used to setup up the nginx environment or update the repo
1.
``rsyncd/Dockerfile``
: it contains the rsync server as well as sshd server, it's used to server as a rsync server.
data via a kubernetes job resource.
3.
``Official nginx dockerfile 1.17.5``
: it's used in the main deployment and will expose 443 port to our repo clients.
2.
``Dockerfile.nginx_uwsgi_flask``
: it's a simple RESTful application and will be deployed along with the main nginx
deployment, it will expose the 80 port and our CI/CD system can utlize that endpoint to trigger a repo update action.
3.
``Official nginx dockerfile``
: it's used in the main deployment and will expose 443 port to our repo clients.
# Trigger a repo update
# Sync files from rsync server
In order to update the repo, an POST request is needed with following parameters:
Command will be like, note password is required:
```
$xslt
```
bash
Endpoint: http://<repo-service-ip>:80/republish
sspass
-p
<password> rsync
-avz
--info
=
progress2 rsync://root@<address of rsync server>:873/openeuler .
Header:
Authorization: Basic <base64<username:password>>
Content-Type: application/json
Request Body:
{
"projects": [
{
"localpath": "openeuler/extras",
"http_url": "http://119.3.219.20:82/openEuler:/Extras/standard_aarch64/aarch64/"
}
]
}
```
```
then a k8s job will be created to fetch all rpm files into repo data volume.
# Generate yaml Command
# Generate yaml Command
```
$xslt
```
$xslt
helm template repo-chart -f repo-chart/values.yaml --namespace repo --name openeuler > deployment.yaml
helm template repo-chart -f repo-chart/values.yaml --namespace <namespace> --name openeuler > deployment.yaml
```
# Secrets required before deploy
the
`website-secrets`
is required before deploy the generated yaml, it will contain website certficate as well
as the private key. the command will be like:
```
bash
kubectl create secret generic website-secrets
--from-file
=
./fullchain.pem
--from-file
=
./privkey.pem
-n
<namespace>
```
```
cd/repo/dockerfiles/Dockerfile
已删除
100644 → 0
浏览文件 @
a57864f0
FROM
centos:centos7
MAINTAINER
tommylike <tommylikehu@gmail.com>
USER
root
# Install createrepo
RUN
yum
-y
install
createrepo
&&
\
yum
-y
install
epel-release
&&
\
yum
-y
install
curl
&&
\
yum
-y
install
wget
&&
\
yum
-y
install
python36
&&
\
pip3
install
pytz
COPY
entrypoint.sh /usr/local/bin/
COPY
repo_tools.py /root/
ENTRYPOINT
["entrypoint.sh"]
cd/repo/openeuler.org/deployment.yaml
已删除
100644 → 0
浏览文件 @
a57864f0
---
# Source: repo-chart/templates/namespace.yaml
# Namespace for repo server
apiVersion
:
v1
kind
:
Namespace
metadata
:
labels
:
name
:
repo
name
:
repo
---
# Source: repo-chart/templates/config.yaml
---
apiVersion
:
v1
kind
:
ConfigMap
metadata
:
name
:
openeuler-configmap
namespace
:
repo
data
:
# update-repo-job.yaml: |
# apiVersion: batch/v1
# kind: Job
# metadata:
# name: update-repo-job
# namespace: repo
# spec:
# template:
# spec:
# containers:
# - name: update-repo
# image: swr.cn-north-1.myhuaweicloud.com/hwstaff_h00223369/repo-tools:0.0.3
# # NOTE: PROJECT_VARIABLE is used to be replaced with actual project list, don't update this only at this place.
# args: ["--repo-json", "PROJECT_VARIABLE", "update"]
# volumeMounts:
# - mountPath: /repo/openeuler
# name: repo-data-volume
# env:
# - name: WORKING_DIR
# value: /repo/openeuler/repository
# restartPolicy: Never
# volumes:
# - name: repo-data-volume
# persistentVolumeClaim:
# claimName: cce-efs-import-k410ji5h-hinm
default.conf
:
|
server {
listen 443 ssl;
access_log /var/log/nginx/host.access.log main;
server_name repo.openeuler.org;
ssl on;
ssl_certificate /etc/nginx/ssl/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/privkey.pem;
location / {
root /repo/openeuler;
autoindex on;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
nginx.conf
:
|-
user root;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
---
# Source: repo-chart/templates/deployment.yaml
# Persistent volume claim for deployment
#---
#apiVersion: v1
#kind: PersistentVolumeClaim
#metadata:
# name: openeuler-data-volume
# namespace: repo
#spec:
# accessModes:
# - ReadWriteMany
# resources:
# requests:
# storage: 100Gi
# storageClassName: sas
# ServiceAccount for deployment
---
apiVersion
:
v1
kind
:
ServiceAccount
metadata
:
name
:
openeuler-listener
namespace
:
repo
---
kind
:
ClusterRole
apiVersion
:
rbac.authorization.k8s.io/v1
metadata
:
name
:
openeuler-listener
rules
:
-
apiGroups
:
[
"
batch"
,
"
extensions"
]
resources
:
[
"
jobs"
]
verbs
:
[
"
get"
,
"
list"
,
"
watch"
,
"
create"
,
"
update"
,
"
patch"
,
"
delete"
]
---
kind
:
ClusterRoleBinding
apiVersion
:
rbac.authorization.k8s.io/v1
metadata
:
name
:
openeuler-listener
subjects
:
-
kind
:
ServiceAccount
name
:
openeuler-listener
namespace
:
repo
roleRef
:
kind
:
ClusterRole
name
:
openeuler-listener
apiGroup
:
rbac.authorization.k8s.io
# Deployment for repo service
---
kind
:
Deployment
apiVersion
:
apps/v1
metadata
:
name
:
openeuler
namespace
:
repo
labels
:
app
:
repo-nginx-server
spec
:
replicas
:
2
selector
:
matchLabels
:
app
:
repo-nginx-pod
template
:
metadata
:
labels
:
app
:
repo-nginx-pod
spec
:
serviceAccount
:
openeuler-listener
containers
:
-
name
:
repo-nginx
image
:
swr.cn-north-1.myhuaweicloud.com/hwstaff_h00223369/nginx:1.17.5
imagePullPolicy
:
"
IfNotPresent"
volumeMounts
:
-
name
:
website-secrets-volume
mountPath
:
/etc/nginx/ssl/fullchain.pem
subPath
:
fullchain.pem
-
name
:
website-secrets-volume
mountPath
:
/etc/nginx/ssl/privkey.pem
subPath
:
privkey.pem
-
mountPath
:
/etc/nginx/nginx.conf
name
:
repo-nginx-configmap-volume
subPath
:
nginx.conf
-
mountPath
:
/etc/nginx/conf.d/default.conf
name
:
repo-nginx-configmap-volume
subPath
:
default.conf
-
mountPath
:
/repo/openeuler
name
:
repo-data-volume
-
name
:
repo-update-listener
image
:
swr.cn-north-1.myhuaweicloud.com/hwstaff_h00223369/repo-listener:0.0.2
env
:
# base auth for repo listener
-
name
:
BASIC_AUTH_USERNAME
value
:
openeuler
-
name
:
BASIC_AUTH_PASSWORD
value
:
openeuler
-
name
:
K8S_NAMESPACE
value
:
repo
imagePullPolicy
:
"
IfNotPresent"
volumeMounts
:
-
mountPath
:
/etc/repo-update/update-repo-job.yaml
name
:
repo-nginx-configmap-volume
subPath
:
update-repo-job.yaml
volumes
:
-
name
:
repo-nginx-configmap-volume
configMap
:
name
:
openeuler-configmap
-
name
:
repo-data-volume
persistentVolumeClaim
:
claimName
:
cce-efs-import-for-repo-use
-
name
:
website-secrets-volume
secret
:
secretName
:
website-secrets
---
# Source: repo-chart/templates/service.yaml
apiVersion
:
v1
kind
:
Service
metadata
:
name
:
openeuler-service
namespace
:
repo
annotations
:
kubernetes.io/elb.class
:
union
kubernetes.io/elb.id
:
161185be-1794-452b-82ca-647db0e9c5b1
kubernetes.io/elb.lb-algorithm
:
ROUND_ROBIN
spec
:
externalTrafficPolicy
:
Cluster
ports
:
-
port
:
443
name
:
nginx-repo-https
targetPort
:
443
-
port
:
80
name
:
nginx-repo-listener-http
targetPort
:
80
selector
:
app
:
repo-nginx-pod
type
:
LoadBalancer
loadBalancerIP
:
121.36.97.194
cd/repo/openeuler.org/deployment_with_rsync_server.yaml
浏览文件 @
35573537
...
@@ -189,7 +189,7 @@ metadata:
...
@@ -189,7 +189,7 @@ metadata:
namespace
:
repo2
namespace
:
repo2
annotations
:
annotations
:
kubernetes.io/elb.class
:
union
kubernetes.io/elb.class
:
union
kubernetes.io/elb.id
:
b0fa0739-f69c-4abd-bcbf-840c8dd1b44e
kubernetes.io/elb.id
:
161185be-1794-452b-82ca-647db0e9c5b1
kubernetes.io/elb.lb-algorithm
:
ROUND_ROBIN
kubernetes.io/elb.lb-algorithm
:
ROUND_ROBIN
spec
:
spec
:
externalTrafficPolicy
:
Cluster
externalTrafficPolicy
:
Cluster
...
@@ -206,4 +206,4 @@ spec:
...
@@ -206,4 +206,4 @@ spec:
selector
:
selector
:
app
:
repo-nginx-pod
app
:
repo-nginx-pod
type
:
LoadBalancer
type
:
LoadBalancer
loadBalancerIP
:
1
14.116.245.239
loadBalancerIP
:
1
21.36.97.194
cd/repo/repo-chart/config/default.conf
浏览文件 @
35573537
...
@@ -8,14 +8,8 @@ server {
...
@@ -8,14 +8,8 @@ server {
ssl_certificate
/
etc
/
nginx
/
ssl
/
fullchain
.
pem
;
ssl_certificate
/
etc
/
nginx
/
ssl
/
fullchain
.
pem
;
ssl_certificate_key
/
etc
/
nginx
/
ssl
/
privkey
.
pem
;
ssl_certificate_key
/
etc
/
nginx
/
ssl
/
privkey
.
pem
;
location
/
repository
{
location
/ {
root
/
repo
/
openeuler
;
root
/
repo
/
openeuler
;
autoindex
on
;
autoindex
on
;
}
}
error_page
500
502
503
504
/
50
x
.
html
;
location
= /
50
x
.
html
{
root
/
usr
/
share
/
nginx
/
html
;
}
}
}
cd/repo/repo-chart/config/rsyncd.conf
0 → 100644
浏览文件 @
35573537
log
file
= /
dev
/
stdout
use
chroot
=
yes
uid
=
root
gid
=
root
max
connections
=
10
timeout
=
600
read
only
=
yes
[
openeuler
]
path
= /
repo
/
openeuler
comment
=
openeuler
repo
folder
read
only
=
true
auth
users
=
root
secrets
file
= /
etc
/
rsyncd
.
secrets
ignore
nonreadable
=
yes
refuse
options
=
checksum
dont
compress
= *
\ No newline at end of file
cd/repo/repo-chart/config/rsyncd.secrets
0 → 100644
浏览文件 @
35573537
root:openeuler@1234
\ No newline at end of file
cd/repo/repo-chart/config/ssh.pub
0 → 100644
浏览文件 @
35573537
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQChSk+/FF79F8ut0hpNuYQ4uhAgUSY4hzRIPvQ2uVTukP0B0A99NYPfDNICp7gLa6e7yzaj+bvCpgWZoZCNAWTBWkq+zHTgDDHrLtUE4zPC1guzuR+Gz3yeIzSt0iAzi9uG2p+qh7jUfl8QAwNOs3wosNenoZj7NmgsCF9M1o85msimRc8Roxnn5caao1RtdNkDHDqhw5QiS9doSUjoxT+esD0CI7RHAyMgMCfSlXXl/phpdSU2hVJSFXsHVBTiymkuMQe8Ylmls+OEmCe8Cy7lIqE/Q+56l62Pxv4UJpOWs9T/SrOEr5vtEPGghZzgo5ViewzAs3dGMaODSO25XhrIiRZ7hjBK9tjLOX7ZXfAsb4DpJljq2aPCrlEaGJsHc2laixKIOKogDbqFffM3eXwgEAxPUevX/mYnuyhAVrsRUl8HXIQnTuVIEeYVdmn2MA8I/y6MPWdN5VbLR5gOiNLOuSVhCq3sQLpTZ9CONF+zq+1layCoaGMIZw5JwYgWCQgCGNclbx8eMVY3+J3slH6VjzE/05Eys18HtpuAMCivBLGgpBGeCVdpQqkHodTn5ZjNZEBAgzHypiOgR/txMHhkTi4+1ZvTmSRWs9hggv4/IcDQFaj1f2JVds6lxGvJyOnoy9k1VUC0q4N6sptpJ/n+ElCJ4UaHE48La3Mu79R6+Q== openeuler_hosts
\ No newline at end of file
cd/repo/repo-chart/templates/config.yaml
浏览文件 @
35573537
...
@@ -5,32 +5,9 @@ metadata:
...
@@ -5,32 +5,9 @@ metadata:
name
:
{{
.Release.Name
}}
-configmap
name
:
{{
.Release.Name
}}
-configmap
namespace
:
{{
.Release.Namespace
}}
namespace
:
{{
.Release.Namespace
}}
data
:
data
:
update-repo-job.yaml
:
|
{{
- (.Files.Glob .Values.deployment.rsyncSecrets).AsConfig | nindent 2
}}
apiVersion: batch/v1
{{
- (.Files.Glob .Values.deployment.sshPublicKey).AsConfig | nindent 2
}}
kind: Job
{{
- (.Files.Glob .Values.deployment.rsyncdConfig).AsConfig | nindent 2
}}
metadata:
name: update-repo-job
namespace: {{ .Release.Namespace }}
spec:
template:
spec:
containers:
- name: update-repo
image: {{ .Values.deployment.initImage }}
# NOTE: PROJECT_VARIABLE is used to be replaced with actual project list, don't update this only at this place.
args: ["--repo-json", "PROJECT_VARIABLE", "update"]
volumeMounts:
- mountPath: /repo/openeuler
name: repo-data-volume
env:
- name: WORKING_DIR
value: /repo/openeuler/repository
restartPolicy: Never
volumes:
- name: repo-data-volume
persistentVolumeClaim:
claimName: {{ .Release.Name }}-data-volume
{{
- (.Files.Glob .Values.deployment.defaultConfig).AsConfig | nindent 2
}}
{{
- (.Files.Glob .Values.deployment.defaultConfig).AsConfig | nindent 2
}}
{{
- (.Files.Glob .Values.deployment.nginxConfig).AsConfig | nindent 2
}}
{{
- (.Files.Glob .Values.deployment.nginxConfig).AsConfig | nindent 2
}}
cd/repo/repo-chart/templates/deployment.yaml
浏览文件 @
35573537
...
@@ -13,38 +13,6 @@ spec:
...
@@ -13,38 +13,6 @@ spec:
storage
:
{{
.Values.storage.size
}}
storage
:
{{
.Values.storage.size
}}
storageClassName
:
{{
.Values.storage.className
}}
storageClassName
:
{{
.Values.storage.className
}}
# ServiceAccount for deployment
---
apiVersion
:
v1
kind
:
ServiceAccount
metadata
:
name
:
{{
.Release.Name
}}
-listener
namespace
:
{{
.Release.Namespace
}}
---
kind
:
ClusterRole
apiVersion
:
rbac.authorization.k8s.io/v1
metadata
:
name
:
{{
.Release.Name
}}
-listener
rules
:
-
apiGroups
:
[
"
batch"
,
"
extensions"
]
resources
:
[
"
jobs"
]
verbs
:
[
"
get"
,
"
list"
,
"
watch"
,
"
create"
,
"
update"
,
"
patch"
,
"
delete"
]
---
kind
:
ClusterRoleBinding
apiVersion
:
rbac.authorization.k8s.io/v1
metadata
:
name
:
{{
.Release.Name
}}
-listener
subjects
:
-
kind
:
ServiceAccount
name
:
{{
.Release.Name
}}
-listener
namespace
:
{{
.Release.Namespace
}}
roleRef
:
kind
:
ClusterRole
name
:
{{
.Release.Name
}}
-listener
apiGroup
:
rbac.authorization.k8s.io
# Deployment for repo service
# Deployment for repo service
---
---
kind
:
Deployment
kind
:
Deployment
...
@@ -64,27 +32,17 @@ spec:
...
@@ -64,27 +32,17 @@ spec:
labels
:
labels
:
app
:
repo-nginx-pod
app
:
repo-nginx-pod
spec
:
spec
:
serviceAccount
:
{{
.Release.Name
}}
-listener
initContainers
:
-
name
:
repo-prepare-tool
image
:
{{
.Values.deployment.initImage
}}
env
:
# key and cert file used for nginx tls
-
name
:
KEY_FILE
value
:
{{
.Values.deployment.keyFile
}}
-
name
:
CERT_FILE
value
:
{{
.Values.deployment.certFile
}}
args
:
[
"
--key-file"
,
"
$(KEY_FILE)"
,
"
--cert-file"
,
"
$(CERT_FILE)"
,
"
prepare"
]
volumeMounts
:
-
mountPath
:
/etc/nginx/ssl
name
:
repo-nginx-tls-volume
containers
:
containers
:
-
name
:
repo-nginx
-
name
:
repo-nginx
image
:
{{
.Values.deployment.image
}}
image
:
{{
.Values.deployment.image
}}
imagePullPolicy
:
"
IfNotPresent"
imagePullPolicy
:
"
IfNotPresent"
volumeMounts
:
volumeMounts
:
-
mountPath
:
/etc/nginx/ssl
-
name
:
website-secrets-volume
name
:
repo-nginx-tls-volume
mountPath
:
/etc/nginx/ssl/fullchain.pem
subPath
:
fullchain.pem
-
name
:
website-secrets-volume
mountPath
:
/etc/nginx/ssl/privkey.pem
subPath
:
privkey.pem
-
mountPath
:
/etc/nginx/nginx.conf
-
mountPath
:
/etc/nginx/nginx.conf
name
:
repo-nginx-configmap-volume
name
:
repo-nginx-configmap-volume
subPath
:
nginx.conf
subPath
:
nginx.conf
...
@@ -92,28 +50,48 @@ spec:
...
@@ -92,28 +50,48 @@ spec:
name
:
repo-nginx-configmap-volume
name
:
repo-nginx-configmap-volume
subPath
:
default.conf
subPath
:
default.conf
-
mountPath
:
/repo/openeuler
-
mountPath
:
/repo/openeuler
name
:
repo-data-volume
name
:
openeuler-data-volume
-
name
:
repo-update-listener
resources
:
image
:
{{
.Values.deployment.listenerImage
}}
requests
:
env
:
cpu
:
4000m
# base auth for repo listener
memory
:
8000Mi
-
name
:
BASIC_AUTH_USERNAME
-
name
:
rsync-server
value
:
{{
.Values.deployment.listenerUsername
}}
image
:
{{
.Values.deployment.rsyncdImage
}}
-
name
:
BASIC_AUTH_PASSWORD
imagePullPolicy
:
"
Always"
value
:
{{
.Values.deployment.listenerPassword
}}
-
name
:
K8S_NAMESPACE
value
:
{{
.Release.Namespace
}}
imagePullPolicy
:
"
IfNotPresent"
volumeMounts
:
volumeMounts
:
-
mountPath
:
/etc/r
epo-update/update-repo-job.yaml
-
mountPath
:
/etc/r
syncd.conf
name
:
repo-nginx-configmap-volume
name
:
repo-nginx-configmap-volume
subPath
:
update-repo-job.yaml
subPath
:
rsyncd.conf
-
mountPath
:
/etc/rsyncd.secrets.ro
name
:
repo-nginx-configmap-volume
subPath
:
rsyncd.secrets
-
mountPath
:
/repo/openeuler
name
:
openeuler-data-volume
-
mountPath
:
/root/.ssh/authorized_keys.ro
name
:
repo-nginx-configmap-volume
subPath
:
ssh.pub
resources
:
requests
:
cpu
:
4000m
memory
:
6000Mi
command
:
-
/bin/sh
-
-c
-
|
cp /etc/rsyncd.secrets.ro /etc/rsyncd.secrets
chmod 0400 /etc/rsyncd.secrets
cp /root/.ssh/authorized_keys.ro /root/.ssh/authorized_keys
chmod 0400 /root/.ssh/authorized_keys
chown root:root /root/.ssh/authorized_keys
/usr/sbin/sshd &
exec /usr/bin/rsync --no-detach --daemon --config /etc/rsyncd.conf;
volumes
:
volumes
:
-
name
:
repo-nginx-tls-volume
emptyDir
:
{}
-
name
:
repo-nginx-configmap-volume
-
name
:
repo-nginx-configmap-volume
configMap
:
configMap
:
name
:
{{
.Release.Name
}}
-configmap
name
:
{{
.Release.Name
}}
-configmap
-
name
:
repo
-data-volume
-
name
:
openeuler
-data-volume
persistentVolumeClaim
:
persistentVolumeClaim
:
claimName
:
{{
.Release.Name
}}
-data-volume
claimName
:
{{
.Release.Name
}}
-data-volume
-
name
:
website-secrets-volume
secret
:
secretName
:
website-secrets
cd/repo/repo-chart/templates/namespace.yaml
已删除
100644 → 0
浏览文件 @
a57864f0
# Namespace for repo server
apiVersion
:
v1
kind
:
Namespace
metadata
:
labels
:
name
:
{{
.Release.Namespace
}}
name
:
{{
.Release.Namespace
}}
cd/repo/repo-chart/templates/service.yaml
浏览文件 @
35573537
...
@@ -13,9 +13,12 @@ spec:
...
@@ -13,9 +13,12 @@ spec:
-
port
:
443
-
port
:
443
name
:
nginx-repo-https
name
:
nginx-repo-https
targetPort
:
443
targetPort
:
443
-
port
:
80
-
port
:
873
name
:
nginx-repo-listener-http
name
:
rsync-server-port
targetPort
:
80
targetPort
:
873
-
port
:
22
name
:
rsync-ssh-server-port
targetPort
:
22
selector
:
selector
:
app
:
repo-nginx-pod
app
:
repo-nginx-pod
type
:
LoadBalancer
type
:
LoadBalancer
...
...
cd/repo/repo-chart/values.yaml
浏览文件 @
35573537
service
:
service
:
elbID
:
7597fc1d-b0e4-4b81-80b1-e85825fc8aff
elbID
:
161185be-1794-452b-82ca-647db0e9c5b1
loadBalancerIP
:
1
19.8.39.193
loadBalancerIP
:
1
21.36.97.194
deployment
:
deployment
:
replicaCount
:
2
replicaCount
:
1
#only support 1 now
initImage
:
tommylike/repo-tools:0.1.5
rsyncdImage
:
swr.cn-north-4.myhuaweicloud.com/openeuler/rsyncd:0.0.5
keyFile
:
"
please
update
this
with
correct
key
file
url"
image
:
swr.cn-north-4.myhuaweicloud.com/openeuler/nginx:1.17.5
certFile
:
"
please
update
this
with
correct
key
file
url"
image
:
nginx:1.17.5
listenerImage
:
tommylike/repo-listener:0.1.2
listenerImage
:
tommylike/repo-listener:0.1.2
listenerUsername
:
openeuler
listenerUsername
:
openeuler
listenerPassword
:
openeuler
listenerPassword
:
openeuler
nginxConfig
:
config/nginx.conf
nginxConfig
:
config/nginx.conf
defaultConfig
:
config/default.conf
defaultConfig
:
config/default.conf
rsyncdConfig
:
config/rsyncd.conf
rsyncSecrets
:
config/rsyncd.secrets
sshPublicKey
:
config/ssh.pub
storage
:
storage
:
size
:
1
000Gi
size
:
4
000Gi
className
:
ssd
className
:
ssd
\ No newline at end of file
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录