#!/bin/bash # JPD集群幂等性自动化部署脚本 # 可以安全地重复运行,不会产生错误或不一致状态 set -e export KUBECONFIG=/etc/rancher/k3s/k3s.yaml echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "🚀 JPD集群幂等性自动化部署" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "" # 辅助函数:检查资源是否存在 resource_exists() { local resource_type=$1 local resource_name=$2 local namespace=${3:-default} if [ "$namespace" = "cluster" ]; then kubectl get "$resource_type" "$resource_name" &>/dev/null else kubectl get "$resource_type" "$resource_name" -n "$namespace" &>/dev/null fi } # 辅助函数:等待资源就绪 wait_for_pods() { local namespace=$1 local label=$2 local timeout=${3:-300} echo "⏳ 等待 $namespace/$label Pod就绪..." kubectl wait --for=condition=ready pod -l "$label" -n "$namespace" --timeout="${timeout}s" 2>/dev/null || true } # ============================================ # 步骤 1: 配置Gitea Ingress # ============================================ echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "📦 步骤 1/6: 配置Gitea Ingress" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "" # HTTP Ingress cat </dev/null | base64 -d || echo "密码已删除或不存在") echo "✅ ArgoCD访问配置完成" echo " NodePort: http://149.13.91.216:$ARGOCD_PORT" echo " 域名: http://argocd.jpd.net3w.com" echo " 用户名: admin" echo " 密码: $ARGOCD_PASSWORD" echo "" # ============================================ # 步骤 3: 部署cert-manager # ============================================ echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "📦 步骤 3/6: 部署cert-manager" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "" if ! resource_exists namespace cert-manager cluster; then echo "部署cert-manager..." kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.13.0/cert-manager.yaml wait_for_pods cert-manager app=cert-manager 300 wait_for_pods cert-manager app=webhook 300 sleep 10 else echo "cert-manager已存在,跳过部署" # 确保Pod就绪 wait_for_pods cert-manager app=cert-manager 60 wait_for_pods cert-manager app=webhook 60 fi # 创建ClusterIssuer(幂等) cat < JPD集群测试应用
🚀

JPD K3s集群测试应用

✅ 运行正常

集群名称: JPD Cluster

部署方式: Kubernetes Deployment

副本数: 3

容器镜像: nginx:alpine

访问域名: demo.jpd.net3w.com

GitOps工具: ArgoCD

Git仓库: Gitea

幂等性: ✅ 已实现

--- apiVersion: apps/v1 kind: Deployment metadata: name: nginx-demo namespace: demo-app labels: app: nginx-demo spec: replicas: 3 selector: matchLabels: app: nginx-demo template: metadata: labels: app: nginx-demo spec: containers: - name: nginx image: nginx:alpine ports: - containerPort: 80 volumeMounts: - name: html mountPath: /usr/share/nginx/html volumes: - name: html configMap: name: nginx-html --- apiVersion: v1 kind: Service metadata: name: nginx-demo namespace: demo-app spec: selector: app: nginx-demo ports: - port: 80 targetPort: 80 type: ClusterIP --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: nginx-demo-http namespace: demo-app annotations: traefik.ingress.kubernetes.io/router.entrypoints: web spec: ingressClassName: traefik rules: - host: demo.jpd.net3w.com http: paths: - path: / pathType: Prefix backend: service: name: nginx-demo port: number: 80 --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: nginx-demo-https namespace: demo-app annotations: cert-manager.io/cluster-issuer: "letsencrypt-prod" traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.tls: "true" spec: ingressClassName: traefik tls: - hosts: - demo.jpd.net3w.com secretName: nginx-demo-tls rules: - host: demo.jpd.net3w.com http: paths: - path: / pathType: Prefix backend: service: name: nginx-demo port: number: 80 EOF wait_for_pods demo-app app=nginx-demo 120 echo "✅ 测试应用部署完成" echo "" # ============================================ # 步骤 6: 部署自动化测试 # ============================================ echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "📦 步骤 6/6: 部署自动化测试" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "" cat < /dev/null; then echo "✅ Gitea: 正常" else echo "❌ Gitea: 异常" FAILED=1 fi # 测试ArgoCD echo "测试 ArgoCD..." if curl -f -s -k http://argocd-server.argocd.svc.cluster.local > /dev/null; then echo "✅ ArgoCD: 正常" else echo "❌ ArgoCD: 异常" FAILED=1 fi # 测试Demo应用 echo "测试 Demo应用..." if curl -f -s http://nginx-demo.demo-app.svc.cluster.local > /dev/null; then echo "✅ Demo应用: 正常" else echo "❌ Demo应用: 异常" FAILED=1 fi echo "" if [ \$FAILED -eq 0 ]; then echo "=== 所有服务健康检查通过 ===" exit 0 else echo "=== 健康检查失败 ===" exit 1 fi restartPolicy: OnFailure EOF echo "✅ 自动化测试部署完成" echo "" # ============================================ # 最终验证 # ============================================ echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "🎉 部署完成!最终验证" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "" echo "📊 集群节点:" kubectl get nodes -o wide echo "" echo "🌐 Ingress资源:" kubectl get ingress --all-namespaces echo "" echo "🔐 证书状态:" kubectl get certificate --all-namespaces echo "" echo "🔑 访问信息:" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "" echo "Gitea:" echo " HTTP: http://git.jpd.net3w.com" echo " HTTPS: https://git.jpd.net3w.com" echo " 用户名: gitea_admin" echo " 密码: GitAdmin@2026" echo "" echo "ArgoCD:" echo " HTTP: http://argocd.jpd.net3w.com" echo " HTTPS: https://argocd.jpd.net3w.com" echo " NodePort: http://149.13.91.216:$ARGOCD_PORT" echo " 用户名: admin" echo " 密码: $ARGOCD_PASSWORD" echo "" echo "测试应用:" echo " HTTP: http://demo.jpd.net3w.com" echo " HTTPS: https://demo.jpd.net3w.com" echo "" echo "💡 提示:" echo " - 此脚本是幂等的,可以安全地重复运行" echo " - HTTPS证书会自动签发和续期" echo " - 自动化测试每5分钟运行一次" echo "" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"