gitea_admin/k3s_auto_deploy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
k3s_auto_deploy/JPD-DEPLOYMENT-REPORT.md

417 lines
9.1 KiB
Markdown
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# JPD集群部署完成报告
## 🎉 部署成功!
**部署时间**: 2026-02-04
**集群名称**: JPD K3s Cluster
**部署状态**: ✅ 成功
---
## 📊 集群信息
### 节点状态
| 节点 | 主机名 | 公网IP | 内网IP | 角色 | 状态 | 版本 |
|------|--------|--------|--------|------|------|------|
| Master | jp1 | 149.13.91.216 | 10.198.0.112 | control-plane | ✅ Ready | v1.28.5+k3s1 |
| Worker1 | jp2 | 149.13.91.64 | 10.198.0.175 | worker | ✅ Ready | v1.28.5+k3s1 |
| Worker2 | jp3 | 149.13.91.59 | 10.198.0.111 | worker | ✅ Ready | v1.28.5+k3s1 |
### 已部署组件
#### 核心组件 (kube-system)
- ✅ CoreDNS - DNS服务
- ✅ Traefik - Ingress控制器 (LoadBalancer)
- ✅ Metrics Server - 资源监控
- ✅ Local Path Provisioner - 本地存储
#### Gitea (gitea namespace)
- ✅ Gitea主服务 - 1个Pod
- ✅ PostgreSQL HA - 3个实例
- ✅ Valkey Cluster (Redis) - 3个实例
- ✅ PgPool - 1个实例
- **总计**: 8个Pod全部Running
#### ArgoCD (argocd namespace)
- ✅ argocd-server - Web UI和API
- ✅ argocd-repo-server - Git仓库管理
- ✅ argocd-application-controller - 应用控制器
- ✅ argocd-dex-server - SSO认证
- ✅ argocd-redis - 缓存
- ✅ argocd-applicationset-controller - ApplicationSet控制器
- ✅ argocd-notifications-controller - 通知控制器
- **总计**: 7个Pod全部Running
---
## 🔑 访问信息
### Gitea Git仓库服务
**访问地址**:
- NodePort: http://149.13.91.216:30080
- 域名: http://git.jpd.net3w.com (需配置DNS)
**登录凭证**:
```
用户名: gitea_admin
密码: GitAdmin@2026
邮箱: admin@jpd.net3w.com
```
**测试访问**:
```bash
curl http://149.13.91.216:30080
# 或
curl http://git.jpd.net3w.com
```
### ArgoCD GitOps平台
**获取访问地址**:
```bash
ssh fei@149.13.91.216
export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
# 配置NodePort
kubectl patch svc argocd-server -n argocd -p '{"spec": {"type": "NodePort"}}'
# 获取端口
kubectl get svc argocd-server -n argocd
```
**获取admin密码**:
```bash
kubectl -n argocd get secret argocd-initial-admin-secret \
-o jsonpath="{.data.password}" | base64 -d && echo
```
**登录凭证**:
```
用户名: admin
密码: (使用上面命令获取)
```
---
## 🌐 网络配置
### 当前端口映射
| 服务 | 类型 | 内部端口 | 外部端口 | 访问地址 |
|------|------|----------|----------|----------|
| Gitea HTTP | NodePort | 3000 | 30080 | http://149.13.91.216:30080 |
| Traefik HTTP | LoadBalancer | 80 | 31637 | http://149.13.91.216:31637 |
| Traefik HTTPS | LoadBalancer | 443 | 30672 | https://149.13.91.216:30672 |
| ArgoCD | ClusterIP | 80/443 | - | 需配置NodePort或Ingress |
### DNS配置建议
在域名服务商控制台添加以下记录:
```
# 泛域名解析(推荐)
*.jpd.net3w.com A 149.13.91.216
# 或单独配置
git.jpd.net3w.com A 149.13.91.216
argocd.jpd.net3w.com A 149.13.91.216
*.jpd1.net3w.com A 149.13.91.216
*.jpd2.net3w.com A 149.13.91.64
*.jpd3.net3w.com A 149.13.91.59
```
---
## 📝 常用管理命令
### 在本地机器上通过SSH执行
```bash
# 查看所有Pod
sshpass -p '1' ssh fei@149.13.91.216 "export KUBECONFIG=/etc/rancher/k3s/k3s.yaml && kubectl get pods --all-namespaces"
# 查看所有Service
sshpass -p '1' ssh fei@149.13.91.216 "export KUBECONFIG=/etc/rancher/k3s/k3s.yaml && kubectl get svc --all-namespaces"
# 查看节点状态
sshpass -p '1' ssh fei@149.13.91.216 "export KUBECONFIG=/etc/rancher/k3s/k3s.yaml && kubectl get nodes -o wide"
# 查看资源使用
sshpass -p '1' ssh fei@149.13.91.216 "export KUBECONFIG=/etc/rancher/k3s/k3s.yaml && kubectl top nodes"
```
### 在Master节点上执行
```bash
# SSH到master节点
ssh fei@149.13.91.216
# 配置环境变量
export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
# 查看所有资源
kubectl get all --all-namespaces
# 查看特定命名空间
kubectl get pods -n gitea
kubectl get pods -n argocd
# 查看日志
kubectl logs -n gitea <pod-name>
kubectl logs -n argocd <pod-name>
# 查看Pod详情
kubectl describe pod -n gitea <pod-name>
```
---
## 🚀 下一步操作
### 1. 配置ArgoCD访问
```bash
# SSH到master节点
ssh fei@149.13.91.216
export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
# 方式1: 配置NodePort
kubectl patch svc argocd-server -n argocd -p '{"spec": {"type": "NodePort"}}'
ARGOCD_PORT=$(kubectl get svc argocd-server -n argocd -o jsonpath='{.spec.ports[0].nodePort}')
echo "ArgoCD访问地址: https://149.13.91.216:$ARGOCD_PORT"
# 方式2: 创建Ingress (推荐)
cat <<EOF | kubectl apply -f -
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: argocd-server
namespace: argocd
annotations:
traefik.ingress.kubernetes.io/router.tls: "true"
spec:
ingressClassName: traefik
rules:
- host: argocd.jpd.net3w.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: argocd-server
port:
number: 80
EOF
```
### 2. 部署cert-manager (HTTPS支持)
```bash
# 部署cert-manager
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.13.0/cert-manager.yaml
# 等待就绪
kubectl wait --for=condition=ready pod -l app=cert-manager -n cert-manager --timeout=300s
# 创建Let's Encrypt ClusterIssuer
cat <<EOF | kubectl apply -f -
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-prod
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
email: admin@jpd.net3w.com
privateKeySecretRef:
name: letsencrypt-prod
solvers:
- http01:
ingress:
class: traefik
EOF
```
### 3. 配置Gitea Ingress (HTTPS)
```bash
cat <<EOF | kubectl apply -f -
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: gitea
namespace: gitea
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
spec:
ingressClassName: traefik
tls:
- hosts:
- git.jpd.net3w.com
secretName: gitea-tls
rules:
- host: git.jpd.net3w.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: gitea-http
port:
number: 3000
EOF
```
### 4. 在Gitea中创建组织和仓库
1. 访问 http://149.13.91.216:30080
2. 使用 `gitea_admin` / `GitAdmin@2026` 登录
3. 创建组织: `k3s-apps`
4. 创建仓库: `demo-app`, `nginx-app`
5. 创建ArgoCD用户: `argocd` / `ArgoCD@2026`
### 5. 配置ArgoCD连接Gitea
1. 访问ArgoCD Web UI
2. 登录 (admin / 密码从secret获取)
3. Settings -> Repositories -> Connect Repo
4. 添加Gitea仓库URL
### 6. 部署测试应用
参考 `MANUAL-DEPLOYMENT-GUIDE.md` 创建和部署应用。
---
## 🔍 故障排查
### Pod无法启动
```bash
# 查看Pod状态
kubectl get pods -n <namespace>
# 查看Pod详情
kubectl describe pod <pod-name> -n <namespace>
# 查看Pod日志
kubectl logs <pod-name> -n <namespace>
# 查看事件
kubectl get events -n <namespace> --sort-by='.lastTimestamp'
```
### 服务无法访问
```bash
# 检查Service
kubectl get svc -n <namespace>
# 检查Ingress
kubectl get ingress -n <namespace>
# 测试内部访问
kubectl run test-pod --rm -it --image=curlimages/curl -- \
curl http://<service-name>.<namespace>.svc.cluster.local
```
### 重启服务
```bash
# 重启Deployment
kubectl rollout restart deployment/<deployment-name> -n <namespace>
# 重启StatefulSet
kubectl rollout restart statefulset/<statefulset-name> -n <namespace>
# 删除Pod强制重建
kubectl delete pod <pod-name> -n <namespace>
```
---
## 📈 监控和维护
### 查看资源使用
```bash
# 节点资源
kubectl top nodes
# Pod资源
kubectl top pods --all-namespaces
# 持续监控
watch kubectl top pods --all-namespaces
```
### 备份集群
```bash
# 备份etcd
ssh fei@149.13.91.216
sudo k3s etcd-snapshot save --name jpd-backup-$(date +%Y%m%d)
# 查看备份
sudo ls -lh /var/lib/rancher/k3s/server/db/snapshots/
# 下载备份到本地
scp fei@149.13.91.216:/var/lib/rancher/k3s/server/db/snapshots/jpd-backup-* ./backups/
```
### 更新组件
```bash
# 更新Gitea
helm upgrade gitea gitea-charts/gitea -n gitea
# 更新ArgoCD
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
```
---
## 📚 相关文档
- [JPD集群部署指南](./JPD-CLUSTER-DEPLOYMENT.md)
- [后续步骤指南](./JPD-NEXT-STEPS.md)
- [手动部署指南](./MANUAL-DEPLOYMENT-GUIDE.md)
- [集群迁移指南](./CLUSTER-MIGRATION-GUIDE.md)
- [Nginx应用指南](./NGINX-APP-GUIDE.md)
---
## ✅ 部署检查清单
- [x] K3s集群部署完成
- [x] 所有节点Ready
- [x] 核心组件运行正常
- [x] Gitea部署完成
- [x] ArgoCD部署完成
- [ ] DNS配置完成
- [ ] ArgoCD NodePort/Ingress配置
- [ ] cert-manager部署
- [ ] HTTPS证书配置
- [ ] 测试应用部署
---
## 🎯 成功指标
**集群健康**: 3/3节点Ready
**Gitea**: 8/8 Pods Running
**ArgoCD**: 7/7 Pods Running
**核心组件**: 9/9 Pods Running
**总计**: 24个Pod全部正常运行
---
**部署完成时间**: 约15分钟
**集群状态**: 🟢 健康运行
**下一步**: 配置DNS和HTTPS
🎉 **恭喜JPD集群GitOps自动化环境部署成功**
Reference in New Issue View Git Blame Copy Permalink