From fe2ec2d04d859edd81046a2261a7189844eda3f0 Mon Sep 17 00:00:00 2001 From: jerryhu Date: Tue, 5 Nov 2019 14:59:00 +0800 Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E8=84=9A=E6=9C=AC=E4=B8=80?= =?UTF-8?q?=E9=94=AE=E5=88=9D=E5=A7=8B=E5=8C=96=E8=84=9A=E6=9C=AC=20(#475)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/charts/README.md | 43 +++++++------------ src/charts/templates/deployment.yaml | 11 +++-- src/charts/templates/ingress.yaml | 7 ++-- src/charts/values.yaml | 62 +++++++++++++++++++++------- 4 files changed, 75 insertions(+), 48 deletions(-) diff --git a/src/charts/README.md b/src/charts/README.md index 4796abe8c8..83a95fe1c3 100644 --- a/src/charts/README.md +++ b/src/charts/README.md @@ -1,28 +1,17 @@ -1、setting: -根目录values.yaml下配置,相关configMap的文件,settings.py,soar.yaml,analysis_slow_query.sh等,找出与mysql,redis的数据库连接 -charts/goinception,charts/inception目录下的values.yaml配置修改,主要与mysql连接的配置 -mysql的存储持久化,请查看values.yaml的方法进行配置 - -2、dependency: -cd charts/archeryk8s && helm dependency update - -3、install: -helm install ./ --name archery --namespace=default - -4、run: -kubectl exec -it archery-xxxx bash -///////////////////////////////////// -source /opt/venv4archery/bin/activate -python3 manage.py makemigrations sql -python3 manage.py migrate -#数据初始化 -python3 manage.py loaddata initial_data.json -#创建管理用户 -python3 manage.py createsuperuser - -5、visit: -i 本机访问 -kubectl port-forward pods/archery-xxxxxx 9123:9123 -ii 集群外访问 -将svc配置为nodePort或loadBalance,或开启ingress +1、setting: 根目录values.yaml下配置,相关configMap的文件,settings.py,soar.yaml,analysis_slow_query.sh等,找出与mysql,redis的数据库连接 charts/goinception,charts/inception目录下的values.yaml配置修改,主要与mysql连接的配置 mysql的存储持久化,请查看values.yaml的方法进行配置 + +2、dependency: cd charts/archeryk8s && helm dependency update + +3、install: helm install ./ --name archery --namespace=default + +4、visit: + +i 本机访问 kubectl port-forward pods/archery-xxxxxx 9123:9123 +ii 集群外访问 将svc配置为nodePort或loadBalance,或开启ingress + +默认关闭ingress,如需开启ingress,请在values.yaml设置为true,并修改ingress默认域名配置。 + + +默认用户名:admin +默认密码:Archery2019 diff --git a/src/charts/templates/deployment.yaml b/src/charts/templates/deployment.yaml index 696f3b26b5..8eed4d237c 100644 --- a/src/charts/templates/deployment.yaml +++ b/src/charts/templates/deployment.yaml @@ -32,6 +32,10 @@ spec: name: archery-download - mountPath: /opt/archery/src/script name: archery-script + - image: busybox + name: init-mysql + imagePullPolicy: IfNotPresent + command: ['sh', '-c', 'until nslookup archery-mysql; do echo waiting for mysql; sleep 2; done;'] containers: - name: {{ .Chart.Name }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" @@ -39,9 +43,6 @@ spec: env: - name: NGINX_PORT value: "9123" - args: - - "bash" - - "/opt/archery/src/docker/startup.sh" ports: - name: archery containerPort: 9123 @@ -50,6 +51,10 @@ spec: httpGet: path: / port: archery + lifecycle: + postStart: + exec: + command: ['/bin/bash','/opt/archery/src/docker/init-archery.sh'] resources: {{- toYaml .Values.resources | nindent 12 }} {{- with .Values.volumeMounts }} diff --git a/src/charts/templates/ingress.yaml b/src/charts/templates/ingress.yaml index 40683614fc..777f8b1593 100644 --- a/src/charts/templates/ingress.yaml +++ b/src/charts/templates/ingress.yaml @@ -1,6 +1,7 @@ {{- if .Values.ingress.enabled -}} {{- $fullName := include "archery.fullname" . -}} {{- $ingressPaths := .Values.ingress.paths -}} +{{- $servicePort := .Values.ingress.servicePort -}} apiVersion: extensions/v1beta1 kind: Ingress metadata: @@ -30,11 +31,11 @@ spec: - host: {{ . | quote }} http: paths: - {{- range $ingressPaths }} + {{- range $ingressPaths }} - path: {{ . }} backend: serviceName: {{ $fullName }} - servicePort: http - {{- end }} + servicePort: {{ $servicePort }} + {{- end }} {{- end }} {{- end }} diff --git a/src/charts/values.yaml b/src/charts/values.yaml index 66464f50af..750db06398 100644 --- a/src/charts/values.yaml +++ b/src/charts/values.yaml @@ -6,7 +6,7 @@ replicaCount: 1 image: repository: hhyo/archery - tag: 1.6.7 + tag: 1.7.0 pullPolicy: IfNotPresent nameOverride: "" @@ -22,9 +22,12 @@ ingress: annotations: {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" - paths: [] + paths: + - / + servicePort: 9123 + hosts: - - chart-example.local + - dba.archery.local tls: [] # - secretName: chart-example-tls # hosts: @@ -32,7 +35,7 @@ ingress: # subcharts redis redis: - usePassword: "" + usePassword: "123456" persistence: enabled: false # subchats mysql @@ -104,6 +107,12 @@ volumeMounts: - name: archery-settings subPath: startup.sh mountPath: /opt/archery/src/docker/startup.sh + - name: archery-settings + subPath: init-archery.sh + mountPath: /opt/archery/src/docker/init-archery.sh + - name: archery-settings + subPath: createsuperuser.py + mountPath: /opt/archery/src/docker/createsuperuser.py nodeSelector: {} tolerations: [] @@ -212,7 +221,6 @@ configMap: STATIC_URL = '/static/' STATIC_ROOT = os.path.join(BASE_DIR, 'static') STATICFILES_DIRS = [os.path.join(BASE_DIR, 'common/static'), ] - STATICFILES_STORAGE = 'common.storage.ForgivingManifestStaticFilesStorage' # 扩展django admin里users字段用到,指定了sql/models.py里的class users AUTH_USER_MODEL = "sql.Users" @@ -285,7 +293,7 @@ configMap: "LOCATION": "redis://archery-redis:6379/0", "OPTIONS": { "CLIENT_CLASS": "django_redis.client.DefaultClient", - "PASSWORD": "" + "PASSWORD": "123456" } }, "dingding": { @@ -293,7 +301,7 @@ configMap: "LOCATION": "redis://archery-redis:6379/1", "OPTIONS": { "CLIENT_CLASS": "django_redis.client.DefaultClient", - "PASSWORD": "" + "PASSWORD": "123456" } } } @@ -311,12 +319,6 @@ configMap: AUTH_LDAP_SERVER_URI = "ldap://xxx" AUTH_LDAP_USER_DN_TEMPLATE = "cn=%(user)s,ou=xxx,dc=xxx,dc=xxx" - # ldap认证的另一种方式,使用时注释AUTH_LDAP_USER_DN_TEMPLATE - """ - AUTH_LDAP_BIND_DN = "cn=xxx,ou=xxx,dc=xxx,dc=xxx" - AUTH_LDAP_BIND_PASSWORD = "***********" - AUTH_LDAP_USER_SEARCH = LDAPSearch('ou=xxx,dc=xxx,dc=xxx',ldap.SCOPE_SUBTREE, '(cn=%(user)s)',) - """ AUTH_LDAP_ALWAYS_UPDATE_USER = True # 每次登录从ldap同步用户信息 AUTH_LDAP_USER_ATTR_MAP = { # key为archery.sql_users字段名,value为ldap中字段名,用户同步信息 "username": "cn", @@ -460,14 +462,44 @@ configMap: $slowquery_file > /tmp/analysis_slow_query.log echo `date +"%Y-%m-%d %H:%M:%S"`>last_analysis_time_$hostname - startup.sh: |- + init-archery.sh: |- #!/bin/bash + cd /opt/archery + echo 切换python运行环境 + source /opt/venv4archery/bin/activate + python3 manage.py makemigrations sql + python3 manage.py migrate + #数据初始化 + python3 manage.py loaddata initial_data.json + #创建管理用户 + #python3 manage.py createsuperuser + cat /opt/archery/src/docker/createsuperuser.py | python3 manage.py shell + createsuperuser.py: |- + #/usr/bin/python3 env + from django.contrib.auth import get_user_model + DJANGO_SU_NAME = "admin" + DJANGO_SU_EMAIL = "ll_archery@gmail.com" + DJANGO_SU_PASSWORD = "Archery2019" + DJANGO_DB_NAME = "archery" + User = get_user_model() + try: + superuser=User.objects.create_superuser( + username=DJANGO_SU_NAME, + email=DJANGO_SU_EMAIL, + password=DJANGO_SU_PASSWORD) + except: + print('Error,用户重复创建或创建失败,请登录pod检查!') + exit(0) + else: + superuser.save() + startup.sh: |- + #!/bin/bash cd /opt/archery echo 切换python运行环境 source /opt/venv4archery/bin/activate - + echo 修改重定向端口 if [[ -z $NGINX_PORT ]]; then sed -i "s/:nginx_port//g" /etc/nginx/nginx.conf