zeaslity/CmiiDeploy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

大量更新

Browse Source
This commit is contained in:
zeaslity
2026-05-19 14:28:44 +08:00
parent a8f6bda703
commit 9fc3372fa3
5299 changed files with 423176 additions and 426690 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
73-202602-成都市工业职业技术学院/1-批量脚本.sh Normal file
View File

@@ -0,0 +1,49 @@
ToDek
408 961 046
Ktxy@gzy2026
172.22.106.77
mv agent-wdd_linux_amd64 /usr/local/bin/agent-wdd
chmod +x /usr/local/bin/agent-wdd
# 主节点安装ssh-key
/usr/local/bin/agent-wdd base ssh config
/usr/local/bin/agent-wdd base ssh key
DEFAULT_HTTP_BACKEND_IP=$(kubectl -n ingress-nginx get svc default-http-backend -o jsonpath='{.spec.clusterIP}')
# 批量执行命令
host_list=(
192.168.1.3
192.168.1.5
192.168.1.2
192.168.1.6
)
for server in "${host_list[@]}";do
echo " ---> current ip is $server - $(hostname) \n"
ssh root@${server} "rm -rf /root/wdd/*.sh"
echo ""
done
scp /usr/local/bin/agent-wdd root@${server}:/usr/local/bin/agent-wdd
ssh root@${server} "/usr/local/bin/agent-wdd base ssh config && /usr/local/bin/agent-wdd base ssh key"
ssh root@${server} "echo yes"
ssh root@${server} "echo \"\"> /etc/apt/apt.conf.d/01proxy"
ssh root@${server} "printf '%s\n' \
'Acquire::http::Proxy \"http://10.22.57.8:3142\";' \
'Acquire::https::Proxy \"http://10.22.57.8:3142\";' \
| tee /etc/apt/apt.conf.d/01proxy >/dev/null"
ssh root@${server} "apt-get update"
ssh root@${server} "apt-get install -y gparted"
apt-get install -y docker.io=20.10.12-0ubuntu4 containerd=1.7.28-0ubuntu1~22.04.1 docker-buildx=0.20.1-0ubuntu1~22.04.2 docker-compose=1.29.2-1

215
73-202602-成都市工业职业技术学院/202604-2.1/cmii-fly-center.yaml Normal file
View File

@@ -0,0 +1,215 @@
kind: Deployment
apiVersion: apps/v1
metadata:
name: cmii-fly-center
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/app-version: 6.0.0
app.kubernetes.io/managed-by: octopus
cmii.app: cmii-fly-center
cmii.type: backend
octopus/control: backend-app-1.0.0
spec:
replicas: 1
selector:
matchLabels:
cmii.app: cmii-fly-center
cmii.type: backend
template:
metadata:
creationTimestamp: null
labels:
cmii.app: cmii-fly-center
cmii.type: backend
spec:
volumes:
- name: application-k8s
configMap:
name: cmii-fly-center-cm
items:
- key: application-k8s.yml
path: application-k8s.yml
defaultMode: 420
- name: nfs-backend-log-volume
persistentVolumeClaim:
claimName: nfs-backend-log-pvc
containers:
- name: cmii-fly-center
image: 172.22.106.77:8033/cmii/cmii-fly-center:2.0.0-031102
ports:
- name: pod-port
containerPort: 8080
protocol: TCP
env:
- name: K8S_NAMESPACE
value: sc-cd-uav-260207
- name: APPLICATION_NAME
value: cmii-fly-center
- name: CUST_JAVA_OPTS
value: '-Xms2000m -Xmx4500m -Dlog4j2.formatMsgNoLookups=true'
- name: NACOS_REGISTRY
value: helm-nacos:8848
- name: NACOS_DISCOVERY_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.podIP
- name: NACOS_DISCOVERY_PORT
value: '8080'
- name: BIZ_CONFIG_GROUP
value: 5.7.0
- name: SYS_CONFIG_GROUP
value: 5.7.0
- name: IMAGE_VERSION
value: 5.7.0
- name: NACOS_USERNAME
value: developer
- name: NACOS_PASSWORD
value: Deve@9128201
- name: SPRING_PROFILES_ACTIVE
value: k8s,db,cache,message
resources:
limits:
cpu: '4'
memory: 6Gi
requests:
cpu: '4'
memory: 2Gi
volumeMounts:
- name: application-k8s
mountPath: /cmii/config/application-k8s.yml
subPath: application-k8s.yml
- name: nfs-backend-log-volume
mountPath: /cmii/logs
subPath: uavcloud-devflight/cmii-fly-center
livenessProbe:
httpGet:
path: /cmii/health
port: pod-port
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
periodSeconds: 20
successThreshold: 1
failureThreshold: 3
readinessProbe:
httpGet:
path: /cmii/health
port: pod-port
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
periodSeconds: 20
successThreshold: 1
failureThreshold: 3
startupProbe:
httpGet:
path: /cmii/health
port: pod-port
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 3
periodSeconds: 20
successThreshold: 1
failureThreshold: 5
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: Always
restartPolicy: Always
terminationGracePeriodSeconds: 30
dnsPolicy: ClusterFirst
securityContext: {}
imagePullSecrets:
- name: harborsecret
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: uavcloud.env
operator: In
values:
- sc-cd-uav-260207
schedulerName: default-scheduler
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxSurge: 25%
revisionHistoryLimit: 10
progressDeadlineSeconds: 600
---
kind: Service
apiVersion: v1
metadata:
name: cmii-fly-center
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/app-version: 6.0.0
app.kubernetes.io/managed-by: octopus
cmii.app: cmii-fly-center
cmii.type: backend
octopus/control: backend-app-1.0.0
spec:
ports:
- name: backend-tcp
protocol: TCP
port: 8080
targetPort: 8080
selector:
cmii.app: cmii-fly-center
cmii.type: backend
type: ClusterIP
---
kind: ConfigMap
apiVersion: v1
metadata:
name: cmii-fly-center-cm
namespace: sc-cd-uav-260207
data:
application-k8s.yml: |
center:
####################下面部分为中间件对应配置,需要确认!!!#######################
############使用k8s部署的中间件可以直接用k8s里面的服务名#################
db:
ip: helm-mysql
port: 3306
username: k8s_admin
password: fP#UaH6qQ3)8
rabbitmq:
ip: helm-rabbitmq
port: 5672
username: admin
password: nYcRN91r._hj
redis:
ip: helm-redis-master
port: 6379
password: Mcache@4522
mqtt:
BASIC:
ip: helm-emqxs
port: 1883 # mqtt内部1883端口
username: cmlc
password: odD8#Ve7.B
DRC:
ip: 36.133.115.174 # 设备连接的mqtt的公网IP
port: 31883 # 1883映射的公网端口
username: cmlc
password: odD8#Ve7.B
influxdb:
ip: helm-influxdb #influxdb宿主机的内部ip
port: 8086 #influxdb宿主机的端口
token: YunnHJASAAdj23rasQAWd621erGAS82kaqj
org: cmii
bucket: cmii
minio:
ip: helm-minio # minio服务的宿主机ip
port: 9000
access-key: cmii # minio的访问key
secret-key: B#923fC7mk # minio访问secret
publicEndpoint: http://36.133.115.174:31090
shareEndpoint: http://36.133.115.174:8088/center
hub:
appKey: Zhdjk*72uU^2xz@s

25
73-202602-成都市工业职业技术学院/202604-2.1/cmii-nginx-cm.yaml Normal file
View File

@@ -0,0 +1,25 @@
---
kind: ConfigMap
apiVersion: v1
metadata:
name: nginx-cm
namespace: sc-cd-uav-260207
labels:
cmii.type: frontend
data:
nginx.conf: |
server {
listen 9528;
server_name localhost;
gzip on;
location / {
root /home/cmii-platform/dist;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}

247
73-202602-成都市工业职业技术学院/202604-2.1/cmii-sky-coverage.yaml Normal file
View File

@@ -0,0 +1,247 @@
kind: Deployment
apiVersion: apps/v1
metadata:
name: cmii-sky-converge
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/app-version: 6.0.0
app.kubernetes.io/managed-by: octopus
cmii.app: cmii-sky-converge
cmii.type: backend
octopus/control: backend-app-1.0.0
spec:
replicas: 1
selector:
matchLabels:
cmii.app: cmii-sky-converge
cmii.type: backend
template:
metadata:
creationTimestamp: null
labels:
cmii.app: cmii-sky-converge
cmii.type: backend
spec:
volumes:
- name: application-k8s
configMap:
name: cmii-sky-converge-cm
items:
- key: application-k8s.yml
path: application-k8s.yml
- key: simAuth.license
path: simAuth.license
defaultMode: 420
- name: nfs-backend-log-volume
persistentVolumeClaim:
claimName: nfs-backend-log-pvc
containers:
- name: cmii-sky-converge
image: 172.22.106.77:8033/cmii/cmii-sky-converge:2.1.0-xa-2026031103
ports:
- name: pod-port
containerPort: 8080
protocol: TCP
env:
- name: K8S_NAMESPACE
value: sc-cd-uav-260207
- name: APPLICATION_NAME
value: cmii-sky-converge
- name: CUST_JAVA_OPTS
value: '-Xms2000m -Xmx4500m -Dlog4j2.formatMsgNoLookups=true'
- name: NACOS_REGISTRY
value: helm-nacos:8848
- name: NACOS_DISCOVERY_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.podIP
- name: NACOS_DISCOVERY_PORT
value: '8080'
- name: BIZ_CONFIG_GROUP
value: 5.7.0
- name: SYS_CONFIG_GROUP
value: 5.7.0
- name: IMAGE_VERSION
value: 5.7.0
- name: NACOS_USERNAME
value: developer
- name: NACOS_PASSWORD
value: Deve@9128201
- name: SPRING_PROFILES_ACTIVE
value: k8s,db,cache,message
resources:
limits:
cpu: '4'
memory: 6Gi
requests:
cpu: '4'
memory: 2Gi
volumeMounts:
- name: application-k8s
mountPath: /cmii/config/application-k8s.yml
subPath: application-k8s.yml
- name: application-k8s
mountPath: /cmii/config/simAuth.license
subPath: simAuth.license
- name: nfs-backend-log-volume
mountPath: /cmii/logs
subPath: uavcloud-devflight/cmii-sky-converge
livenessProbe:
httpGet:
path: /cmii/health
port: pod-port
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 5
periodSeconds: 20
successThreshold: 1
failureThreshold: 3
readinessProbe:
httpGet:
path: /cmii/health
port: pod-port
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 5
periodSeconds: 20
successThreshold: 1
failureThreshold: 3
startupProbe:
httpGet:
path: /cmii/health
port: pod-port
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 3
periodSeconds: 20
successThreshold: 1
failureThreshold: 5
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: Always
restartPolicy: Always
terminationGracePeriodSeconds: 30
dnsPolicy: ClusterFirst
securityContext: {}
imagePullSecrets:
- name: harborsecret
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: uavcloud.env
operator: In
values:
- sc-cd-uav-260207
schedulerName: default-scheduler
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxSurge: 25%
revisionHistoryLimit: 10
progressDeadlineSeconds: 600
---
kind: Service
apiVersion: v1
metadata:
name: cmii-sky-converge
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/app-version: 6.0.0
app.kubernetes.io/managed-by: octopus
cmii.app: cmii-sky-converge
cmii.type: backend
octopus/control: backend-app-1.0.0
spec:
ports:
- name: backend-tcp
protocol: TCP
port: 8080
targetPort: 8080
selector:
cmii.app: cmii-sky-converge
cmii.type: backend
type: ClusterIP
---
kind: ConfigMap
apiVersion: v1
metadata:
name: cmii-sky-converge-cm
namespace: sc-cd-uav-260207
data:
application-k8s.yml: |
converge:
####################下面部分为中间件对应配置,需要确认!!!#######################
############使用k8s部署的中间件可以直接用k8s里面的服务名#################
db:
ip: helm-mysql
port: 3306
username: k8s_admin
password: fP#UaH6qQ3)8
mqtt:
ip: helm-emqxs
port: 1883 # mqtt内部1883端口
username: cmlc
password: odD8#Ve7.B
rabbitmq:
ip: helm-rabbitmq
port: 5672
username: admin
password: nYcRN91r._hj
redis:
ip: helm-redis-master
port: 6379
password: Mcache@4522
influxdb:
ip: helm-influxdb #influxdb宿主机的内部ip
port: 8086 #influxdb宿主机的端口如果docker compose文件没有改动则默认不变
token: YunnHJASAAdj23rasQAWd621erGAS82kaqj
org: cmii
bucket: cmii
minio:
ip: helm-minio # minio服务的宿主机ip
port: 9000
access-key: cmii # minio的访问key
secret-key: B#923fC7mk # minio访问secret
#######################下面部分是业务服务需要的配置,需要确认!!!#######################
center:
address: http://cmii-fly-center:8080 # cmii-fly-center服务部署的容器宿主机ip地址和暴露的端口
stream:
endpoint: http://192.168.9.4:8088 #平台地址端口
buckets:
live-srs-hls: ilm-detect
storage:
endpoint: http://36.133.115.174:8088/converge # cmii-sky-converge服务的公网请求地址需要匹配到all-gateways-ingress里面converge服务的根路径
live:
merge:
tmp: /tmp/ffmpeg/
expired: 10
sms:
mas:
enable: false #内网部署改为false
host: http://XXX:XXX/sms/tmpsubmit
ecName: XXX科技有限公司
apId: notice
secretKey: notice@123
sign: ynYl2Vpl7
templateId: e4dc71ddd5c24d25b24daa01e969e24
expire: 3
limit:
minute: 5
hour: 15
day: 30
sim:
# true = 启用, false = 不启用
enable: false
###固定k8s里面挂载路径
licensePath: /cmii/config/simAuth.license
# 测试环境https://ptest.cmccsim.com:9090, 生产环境https://certplat.cmccsim.com
host: https://ptest.cmccsim.com:9090
callbackUrl: http://36.133.115.174:8088/converge
simAuth.license: >
BOOedo/TVLbYLdKyGkFYEAljoncjd2+mKkwARpNkb0Q8D0QaZbOnCjJdMj0kUtHVRJ03CYujyVJZ8Xc1JvBTujSFgBvNwXWJN2E35TZYGUYx4uZW7WZJ9ajp3pi9Q4V9JLA4qdyd/Zaz0/T+mqaXzW0l18jA9VL25fB0tkzQYpySql76V9QAowpuVcklItcNZ8YWwK4lbPjaygBhZVNqdhbJQwqLG7io2X0QV11T5yhbu8SXCag0hoX6s93IBz0k4Aze2TZvpJ25o/NuMptWKviddrVNpVAIwT/L9kLNVkBT8T0xysX6Ku+9aLKUlLrGw4lhAHM5iHp82jduw7L9jc878ZZgOoUALLaw9axnVdnf3XfhZ75/uhx4mZ+JnNS2aNH18mVR53CGT3jxY0y1RA64e2zhMhFr/KNxVGIuZl/iAr1EGI85QWrnYGsLNbilCFlZyDzcH8tK4hDvmMtUe1xCEUF6oO9nwr+YDHGBSM1ifXLJZrvwuDI7Zim+h6pUqctWhtf6eyfyF17iBrzzt6lmSjkQtZ1kRVUxRni68/FPH9YJBKQhJItAk2h1OaUBB1Lt5vfu8OYi5S+onTmesvlIuUk7USBIFbt4kVhUpgGtV+WyddcjH6BJo3NPqCYcObR4KeLmQ/bHmN/xyVT3HMed8VhiVv0U8EuTINJxmXh+nDVmeDEUa4qYtPRGArSsGF2KGbnOOqwkyk1D/o81Zxb8Kklxn3I/CK1EM63HZLY4hGm52oRsNDjbJPFFFUdTqyQw7igHdwJYJbgxqycCAh1f8zioVVziOXwHxV85poIpVG7pP0LWrYttW1e2WdrSI4WUO1X4krfPu+7WxYHj4Cs4aTflYM9F+KVqbw6bVlg5PIPRiIy6eMRqzvl53y9eesd7eqUNgRnM13PmRDJPe6sw5BnaPn1eHBk7Mh+CAsdRnq8V0t9NkRK2aNfJFNo/PPjahDlw9DHMnJW3QGgZNR3LqFKQxDQIpR7xwgsYX5CmZo3gaBHbTx1EozCagco1tGHrRaDlJNjAYKjnus0huujI0dh+w/ybkWoN4jPQiMWx5O/oem62ga5NbHd5wS/A5e9UKfNZef1NYJyiWRYNINXr3lUl0835rb38q6+5tBKZnrJq1GZ8n2IEuw8L1YcbvtuSDBlHYGSDQ6yD5sL/qv73sXjL2jwtu+QllQt6jhFw5VUKIFRhCjuTeLbrzmcOO2TwCVZb89QPW5rGNA5sO99qormwqNkwXzsKXNx6r9B2rQ6WUdP05r1ti0YAShBdfC1CPhpt2yuKIFO3eh8J6fWjHygBX2kYq+zdb4w39d77gBayQX5lIw4MY0Dcqbyw/MvqcnXj47EUmQ+xIxkaL76C4nbN7GuMQs1rpJ4eox9qqyBeKbVGo/7/aqP6vMXl0BsPWLV5Z2jCy0HzgyBMy4mU1Q==

209
73-202602-成都市工业职业技术学院/202604-2.1/cmii-sky-integration.yaml Normal file
View File

@@ -0,0 +1,209 @@
kind: Deployment
apiVersion: apps/v1
metadata:
name: cmii-sky-integration
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/app-version: 6.0.0
app.kubernetes.io/managed-by: octopus
cmii.app: cmii-sky-integration
cmii.type: backend
octopus/control: backend-app-1.0.0
spec:
replicas: 1
selector:
matchLabels:
cmii.app: cmii-sky-integration
cmii.type: backend
template:
metadata:
creationTimestamp: null
labels:
cmii.app: cmii-sky-integration
cmii.type: backend
spec:
volumes:
- name: application-k8s
configMap:
name: cmii-sky-integration-cm
items:
- key: application-k8s.yml
path: application-k8s.yml
defaultMode: 420
- name: nfs-backend-log-volume
persistentVolumeClaim:
claimName: nfs-backend-log-pvc
containers:
- name: cmii-sky-integration
image: 172.22.106.77:8033/cmii/cmii-sky-integration:2.1.0-xa-2026031103
ports:
- name: pod-port
containerPort: 8080
protocol: TCP
env:
- name: K8S_NAMESPACE
value: sc-cd-uav-260207
- name: APPLICATION_NAME
value: cmii-sky-integration
- name: CUST_JAVA_OPTS
value: '-Xms2000m -Xmx4500m -Dlog4j2.formatMsgNoLookups=true'
- name: NACOS_REGISTRY
value: helm-nacos:8848
- name: NACOS_DISCOVERY_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.podIP
- name: NACOS_DISCOVERY_PORT
value: '8080'
- name: BIZ_CONFIG_GROUP
value: 5.7.0
- name: SYS_CONFIG_GROUP
value: 5.7.0
- name: IMAGE_VERSION
value: 5.7.0
- name: NACOS_USERNAME
value: developer
- name: NACOS_PASSWORD
value: Deve@9128201
- name: SPRING_PROFILES_ACTIVE
value: k8s,db,cache,message
resources:
limits:
cpu: '4'
memory: 6Gi
requests:
cpu: '4'
memory: 2Gi
volumeMounts:
- name: application-k8s
mountPath: /cmii/config/application-k8s.yml
subPath: application-k8s.yml
- name: application-k8s
mountPath: /cmii/config/simAuth.license
subPath: simAuth.license
- name: nfs-backend-log-volume
mountPath: /cmii/logs
subPath: uavcloud-devflight/cmii-sky-integration
livenessProbe:
httpGet:
path: /cmii/health
port: pod-port
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 5
periodSeconds: 20
successThreshold: 1
failureThreshold: 3
readinessProbe:
httpGet:
path: /cmii/health
port: pod-port
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 5
periodSeconds: 20
successThreshold: 1
failureThreshold: 3
startupProbe:
httpGet:
path: /cmii/health
port: pod-port
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 3
periodSeconds: 20
successThreshold: 1
failureThreshold: 5
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: Always
restartPolicy: Always
terminationGracePeriodSeconds: 30
dnsPolicy: ClusterFirst
securityContext: {}
imagePullSecrets:
- name: harborsecret
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: uavcloud.env
operator: In
values:
- sc-cd-uav-260207
schedulerName: default-scheduler
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxSurge: 25%
revisionHistoryLimit: 10
progressDeadlineSeconds: 600
---
kind: Service
apiVersion: v1
metadata:
name: cmii-sky-integration
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/app-version: 6.0.0
app.kubernetes.io/managed-by: octopus
cmii.app: cmii-sky-integration
cmii.type: backend
octopus/control: backend-app-1.0.0
spec:
ports:
- name: backend-tcp
protocol: TCP
port: 8080
targetPort: 8080
selector:
cmii.app: cmii-sky-integration
cmii.type: backend
type: ClusterIP
---
kind: ConfigMap
apiVersion: v1
metadata:
name: cmii-sky-integration-cm
namespace: sc-cd-uav-260207
data:
application-k8s.yml: |
server:
ip: 192.168.40.93
# 外部访问地址 endpoint内网访问, 必须, 末尾没有/
endpoint: http://192.168.0.1:35689/ #sky-converge 内网地址
public-endpoint: https://uav.xadcity.com/converge #sky-converge 公网网地址
comparison:
guochuang-endpoint: http://apitest.tools.liandanlu.cn:50000 #国创算法地址
reconstruction:
geoway-endpoint: http://10.22.48.3:1892 #吉威算法地址
project.name: sky-integration-dev
rabbitmq:
ip: helm-rabbitmq
port: 5672
username: admin
password: nYcRN91r._hj
redis:
host: helm-redis-master
port: 6379
password: Mcache@4522
minio:
ip: helm-minio
port: 39010
access-key: cmii
secret-key: B#923fC7mk
db:
ip: helm-mysql
port: 3306
username: k8s_admin
password: fP#UaH6qQ3)8
callback:
url: xxxx
reconstruction:
host: xxx

129
73-202602-成都市工业职业技术学院/202604-2.1/cmii-uav-platform-lite-oms.yaml Normal file
View File

@@ -0,0 +1,129 @@
kind: Deployment
apiVersion: apps/v1
metadata:
name: cmii-uav-platform-lite-oms
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/app-version: 6.2.0
cmii.app: cmii-uav-platform-lite-oms
cmii.type: frontend
octopus.lite: frontend-app-wdd
spec:
replicas: 1
selector:
matchLabels:
cmii.app: cmii-uav-platform-lite-oms
cmii.type: frontend
template:
metadata:
labels:
cmii.app: cmii-uav-platform-lite-oms
cmii.type: frontend
spec:
volumes:
- name: nginx-conf
configMap:
name: nginx-cm
items:
- key: nginx.conf
path: nginx.conf
defaultMode: 420
- name: tenant-prefix
configMap:
name: tenant-prefix-lite-oms
items:
- key: ingress-config.js
path: ingress-config.js
defaultMode: 420
containers:
- name: cmii-uav-platform-lite-oms
image: 172.22.106.77:8033/cmii/cmii-uav-platform-lite-oms:2.1.0-2026040203-noicp
ports:
- name: platform-9528
containerPort: 9528
protocol: TCP
env:
- name: K8S_NAMESPACE
value: sc-cd-uav-260207
- name: APPLICATION_NAME
value: cmii-uav-platform-lite-oms
resources:
limits:
cpu: '1'
memory: 1Gi
requests:
cpu: 50m
memory: 50Mi
volumeMounts:
- name: nginx-conf
mountPath: /etc/nginx/conf.d/nginx.conf
subPath: nginx.conf
- name: tenant-prefix
mountPath: /home/cmii-platform/dist/ingress-config.js
subPath: ingress-config.js
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: Always
restartPolicy: Always
terminationGracePeriodSeconds: 30
dnsPolicy: ClusterFirst
securityContext: {}
imagePullSecrets:
- name: harborsecret
schedulerName: default-scheduler
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxSurge: 25%
revisionHistoryLimit: 10
progressDeadlineSeconds: 600
---
kind: Service
apiVersion: v1
metadata:
name: cmii-uav-platform-lite-oms
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/version: 6.2.0
cmii.app: cmii-uav-platform-lite-oms
cmii.type: frontend
octopus.control: frontend-app-wdd
spec:
ports:
- name: web-svc-port
protocol: TCP
port: 9528
targetPort: 9528
selector:
cmii.app: cmii-uav-platform-lite-oms
cmii.type: frontend
type: ClusterIP
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-lite-oms
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "ms",
AppClientId: "",
Headers: {
ORG_ID: 'pago',
PROJECT_ID: 'prgn'
},
TdtToken: "XXXX"
}
var __GlobalSystemConfig = {
systemName: "XXX低空应用公共服务平台",
platformName: "",
ShowICP: false,
ShowAgreement: false
};

129
73-202602-成都市工业职业技术学院/202604-2.1/cmii-uav-platform-lite-piolt2.yaml Normal file
View File

@@ -0,0 +1,129 @@
kind: Deployment
apiVersion: apps/v1
metadata:
name: cmii-uav-platform-lite-pilot2
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/app-version: 6.2.0
cmii.app: cmii-uav-platform-lite-pilot2
cmii.type: frontend
octopus.lite: frontend-app-wdd
spec:
replicas: 1
selector:
matchLabels:
cmii.app: cmii-uav-platform-lite-pilot2
cmii.type: frontend
template:
metadata:
labels:
cmii.app: cmii-uav-platform-lite-pilot2
cmii.type: frontend
spec:
volumes:
- name: nginx-conf
configMap:
name: nginx-cm
items:
- key: nginx.conf
path: nginx.conf
defaultMode: 420
- name: tenant-prefix
configMap:
name: tenant-prefix-lite-piolt2
items:
- key: ingress-config.js
path: ingress-config.js
defaultMode: 420
containers:
- name: cmii-uav-platform-lite-pilot2
image: 172.22.106.77:8033/cmii/cmii-uav-platform-lite-pilot2:2.1.0-2026040203-noicp
ports:
- name: platform-9528
containerPort: 9528
protocol: TCP
env:
- name: K8S_NAMESPACE
value: sc-cd-uav-260207
- name: APPLICATION_NAME
value: cmii-uav-platform-lite-pilot2
resources:
limits:
cpu: '1'
memory: 1Gi
requests:
cpu: 50m
memory: 50Mi
volumeMounts:
- name: nginx-conf
mountPath: /etc/nginx/conf.d/nginx.conf
subPath: nginx.conf
- name: tenant-prefix
mountPath: /home/cmii-platform/dist/ingress-config.js
subPath: ingress-config.js
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: Always
restartPolicy: Always
terminationGracePeriodSeconds: 30
dnsPolicy: ClusterFirst
securityContext: {}
imagePullSecrets:
- name: harborsecret
schedulerName: default-scheduler
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxSurge: 25%
revisionHistoryLimit: 10
progressDeadlineSeconds: 600
---
kind: Service
apiVersion: v1
metadata:
name: cmii-uav-platform-lite-pilot2
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/version: 6.2.0
cmii.app: cmii-uav-platform-lite-pilot2
cmii.type: frontend
octopus.control: frontend-app-wdd
spec:
ports:
- name: web-svc-port
protocol: TCP
port: 9528
targetPort: 9528
selector:
cmii.app: cmii-uav-platform-lite-pilot2
cmii.type: frontend
type: ClusterIP
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-lite-piolt2
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "piolt2cloud",
AppClientId: "",
Headers: {
ORG_ID: 'pago',
PROJECT_ID: 'prgn'
},
TdtToken: "XXXX"
}
var __GlobalSystemConfig = {
systemName: "XXX低空应用公共服务平台",
platformName: "",
ShowICP: false,
ShowAgreement: false
};

136
73-202602-成都市工业职业技术学院/202604-2.1/cmii-uav-platform-lite.yaml Normal file
View File

@@ -0,0 +1,136 @@
kind: Deployment
apiVersion: apps/v1
metadata:
name: cmii-uav-platform-lite
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/app-version: 6.2.0
cmii.app: cmii-uav-platform-lite
cmii.type: frontend
octopus.lite: frontend-app-wdd
annotations:
deployment.kubernetes.io/revision: '8'
spec:
replicas: 1
selector:
matchLabels:
cmii.app: cmii-uav-platform-lite
cmii.type: frontend
template:
metadata:
creationTimestamp: null
labels:
cmii.app: cmii-uav-platform-lite
cmii.type: frontend
spec:
volumes:
- name: nginx-conf
configMap:
name: nginx-cm
items:
- key: nginx.conf
path: nginx.conf
defaultMode: 420
- name: tenant-prefix
configMap:
name: tenant-prefix-lite
items:
- key: ingress-config.js
path: ingress-config.js
defaultMode: 420
containers:
- name: cmii-uav-platform-lite
image: 172.22.106.77:8033/cmii/cmii-uav-platform-lite:1.5.0-2026031201-noicp
ports:
- name: platform-9528
containerPort: 9528
protocol: TCP
env:
- name: K8S_NAMESPACE
value: sc-cd-uav-260207
- name: APPLICATION_NAME
value: cmii-uav-platform-lite
resources:
limits:
cpu: '1'
memory: 1Gi
requests:
cpu: 50m
memory: 50Mi
volumeMounts:
- name: nginx-conf
mountPath: /etc/nginx/conf.d/nginx.conf
subPath: nginx.conf
- name: tenant-prefix
mountPath: /home/cmii-platform/dist/ingress-config.js
subPath: ingress-config.js··
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: Always
restartPolicy: Always
terminationGracePeriodSeconds: 30
dnsPolicy: ClusterFirst
securityContext: {}
imagePullSecrets:
- name: harborsecret
schedulerName: default-scheduler
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxSurge: 25%
revisionHistoryLimit: 10
progressDeadlineSeconds: 600
---
kind: Service
apiVersion: v1
metadata:
name: cmii-uav-platform-lite
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/version: 6.2.0
cmii.app: cmii-uav-platform-lite
cmii.type: frontend
octopus.control: frontend-app-wdd
spec:
ports:
- name: web-svc-port
protocol: TCP
port: 9528
targetPort: 9528
selector:
cmii.app: cmii-uav-platform-lite
cmii.type: frontend
type: ClusterIP
sessionAffinity: None
status:
loadBalancer: {}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-lite
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "lite",
AppClientId: "",
Headers: {
ORG_ID: 'pago',
PROJECT_ID: 'prgn'
},
TdtToken: "XXXX"
}
var __GlobalSystemConfig = {
systemName: "XXX低空应用公共服务平台",
platformName: "",
ShowICP: false,
ShowAgreement: false
};

21
73-202602-成都市工业职业技术学院/202604-2.1/nginx-srs.conf Normal file
View File

@@ -0,0 +1,21 @@
location /live-play/flv/ {
proxy_pass http://172.22.106.77:7088/;
}
location /live-play/hls/ {
proxy_pass http://172.22.106.77:7088/zlm/hls/;
}
location /live-play/webrtc {
proxy_pass http://172.22.106.77:7088/index/api/webrtc;
}
location /live-play/whip {
proxy_pass http://172.22.106.77:7088/index/api/whip;
}
location /live-replay/hls-by-time-range/ {
proxy_pass http://172.22.106.77:37086/api/v2/storage/hls-by-time-range/;
}
location /live-replay/fetch_file/ {
proxy_pass http://172.22.106.77:37086/api/v2/storage/fetch_file/;
}
location /live-replay/hls-downloader {
proxy_pass http://172.22.106.77:37080/hls-downloader;
}

129
73-202602-成都市工业职业技术学院/202604-2.1/real-public-nginx.conf Normal file
View File

@@ -0,0 +1,129 @@
upstream cc_server {
ip_hash;
server 172.22.106.77:30500;
}
server {
listen 8088;
server_name localhost;
location / {
proxy_pass http://cc_server;
client_max_body_size 5120m;
client_body_buffer_size 5120m;
client_body_timeout 6000s;
proxy_send_timeout 10000s;
proxy_read_timeout 10000s;
proxy_connect_timeout 600s;
proxy_max_temp_file_size 5120m;
proxy_request_buffering on;
proxy_buffering off;
proxy_buffer_size 4k;
proxy_buffers 4 12k;
proxy_set_header Host fake-domain.sc-cd-uav-260207.io;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /center/ws {
proxy_pass http://172.22.106.77:38083/mqtt;
proxy_http_version 1.1;
proxy_set_header Sec-WebSocket-Protocol mqtt;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
}
##############2.1变动#########################
# gis模型地址
location /converge/bigdata/download/ {
# 使用 rewrite + break 剥离前缀,同时保留 URL 编码(避免 %2F 被二次编码)
rewrite ^/converge/bigdata/download/(.*)$ /$1 break;
# 使用内网minio数据端口
proxy_pass http://172.22.106.77:39000/;
# 关键:必须将 Host 固定为 MinIO 后端地址,否则签名校验失败
proxy_set_header Host 172.22.106.77:39000;
# 查询字符串AWS 签名参数)由 nginx 自动透传,无需额外配置
proxy_pass_request_headers on;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# 关闭缓冲,适合大文件(如 GeoTIFF流式传输
proxy_buffering off;
proxy_request_buffering off;
# 大文件下载超时设置
proxy_connect_timeout 60s;
proxy_send_timeout 300s;
proxy_read_timeout 300s;
}
####删除掉/center/storage的配置#######
########################end##################
location /api/mqtt_ws2/token {
proxy_pass http://172.22.106.77:38083/mqtt;
proxy_http_version 1.1;
proxy_set_header Sec-WebSocket-Protocol mqtt;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
}
location /_AMapService/v4/map/styles {
set $args "$args&jscode=cf66cea95bdcdfcf8048456b36f357a1";
proxy_pass https://webapi.amap.com/v4/ap/styles;
}
location /_AMapService/ {
set $args "$args&jscode=cf66cea95bdcdfcf8048456b36f357a1";
proxy_pass https://restapi.amap.com/;
}
location ~ ^/.*/(actuator|swagger-resources|api-docs|env|ping|health)(/|$) {
return 403;
}
location /live-play/flv/ {
proxy_pass http://172.22.106.77:7088/;
}
location /live-play/hls/ {
proxy_pass http://172.22.106.77:7088/zlm/hls/;
}
location /live-play/webrtc {
proxy_pass http://172.22.106.77:7088/index/api/webrtc;
}
location /live-play/whip {
proxy_pass http://172.22.106.77:7088/index/api/whip;
}
location /live-replay/hls-by-time-range/ {
proxy_pass http://172.22.106.77:37086/api/v2/storage/hls-by-time-range/;
}
location /live-replay/fetch_file/ {
proxy_pass http://172.22.106.77:37086/api/v2/storage/fetch_file/;
}
location /live-replay/hls-downloader {
proxy_pass http://172.22.106.77:37080/hls-downloader;
}
}

194
73-202602-成都市工业职业技术学院/202604-2.1/uav-ai-core.yaml Normal file
View File

@@ -0,0 +1,194 @@
kind: Deployment
apiVersion: apps/v1
metadata:
name: cmii-uav-ai-core
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/app-version: 6.2.0
app.kubernetes.io/managed-by: octopus
cmii.app: cmii-uav-ai-core
cmii.type: backend
octopus/control: backend-app-1.0.0
spec:
replicas: 1
selector:
matchLabels:
cmii.app: cmii-uav-ai-core
cmii.type: backend
template:
metadata:
labels:
cmii.app: cmii-uav-ai-core
cmii.type: backend
spec:
volumes:
- name: nfs-backend-log-volume
persistentVolumeClaim:
claimName: nfs-backend-log-pvc
containers:
- name: cmii-uav-ai-core
image: 172.22.106.77:8033/cmii/cmii-uav-ai-core:5.7.0-shidian202603
ports:
- name: pod-port
containerPort: 8080
protocol: TCP
env:
- name: K8S_NAMESPACE
value: sc-cd-uav-260207
- name: APPLICATION_NAME
value: cmii-uav-ai-core
- name: CUST_JAVA_OPTS
value: '-Xms200m -Xmx1500m -Dlog4j2.formatMsgNoLookups=true'
- name: NACOS_REGISTRY
value: helm-nacos:8848
- name: NACOS_DISCOVERY_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.podIP
- name: NACOS_DISCOVERY_PORT
value: '8080'
- name: BIZ_CONFIG_GROUP
value: 6.2.0
- name: SYS_CONFIG_GROUP
value: 6.2.0
- name: IMAGE_VERSION
value: 6.2.0
- name: NACOS_USERNAME
value: developer
- name: NACOS_PASSWORD
value: Deve@9128201
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
- name: NODE_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.hostIP
- name: LIMIT_CPU
valueFrom:
resourceFieldRef:
containerName: cmii-uav-ai-core
resource: limits.cpu
divisor: '0'
- name: LIMIT_MEMORY
valueFrom:
resourceFieldRef:
containerName: cmii-uav-ai-core
resource: limits.memory
divisor: '0'
- name: REQUEST_CPU
valueFrom:
resourceFieldRef:
containerName: cmii-uav-ai-core
resource: requests.cpu
divisor: '0'
- name: REQUEST_MEMORY
valueFrom:
resourceFieldRef:
containerName: cmii-uav-ai-core
resource: requests.memory
divisor: '0'
resources:
limits:
cpu: '2'
memory: 3Gi
requests:
cpu: 300m
memory: 512Mi
volumeMounts:
- name: nfs-backend-log-volume
mountPath: /cmii/logs
subPath: sc-cd-uav-260207/cmii-uav-ai-core
livenessProbe:
httpGet:
path: /cmii/health
port: pod-port
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
periodSeconds: 20
successThreshold: 1
failureThreshold: 3
readinessProbe:
httpGet:
path: /cmii/health
port: pod-port
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
periodSeconds: 20
successThreshold: 1
failureThreshold: 3
startupProbe:
httpGet:
path: /cmii/health
port: pod-port
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 3
periodSeconds: 20
successThreshold: 1
failureThreshold: 5
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: Always
restartPolicy: Always
terminationGracePeriodSeconds: 30
dnsPolicy: ClusterFirst
securityContext: {}
imagePullSecrets:
- name: harborsecret
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: uavcloud.env
operator: In
values:
- sc-cd-uav-260207
schedulerName: default-scheduler
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxSurge: 25%
revisionHistoryLimit: 10
progressDeadlineSeconds: 600
---
kind: Service
apiVersion: v1
metadata:
name: cmii-uav-ai-core
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/app-version: 6.2.0
app.kubernetes.io/managed-by: octopus
cmii.app: cmii-uav-ai-core
cmii.type: backend
octopus/control: backend-app-1.0.0
spec:
ports:
- name: backend-tcp
protocol: TCP
port: 8080
targetPort: 8080
selector:
cmii.app: cmii-uav-ai-core
cmii.type: backend
type: ClusterIP

4
73-202602-成都市工业职业技术学院/202604-2.1/替换模板.txt Normal file
View File

@@ -0,0 +1,4 @@
sc-cd-uav-260207
172.22.106.77:8033
172.22.106.77:8088
XXX低空应用公共服务平台

168
73-202602-成都市工业职业技术学院/ImageSyncDLTU.sh Normal file
View File

@@ -0,0 +1,168 @@
#!/bin/bash
all_image_list_txt="all-cmii-image-list.txt" # 需要修改版本
gzip_image_list_txt="all-gzip-image-list.txt" # 一般不需要修改
oss_prefix_url="https://oss.demo.uavcmlc.com/cmlc-installation"
local_gzip_path="/root/octopus-image"
DockerRegisterDomain="172.22.106.77:8033" # 需要根据实际修改
HarborAdminPass=V2ryStr@ngPss # 需要跟第一脚本中的密码保持一致
print_green() {
echo -e "\033[32m${1}\033[0m"
echo ""
}
print_red() {
echo -e "\033[31m${1}\033[0m"
echo ""
}
Download_Load_Tag_Upload() {
print_green "[DLTU] - start !"
while [[ $# -gt 0 ]]; do
case "$1" in
rke)
# print_green "download rke "
local_gzip_path="$local_gzip_path/rke13014"
mkdir -p ${local_gzip_path}
oss_prefix_url="$oss_prefix_url/rke13014/"
dltu
shift # past argument
;;
middle)
local_gzip_path="$local_gzip_path/middle"
mkdir -p $local_gzip_path
oss_prefix_url="$oss_prefix_url/middle/"
dltu
shift # past argument
;;
cmii)
local_gzip_path="$local_gzip_path/xauas22"
mkdir -p $local_gzip_path
oss_prefix_url="$oss_prefix_url/xauas22/"
dltu
shift # past argument
;;
*)
# unknown option
print_red "bad arguments"
;;
esac
done
}
dltu() {
print_green "download all image name list and gzip file list!"
cd $local_gzip_path || exit
rm $all_image_list_txt
rm $gzip_image_list_txt
wget "$oss_prefix_url$all_image_list_txt"
wget "$oss_prefix_url$gzip_image_list_txt"
docker login -u admin -p ${HarborAdminPass} ${DockerRegisterDomain}
echo ""
while IFS= read -r i; do
[ -z "${i}" ] && continue
echo "download gzip file =>: $oss_prefix_url${i}"
if wget "$oss_prefix_url${i}" >/dev/null 2>&1; then
echo "Gzip file download success : ${i}"
image_full_name=$(docker load -i ${i} | head -n1 |awk -F': ' '{print $2}')
app_name=$(echo "$image_full_name" | sed 's|.*/||g')
echo "extract short name is $app_name"
if echo $image_full_name | grep -q "rancher"
then
print_green "tag image to => $DockerRegisterDomain/rancher/$app_name"
docker tag ${image_full_name} $DockerRegisterDomain/rancher/$app_name
docker push $DockerRegisterDomain/rancher/$app_name
else
print_green "tag image to => $DockerRegisterDomain/cmii/$app_name"
docker tag ${image_full_name} $DockerRegisterDomain/cmii/$app_name
docker push $DockerRegisterDomain/cmii/$app_name
fi
else
print_red "Gzip file download FAILED : ${i}"
fi
echo "-------------------------------------------------"
done <"${gzip_image_list_txt}"
shift
}
Load_Tag_Upload(){
print_green "[LTU] - start to load image from offline !"
while [[ $# -gt 0 ]]; do
case "$1" in
rke)
# print_green "download rke "
local_gzip_path="$local_gzip_path/rke13014"
mkdir -p ${local_gzip_path}
oss_prefix_url="$oss_prefix_url/rke13014/"
ltu
shift # past argument
;;
middle)
local_gzip_path="$local_gzip_path/middle"
mkdir -p $local_gzip_path
oss_prefix_url="$oss_prefix_url/middle/"
ltu
shift # past argument
;;
cmii)
local_gzip_path="$local_gzip_path/cmii"
mkdir -p $local_gzip_path
oss_prefix_url="$oss_prefix_url/cmii/"
ltu
shift # past argument
;;
*)
# unknown option
print_red "bad arguments"
;;
esac
done
}
ltu(){
all_file_list=$(find $local_gzip_path -type f -name "*.tar.gz")
for file in $all_file_list; do
echo "offline gzip file is => : $file"
image_full_name=$(docker load -i ${file} | head -n1 |awk -F': ' '{print $2}')
docker login -u admin -p ${HarborAdminPass} ${DockerRegisterDomain}
app_name=$(echo "$image_full_name" | sed 's|.*/||g')
echo "extract short name is $app_name"
if echo $image_full_name | grep -q "rancher"
then
print_green "tag image to => $DockerRegisterDomain/rancher/$app_name"
docker tag ${image_full_name} $DockerRegisterDomain/rancher/$app_name
docker push $DockerRegisterDomain/rancher/$app_name
else
print_green "tag image to => $DockerRegisterDomain/cmii/$app_name"
docker tag ${image_full_name} $DockerRegisterDomain/cmii/$app_name
docker push $DockerRegisterDomain/cmii/$app_name
fi
done
}
test(){
app_name=$(echo "nginx:latest" | sed 's|.*/||g')
echo "extract short name is $app_name"
}
# test
Download_Load_Tag_Upload "rke"
# Load_Tag_Upload "cmii"

42
73-202602-成都市工业职业技术学院/as_lite/as_lite/.env Normal file
View File

@@ -0,0 +1,42 @@
##### 流媒体服务所有组件部署在同一台服务器上配置项中IP的值都从下面两个变量获取 #####
## PUBLIC: 外部设备、平台 访问 wvp, zlm 时使用的IP。
## PRIVATE: 内部各组件相互访问时候用的IP。
LIVE_IP_PUBLIC=172.22.106.77
LIVE_IP_PRIVATE=172.22.106.77
LIVE_ZLM_API_PASSWD=035c7GB5cc
LIVE_ZLM_NODE_ID=koisi_gb_216
LIVE_ZLM_PORT_HTTP=7088
LIVE_ZLM_PORT_HTTPS=7089
LIVE_ZLM_PORT_RTMP=51935
LIVE_ZLM_PORT_RTSP=554
LIVE_ZLM_PORT_WEBRTC=57090
LIVE_ZLM_PORT_SRT=7556
LIVE_ZLM_PORT_RTP_PROXY=7100
LIVE_ZLM_PORT_RTP_MIN=30100
LIVE_ZLM_PORT_RTP_MAX=30150
############################ Begin: live-op & oss ############################
## live-op 的http端口
LIVE_OP_PORT_HTTP=9019
## live-op, oss 访问 → MinIO
OSS_ENDPOINT=http://172.22.106.77:39000
OSS_AK=cmii
OSS_SK=B#923fC7mk
CLOUD_LIVE=http://192.168.34.245:32046
## live-op: 数据库默认使用中移凌云的redis和wvp共用本地自带的。
## wvp: 数据库和redis都用本地自带的。
LIVE_OP_DB_ENDPOINT=172.22.106.77:33306
LIVE_OP_DB_USERNAME=k8s_admin
LIVE_OP_DB_PASSWORD=fP#UaH6qQ3)8
LIVE_OP_DB_DATABASE=cmii_live_srs_op
############################ End: live-op & oss ############################
LIVE_IMAGE_ZLM=harbor.cdcyy.com.cn/cmii/cmlc-live/zlm:v2.7.3
LIVE_IMAGE_ZLM_OSS=harbor.cdcyy.com.cn/cmii/cmii-zlm-oss-adaptor:v2.7.3-light
LIVE_IMAGE_LIVE_OP=harbor.cdcyy.com.cn/cmii/cmii-live-operator:v5.7.0

62
73-202602-成都市工业职业技术学院/as_lite/as_lite/conf/DataCommitter.py Normal file
View File

@@ -0,0 +1,62 @@
from typing import Optional
from loguru import logger
from boot.config import CONFIG
from core.beans.enum.UploadStatus import UploadStatus
from core.beans.po.FilePO import FilePO
from core.dao.MysqlRecord import LiveOpRecord, IoTRecord
from core.dao.RabbitMQClient import RabbitMQClient, VideoStreamInfo
from core.pattern.singleton import singleton
@singleton
class DataCommitter:
rabbit: Optional[RabbitMQClient]
def __init__(self):
self.rabbit = RabbitMQClient() if CONFIG.app.modules.light or CONFIG.app.modules.uavms else None
def save_to_db(self, po: FilePO) -> bool:
if CONFIG.app.modules.cmlc:
r = LiveOpRecord(
hub=po.app, stream=po.stream, type="ts", status=UploadStatus.SUCCESS,
fileid=po.uuid, filename=po.relative_path, size=po.size,
time_begin=po.begin, time_end=po.end
).save(force_insert=True)
if r != 1:
logger.error(f"Failed to save LiveOpRecord to DB: {po.filename}, ret: {r}.")
return False
if CONFIG.app.modules.uavms:
r = IoTRecord(
ts_file_name=po.relative_path, start_time=po.begin, end_time=po.end,
file_size=po.size, device_id=po.stream_id, id=po.uuid,
file_type="video", ref_id=po.ref_id, ext_json="{}",
user_id=CONFIG.app.mysql.iot_default_biz_user, ai_object=None,
).save(force_insert=True)
if r != 1:
logger.error(f"Failed to save IoTRecord to DB: {po.filename}, ret: {r}.")
return False
if CONFIG.app.modules.light:
start_timestamp = int(po.begin.timestamp() * 1000)
end_timestamp = int( po.end.timestamp() * 1000)
info = VideoStreamInfo(
start_time=start_timestamp, duration=end_timestamp - start_timestamp,
stream_id=po.stream_id, hub=po.app, stream=po.stream, file_id=po.uuid,
md5=None, name=po.relative_path, type="ts", url=None,
size=po.size, engine_type="zlm"
)
self.rabbit.send(info.to_json())
return True
@staticmethod
def failed_to_sync_to_cloud_live(po: FilePO):
(
LiveOpRecord
.update(status=UploadStatus.FAILED_TO_SYNC_TO_CLOUD_LIVE)
.where(LiveOpRecord.fileid==po.uuid)
.execute()
)

91
73-202602-成都市工业职业技术学院/as_lite/as_lite/conf/live-op.yaml Normal file
View File

@@ -0,0 +1,91 @@
debug: false
server:
port: ${LIVE_OP_PORT_HTTP}
spring:
application:
name: cmii-live-operator
platform:
info:
name: cmii-live-operator
description: cmii-live-operator
version: 5.7.0
scanPackage: com.cmii.live.op
jackson:
time-zone: GMT+8
mvc:
pathmatch:
matching-strategy: ANT_PATH_MATCHER
datasource:
driver-class-name: com.mysql.cj.jdbc.Driver
type: com.alibaba.druid.pool.DruidDataSource
url: jdbc:mysql://${LIVE_OP_DB_ENDPOINT:192.168.34.228:3306}/${LIVE_OP_DB_DATABASE}?characterEncoding=utf8&useSSL=false&serverTimezone=GMT%2B8&allowPublicKeyRetrieval=true
username: ${LIVE_OP_DB_USERNAME:koisi}
password: ${LIVE_OP_DB_PASSWORD:poi.1122}
redis:
host: ${LIVE_OP_REDIS_HOST:172.22.106.77}
port: ${LIVE_OP_REDIS_PORT:6379}
database: ${LIVE_OP_REDIS_DB:6}
password: ${LIVE_OP_REDIS_PASSWD:koisi}
druid:
mysql:
usePingMethod: false
opentracing:
jaeger:
enabled: false
live:
engine:
type: zlm
endpoint: "http://${LIVE_IP_PRIVATE}:${LIVE_ZLM_PORT_HTTP}"
secret-key: ${LIVE_ZLM_API_PASSWD:035c7GB5cc}
wvp: "http://${LIVE_IP_PRIVATE}:${LIVE_WVP_PORT_HTTP}"
rtcPreferTcp: false
proto:
rtmp: "rtmp://172.22.106.77:31935"
rtsp: "rtsp://${LIVE_IP_PUBLIC}:${LIVE_ZLM_PORT_RTSP}"
srt: "srt://${LIVE_IP_PUBLIC}:${LIVE_ZLM_PORT_HTTP}"
flv: "http://172.22.106.77:9019/zlm/flv"
hls: "http://172.22.106.77:9019/zlm/hls"
rtc: "http://172.22.106.77:9019/zlm/webrtc"
whip: "http://172.22.106.77:9019/zlm/whip"
replay: "http://${LIVE_IP_PRIVATE}:${LIVE_OP_PORT_HTTP}"
hls:
max-ts: 200
interval-ms: 6000
minio:
endpoint: ${OSS_ENDPOINT}
access-key: ${OSS_AK}
secret-key: ${OSS_SK}
bucket: "live-srs-hls"
hook:
on-push:
- "http://127.0.0.1:9019/404"
on-play:
- "http://127.0.0.1:9019/404"
sync:
onStart: false
pool:
core: 8
max: 12
queue: 0
keepalive: 20
interval:
sync: 6000
elect: 8
keepalive: 20
heartbeat: 8
logging:
level:
root: info
com.cmii.live.op.mapper: info

62
73-202602-成都市工业职业技术学院/as_lite/as_lite/conf/zlm-oss.yaml Normal file
View File

@@ -0,0 +1,62 @@
app:
env: default
listen:
host: 0.0.0.0
port: 7081
thread_pool: 12
file_dir:
shared: "/cmii/share/hls"
backup: "/cmii/backup"
log:
path: "/cmii/logs"
# TRACE DEBUG INFO WARNING ERROR
level: INFO
modules:
# 是否对接老的行业平台, 中移凌云
cmlc: false
# 是否对接监管平台: 报送封面
uavms: false
# 是否对接轻量化平台: 报送RabbitMQ信息
light: true
# 是否开启配额管理, 关闭可以忽略配额
quota: false
# 是否在MinIO异常时, 将文件移到备份目录, 需要正确配置 app.file_dir.backup, 并确保有足够空间
backup: true
# 是否开启调试模式: 即所有文件都录制
debug: false
client:
# 查询是否需要存储
live_op: "http://gb-live-op:9019"
# 查询业务信息(公司、用户), 存储配额
cloud_live: "http://192.168.34.245:32046"
minio:
endpoint: "http://172.22.106.77:39000"
access_key: "cmii"
secret_key: "B#923fC7mk"
with_meta: true
bucket_light: "ilm-detect"
bucket_uavms: "ilm-detect"
mysql:
host: 172.22.106.77
port: 33306
username: k8s_admin
password: fP#UaH6qQ3)8
live_op_db: "cmii_live_srs_op"
live_op_table: "live_segment"
iot_db: "uav_iot_dispatcher"
iot_table: "cmii_uav_video_storage_management"
iot_cache_table: "cmii_uav_video_cache_storage"
# 目前监管系统用户体系不完善但是素材仓库文件需要关联用户ID
iot_default_biz_user: "233"
# 对接轻量化平台
rabbitmq:
host: 172.22.106.77
port: 35672
username: admin
password: nYcRN91r._hj
routing_key: "sky.live.video"

217
73-202602-成都市工业职业技术学院/as_lite/as_lite/conf/zlm.envsubst.ini Normal file
View File

@@ -0,0 +1,217 @@
[api]
apiDebug = 0
secret = ${LIVE_ZLM_API_PASSWD}
snapRoot = ./www/snap/
defaultSnap = ./www/logo.png
downloadRoot = ./www
[ffmpeg]
bin = /usr/bin/ffmpeg
cmd = %s -stream_loop -1 -re -i %s -c:a copy -c:v copy -f flv %s
snap = %s -i %s -y -f mjpeg -frames:v 1 -an %s
log = ./ffmpeg/ffmpeg.log
restart_sec = 0
[protocol]
modify_stamp = 2
enable_audio = 0
add_mute_audio = 0
# auto_close = 0, 通过 hook:on_none_reader 决定是否关闭流。
# =1 不触发 hook 回调,而是将直接关闭流。
auto_close = 0
#推流断开后可以在超时时间内重新连接上继续推流,这样播放器会接着播放。
continue_push_ms = 4000
#平滑发送定时器间隔单位毫秒置0则关闭开启后影响cpu性能同时增加内存
paced_sender_ms = 0
enable_hls = 1
enable_hls_fmp4 = 0
enable_rtmp = 1
enable_ts = 1
enable_fmp4 = 0
# rtsp -> webrtc
enable_rtsp = 1
#是否开启MP4录制
enable_mp4 = 0
mp4_as_player = 0
mp4_max_second = 3600
mp4_save_path = ./www
hls_save_path = ./www/zlm/hls
hls_demand = 0
rtsp_demand = 0
rtmp_demand = 0
ts_demand = 1
fmp4_demand = 1
[general]
enableVhost = 0
flowThreshold = 1024
#如果在这个时间内,该流注册成功,那么会立即返回播放器播放成功
#否则返回播放器未找到该流,该机制的目的是可以先播放再推流
maxStreamWaitMS = 0
#某个流无人观看时触发hook.on_stream_none_reader事件的最大等待时间单位毫秒
streamNoneReaderDelayMS = 120000
resetWhenRePlay = 1
#低延迟模式
mergeWriteMS = 0
mediaServerId = ${LIVE_ZLM_NODE_ID}
wait_track_ready_ms = 8000
wait_add_track_ms = 2000
unready_frame_cache = 96
broadcast_player_count_changed = 0
[hls]
fileBufSize = 65536
segDur = 10
segNum = 10
segDelay = 0
segRetain = 5000
broadcastRecordTs = 0
deleteDelaySec = 20
segKeep = 0
fastRegister = 1
[hook]
enable = 1
on_flow_report =
on_http_access =
on_play = http://${LIVE_IP_PRIVATE}:${LIVE_OP_PORT_HTTP}/hooks/on_play
on_publish = http://${LIVE_IP_PRIVATE}:${LIVE_OP_PORT_HTTP}/hooks/on_push
on_stream_changed = http://${LIVE_IP_PRIVATE}:${LIVE_WVP_PORT_HTTP}/index/hook/on_stream_changed
on_stream_none_reader = http://${LIVE_IP_PRIVATE}:${LIVE_WVP_PORT_HTTP}/index/hook/on_stream_none_reader
on_stream_not_found = http://${LIVE_IP_PRIVATE}:${LIVE_WVP_PORT_HTTP}/index/hook/on_stream_not_found
on_rtp_server_timeout = http://${LIVE_IP_PRIVATE}:${LIVE_WVP_PORT_HTTP}/index/hook/on_rtp_server_timeout
on_send_rtp_stopped = http://${LIVE_IP_PRIVATE}:${LIVE_WVP_PORT_HTTP}/index/hook/on_send_rtp_stopped
on_server_started = http://${LIVE_IP_PRIVATE}:${LIVE_WVP_PORT_HTTP}/index/hook/on_server_started
on_server_keepalive = http://${LIVE_IP_PRIVATE}:${LIVE_WVP_PORT_HTTP}/index/hook/on_server_keepalive
on_server_exited =
# 置空,使用统一的 on_play 鉴权
on_rtsp_auth =
on_rtsp_realm =
on_shell_login =
on_record_mp4 =
on_record_ts =
stream_changed_schemas = rtsp/rtmp/fmp4/ts/hls/hls.fmp4
timeoutSec = 10
alive_interval = 10.0
retry = 1
retry_delay = 4.0
[cluster]
origin_url =
timeout_sec = 15
retry_count = 3
[http]
port = ${LIVE_ZLM_PORT_HTTP}
# 置 0关闭。
# docker-compose 端口不能为0
# 故使用 docker-compose + .env 部署时,不能关闭。
sslport = ${LIVE_ZLM_PORT_HTTPS}
charSet = utf-8
keepAliveSecond = 20
maxReqSize = 40960
notFound = <html> <head><title>404 Not Found</title></head> <body><div>404 Not Found</div></body> </html>
rootPath = ./www
sendBufSize = 65536
dirMenu = 0
virtualPath =
forbidCacheSuffix =
forwarded_ip_header =
allow_cross_domains = 1
allow_ip_range = ::1,127.0.0.1,172.1.0.0-172.31.255.255,192.168.0.0-192.168.255.255,10.0.0.0-10.255.255.255,20.0.0.0-20.255.255.255,50.0.0.0-50.255.255.255
[multicast]
addrMax = 239.255.255.255
addrMin = 239.0.0.0
udpTTL = 64
[record]
appName = record
fileBufSize = 65536
sampleMS = 1000
fastStart = 0
fileRepeat = 0
enableFmp4 = 0
[rtmp]
port = ${LIVE_ZLM_PORT_RTMP}
sslport = 0
handshakeSecond = 8
keepAliveSecond = 8
directProxy = 0
enhanced = 0
[rtp]
audioMtuSize = 480
videoMtuSize = 1400
rtpMaxSize = 10
# rtp 打包时低延迟开关默认关闭为0h264存在一帧多个sliceNAL的情况在这种情况下如果开启可能会导致画面花屏
lowLatency = 0
# 1兼容webrtc; 0兼容老的rtsp设备
h264_stap_a = 1
[rtp_proxy]
port = ${LIVE_ZLM_PORT_RTP_PROXY}
port_range = ${LIVE_ZLM_PORT_RTP_MIN}-${LIVE_ZLM_PORT_RTP_MAX}
dumpDir =
timeoutSec = 8
h264_pt = 98
h265_pt = 99
ps_pt = 96
opus_pt = 100
gop_cache = 0
rtp_g711_dur_ms = 100
#4*1024*1024=4196304
udp_recv_socket_buffer = 4194304
[rtc]
# 可以使用 ',' 提供多个 IP 。
externIP = ${LIVE_IP_PUBLIC}
port = ${LIVE_ZLM_PORT_WEBRTC}
tcpPort = ${LIVE_ZLM_PORT_WEBRTC}
timeoutSec = 8
rembBitRate = 0
preferredCodecA = PCMU,PCMA,opus,mpeg4-generic
preferredCodecV = H264,H265,AV1,VP9,VP8
start_bitrate = 0
max_bitrate = 0
min_bitrate = 0
maxNackMS = 4000
rtpCacheCheckInterval = 96
nackMaxSize = 2048
nackMaxMS = 4000
nackMaxCount = 12
nackIntervalRatio = 1.0
nackRtpSize = 8
[srt]
port = ${LIVE_ZLM_PORT_SRT}
timeoutSec = 4
latencyMul = 4
pktBufSize = 8192
[rtsp]
port = ${LIVE_ZLM_PORT_RTSP}
sslport = 0
authBasic = 0
directProxy = 0
handshakeSecond = 8
keepAliveSecond = 8
lowLatency = 1
rtpTransportType = -1
[shell]
maxReqSize = 1024
port = 0

217
73-202602-成都市工业职业技术学院/as_lite/as_lite/conf/zlm.ini Normal file
View File

@@ -0,0 +1,217 @@
[api]
apiDebug = 0
secret = 035c7GB5cc
snapRoot = ./www/snap/
defaultSnap = ./www/logo.png
downloadRoot = ./www
[ffmpeg]
bin = /usr/bin/ffmpeg
cmd = %s -stream_loop -1 -re -i %s -c:a copy -c:v copy -f flv %s
snap = %s -i %s -y -f mjpeg -frames:v 1 -an %s
log = ./ffmpeg/ffmpeg.log
restart_sec = 0
[protocol]
modify_stamp = 2
enable_audio = 0
add_mute_audio = 0
# auto_close = 0, 通过 hook:on_none_reader 决定是否关闭流。
# =1 不触发 hook 回调,而是将直接关闭流。
auto_close = 0
#推流断开后可以在超时时间内重新连接上继续推流,这样播放器会接着播放。
continue_push_ms = 4000
#平滑发送定时器间隔单位毫秒置0则关闭开启后影响cpu性能同时增加内存
paced_sender_ms = 0
enable_hls = 1
enable_hls_fmp4 = 0
enable_rtmp = 1
enable_ts = 1
enable_fmp4 = 0
# rtsp -> webrtc
enable_rtsp = 1
#是否开启MP4录制
enable_mp4 = 0
mp4_as_player = 0
mp4_max_second = 3600
mp4_save_path = ./www
hls_save_path = ./www/zlm/hls
hls_demand = 0
rtsp_demand = 0
rtmp_demand = 0
ts_demand = 1
fmp4_demand = 1
[general]
enableVhost = 0
flowThreshold = 1024
#如果在这个时间内,该流注册成功,那么会立即返回播放器播放成功
#否则返回播放器未找到该流,该机制的目的是可以先播放再推流
maxStreamWaitMS = 0
#某个流无人观看时触发hook.on_stream_none_reader事件的最大等待时间单位毫秒
streamNoneReaderDelayMS = 120000
resetWhenRePlay = 1
#低延迟模式
mergeWriteMS = 0
mediaServerId = koisi_gb_228
wait_track_ready_ms = 8000
wait_add_track_ms = 2000
unready_frame_cache = 96
broadcast_player_count_changed = 0
[hls]
fileBufSize = 65536
segDur = 10
segNum = 10
segDelay = 0
segRetain = 5000
broadcastRecordTs = 1
deleteDelaySec = 20
segKeep = 0
fastRegister = 1
[hook]
enable = 1
on_flow_report =
on_http_access =
on_play = http://127.0.0.1:9019/hooks/on_play
on_publish = http://127.0.0.1:9019/hooks/on_push
on_stream_changed =
on_stream_none_reader =
on_stream_not_found =
on_rtp_server_timeout =
on_send_rtp_stopped =
on_server_started =
on_server_keepalive =
on_server_exited =
# 置空,使用统一的 on_play 鉴权
on_rtsp_auth =
on_rtsp_realm =
on_shell_login =
on_record_mp4 =
on_record_ts = http://127.0.0.1:7081/hooks/on_record_ts
stream_changed_schemas = rtsp/rtmp/fmp4/ts/hls/hls.fmp4
timeoutSec = 10
alive_interval = 10.0
retry = 1
retry_delay = 4.0
[cluster]
origin_url =
timeout_sec = 15
retry_count = 3
[http]
port = 7088
# 置 0关闭。
# docker-compose 端口不能为0
# 故使用 docker-compose + .env 部署时,不能关闭。
sslport = 7089
charSet = utf-8
keepAliveSecond = 20
maxReqSize = 40960
notFound = <html> <head><title>404 Not Found</title></head> <body><div>404 Not Found</div></body> </html>
rootPath = ./www
sendBufSize = 65536
dirMenu = 0
virtualPath =
forbidCacheSuffix =
forwarded_ip_header =
allow_cross_domains = 1
allow_ip_range = ::1,127.0.0.1,172.1.0.0-172.31.255.255,192.168.0.0-192.168.255.255,10.0.0.0-10.255.255.255,20.0.0.0-20.255.255.255,50.0.0.0-50.255.255.255
[multicast]
addrMax = 239.255.255.255
addrMin = 239.0.0.0
udpTTL = 64
[record]
appName = record
fileBufSize = 65536
sampleMS = 1000
fastStart = 0
fileRepeat = 0
enableFmp4 = 0
[rtmp]
port = 31935
sslport = 0
handshakeSecond = 8
keepAliveSecond = 8
directProxy = 0
enhanced = 0
[rtp]
audioMtuSize = 480
videoMtuSize = 1400
rtpMaxSize = 10
# rtp 打包时低延迟开关默认关闭为0h264存在一帧多个sliceNAL的情况在这种情况下如果开启可能会导致画面花屏
lowLatency = 0
# 1兼容webrtc; 0兼容老的rtsp设备
h264_stap_a = 1
[rtp_proxy]
port = 7100
port_range = 30100-30150
dumpDir =
timeoutSec = 8
h264_pt = 98
h265_pt = 99
ps_pt = 96
opus_pt = 100
gop_cache = 0
rtp_g711_dur_ms = 100
#4*1024*1024=4196304
udp_recv_socket_buffer = 4194304
[rtc]
# 可以使用 ',' 提供多个 IP 。
externIP = 172.22.106.77
port = 30090
tcpPort = 30090
timeoutSec = 8
rembBitRate = 0
preferredCodecA = PCMU,PCMA,opus,mpeg4-generic
preferredCodecV = H264,H265,AV1,VP9,VP8
start_bitrate = 0
max_bitrate = 0
min_bitrate = 0
maxNackMS = 4000
rtpCacheCheckInterval = 96
nackMaxSize = 2048
nackMaxMS = 4000
nackMaxCount = 12
nackIntervalRatio = 1.0
nackRtpSize = 8
[srt]
port = 7556
timeoutSec = 4
latencyMul = 4
pktBufSize = 8192
[rtsp]
port = 554
sslport = 0
authBasic = 0
directProxy = 0
handshakeSecond = 8
keepAliveSecond = 8
lowLatency = 1
rtpTransportType = -1
[shell]
maxReqSize = 1024
port = 0

74
73-202602-成都市工业职业技术学院/as_lite/as_lite/docker-compose.yaml Normal file
View File

@@ -0,0 +1,74 @@
version: '2.4'
services:
gb-zlm:
image: ${LIVE_IMAGE_ZLM}
restart: always
container_name: gb-zlm
network_mode: host
volumes:
- "./conf/zlm.ini:/home/koisi/zlm.ini"
- "./data/zlm/hls:/home/koisi/zlm/www/zlm/hls"
environment:
TZ: "Asia/Shanghai"
gb-zlm-oss:
image: ${LIVE_IMAGE_ZLM_OSS}
restart: always
container_name: gb-zlm-oss
privileged: true
cpus: 2.0
networks:
- gb28181_net
ports:
- "7081:7081"
volumes:
- "./data/zlm/hls:/cmii/share/hls"
- "./conf/zlm-oss.yaml:/cmii/oss-adaptor/boot/config.yaml"
- "./conf/DataCommitter.py:/cmii/oss-adaptor/core/dao/DataCommitter.py"
gb-live-op:
image: ${LIVE_IMAGE_LIVE_OP}
restart: always
container_name: gb-live-op
networks:
- gb28181_net
ports:
- "${LIVE_OP_PORT_HTTP}:${LIVE_OP_PORT_HTTP}"
volumes:
- "./conf/live-op.yaml:/cmii/bootstrap.yaml"
environment:
LIVE_IP_PUBLIC: ${LIVE_IP_PUBLIC}
LIVE_IP_PRIVATE: ${LIVE_IP_PRIVATE}
LIVE_OP_PORT_HTTP: ${LIVE_OP_PORT_HTTP}
LIVE_WVP_PORT_HTTP: ${LIVE_WVP_PORT_HTTP}
LIVE_OP_REDIS_HOST: 172.22.106.77
LIVE_OP_REDIS_PORT: 36379
LIVE_OP_REDIS_PASSWD: Mcache@4522
LIVE_OP_REDIS_DB: 6
LIVE_OP_DB_ENDPOINT: ${LIVE_OP_DB_ENDPOINT}
LIVE_OP_DB_USERNAME: ${LIVE_OP_DB_USERNAME}
LIVE_OP_DB_PASSWORD: ${LIVE_OP_DB_PASSWORD}
LIVE_OP_DB_DATABASE: ${LIVE_OP_DB_DATABASE}
LIVE_ZLM_PORT_HTTP: ${LIVE_ZLM_PORT_HTTP}
LIVE_ZLM_PORT_HTTPS: ${LIVE_ZLM_PORT_HTTPS}
LIVE_ZLM_PORT_RTMP: ${LIVE_ZLM_PORT_RTMP}
LIVE_ZLM_PORT_RTSP: ${LIVE_ZLM_PORT_RTSP}
LIVE_ZLM_PORT_SRT: ${LIVE_ZLM_PORT_SRT}
LIVE_ZLM_API_PASSWD: ${LIVE_ZLM_API_PASSWD}
OSS_ENDPOINT: ${OSS_ENDPOINT}
OSS_AK: ${OSS_AK}
OSS_SK: ${OSS_SK}
CLOUD_LIVE: ${CLOUD_LIVE}
networks:
gb28181_net:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.5.14.0/24

82
73-202602-成都市工业职业技术学院/cmii-update.sh Normal file
View File

@@ -0,0 +1,82 @@
#!/bin/bash
harbor_host=172.22.106.77:8033
namespace=sc-cd-uav-260207
app_name=""
new_tag=""
download_from_oss() {
if [ "$1" == "" ]; then
echo "no zip file in error!"
exit 233
fi
echo "start to download => $1"
wget "https://oss.demo.uavcmlc.com/cmlc-installation/tmp/$1"
echo ""
echo ""
}
upload_image_to_harbor(){
if [ "$app_name" == "" ]; then
echo "app name null exit!"
exit 233
fi
if ! docker load < "$1"; then
echo "docker load error !"
fi
docker tag "harbor.cdcyy.com.cn/cmii/$app_name:$new_tag" "$harbor_host/cmii/$app_name:$new_tag"
echo ""
echo ""
echo "upload_image_to_harbor - start to push to => $harbor_host/cmii/$app_name:$new_tag"
docker login -u admin -p V2ryStr@ngPss $harbor_host
docker push "$harbor_host/cmii/$app_name:$new_tag"
echo ""
echo ""
}
parse_args(){
if [ "$1" == "" ]; then
echo "no zip file in error!"
exit 233
fi
local image_name="$1"
# cmii-uav-surveillance=5.2.0-27031-cqga=2024-03-04=573.tar.gz
app_name=$(echo $image_name | cut -d "=" -f1)
new_tag=$(echo $image_name | cut -d "=" -f2)
}
update_image_tag(){
if [ "$new_tag" == "" ]; then
echo "new tag error!"
exit 233
fi
local image_prefix=$(kubectl -n ${namespace} get deployment "${app_name}" -o=jsonpath='{.spec.template.spec.containers[*].image}' | cut -d":" -f1)
echo "image grep is => ${image_prefix}"
echo "start to update ${namespace} ${app_name} to ${new_tag} !"
echo ""
kubectl -n ${namespace} patch deployment "${app_name}" -p "{\"spec\":{\"template\":{\"spec\":{\"containers\":[{\"name\":\"${app_name}\",\"image\": \"${harbor_host}/cmii/$app_name:${new_tag}\"}]}}}}"
echo ""
echo "start to wait for 3 seconds!"
sleep 3
local image_new=$(kubectl -n ${namespace} get deployment "${app_name}" -o=jsonpath='{.spec.template.spec.containers[*].image}')
echo ""
echo "new image are => $image_new"
echo ""
}
main(){
parse_args "$1"
download_from_oss "$1"
upload_image_to_harbor "$1"
update_image_tag
}
main "$@"

215
73-202602-成都市工业职业技术学院/k8s-app/fly-center.yaml Normal file
View File

@@ -0,0 +1,215 @@
kind: Deployment
apiVersion: apps/v1
metadata:
name: cmii-fly-center
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/app-version: 6.0.0
app.kubernetes.io/managed-by: octopus
cmii.app: cmii-fly-center
cmii.type: backend
octopus/control: backend-app-1.0.0
spec:
replicas: 1
selector:
matchLabels:
cmii.app: cmii-fly-center
cmii.type: backend
template:
metadata:
creationTimestamp: null
labels:
cmii.app: cmii-fly-center
cmii.type: backend
spec:
volumes:
- name: application-k8s
configMap:
name: cmii-fly-center-cm
items:
- key: application-k8s.yml
path: application-k8s.yml
defaultMode: 420
- name: nfs-backend-log-volume
persistentVolumeClaim:
claimName: nfs-backend-log-pvc
containers:
- name: cmii-fly-center
image: 172.22.106.77:8033/cmii/cmii-fly-center:.0.0-012601
ports:
- name: pod-port
containerPort: 8080
protocol: TCP
env:
- name: K8S_NAMESPACE
value: ahydapp
- name: APPLICATION_NAME
value: cmii-fly-center
- name: CUST_JAVA_OPTS
value: '-Xms500m -Xmx1000m -Dlog4j2.formatMsgNoLookups=true'
- name: NACOS_REGISTRY
value: helm-nacos:8848
- name: NACOS_DISCOVERY_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.podIP
- name: NACOS_DISCOVERY_PORT
value: '8080'
- name: BIZ_CONFIG_GROUP
value: 5.7.0
- name: SYS_CONFIG_GROUP
value: 5.7.0
- name: IMAGE_VERSION
value: 5.7.0
- name: NACOS_USERNAME
value: developer
- name: NACOS_PASSWORD
value: Deve@9128201
- name: SPRING_PROFILES_ACTIVE
value: k8s,db,cache,message
resources:
limits:
cpu: '2'
memory: 1Gi
requests:
cpu: '0.2'
memory: 0.5Gi
volumeMounts:
- name: application-k8s
mountPath: /cmii/config/application-k8s.yml
subPath: application-k8s.yml
- name: nfs-backend-log-volume
mountPath: /cmii/logs
subPath: uavcloud-devflight/cmii-fly-center
livenessProbe:
httpGet:
path: /cmii/health
port: pod-port
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
periodSeconds: 20
successThreshold: 1
failureThreshold: 3
readinessProbe:
httpGet:
path: /cmii/health
port: pod-port
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
periodSeconds: 20
successThreshold: 1
failureThreshold: 3
startupProbe:
httpGet:
path: /cmii/health
port: pod-port
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 3
periodSeconds: 20
successThreshold: 1
failureThreshold: 5
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: Always
restartPolicy: Always
terminationGracePeriodSeconds: 30
dnsPolicy: ClusterFirst
securityContext: {}
imagePullSecrets:
- name: harborsecret
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: uavcloud.env
operator: In
values:
- yuansong
schedulerName: default-scheduler
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxSurge: 25%
revisionHistoryLimit: 10
progressDeadlineSeconds: 600
---
kind: Service
apiVersion: v1
metadata:
name: cmii-fly-center
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/app-version: 6.0.0
app.kubernetes.io/managed-by: octopus
cmii.app: cmii-fly-center
cmii.type: backend
octopus/control: backend-app-1.0.0
spec:
ports:
- name: backend-tcp
protocol: TCP
port: 8080
targetPort: 8080
selector:
cmii.app: cmii-fly-center
cmii.type: backend
type: ClusterIP
---
kind: ConfigMap
apiVersion: v1
metadata:
name: cmii-fly-center-cm
namespace: sc-cd-uav-260207
data:
application-k8s.yml: |
center:
####################下面部分为中间件对应配置,需要确认!!!#######################
############使用k8s部署的中间件可以直接用k8s里面的服务名#################
db:
ip: helm-mysql
port: 3306
username: k8s_admin
password: fP#UaH6qQ3)8
rabbitmq:
ip: helm-rabbitmq
port: 5672
username: admin
password: nYcRN91r._hj
redis:
ip: helm-redis-master
port: 6379
password: Mcache@4522
mqtt:
BASIC:
ip: helm-emqxs
port: 1883 # mqtt内部1883端口
username: cmlc
password: odD8#Ve7.B
DRC:
ip: 172.22.106.77 # 设备连接的mqtt的公网IP
port: 31883 # 1883映射的公网端口
username: cmlc
password: odD8#Ve7.B
influxdb:
ip: helm-influxdb #influxdb宿主机的内部ip
port: 8086 #influxdb宿主机的端口
token: YunnHJASAAdj23rasQAWd621erGAS82kaqj
org: cmii
bucket: cmii
minio:
ip: helm-minio # minio服务的宿主机ip
port: 39000
access-key: cmii # minio的访问key
secret-key: B#923fC7mk # minio访问secret
publicEndpoint: http://172.22.106.77:39000
shareEndpoint: http://172.22.106.77:8088/center
hub:
appKey: Zhdjk*72uU^2xz@s

154
73-202602-成都市工业职业技术学院/k8s-app/lite.yaml Normal file
View File

@@ -0,0 +1,154 @@
kind: Deployment
apiVersion: apps/v1
metadata:
name: cmii-uav-platform-lite
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/app-version: 6.2.0
cmii.app: cmii-uav-platform-lite
cmii.type: frontend
octopus.lite: frontend-app-wdd
annotations:
deployment.kubernetes.io/revision: '8'
spec:
replicas: 1
selector:
matchLabels:
cmii.app: cmii-uav-platform-lite
cmii.type: frontend
template:
metadata:
creationTimestamp: null
labels:
cmii.app: cmii-uav-platform-lite
cmii.type: frontend
spec:
volumes:
- name: nginx-conf
configMap:
name: nginx-cm
items:
- key: nginx.conf
path: nginx.conf
defaultMode: 420
- name: tenant-prefix
configMap:
name: tenant-prefix-lite
items:
- key: ingress-config.js
path: ingress-config.js
defaultMode: 420
containers:
- name: cmii-uav-platform-lite
image: 172.22.106.77:8033/cmii/cmii-uav-platform-lite:2.0.0-2026012703-noicp
ports:
- name: platform-9528
containerPort: 9528
protocol: TCP
env:
- name: K8S_NAMESPACE
value: ahydapp
- name: APPLICATION_NAME
value: cmii-uav-platform-lite
resources:
limits:
cpu: '1'
memory: 1Gi
requests:
cpu: 50m
memory: 50Mi
volumeMounts:
- name: nginx-conf
mountPath: /etc/nginx/conf.d/nginx.conf
subPath: nginx.conf
- name: tenant-prefix
mountPath: /home/cmii-platform/dist/ingress-config.js
subPath: ingress-config.js
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: Always
restartPolicy: Always
terminationGracePeriodSeconds: 30
dnsPolicy: ClusterFirst
securityContext: {}
imagePullSecrets:
- name: harborsecret
schedulerName: default-scheduler
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxSurge: 25%
revisionHistoryLimit: 10
progressDeadlineSeconds: 600
---
kind: Service
apiVersion: v1
metadata:
name: cmii-uav-platform-lite
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/version: 6.2.0
cmii.app: cmii-uav-platform-lite
cmii.type: frontend
octopus.control: frontend-app-wdd
spec:
ports:
- name: web-svc-port
protocol: TCP
port: 9528
targetPort: 9528
selector:
cmii.app: cmii-uav-platform-lite
cmii.type: frontend
type: ClusterIP
sessionAffinity: None
status:
loadBalancer: {}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-lite
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "lite",
AppClientId: "",
Headers: {
ORG_ID: 'pago',
PROJECT_ID: 'prgn'
},
TdtToken: "XXXX"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: nginx-cm
namespace: sc-cd-uav-260207
labels:
cmii.type: frontend
data:
nginx.conf: |
server {
listen 9528;
server_name localhost;
gzip on;
location / {
root /home/cmii-platform/dist;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}

247
73-202602-成都市工业职业技术学院/k8s-app/sky-coverage.yaml Normal file
View File

@@ -0,0 +1,247 @@
kind: Deployment
apiVersion: apps/v1
metadata:
name: cmii-sky-converge
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/app-version: 6.0.0
app.kubernetes.io/managed-by: octopus
cmii.app: cmii-sky-converge
cmii.type: backend
octopus/control: backend-app-1.0.0
spec:
replicas: 1
selector:
matchLabels:
cmii.app: cmii-sky-converge
cmii.type: backend
template:
metadata:
creationTimestamp: null
labels:
cmii.app: cmii-sky-converge
cmii.type: backend
spec:
volumes:
- name: application-k8s
configMap:
name: cmii-sky-converge-cm
items:
- key: application-k8s.yml
path: application-k8s.yml
- key: simAuth.license
path: simAuth.license
defaultMode: 420
- name: nfs-backend-log-volume
persistentVolumeClaim:
claimName: nfs-backend-log-pvc
containers:
- name: cmii-sky-converge
image: 172.22.106.77:8033/cmii/cmii-sky-converge:2.0.0-012601
ports:
- name: pod-port
containerPort: 8080
protocol: TCP
env:
- name: K8S_NAMESPACE
value: ahydapp
- name: APPLICATION_NAME
value: cmii-sky-converge
- name: CUST_JAVA_OPTS
value: '-Xms500m -Xmx1000m -Dlog4j2.formatMsgNoLookups=true'
- name: NACOS_REGISTRY
value: helm-nacos:8848
- name: NACOS_DISCOVERY_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.podIP
- name: NACOS_DISCOVERY_PORT
value: '8080'
- name: BIZ_CONFIG_GROUP
value: 5.7.0
- name: SYS_CONFIG_GROUP
value: 5.7.0
- name: IMAGE_VERSION
value: 5.7.0
- name: NACOS_USERNAME
value: developer
- name: NACOS_PASSWORD
value: Deve@9128201
- name: SPRING_PROFILES_ACTIVE
value: k8s,db,cache,message
resources:
limits:
cpu: '2'
memory: 1Gi
requests:
cpu: '0.2'
memory: 0.5Gi
volumeMounts:
- name: application-k8s
mountPath: /cmii/config/application-k8s.yml
subPath: application-k8s.yml
- name: application-k8s
mountPath: /cmii/config/simAuth.license
subPath: simAuth.license
- name: nfs-backend-log-volume
mountPath: /cmii/logs
subPath: uavcloud-devflight/cmii-sky-converge
livenessProbe:
httpGet:
path: /cmii/health
port: pod-port
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 5
periodSeconds: 20
successThreshold: 1
failureThreshold: 3
readinessProbe:
httpGet:
path: /cmii/health
port: pod-port
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 5
periodSeconds: 20
successThreshold: 1
failureThreshold: 3
startupProbe:
httpGet:
path: /cmii/health
port: pod-port
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 3
periodSeconds: 20
successThreshold: 1
failureThreshold: 5
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: Always
restartPolicy: Always
terminationGracePeriodSeconds: 30
dnsPolicy: ClusterFirst
securityContext: {}
imagePullSecrets:
- name: harborsecret
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: uavcloud.env
operator: In
values:
- yuansong
schedulerName: default-scheduler
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxSurge: 25%
revisionHistoryLimit: 10
progressDeadlineSeconds: 600
---
kind: Service
apiVersion: v1
metadata:
name: cmii-sky-converge
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/app-version: 6.0.0
app.kubernetes.io/managed-by: octopus
cmii.app: cmii-sky-converge
cmii.type: backend
octopus/control: backend-app-1.0.0
spec:
ports:
- name: backend-tcp
protocol: TCP
port: 8080
targetPort: 8080
selector:
cmii.app: cmii-sky-converge
cmii.type: backend
type: ClusterIP
---
kind: ConfigMap
apiVersion: v1
metadata:
name: cmii-sky-converge-cm
namespace: sc-cd-uav-260207
data:
application-k8s.yml: |
converge:
####################下面部分为中间件对应配置,需要确认!!!#######################
############使用k8s部署的中间件可以直接用k8s里面的服务名#################
db:
ip: helm-mysql
port: 3306
username: k8s_admin
password: fP#UaH6qQ3)8
mqtt:
ip: helm-emqxs
port: 1883 # mqtt内部1883端口
username: cmlc
password: odD8#Ve7.B
rabbitmq:
ip: helm-rabbitmq
port: 5672
username: admin
password: nYcRN91r._hj
redis:
ip: helm-redis-master
port: 6379
password: Mcache@4522
influxdb:
ip: helm-influxdb #influxdb宿主机的内部ip
port: 8086 #influxdb宿主机的端口如果docker compose文件没有改动则默认不变
token: YunnHJASAAdj23rasQAWd621erGAS82kaqj
org: cmii
bucket: cmii
minio:
ip: helm-minio # minio服务的宿主机ip
port: 39000
access-key: cmii # minio的访问key
secret-key: B#923fC7mk # minio访问secret
#######################下面部分是业务服务需要的配置,需要确认!!!#######################
center:
address: http://cmii-fly-center:8080 # cmii-fly-center服务部署的容器宿主机ip地址和暴露的端口
stream:
endpoint: http://172.22.106.77:8088 #平台地址端口
buckets:
live-srs-hls: ilm-detect
storage:
endpoint: http://172.22.106.77:8088/converge # cmii-sky-converge服务的公网请求地址需要匹配到all-gateways-ingress里面converge服务的根路径
live:
merge:
tmp: /tmp/ffmpeg/
expired: 10
sms:
mas:
enable: false #内网部署改为false
host: http://XXX:XXX/sms/tmpsubmit
ecName: XXX科技有限公司
apId: notice
secretKey: notice@123
sign: ynYl2Vpl7
templateId: e4dc71ddd5c24d25b24daa01e969e24
expire: 3
limit:
minute: 5
hour: 15
day: 30
sim:
# true = 启用, false = 不启用
enable: false
###固定k8s里面挂载路径
licensePath: /cmii/config/simAuth.license
# 测试环境https://ptest.cmccsim.com:9090, 生产环境https://certplat.cmccsim.com
host: https://ptest.cmccsim.com:9090
callbackUrl: http://183.220.196.116:8088/converge
simAuth.license: >
BOOedo/TVLbYLdKyGkFYEAljoncjd2+mKkwARpNkb0Q8D0QaZbOnCjJdMj0kUtHVRJ03CYujyVJZ8Xc1JvBTujSFgBvNwXWJN2E35TZYGUYx4uZW7WZJ9ajp3pi9Q4V9JLA4qdyd/Zaz0/T+mqaXzW0l18jA9VL25fB0tkzQYpySql76V9QAowpuVcklItcNZ8YWwK4lbPjaygBhZVNqdhbJQwqLG7io2X0QV11T5yhbu8SXCag0hoX6s93IBz0k4Aze2TZvpJ25o/NuMptWKviddrVNpVAIwT/L9kLNVkBT8T0xysX6Ku+9aLKUlLrGw4lhAHM5iHp82jduw7L9jc878ZZgOoUALLaw9axnVdnf3XfhZ75/uhx4mZ+JnNS2aNH18mVR53CGT3jxY0y1RA64e2zhMhFr/KNxVGIuZl/iAr1EGI85QWrnYGsLNbilCFlZyDzcH8tK4hDvmMtUe1xCEUF6oO9nwr+YDHGBSM1ifXLJZrvwuDI7Zim+h6pUqctWhtf6eyfyF17iBrzzt6lmSjkQtZ1kRVUxRni68/FPH9YJBKQhJItAk2h1OaUBB1Lt5vfu8OYi5S+onTmesvlIuUk7USBIFbt4kVhUpgGtV+WyddcjH6BJo3NPqCYcObR4KeLmQ/bHmN/xyVT3HMed8VhiVv0U8EuTINJxmXh+nDVmeDEUa4qYtPRGArSsGF2KGbnOOqwkyk1D/o81Zxb8Kklxn3I/CK1EM63HZLY4hGm52oRsNDjbJPFFFUdTqyQw7igHdwJYJbgxqycCAh1f8zioVVziOXwHxV85poIpVG7pP0LWrYttW1e2WdrSI4WUO1X4krfPu+7WxYHj4Cs4aTflYM9F+KVqbw6bVlg5PIPRiIy6eMRqzvl53y9eesd7eqUNgRnM13PmRDJPe6sw5BnaPn1eHBk7Mh+CAsdRnq8V0t9NkRK2aNfJFNo/PPjahDlw9DHMnJW3QGgZNR3LqFKQxDQIpR7xwgsYX5CmZo3gaBHbTx1EozCagco1tGHrRaDlJNjAYKjnus0huujI0dh+w/ybkWoN4jPQiMWx5O/oem62ga5NbHd5wS/A5e9UKfNZef1NYJyiWRYNINXr3lUl0835rb38q6+5tBKZnrJq1GZ8n2IEuw8L1YcbvtuSDBlHYGSDQ6yD5sL/qv73sXjL2jwtu+QllQt6jhFw5VUKIFRhCjuTeLbrzmcOO2TwCVZb89QPW5rGNA5sO99qormwqNkwXzsKXNx6r9B2rQ6WUdP05r1ti0YAShBdfC1CPhpt2yuKIFO3eh8J6fWjHygBX2kYq+zdb4w39d77gBayQX5lIw4MY0Dcqbyw/MvqcnXj47EUmQ+xIxkaL76C4nbN7GuMQs1rpJ4eox9qqyBeKbVGo/7/aqP6vMXl0BsPWLV5Z2jCy0HzgyBMy4mU1Q==

280
73-202602-成都市工业职业技术学院/k8s-depoly/helm-influxdb.yaml Normal file
View File

@@ -0,0 +1,280 @@
---
# Source: influxdb/templates/networkpolicy.yaml
kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
name: helm-influxdb
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/instance: helm-influxdb
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: influxdb
app.kubernetes.io/version: 2.7.11
helm.sh/chart: influxdb-6.6.11
spec:
podSelector:
matchLabels:
app.kubernetes.io/instance: helm-influxdb
app.kubernetes.io/name: influxdb
app.kubernetes.io/component: influxdb
policyTypes:
- Ingress
- Egress
egress:
- {}
ingress:
# Allow inbound connections
- ports:
- port: 8086
protocol: TCP
- port: 8088
protocol: TCP
---
# Source: influxdb/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: helm-influxdb
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/instance: helm-influxdb
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: influxdb
app.kubernetes.io/version: 2.7.11
helm.sh/chart: influxdb-6.6.11
app.kubernetes.io/component: influxdb
automountServiceAccountToken: false
---
# Source: influxdb/templates/secrets.yaml
apiVersion: v1
kind: Secret
metadata:
name: helm-influxdb
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/instance: helm-influxdb
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: influxdb
app.kubernetes.io/version: 2.7.11
helm.sh/chart: influxdb-6.6.11
type: Opaque
data:
admin-user-password: "WTFjJVJoI2ZIMw=="
admin-user-token: "WXVubkhKQVNBQWRqMjNyYXNRQVdkNjIxZXJHQVM4MmthcWo="
---
# Source: influxdb/templates/pvc.yaml
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: helm-influxdb
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/instance: helm-influxdb
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: influxdb
app.kubernetes.io/version: 2.7.11
helm.sh/chart: influxdb-6.6.11
app.kubernetes.io/component: influxdb
spec:
storageClassName: nfs-prod-distribute
accessModes:
- "ReadWriteOnce"
resources:
requests:
storage: "8Gi"
---
# Source: influxdb/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: helm-influxdb
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/instance: helm-influxdb
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: influxdb
app.kubernetes.io/version: 2.7.11
helm.sh/chart: influxdb-6.6.11
app.kubernetes.io/component: influxdb
spec:
type: ClusterIP
sessionAffinity: None
ports:
- port: 8086
targetPort: http
protocol: TCP
name: http
nodePort: null
- port: 8088
targetPort: rpc
protocol: TCP
name: rpc
nodePort: null
selector:
app.kubernetes.io/instance: helm-influxdb
app.kubernetes.io/name: influxdb
app.kubernetes.io/component: influxdb
---
# Source: influxdb/templates/deployment.yaml
kind: Deployment
apiVersion: apps/v1
metadata:
name: helm-influxdb
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/component: influxdb
app.kubernetes.io/instance: helm-influxdb
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: influxdb
app.kubernetes.io/version: 2.7.11
helm.sh/chart: influxdb-6.6.11
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/component: influxdb
app.kubernetes.io/instance: helm-influxdb
app.kubernetes.io/name: influxdb
template:
metadata:
creationTimestamp: null
labels:
app.kubernetes.io/component: influxdb
app.kubernetes.io/instance: helm-influxdb
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: influxdb
app.kubernetes.io/version: 2.7.11
helm.sh/chart: influxdb-6.6.11
spec:
volumes:
- name: empty-dir
emptyDir: {}
- name: influxdb-credentials
secret:
secretName: helm-influxdb
defaultMode: 420
- name: data
persistentVolumeClaim:
claimName: helm-influxdb
containers:
- name: influxdb
image: 172.22.106.77:8033/cmii/influxdb:2.7.11-debian-12-r19
ports:
- name: http
containerPort: 8086
protocol: TCP
- name: rpc
containerPort: 8088
protocol: TCP
env:
- name: BITNAMI_DEBUG
value: 'true'
- name: POD_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.podIP
- name: INFLUXDB_HTTP_AUTH_ENABLED
value: 'true'
- name: INFLUXDB_CREATE_USER_TOKEN
value: 'no'
- name: INFLUXDB_ADMIN_USER
value: cmlc
- name: INFLUXDB_ADMIN_USER_PASSWORD_FILE
value: /opt/bitnami/influxdb/secrets/admin-user-password
- name: INFLUXDB_ADMIN_USER_TOKEN_FILE
value: /opt/bitnami/influxdb/secrets/admin-user-token
- name: INFLUXDB_ADMIN_BUCKET
value: home
- name: INFLUXDB_ADMIN_ORG
value: docs
resources:
limits:
cpu: '1'
ephemeral-storage: 4Gi
memory: 2Gi
requests:
cpu: '0.5'
ephemeral-storage: 50Mi
memory: 1Gi
volumeMounts:
- name: empty-dir
mountPath: /tmp
subPath: tmp-dir
- name: empty-dir
mountPath: /opt/bitnami/influxdb/etc
subPath: app-conf-dir
- name: influxdb-credentials
mountPath: /opt/bitnami/influxdb/secrets/
- name: data
mountPath: /bitnami/influxdb
livenessProbe:
httpGet:
path: /
port: http
scheme: HTTP
initialDelaySeconds: 180
timeoutSeconds: 30
periodSeconds: 45
successThreshold: 1
failureThreshold: 6
readinessProbe:
exec:
command:
- bash
- '-c'
- |
. /opt/bitnami/scripts/libinfluxdb.sh
influxdb_env
export INFLUX_USERNAME="$INFLUXDB_ADMIN_USER"
export INFLUX_PASSWORD="$INFLUXDB_ADMIN_USER_PASSWORD"
timeout 29s influx ping --host http://$POD_IP:8086
initialDelaySeconds: 120
timeoutSeconds: 30
periodSeconds: 45
successThreshold: 1
failureThreshold: 6
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: IfNotPresent
securityContext:
capabilities:
drop:
- ALL
privileged: false
seLinuxOptions: {}
runAsUser: 1001
runAsGroup: 1001
runAsNonRoot: true
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
restartPolicy: Always
terminationGracePeriodSeconds: 30
dnsPolicy: ClusterFirst
serviceAccountName: helm-influxdb
serviceAccount: helm-influxdb
securityContext:
fsGroup: 1001
fsGroupChangePolicy: Always
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: uavcloud.env
operator: In
values:
- yuansong
schedulerName: default-scheduler
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 25%
maxSurge: 25%
revisionHistoryLimit: 10
progressDeadlineSeconds: 600

79
73-202602-成都市工业职业技术学院/k8s-depoly/helm-minio.yaml Normal file
View File

@@ -0,0 +1,79 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
namespace: sc-cd-uav-260207
name: helm-minio
spec:
serviceName: helm-minio
replicas: 1
selector:
matchLabels:
app: helm-minio
template:
metadata:
labels:
app: helm-minio
spec:
imagePullSecrets:
- name: harborsecret
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: minio-deploy
operator: In
values:
- "true"
containers:
- name: minio
image: 172.22.106.77:8033/cmii/minio:RELEASE.2023-06-02T23-17-26Z
command: ["/bin/sh", "-c"]
args:
- minio server /data --console-address ":9001"
ports:
- containerPort: 9000
name: api
- containerPort: 9001
name: console
env:
- name: MINIO_ACCESS_KEY
value: "cmii"
- name: MINIO_SECRET_KEY
value: "B#923fC7mk"
volumeMounts:
- name: data
mountPath: /data
resources:
limits:
memory: 1Gi
cpu: "1"
requests:
memory: 200Mi
cpu: 200m
volumes:
- name: data
# persistentVolumeClaim:
# claimName: helm-minio
hostPath:
path: /var/lib/docker/minio-pv/
---
apiVersion: v1
kind: Service
metadata:
name: helm-minio
namespace: sc-cd-uav-260207
spec:
selector:
app: helm-minio
ports:
- name: api
port: 9000
targetPort: 9000
nodePort: 39000
- name: console
port: 9001
targetPort: 9001
nodePort: 39001
type: NodePort

350
73-202602-成都市工业职业技术学院/k8s-depoly/k8s-backend.yaml Normal file
View File

@@ -0,0 +1,350 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: cmii-fly-center
namespace: sc-cd-uav-260207
labels:
cmii.type: backend
cmii.app: cmii-fly-center
octopus/control: backend-app-1.0.0
app.kubernetes.io/managed-by: octopus
app.kubernetes.io/app-version: "2.0"
spec:
replicas: 1
strategy:
rollingUpdate:
maxUnavailable: 1
selector:
matchLabels:
cmii.type: backend
cmii.app: cmii-fly-center
template:
metadata:
labels:
cmii.type: backend
cmii.app: cmii-fly-center
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: uavcloud.env
operator: In
values:
- yuansong
imagePullSecrets:
- name: harborsecret
containers:
- name: cmii-fly-center
image: 172.22.106.77:8033/cmii/cmii-fly-center:2.0.0-0126
imagePullPolicy: Always
env:
- name: K8S_NAMESPACE
value: sc-cd-uav-260207
- name: APPLICATION_NAME
value: cmii-fly-center
- name: CUST_JAVA_OPTS
value: "-Xms200m -Xmx1500m -Dlog4j2.formatMsgNoLookups=true"
- name: NACOS_REGISTRY
value: "helm-nacos:8848"
- name: NACOS_DISCOVERY_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: NACOS_DISCOVERY_PORT
value: "8080"
- name: BIZ_CONFIG_GROUP
value: "2.0"
- name: SYS_CONFIG_GROUP
value: "2.0"
- name: NACOS_USERNAME
value: "developer"
- name: NACOS_PASSWORD
value: "Deve@9128201"
- name: IMAGE_NAME
value: 172.22.106.77:8033/cmii/cmii-fly-center:2.0.0-0126
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: NODE_IP
valueFrom:
fieldRef:
fieldPath: status.hostIP
- name: LIMIT_CPU
valueFrom:
resourceFieldRef:
containerName: cmii-fly-center
resource: limits.cpu
- name: LIMIT_MEMORY
valueFrom:
resourceFieldRef:
containerName: cmii-fly-center
resource: limits.memory
- name: REQUEST_CPU
valueFrom:
resourceFieldRef:
containerName: cmii-fly-center
resource: requests.cpu
- name: REQUEST_MEMORY
valueFrom:
resourceFieldRef:
containerName: cmii-fly-center
resource: requests.memory
ports:
- name: pod-port
containerPort: 8080
protocol: TCP
resources:
limits:
memory: 2Gi
cpu: "2"
requests:
memory: 200Mi
cpu: 200m
livenessProbe:
httpGet:
path: /cmii/health
port: pod-port
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
periodSeconds: 20
successThreshold: 1
failureThreshold: 3
readinessProbe:
httpGet:
path: /cmii/health
port: pod-port
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
periodSeconds: 20
successThreshold: 1
failureThreshold: 3
startupProbe:
httpGet:
path: /cmii/health
port: pod-port
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 3
periodSeconds: 20
successThreshold: 1
failureThreshold: 5
volumeMounts:
- name: nfs-backend-log-volume
mountPath: /cmii/logs
readOnly: false
subPath: sc-cd-uav-260207/cmii-fly-center
volumes:
- name: nfs-backend-log-volume
persistentVolumeClaim:
claimName: nfs-backend-log-pvc
---
apiVersion: v1
kind: Service
metadata:
name: cmii-fly-center
namespace: sc-cd-uav-260207
labels:
cmii.type: backend
cmii.app: cmii-fly-center
octopus/control: backend-app-1.0.0
app.kubernetes.io/managed-by: octopus
app.kubernetes.io/app-version: "2.0"
spec:
type: ClusterIP
selector:
cmii.type: backend
cmii.app: cmii-fly-center
ports:
- name: backend-tcp
port: 8080
protocol: TCP
targetPort: 8080
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: cmii-sky-converge
namespace: sc-cd-uav-260207
labels:
cmii.type: backend
cmii.app: cmii-sky-converge
octopus/control: backend-app-1.0.0
app.kubernetes.io/managed-by: octopus
app.kubernetes.io/app-version: "2.0"
spec:
replicas: 1
strategy:
rollingUpdate:
maxUnavailable: 1
selector:
matchLabels:
cmii.type: backend
cmii.app: cmii-sky-converge
template:
metadata:
labels:
cmii.type: backend
cmii.app: cmii-sky-converge
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: uavcloud.env
operator: In
values:
- yuansong
imagePullSecrets:
- name: harborsecret
containers:
- name: cmii-sky-converge
image: 172.22.106.77:8033/cmii/cmii-sky-converge:2.0.0-012601
imagePullPolicy: Always
env:
- name: K8S_NAMESPACE
value: sc-cd-uav-260207
- name: APPLICATION_NAME
value: cmii-sky-converge
- name: CUST_JAVA_OPTS
value: "-Xms200m -Xmx1500m -Dlog4j2.formatMsgNoLookups=true"
- name: NACOS_REGISTRY
value: "helm-nacos:8848"
- name: NACOS_DISCOVERY_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: NACOS_DISCOVERY_PORT
value: "8080"
- name: BIZ_CONFIG_GROUP
value: "2.0"
- name: SYS_CONFIG_GROUP
value: "2.0"
- name: NACOS_USERNAME
value: "developer"
- name: NACOS_PASSWORD
value: "Deve@9128201"
- name: IMAGE_NAME
value: 172.22.106.77:8033/cmii/cmii-sky-converge:2.0.0-012601
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: NODE_IP
valueFrom:
fieldRef:
fieldPath: status.hostIP
- name: LIMIT_CPU
valueFrom:
resourceFieldRef:
containerName: cmii-sky-converge
resource: limits.cpu
- name: LIMIT_MEMORY
valueFrom:
resourceFieldRef:
containerName: cmii-sky-converge
resource: limits.memory
- name: REQUEST_CPU
valueFrom:
resourceFieldRef:
containerName: cmii-sky-converge
resource: requests.cpu
- name: REQUEST_MEMORY
valueFrom:
resourceFieldRef:
containerName: cmii-sky-converge
resource: requests.memory
ports:
- name: pod-port
containerPort: 8080
protocol: TCP
resources:
limits:
memory: 2Gi
cpu: "2"
requests:
memory: 200Mi
cpu: 200m
livenessProbe:
httpGet:
path: /cmii/health
port: pod-port
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
periodSeconds: 20
successThreshold: 1
failureThreshold: 3
readinessProbe:
httpGet:
path: /cmii/health
port: pod-port
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
periodSeconds: 20
successThreshold: 1
failureThreshold: 3
startupProbe:
httpGet:
path: /cmii/health
port: pod-port
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 3
periodSeconds: 20
successThreshold: 1
failureThreshold: 5
volumeMounts:
- name: nfs-backend-log-volume
mountPath: /cmii/logs
readOnly: false
subPath: sc-cd-uav-260207/cmii-sky-converge
volumes:
- name: nfs-backend-log-volume
persistentVolumeClaim:
claimName: nfs-backend-log-pvc
---
apiVersion: v1
kind: Service
metadata:
name: cmii-sky-converge
namespace: sc-cd-uav-260207
labels:
cmii.type: backend
cmii.app: cmii-sky-converge
octopus/control: backend-app-1.0.0
app.kubernetes.io/managed-by: octopus
app.kubernetes.io/app-version: "2.0"
spec:
type: ClusterIP
selector:
cmii.type: backend
cmii.app: cmii-sky-converge
ports:
- name: backend-tcp
port: 8080
protocol: TCP
targetPort: 8080

686
73-202602-成都市工业职业技术学院/k8s-depoly/k8s-configmap.yaml Normal file
View File

@@ -0,0 +1,686 @@
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-detection
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "detection",
AppClientId: "APP_FDHW2VLVDWPnnOCy"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-mws
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "mws",
AppClientId: "APP_uKniXPELlRERBBwK"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-share
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "share",
AppClientId: "APP_4lVSVI0ZGxTssir8"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-threedsimulation
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "threedsimulation",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-hljtt
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "hljtt",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-hyper
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "hyper",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-smauth
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "smauth",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-renyike
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "renyike",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-cmsportal
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "cmsportal",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-oms
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "oms",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-classification
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "classification",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-uavmsmanager
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "uavmsmanager",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-awareness
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "awareness",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-armypeople
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "armypeople",
AppClientId: "APP_UIegse6Lfou9pO1U"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-open
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "open",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-securityh5
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "securityh5",
AppClientId: "APP_N3ImO0Ubfu9peRHD"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-splice
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "splice",
AppClientId: "APP_zE0M3sTRXrCIJS8Y"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-traffic
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "traffic",
AppClientId: "APP_Jc8i2wOQ1t73QEJS"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-uas
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "uas",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-eventsh5
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "eventsh5",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-flight-control
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "flight-control",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-supervision
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "supervision",
AppClientId: "APP_qqSu82THfexI8PLM"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-base
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "base",
AppClientId: "APP_9LY41OaKSqk2btY0"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-emergency
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "emergency",
AppClientId: "APP_aGsTAY1uMZrpKdfk"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-logistics
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "logistics",
AppClientId: "APP_PvdfRRRBPL8xbIwl"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-security
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "security",
AppClientId: "APP_JUSEMc7afyWXxvE7"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-seniclive
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "seniclive",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-lite
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "lite",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-media
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "media",
AppClientId: "APP_4AU8lbifESQO4FD6"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-multiterminal
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "multiterminal",
AppClientId: "APP_PvdfRRRBPL8xbIwl"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-jiangsuwenlv
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "jiangsuwenlv",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-uasms
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "uasms",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-scanner
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "scanner",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-blockchain
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "blockchain",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-mianyangbackend
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "mianyangbackend",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-supervisionh5
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "supervisionh5",
AppClientId: "APP_qqSu82THfexI8PLM"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-pangu
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-uas
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "uas",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-smsecret
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "smsecret",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-secenter
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "secenter",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-ai-brain
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "ai-brain",
AppClientId: "APP_rafnuCAmBESIVYMH"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-qingdao
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "qingdao",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-uasms
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "uasms",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-pilot2cloud
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "pilot2cloud",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-dikongzhixingh5
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "dikongzhixingh5",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-qinghaitourism
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "qinghaitourism",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-visualization
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "visualization",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-dispatchh5
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "dispatchh5",
AppClientId: "empty"
}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: tenant-prefix-iot
namespace: sc-cd-uav-260207
data:
ingress-config.js: |-
var __GlobalIngressConfig = {
TenantEnvironment: "260207",
CloudHOST: "172.22.106.77:8088",
ApplicationShortName: "iot",
AppClientId: "empty"
}

315
73-202602-成都市工业职业技术学院/k8s-depoly/k8s-dashboard.yaml Normal file
View File

@@ -0,0 +1,315 @@
---
# ------------------- Dashboard Namespace ------------------- #
apiVersion: v1
kind: Namespace
metadata:
name: kubernetes-dashboard
---
# ------------------- Service Account ------------------- #
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
---
# ------------------- Dashboard Service (NodePort 39999) ------------------- #
kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
spec:
type: NodePort
ports:
- port: 443
targetPort: 8443
nodePort: 39999
selector:
k8s-app: kubernetes-dashboard
---
# ------------------- Dashboard Secrets ------------------- #
apiVersion: v1
kind: Secret
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-certs
namespace: kubernetes-dashboard
type: Opaque
---
apiVersion: v1
kind: Secret
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-csrf
namespace: kubernetes-dashboard
type: Opaque
data:
csrf: ""
---
# ------------------- Dashboard Role (FIXED) ------------------- #
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-minimal
namespace: kubernetes-dashboard
rules:
# [修复] 允许创建 Secrets解决 panic 问题
- apiGroups: [""]
resources: ["secrets"]
verbs: ["create"]
# 允许对特定 Secrets 进行操作
- apiGroups: [""]
resources: ["secrets"]
resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs", "kubernetes-dashboard-csrf"]
verbs: ["get", "update", "delete"]
# ConfigMaps 权限
- apiGroups: [""]
resources: ["configmaps"]
resourceNames: ["kubernetes-dashboard-settings"]
verbs: ["get", "update"]
# Metrics 权限
- apiGroups: [""]
resources: ["services"]
resourceNames: ["heapster", "dashboard-metrics-scraper"]
verbs: ["proxy"]
- apiGroups: [""]
resources: ["services/proxy"]
resourceNames: ["heapster", "http:heapster:", "https:heapster:", "dashboard-metrics-scraper", "http:dashboard-metrics-scraper"]
verbs: ["get"]
---
# ------------------- Dashboard RoleBinding ------------------- #
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-minimal
namespace: kubernetes-dashboard
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: kubernetes-dashboard-minimal
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard
namespace: kubernetes-dashboard
---
# ------------------- Dashboard Deployment ------------------- #
kind: Deployment
apiVersion: apps/v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
k8s-app: kubernetes-dashboard
template:
metadata:
labels:
k8s-app: kubernetes-dashboard
spec:
containers:
- name: kubernetes-dashboard
image: 172.22.106.77:8033/cmii/dashboard:v2.7.0
imagePullPolicy: Always
ports:
- containerPort: 8443
protocol: TCP
args:
- --auto-generate-certificates
- --namespace=kubernetes-dashboard
volumeMounts:
- name: kubernetes-dashboard-certs
mountPath: /certs
- mountPath: /tmp
name: tmp-volume
livenessProbe:
httpGet:
scheme: HTTPS
path: /
port: 8443
initialDelaySeconds: 30
timeoutSeconds: 30
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
runAsUser: 1001
runAsGroup: 2001
volumes:
- name: kubernetes-dashboard-certs
secret:
secretName: kubernetes-dashboard-certs
- name: tmp-volume
emptyDir: {}
serviceAccountName: kubernetes-dashboard
nodeSelector:
"kubernetes.io/os": linux
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
- key: node-role.kubernetes.io/control-plane
effect: NoSchedule
---
# ------------------- Metrics Scraper Service ------------------- #
kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: dashboard-metrics-scraper
name: dashboard-metrics-scraper
namespace: kubernetes-dashboard
spec:
ports:
- port: 8000
targetPort: 8000
selector:
k8s-app: dashboard-metrics-scraper
---
# ------------------- Metrics Scraper Deployment ------------------- #
kind: Deployment
apiVersion: apps/v1
metadata:
labels:
k8s-app: dashboard-metrics-scraper
name: dashboard-metrics-scraper
namespace: kubernetes-dashboard
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
k8s-app: dashboard-metrics-scraper
template:
metadata:
labels:
k8s-app: dashboard-metrics-scraper
annotations:
seccomp.security.alpha.kubernetes.io/pod: 'runtime/default'
spec:
containers:
- name: dashboard-metrics-scraper
image: 172.22.106.77:8033/cmii/metrics-scraper:v1.0.8
ports:
- containerPort: 8000
protocol: TCP
livenessProbe:
httpGet:
scheme: HTTP
path: /
port: 8000
initialDelaySeconds: 30
timeoutSeconds: 30
volumeMounts:
- mountPath: /tmp
name: tmp-volume
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
runAsUser: 1001
runAsGroup: 2001
serviceAccountName: kubernetes-dashboard
nodeSelector:
"kubernetes.io/os": linux
volumes:
- name: tmp-volume
emptyDir: {}
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
- key: node-role.kubernetes.io/control-plane
effect: NoSchedule
---
# ==================================================================
# 自定义用户配置部分 (ADMIN & READ-ONLY)
# ==================================================================
# ------------------- 1. Admin User (全部权限) ------------------- #
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kubernetes-dashboard
---
# ------------------- 2. Read-Only User (只读+看日志) ------------------- #
apiVersion: v1
kind: ServiceAccount
metadata:
name: read-only-user
namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: dashboard-view-with-logs
rules:
- apiGroups: [""]
resources: ["configmaps", "endpoints", "persistentvolumeclaims", "pods", "replicationcontrollers", "replicationcontrollers/scale", "serviceaccounts", "services", "nodes", "persistentvolumeclaims", "persistentvolumes", "namespaces"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["pods/log"]
verbs: ["get", "list", "watch"]
- apiGroups: ["apps"]
resources: ["daemonsets", "deployments", "replicasets", "statefulsets"]
verbs: ["get", "list", "watch"]
- apiGroups: ["batch"]
resources: ["cronjobs", "jobs"]
verbs: ["get", "list", "watch"]
- apiGroups: ["networking.k8s.io"]
resources: ["ingresses", "networkpolicies"]
verbs: ["get", "list", "watch"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: ["events.k8s.io"]
resources: ["events"]
verbs: ["get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: read-only-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: dashboard-view-with-logs
subjects:
- kind: ServiceAccount
name: read-only-user
namespace: kubernetes-dashboard

664
73-202602-成都市工业职业技术学院/k8s-depoly/k8s-emqx.yaml Normal file
View File

@@ -0,0 +1,664 @@
---
---
# ============== Secret - 密码管理 ==============
apiVersion: v1
kind: Secret
metadata:
name: emqx-credentials
namespace: sc-cd-uav-260207
labels:
cmii.type: middleware
cmii.app: helm-emqxs
app.kubernetes.io/managed-by: octopus-control
app.kubernetes.io/version: "2.0"
type: Opaque
stringData:
# Dashboard管理员密码
dashboard-admin-password: "odD8#Ve7.B"
# MQTT用户密码
mqtt-admin-password: "odD8#Ve7.B"
---
# ============== ServiceAccount ==============
apiVersion: v1
kind: ServiceAccount
metadata:
name: helm-emqxs
namespace: sc-cd-uav-260207
---
# ============== Role - RBAC ==============
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: helm-emqxs
namespace: sc-cd-uav-260207
rules:
- apiGroups: [""]
resources:
- endpoints
- pods
verbs:
- get
- watch
- list
---
# ============== RoleBinding ==============
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: helm-emqxs
namespace: sc-cd-uav-260207
subjects:
- kind: ServiceAccount
name: helm-emqxs
namespace: sc-cd-uav-260207
roleRef:
kind: Role
name: helm-emqxs
apiGroup: rbac.authorization.k8s.io
---
# ============== ConfigMap - Bootstrap配置文件 ==============
apiVersion: v1
kind: ConfigMap
metadata:
name: emqx-bootstrap-config
namespace: sc-cd-uav-260207
labels:
cmii.type: middleware
cmii.app: helm-emqxs
data:
# 主配置文件 - 覆盖默认配置
emqx.conf: |
# 节点配置
node {
name = "emqx@${POD_NAME}.helm-emqxs-headless.sc-cd-uav-260207.svc.cluster.local"
cookie = "emqx-cluster-cookie-secret"
data_dir = "/opt/emqx/data"
}
# 集群配置
cluster {
name = emqxcl
# 单节点 建议为 manual 多节点为k8s
discovery_strategy = manual
k8s {
apiserver = "https://kubernetes.default.svc.cluster.local:443"
service_name = "helm-emqxs-headless"
# 这里可以改为 hostname
address_type = dns
namespace = "sc-cd-uav-260207"
suffix = "svc.cluster.local"
}
}
# 日志配置
log {
console {
enable = true
level = info
}
file {
enable = true
level = warning
path = "/opt/emqx/log"
}
}
# Dashboard配置
dashboard {
listeners.http {
bind = "0.0.0.0:18083"
}
default_username = "admin"
default_password = "public"
}
# 监听器配置
listeners.tcp.default {
bind = "0.0.0.0:1883"
max_connections = 1024000
}
listeners.ws.default {
bind = "0.0.0.0:8083"
max_connections = 1024000
websocket.mqtt_path = "/mqtt"
}
listeners.ssl.default {
bind = "0.0.0.0:8883"
max_connections = 512000
}
# 认证配置 - 使用内置数据库
authentication = [
{
mechanism = password_based
backend = built_in_database
user_id_type = username
password_hash_algorithm {
name = sha256
salt_position = suffix
}
# Bootstrap文件路径 - 用于初始化用户
bootstrap_file = "/opt/emqx/data/bootstrap_users.json"
bootstrap_type = plain
}
]
# 授权配置
authorization {
no_match = deny
deny_action = disconnect
sources = [
{
type = built_in_database
enable = true
}
]
}
# MQTT协议配置
mqtt {
max_packet_size = "1MB"
max_clientid_len = 65535
max_topic_levels = 128
max_qos_allowed = 2
max_topic_alias = 65535
retain_available = true
wildcard_subscription = true
shared_subscription = true
}
---
# ============== ConfigMap - Users & ACL (严格 JSON 格式) ==============
apiVersion: v1
kind: ConfigMap
metadata:
name: emqx-bootstrap-users
namespace: sc-cd-uav-260207
data:
bootstrap_users.json: |
[
{ "user_id": "admin", "password": "odD8#Ve7.B", "is_superuser": true },
{ "user_id": "cmlc", "password": "odD8#Ve7.B", "is_superuser": false }
]
# 【修改点】既然有jq这里使用标准的 JSON 数组格式,最不容易出错
bootstrap_acl.json: |
[
{
"username": "admin",
"rules": [
{"action": "all", "permission": "allow", "topic": "#"}
]
},
{
"username": "cmlc",
"rules": [
{"action": "publish", "permission": "allow", "topic": "#"},
{"action": "subscribe", "permission": "allow", "topic": "#"}
]
}
]
---
# ============== ConfigMap - 初始化脚本 (修正版) ==============
apiVersion: v1
kind: ConfigMap
metadata:
name: emqx-init-dashboard
namespace: sc-cd-uav-260207
data:
init-dashboard.sh: |
#!/bin/bash
set -e
DASHBOARD_USER="admin"
DASHBOARD_PASS="${DASHBOARD_ADMIN_PASSWORD}"
EMQX_API="http://localhost:18083/api/v5"
ACL_FILE="/bootstrap/bootstrap_acl.json"
# 辅助函数:打印带时间戳的日志
log() {
echo "[$(date +'%H:%M:%S')] $1"
}
log "======================================"
log "初始化 Dashboard 与 ACL (Debug Version)"
log "======================================"
# ----------------------------------------------------------------
# 1. 等待 EMQX API 就绪
# ----------------------------------------------------------------
log "[1/4] 等待 EMQX API 就绪..."
for i in $(seq 1 60); do
if curl -s -f -m 5 "${EMQX_API}/status" > /dev/null 2>&1; then
log "✓ EMQX API 已就绪"
break
fi
if [ $i -eq 60 ]; then
log "✗ EMQX API 启动超时"
exit 1
fi
sleep 5
done
# ----------------------------------------------------------------
# 2. 修改 Dashboard 密码
# ----------------------------------------------------------------
log "[2/4] 检查/更新 Dashboard 密码..."
# 获取 Token (尝试默认密码)
LOGIN_RESP=$(curl -s -X POST "${EMQX_API}/login" \
-H 'Content-Type: application/json' \
-d "{\"username\":\"${DASHBOARD_USER}\",\"password\":\"public\"}")
TOKEN=$(echo "$LOGIN_RESP" | jq -r '.token // empty')
if [ -n "$TOKEN" ]; then
log " 检测到默认密码,正在更新..."
curl -s -f -X POST "${EMQX_API}/users/${DASHBOARD_USER}/change_pwd" \
-H "Authorization: Bearer ${TOKEN}" \
-H 'Content-Type: application/json' \
-d "{\"old_pwd\":\"public\",\"new_pwd\":\"${DASHBOARD_PASS}\"}"
log " ✓ Dashboard 密码已更新"
else
log " 无法使用默认密码登录,跳过更新(可能已修改)"
fi
# ----------------------------------------------------------------
# 3. 导入 ACL 规则
# ----------------------------------------------------------------
echo "[3/3] 导入ACL规则..."
# 重新登录获取最新 Token
LOGIN_RESP=$(curl -sS -X POST "${EMQX_API}/login" \
-H 'Content-Type: application/json' \
-d "{\"username\":\"${DASHBOARD_USER}\",\"password\":\"${DASHBOARD_PASS}\"}")
TOKEN=$(echo "$LOGIN_RESP" | jq -r '.token // empty')
if [ -z "$TOKEN" ]; then
echo " ✗ 无法获取Token请检查密码设置"
exit 0
fi
if [ -f "$ACL_FILE" ]; then
echo " 正在解析 ACL 文件: $ACL_FILE"
if ! jq -e . "$ACL_FILE" >/dev/null 2>&1; then
echo " ✗ ACL 文件 JSON 格式错误,跳过处理"
exit 0
fi
jq -c '.[]' "$ACL_FILE" | while read -r user_config; do
USERNAME=$(echo "$user_config" | jq -r '.username // empty')
# ✅ PUT/POST 都需要 username + rulesusername 是 required
REQ_BODY=$(echo "$user_config" | jq -c '{username: .username, rules: .rules}')
if [ -z "$USERNAME" ]; then
echo " ✗ ACL 条目缺少 username跳过"
continue
fi
echo " 配置用户 ${USERNAME} 的ACL规则..."
# 1) 优先 PUT覆盖更新
http_code=$(curl -sS -o /tmp/emqx_acl_resp.json -w '%{http_code}' \
-X PUT "${EMQX_API}/authorization/sources/built_in_database/rules/users/${USERNAME}" \
-H "Authorization: Bearer ${TOKEN}" \
-H 'Content-Type: application/json' \
-d "$REQ_BODY")
if [ "$http_code" = "204" ]; then
echo " ✓ PUT 更新成功"
elif [ "$http_code" = "404" ]; then
# 2) 不存在则 POST 创建
http_code2=$(curl -sS -o /tmp/emqx_acl_resp.json -w '%{http_code}' \
-X POST "${EMQX_API}/authorization/sources/built_in_database/rules/users" \
-H "Authorization: Bearer ${TOKEN}" \
-H 'Content-Type: application/json' \
-d "$REQ_BODY")
if [ "$http_code2" = "204" ]; then
echo " ✓ POST 创建成功"
else
echo " ✗ POST 失败 (HTTP ${http_code2})$(cat /tmp/emqx_acl_resp.json 2>/dev/null || true)"
exit 1
fi
else
echo " ✗ PUT 失败 (HTTP ${http_code})$(cat /tmp/emqx_acl_resp.json 2>/dev/null || true)"
exit 1
fi
# 3) 导入后验证(可选但强烈建议保留)
verify_code=$(curl -sS -o /tmp/emqx_acl_verify.json -w '%{http_code}' \
-H "Authorization: Bearer ${TOKEN}" \
"${EMQX_API}/authorization/sources/built_in_database/rules/users/${USERNAME}")
if [ "$verify_code" = "200" ]; then
echo " ✓ 验证成功:$(cat /tmp/emqx_acl_verify.json | jq -c '.')"
else
echo " ✗ 验证失败 (HTTP ${verify_code})$(cat /tmp/emqx_acl_verify.json 2>/dev/null || true)"
exit 1
fi
done
echo " ✓ ACL 规则导入完成"
else
echo " 未找到 ACL 文件"
fi
---
# ============== StatefulSet ==============
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: helm-emqxs
namespace: sc-cd-uav-260207
labels:
cmii.type: middleware
cmii.app: helm-emqxs
cmii.emqx.architecture: cluster
helm.sh/chart: emqx-1.1.0
app.kubernetes.io/managed-by: octopus-control
app.kubernetes.io/version: "2.0"
spec:
replicas: 1
serviceName: helm-emqxs-headless
podManagementPolicy: Parallel
updateStrategy:
type: RollingUpdate
selector:
matchLabels:
cmii.type: middleware
cmii.app: helm-emqxs
cmii.emqx.architecture: cluster
template:
metadata:
labels:
cmii.type: middleware
cmii.app: helm-emqxs
cmii.emqx.architecture: cluster
helm.sh/chart: emqx-1.1.0
app.kubernetes.io/managed-by: octopus-control
app.kubernetes.io/version: "2.0"
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: uavcloud.env
operator: In
values:
- yuansong
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchExpressions:
- key: cmii.app
operator: In
values:
- helm-emqxs
topologyKey: kubernetes.io/hostname
imagePullSecrets:
- name: harborsecret
serviceAccountName: helm-emqxs
securityContext:
fsGroup: 1000
runAsUser: 1000
# InitContainer - 准备bootstrap文件
initContainers:
- name: prepare-bootstrap
# 动态选择 tools 镜像
image: 172.22.106.77:8033/cmii/tools:1.0
imagePullPolicy: IfNotPresent
# =========================================================
# 权限: 必须以 root 身份运行才能 chown
# =========================================================
securityContext:
runAsUser: 0
command:
- /bin/sh
- -c
- |
echo "准备bootstrap文件..."
# 创建数据目录
mkdir -p /opt/emqx/data
# 复制bootstrap文件到数据目录
# 只在文件不存在时复制,避免覆盖已有数据
if [ ! -f /opt/emqx/data/bootstrap_users.json ]; then
cp /bootstrap-src/bootstrap_users.json /opt/emqx/data/
echo "✓ 已复制用户bootstrap文件"
else
echo " 用户bootstrap文件已存在跳过"
fi
# 设置权限 (现在有root权限可以成功)
chown -R 1000:1000 /opt/emqx/data
echo "✓ Bootstrap准备完成"
volumeMounts:
- name: emqx-data
mountPath: /opt/emqx/data
- name: bootstrap-users
mountPath: /bootstrap-src
containers:
# 主容器 - EMQX
- name: emqx
# 动态选择 emqx 镜像
image: 172.22.106.77:8033/cmii/emqx:5.8.8
imagePullPolicy: IfNotPresent
env:
# Pod信息
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: EMQX_DATA_DIR
value: "/opt/emqx/data"
ports:
- name: mqtt
containerPort: 1883
- name: mqttssl
containerPort: 8883
- name: ws
containerPort: 8083
- name: dashboard
containerPort: 18083
- name: ekka
containerPort: 4370
resources:
requests:
cpu: "500m"
memory: "512Mi"
limits:
cpu: "2000m"
memory: "2Gi"
livenessProbe:
httpGet:
path: /status
port: 18083
initialDelaySeconds: 60
periodSeconds: 30
timeoutSeconds: 10
failureThreshold: 3
readinessProbe:
httpGet:
path: /status
port: 18083
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
startupProbe:
httpGet:
path: /status
port: 18083
initialDelaySeconds: 10
periodSeconds: 5
failureThreshold: 30
volumeMounts:
- name: emqx-data
mountPath: /opt/emqx/data
# 使用 subPath 挂载单个配置文件,避免覆盖目录
- name: bootstrap-config
mountPath: /opt/emqx/etc/emqx.conf
subPath: emqx.conf
# Sidecar - 初始化Dashboard密码和ACL
- name: init-dashboard
# 动态选择 tools 镜像
image: 172.22.106.77:8033/cmii/tools:1.0
imagePullPolicy: IfNotPresent
command:
- /bin/sh
- -c
- |
# 等待主容器启动
echo "等待EMQX启动..."
sleep 20
# 执行初始化
/bin/sh /scripts/init-dashboard.sh
# 保持运行
echo "初始化完成,进入守护模式..."
while true; do sleep 3600; done
env:
- name: DASHBOARD_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
name: emqx-credentials
key: dashboard-admin-password
resources:
requests:
cpu: "100m"
memory: "64Mi"
limits:
cpu: "200m"
memory: "128Mi"
volumeMounts:
- name: init-script
mountPath: /scripts
- name: bootstrap-users
mountPath: /bootstrap
volumes:
- name: bootstrap-config
configMap:
name: emqx-bootstrap-config
- name: bootstrap-users
configMap:
name: emqx-bootstrap-users
- name: init-script
configMap:
name: emqx-init-dashboard
defaultMode: 0755
- name: emqx-data
persistentVolumeClaim:
claimName: helm-emqxs
---
# ============== Service - Headless ==============
apiVersion: v1
kind: Service
metadata:
name: helm-emqxs-headless
namespace: sc-cd-uav-260207
labels:
cmii.type: middleware
cmii.app: helm-emqxs
cmii.emqx.architecture: cluster
helm.sh/chart: emqx-1.1.0
app.kubernetes.io/managed-by: octopus-control
app.kubernetes.io/version: "2.0"
spec:
type: ClusterIP
clusterIP: None
publishNotReadyAddresses: true
selector:
cmii.type: middleware
cmii.app: helm-emqxs
cmii.emqx.architecture: cluster
ports:
- name: mqtt
port: 1883
targetPort: 1883
- name: mqttssl
port: 8883
targetPort: 8883
- name: ws
port: 8083
targetPort: 8083
- name: dashboard
port: 18083
targetPort: 18083
- name: ekka
port: 4370
targetPort: 4370
---
# ============== Service - NodePort ==============
apiVersion: v1
kind: Service
metadata:
name: helm-emqxs
namespace: sc-cd-uav-260207
labels:
cmii.type: middleware
cmii.app: helm-emqxs
cmii.emqx.architecture: cluster
helm.sh/chart: emqx-1.1.0
app.kubernetes.io/managed-by: octopus-control
app.kubernetes.io/version: "2.0"
spec:
type: NodePort
selector:
cmii.type: middleware
cmii.app: helm-emqxs
cmii.emqx.architecture: cluster
ports:
- name: mqtt
port: 1883
targetPort: 1883
nodePort: 31883
- name: dashboard
port: 18083
targetPort: 18083
nodePort: 38085
- name: ws
port: 8083
targetPort: 8083
nodePort: 38083
- name: mqttssl
port: 8883
targetPort: 8883

114
73-202602-成都市工业职业技术学院/k8s-depoly/k8s-frontend.yaml Normal file
View File

@@ -0,0 +1,114 @@
---
kind: ConfigMap
apiVersion: v1
metadata:
name: nginx-cm
namespace: sc-cd-uav-260207
labels:
cmii.type: frontend
data:
nginx.conf: |
server {
listen 9528;
server_name localhost;
gzip on;
location / {
root /home/cmii-platform/dist;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: cmii-uav-platform-lite
namespace: sc-cd-uav-260207
labels:
cmii.type: frontend
cmii.app: cmii-uav-platform-lite
octopus.control: frontend-app-wdd
app.kubernetes.io/app-version: "2.0"
spec:
replicas: 1
strategy:
rollingUpdate:
maxUnavailable: 1
selector:
matchLabels:
cmii.type: frontend
cmii.app: cmii-uav-platform-lite
template:
metadata:
labels:
cmii.type: frontend
cmii.app: cmii-uav-platform-lite
spec:
imagePullSecrets:
- name: harborsecret
containers:
- name: cmii-uav-platform-lite
image: 172.22.106.77:8033/cmii/cmii-uav-platform-lite:2.0.0-2026012703-noicp
imagePullPolicy: Always
env:
- name: K8S_NAMESPACE
value: sc-cd-uav-260207
- name: APPLICATION_NAME
value: cmii-uav-platform-lite
ports:
- name: platform-9528
containerPort: 9528
protocol: TCP
resources:
limits:
cpu: "1"
memory: 1Gi
requests:
cpu: 50m
memory: 50Mi
volumeMounts:
- name: nginx-conf
mountPath: /etc/nginx/conf.d/nginx.conf
subPath: nginx.conf
- name: tenant-prefix
subPath: ingress-config.js
mountPath: /home/cmii-platform/dist/ingress-config.js
volumes:
- name: nginx-conf
configMap:
name: nginx-cm
items:
- key: nginx.conf
path: nginx.conf
- name: tenant-prefix
configMap:
name: tenant-prefix-lite
items:
- key: ingress-config.js
path: ingress-config.js
---
apiVersion: v1
kind: Service
metadata:
name: cmii-uav-platform-lite
namespace: sc-cd-uav-260207
labels:
cmii.type: frontend
cmii.app: cmii-uav-platform-lite
octopus.control: frontend-app-wdd
app.kubernetes.io/version: "2.0"
spec:
type: ClusterIP
selector:
cmii.type: frontend
cmii.app: cmii-uav-platform-lite
ports:
- name: web-svc-port
port: 9528
protocol: TCP
targetPort: 9528

995
73-202602-成都市工业职业技术学院/k8s-depoly/k8s-ingress-13014.yaml Normal file
View File

@@ -0,0 +1,995 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: frontend-applications-ingress
namespace: sc-cd-uav-260207
labels:
type: frontend
octopus.control: all-ingress-config-wdd
app.kubernetes.io/managed-by: octopus-control
app.kubernetes.io/version: uas-2.2
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/enable-cors: 'true'
nginx.ingress.kubernetes.io/rewrite-target: /$1
spec:
rules:
- host: fake-domain.sc-cd-uav-260207.io
http:
paths:
- path: /?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform
port:
number: 9528
- path: /supervision/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-suav-platform-supervision
port:
number: 9528
- path: /supervisionh5/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-suav-platform-supervisionh5
port:
number: 9528
- path: /pangu/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform
port:
number: 9528
- path: /ai-brain/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-ai-brain
port:
number: 9528
- path: /armypeople/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-armypeople
port:
number: 9528
- path: /awareness/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-awareness
port:
number: 9528
- path: /base/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-base
port:
number: 9528
- path: /blockchain/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-blockchain
port:
number: 9528
- path: /classification/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-classification
port:
number: 9528
- path: /cmsportal/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-cms-portal
port:
number: 9528
- path: /detection/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-detection
port:
number: 9528
- path: /dikongzhixingh5/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-dikongzhixingh5
port:
number: 9528
- path: /dispatchh5/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-dispatchh5
port:
number: 9528
- path: /emergency/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-emergency-rescue
port:
number: 9528
- path: /eventsh5/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-eventsh5
port:
number: 9528
- path: /flight-control/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-flight-control
port:
number: 9528
- path: /hljtt/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-hljtt
port:
number: 9528
- path: /hyper/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-hyperspectral
port:
number: 9528
- path: /iot/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-iot-manager
port:
number: 9528
- path: /jiangsuwenlv/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-jiangsuwenlv
port:
number: 9528
- path: /logistics/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-logistics
port:
number: 9528
- path: /media/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-media
port:
number: 9528
- path: /mianyangbackend/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-mianyangbackend
port:
number: 9528
- path: /multiterminal/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-multiterminal
port:
number: 9528
- path: /mws/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-mws
port:
number: 9528
- path: /oms/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-oms
port:
number: 9528
- path: /open/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-open
port:
number: 9528
- path: /pilot2cloud/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-pilot2-to-cloud
port:
number: 9528
- path: /qingdao/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-qingdao
port:
number: 9528
- path: /qinghaitourism/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-qinghaitourism
port:
number: 9528
- path: /renyike/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-renyike
port:
number: 9528
- path: /scanner/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-scanner
port:
number: 9528
- path: /security/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-security
port:
number: 9528
- path: /securityh5/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-securityh5
port:
number: 9528
- path: /seniclive/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-seniclive
port:
number: 9528
- path: /share/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-share
port:
number: 9528
- path: /smauth/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-smauth
port:
number: 9528
- path: /smsecret/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-smsecret
port:
number: 9528
- path: /splice/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-splice
port:
number: 9528
- path: /threedsimulation/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-threedsimulation
port:
number: 9528
- path: /traffic/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-traffic
port:
number: 9528
- path: /uas/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-uas
port:
number: 9528
- path: /uas/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-uaskny
port:
number: 9528
- path: /uasms/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-uasms
port:
number: 9528
- path: /uasms/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-uasmskny
port:
number: 9528
- path: /visualization/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-platform-visualization
port:
number: 9528
- path: /uavmsmanager/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uavms-platform-manager
port:
number: 9528
- path: /secenter/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uavms-platform-security-center
port:
number: 9528
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: backend-applications-ingress
namespace: sc-cd-uav-260207
labels:
type: backend
octopus.control: all-ingress-config-wdd
app.kubernetes.io/managed-by: octopus-control
app.kubernetes.io/version: uas-2.2
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/enable-cors: 'true'
spec:
rules:
- host: cmii-admin-data.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-admin-data
port:
number: 8080
- host: cmii-admin-gateway.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-admin-gateway
port:
number: 8080
- host: cmii-admin-user.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-admin-user
port:
number: 8080
- host: cmii-app-release.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-app-release
port:
number: 8080
- host: cmii-open-gateway.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-open-gateway
port:
number: 8080
- host: cmii-sky-converge.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-sky-converge
port:
number: 8080
- host: cmii-suav-supervision.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-suav-supervision
port:
number: 8080
- host: cmii-uas-datahub.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uas-datahub
port:
number: 8080
- host: cmii-uas-gateway.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uas-gateway
port:
number: 8080
- host: cmii-uas-lifecycle.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uas-lifecycle
port:
number: 8080
- host: cmii-uav-advanced5g.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-advanced5g
port:
number: 8080
- host: cmii-uav-airspace.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-airspace
port:
number: 8080
- host: cmii-uav-alarm.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-alarm
port:
number: 8080
- host: cmii-uav-autowaypoint.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-autowaypoint
port:
number: 8080
- host: cmii-uav-brain.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-brain
port:
number: 8080
- host: cmii-uav-bridge.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-bridge
port:
number: 8080
- host: cmii-uav-cloud-live.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-cloud-live
port:
number: 8080
- host: cmii-uav-clusters.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-clusters
port:
number: 8080
- host: cmii-uav-cms.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-cms
port:
number: 8080
- host: cmii-uav-data-post-process.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-data-post-process
port:
number: 8080
- host: cmii-uav-depotautoreturn.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-depotautoreturn
port:
number: 8080
- host: cmii-uav-developer.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-developer
port:
number: 8080
- host: cmii-uav-device.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-device
port:
number: 8080
- host: cmii-uav-emergency.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-emergency
port:
number: 8080
- host: cmii-uav-fwdd.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-fwdd
port:
number: 8080
- host: cmii-uav-gateway.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-gateway
port:
number: 8080
- host: cmii-uav-gis-server.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-gis-server
port:
number: 8080
- host: cmii-uav-grid-datasource.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-grid-datasource
port:
number: 8080
- host: cmii-uav-grid-engine.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-grid-engine
port:
number: 8080
- host: cmii-uav-grid-manage.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-grid-manage
port:
number: 8080
- host: cmii-uav-industrial-portfolio.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-industrial-portfolio
port:
number: 8080
- host: cmii-uav-integration.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-integration
port:
number: 8080
- host: cmii-uav-iot-dispatcher.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-iot-dispatcher
port:
number: 8080
- host: cmii-uav-iot-manager.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-iot-manager
port:
number: 8080
- host: cmii-uav-kpi-monitor.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-kpi-monitor
port:
number: 8080
- host: cmii-uav-logger.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-logger
port:
number: 8080
- host: cmii-uav-material-warehouse.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-material-warehouse
port:
number: 8080
- host: cmii-uav-mission.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-mission
port:
number: 8080
- host: cmii-uav-mqtthandler.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-mqtthandler
port:
number: 8080
- host: cmii-uav-multilink.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-multilink
port:
number: 8080
- host: cmii-uav-notice.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-notice
port:
number: 8080
- host: cmii-uav-oauth.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-oauth
port:
number: 8080
- host: cmii-uav-process.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-process
port:
number: 8080
- host: cmii-uav-sec-awareness.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-sec-awareness
port:
number: 8080
- host: cmii-uav-security-trace.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-security-trace
port:
number: 8080
- host: cmii-uav-sense-adapter.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-sense-adapter
port:
number: 8080
- host: cmii-uav-surveillance.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-surveillance
port:
number: 8080
- host: cmii-uav-sync.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-sync
port:
number: 8080
- host: cmii-uav-tcp-server.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-tcp-server
port:
number: 8080
- host: cmii-uav-threedsimulation.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-threedsimulation
port:
number: 8080
- host: cmii-uav-tower.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-tower
port:
number: 8080
- host: cmii-uav-user.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-user
port:
number: 8080
- host: cmii-uav-watchdog.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-watchdog
port:
number: 8080
- host: cmii-uav-waypoint.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-waypoint
port:
number: 8080
- host: cmii-uavms-pyfusion.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uavms-pyfusion
port:
number: 8080
- host: cmii-uavms-security-center.uavcloud-sc-my-202602.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: cmii-uavms-security-center
port:
number: 8080
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: all-gateways-ingress
namespace: sc-cd-uav-260207
labels:
type: api-gateway
octopus.control: all-ingress-config-1.1.0
app.kubernetes.io/managed-by: octopus-control
app.kubernetes.io/version: uas-2.2
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/enable-cors: 'true'
nginx.ingress.kubernetes.io/rewrite-target: /$1
nginx.ingress.kubernetes.io/proxy-read-timeout: '3600'
nginx.ingress.kubernetes.io/proxy-send-timeout: '3600'
spec:
rules:
- host: fake-domain.sc-cd-uav-260207.io
http:
paths:
- path: /oms/api/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-admin-gateway
port:
number: 8080
- path: /open/api/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-open-gateway
port:
number: 8080
- path: /api/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uav-gateway
port:
number: 8080
- path: /uas/api/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-uas-gateway
port:
number: 8080
- path: /converge/?(.*)
pathType: ImplementationSpecific
backend:
service:
name: cmii-sky-converge
port:
number: 8080

832
73-202602-成都市工业职业技术学院/k8s-depoly/k8s-ingress.yaml Normal file
View File

@@ -0,0 +1,832 @@
---
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: frontend-applications-ingress
namespace: sc-cd-uav-260207
labels:
type: frontend
octopus.control: all-ingress-config-wdd
app.kubernetes.io/managed-by: octopus-control
app.kubernetes.io/version: "2.0"
annotations:
kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/enable-cors: "true"
nginx.ingress.kubernetes.io/rewrite-target: /$1
nginx.ingress.kubernetes.io/configuration-snippet: |
rewrite ^(/supervision)$ $1/ redirect;
rewrite ^(/supervisionh5)$ $1/ redirect;
rewrite ^(/pangu)$ $1/ redirect;
rewrite ^(/ai-brain)$ $1/ redirect;
rewrite ^(/armypeople)$ $1/ redirect;
rewrite ^(/awareness)$ $1/ redirect;
rewrite ^(/base)$ $1/ redirect;
rewrite ^(/blockchain)$ $1/ redirect;
rewrite ^(/classification)$ $1/ redirect;
rewrite ^(/cmsportal)$ $1/ redirect;
rewrite ^(/detection)$ $1/ redirect;
rewrite ^(/dikongzhixingh5)$ $1/ redirect;
rewrite ^(/dispatchh5)$ $1/ redirect;
rewrite ^(/emergency)$ $1/ redirect;
rewrite ^(/eventsh5)$ $1/ redirect;
rewrite ^(/flight-control)$ $1/ redirect;
rewrite ^(/hljtt)$ $1/ redirect;
rewrite ^(/hyper)$ $1/ redirect;
rewrite ^(/iot)$ $1/ redirect;
rewrite ^(/jiangsuwenlv)$ $1/ redirect;
rewrite ^(/lite)$ $1/ redirect;
rewrite ^(/logistics)$ $1/ redirect;
rewrite ^(/media)$ $1/ redirect;
rewrite ^(/mianyangbackend)$ $1/ redirect;
rewrite ^(/multiterminal)$ $1/ redirect;
rewrite ^(/mws)$ $1/ redirect;
rewrite ^(/oms)$ $1/ redirect;
rewrite ^(/open)$ $1/ redirect;
rewrite ^(/pilot2cloud)$ $1/ redirect;
rewrite ^(/qingdao)$ $1/ redirect;
rewrite ^(/qinghaitourism)$ $1/ redirect;
rewrite ^(/renyike)$ $1/ redirect;
rewrite ^(/scanner)$ $1/ redirect;
rewrite ^(/security)$ $1/ redirect;
rewrite ^(/securityh5)$ $1/ redirect;
rewrite ^(/seniclive)$ $1/ redirect;
rewrite ^(/share)$ $1/ redirect;
rewrite ^(/smauth)$ $1/ redirect;
rewrite ^(/smsecret)$ $1/ redirect;
rewrite ^(/splice)$ $1/ redirect;
rewrite ^(/threedsimulation)$ $1/ redirect;
rewrite ^(/traffic)$ $1/ redirect;
rewrite ^(/uas)$ $1/ redirect;
rewrite ^(/uas)$ $1/ redirect;
rewrite ^(/uasms)$ $1/ redirect;
rewrite ^(/uasms)$ $1/ redirect;
rewrite ^(/visualization)$ $1/ redirect;
rewrite ^(/uavmsmanager)$ $1/ redirect;
rewrite ^(/secenter)$ $1/ redirect;
spec:
rules:
- host: fake-domain.sc-cd-uav-260207.io
http:
paths:
- path: /260207/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform
servicePort: 9528
- path: /260207/supervision/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-suav-platform-supervision
servicePort: 9528
- path: /260207/supervisionh5/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-suav-platform-supervisionh5
servicePort: 9528
- path: /260207/pangu/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform
servicePort: 9528
- path: /260207/ai-brain/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-ai-brain
servicePort: 9528
- path: /260207/armypeople/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-armypeople
servicePort: 9528
- path: /260207/awareness/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-awareness
servicePort: 9528
- path: /260207/base/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-base
servicePort: 9528
- path: /260207/blockchain/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-blockchain
servicePort: 9528
- path: /260207/classification/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-classification
servicePort: 9528
- path: /260207/cmsportal/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-cms-portal
servicePort: 9528
- path: /260207/detection/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-detection
servicePort: 9528
- path: /260207/dikongzhixingh5/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-dikongzhixingh5
servicePort: 9528
- path: /260207/dispatchh5/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-dispatchh5
servicePort: 9528
- path: /260207/emergency/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-emergency-rescue
servicePort: 9528
- path: /260207/eventsh5/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-eventsh5
servicePort: 9528
- path: /260207/flight-control/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-flight-control
servicePort: 9528
- path: /260207/hljtt/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-hljtt
servicePort: 9528
- path: /260207/hyper/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-hyperspectral
servicePort: 9528
- path: /260207/iot/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-iot-manager
servicePort: 9528
- path: /260207/jiangsuwenlv/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-jiangsuwenlv
servicePort: 9528
- path: /260207/lite/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-lite
servicePort: 9528
- path: /260207/logistics/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-logistics
servicePort: 9528
- path: /260207/media/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-media
servicePort: 9528
- path: /260207/mianyangbackend/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-mianyangbackend
servicePort: 9528
- path: /260207/multiterminal/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-multiterminal
servicePort: 9528
- path: /260207/mws/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-mws
servicePort: 9528
- path: /260207/oms/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-oms
servicePort: 9528
- path: /260207/open/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-open
servicePort: 9528
- path: /260207/pilot2cloud/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-pilot2-to-cloud
servicePort: 9528
- path: /260207/qingdao/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-qingdao
servicePort: 9528
- path: /260207/qinghaitourism/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-qinghaitourism
servicePort: 9528
- path: /260207/renyike/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-renyike
servicePort: 9528
- path: /260207/scanner/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-scanner
servicePort: 9528
- path: /260207/security/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-security
servicePort: 9528
- path: /260207/securityh5/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-securityh5
servicePort: 9528
- path: /260207/seniclive/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-seniclive
servicePort: 9528
- path: /260207/share/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-share
servicePort: 9528
- path: /260207/smauth/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-smauth
servicePort: 9528
- path: /260207/smsecret/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-smsecret
servicePort: 9528
- path: /260207/splice/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-splice
servicePort: 9528
- path: /260207/threedsimulation/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-threedsimulation
servicePort: 9528
- path: /260207/traffic/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-traffic
servicePort: 9528
- path: /260207/uas/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-uas
servicePort: 9528
- path: /260207/uas/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-uaskny
servicePort: 9528
- path: /260207/uasms/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-uasms
servicePort: 9528
- path: /260207/uasms/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-uasmskny
servicePort: 9528
- path: /260207/visualization/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-platform-visualization
servicePort: 9528
- path: /260207/uavmsmanager/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uavms-platform-manager
servicePort: 9528
- path: /260207/secenter/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uavms-platform-security-center
servicePort: 9528
---
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: backend-applications-ingress
namespace: sc-cd-uav-260207
labels:
type: backend
octopus.control: all-ingress-config-wdd
app.kubernetes.io/managed-by: octopus-control
app.kubernetes.io/version: "2.0"
annotations:
kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/enable-cors: "true"
spec:
rules:
- host: cmii-admin-data.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-admin-data
servicePort: 8080
- host: cmii-admin-gateway.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-admin-gateway
servicePort: 8080
- host: cmii-admin-user.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-admin-user
servicePort: 8080
- host: cmii-app-release.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-app-release
servicePort: 8080
- host: cmii-open-gateway.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-open-gateway
servicePort: 8080
- host: cmii-sky-converge.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-sky-converge
servicePort: 8080
- host: cmii-suav-supervision.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-suav-supervision
servicePort: 8080
- host: cmii-uas-datahub.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uas-datahub
servicePort: 8080
- host: cmii-uas-gateway.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uas-gateway
servicePort: 8080
- host: cmii-uas-lifecycle.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uas-lifecycle
servicePort: 8080
- host: cmii-uav-advanced5g.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-advanced5g
servicePort: 8080
- host: cmii-uav-airspace.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-airspace
servicePort: 8080
- host: cmii-uav-alarm.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-alarm
servicePort: 8080
- host: cmii-uav-autowaypoint.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-autowaypoint
servicePort: 8080
- host: cmii-uav-brain.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-brain
servicePort: 8080
- host: cmii-uav-bridge.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-bridge
servicePort: 8080
- host: cmii-uav-cloud-live.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-cloud-live
servicePort: 8080
- host: cmii-uav-clusters.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-clusters
servicePort: 8080
- host: cmii-uav-cms.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-cms
servicePort: 8080
- host: cmii-uav-data-post-process.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-data-post-process
servicePort: 8080
- host: cmii-uav-depotautoreturn.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-depotautoreturn
servicePort: 8080
- host: cmii-uav-developer.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-developer
servicePort: 8080
- host: cmii-uav-device.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-device
servicePort: 8080
- host: cmii-uav-emergency.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-emergency
servicePort: 8080
- host: cmii-uav-fwdd.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-fwdd
servicePort: 8080
- host: cmii-uav-gateway.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-gateway
servicePort: 8080
- host: cmii-uav-gis-server.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-gis-server
servicePort: 8080
- host: cmii-uav-grid-datasource.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-grid-datasource
servicePort: 8080
- host: cmii-uav-grid-engine.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-grid-engine
servicePort: 8080
- host: cmii-uav-grid-manage.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-grid-manage
servicePort: 8080
- host: cmii-uav-industrial-portfolio.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-industrial-portfolio
servicePort: 8080
- host: cmii-uav-integration.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-integration
servicePort: 8080
- host: cmii-uav-iot-dispatcher.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-iot-dispatcher
servicePort: 8080
- host: cmii-uav-iot-manager.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-iot-manager
servicePort: 8080
- host: cmii-uav-kpi-monitor.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-kpi-monitor
servicePort: 8080
- host: cmii-uav-logger.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-logger
servicePort: 8080
- host: cmii-uav-material-warehouse.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-material-warehouse
servicePort: 8080
- host: cmii-uav-mission.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-mission
servicePort: 8080
- host: cmii-uav-mqtthandler.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-mqtthandler
servicePort: 8080
- host: cmii-uav-multilink.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-multilink
servicePort: 8080
- host: cmii-uav-notice.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-notice
servicePort: 8080
- host: cmii-uav-oauth.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-oauth
servicePort: 8080
- host: cmii-uav-process.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-process
servicePort: 8080
- host: cmii-uav-sec-awareness.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-sec-awareness
servicePort: 8080
- host: cmii-uav-security-trace.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-security-trace
servicePort: 8080
- host: cmii-uav-sense-adapter.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-sense-adapter
servicePort: 8080
- host: cmii-uav-surveillance.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-surveillance
servicePort: 8080
- host: cmii-uav-sync.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-sync
servicePort: 8080
- host: cmii-uav-tcp-server.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-tcp-server
servicePort: 8080
- host: cmii-uav-threedsimulation.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-threedsimulation
servicePort: 8080
- host: cmii-uav-tower.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-tower
servicePort: 8080
- host: cmii-uav-user.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-user
servicePort: 8080
- host: cmii-uav-watchdog.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-watchdog
servicePort: 8080
- host: cmii-uav-waypoint.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-waypoint
servicePort: 8080
- host: cmii-uavms-pyfusion.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uavms-pyfusion
servicePort: 8080
- host: cmii-uavms-security-center.uavcloud-260207.io
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
serviceName: cmii-uavms-security-center
servicePort: 8080
---
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: all-gateways-ingress
namespace: sc-cd-uav-260207
labels:
type: api-gateway
octopus.control: all-ingress-config-1.1.0
app.kubernetes.io/managed-by: octopus-control
app.kubernetes.io/version: "2.0"
annotations:
kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/enable-cors: "true"
nginx.ingress.kubernetes.io/rewrite-target: /$1
nginx.ingress.kubernetes.io/configuration-snippet: |
proxy_set_header upgradePrefix $http_upgrade;
proxy_set_header Connection "upgradePrefix";
spec:
rules:
- host: fake-domain.sc-cd-uav-260207.io
http:
paths:
- path: /260207/oms/api/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-admin-gateway
servicePort: 8080
- path: /260207/open/api/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-open-gateway
servicePort: 8080
- path: /260207/api/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uav-gateway
servicePort: 8080
- path: /260207/uas/api/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-uas-gateway
servicePort: 8080
- path: /260207/converge/?(.*)
pathType: ImplementationSpecific
backend:
serviceName: cmii-sky-converge
servicePort: 8080

78
73-202602-成都市工业职业技术学院/k8s-depoly/k8s-mongo.yaml Normal file
View File

@@ -0,0 +1,78 @@
---
apiVersion: v1
kind: Service
metadata:
name: helm-mongo
namespace: sc-cd-uav-260207
labels:
cmii.app: helm-mongo
cmii.type: middleware
helm.sh/chart: mongo-1.1.0
app.kubernetes.io/managed-by: octopus-control
app.kubernetes.io/version: "2.0"
spec:
type: NodePort
selector:
cmii.app: helm-mongo
cmii.type: middleware
ports:
- port: 27017
name: server-27017
targetPort: 27017
nodePort: 37017
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: helm-mongo
namespace: sc-cd-uav-260207
labels:
cmii.app: helm-mongo
cmii.type: middleware
helm.sh/chart: mongo-1.1.0
app.kubernetes.io/managed-by: octopus-control
app.kubernetes.io/version: "2.0"
spec:
serviceName: helm-mongo
replicas: 1
selector:
matchLabels:
cmii.app: helm-mongo
cmii.type: middleware
template:
metadata:
labels:
cmii.app: helm-mongo
cmii.type: middleware
helm.sh/chart: mongo-1.1.0
app.kubernetes.io/managed-by: octopus-control
app.kubernetes.io/version: "2.0"
annotations:
pod.alpha.kubernetes.io/initialized: "true"
spec:
imagePullSecrets:
- name: harborsecret
affinity: {}
containers:
- name: helm-mongo
image: 172.22.106.77:8033/cmii/mongo:5.0
resources: {}
ports:
- containerPort: 27017
name: mongo27017
protocol: TCP
env:
- name: MONGO_INITDB_ROOT_USERNAME
value: cmlc
- name: MONGO_INITDB_ROOT_PASSWORD
value: REdPza8#oVlt
volumeMounts:
- name: mongo-data
mountPath: /data/db
readOnly: false
subPath: default/helm-mongo/data/db
volumes:
- name: mongo-data
persistentVolumeClaim:
claimName: helm-mongo
---

410
73-202602-成都市工业职业技术学院/k8s-depoly/k8s-mysql.yaml Normal file
View File

@@ -0,0 +1,410 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: helm-mysql
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/name: mysql-db
octopus.control: mysql-db-wdd
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/managed-by: octopus
annotations: {}
secrets:
- name: helm-mysql
---
apiVersion: v1
kind: Secret
metadata:
name: helm-mysql
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/name: mysql-db
octopus.control: mysql-db-wdd
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/managed-by: octopus
type: Opaque
data:
mysql-root-password: "UXpmWFFoZDNiUQ=="
mysql-password: "S0F0cm5PckFKNw=="
---
apiVersion: v1
kind: ConfigMap
metadata:
name: helm-mysql
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/name: mysql-db
octopus.control: mysql-db-wdd
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/managed-by: octopus
app.kubernetes.io/component: primary
data:
my.cnf: |-
[mysqld]
port=3306
basedir=/opt/bitnami/mysql
datadir=/bitnami/mysql/data
pid-file=/opt/bitnami/mysql/tmp/mysqld.pid
socket=/opt/bitnami/mysql/tmp/mysql.sock
log-error=/bitnami/mysql/data/error.log
general_log_file = /bitnami/mysql/data/general.log
slow_query_log_file = /bitnami/mysql/data/slow.log
innodb_data_file_path = ibdata1:512M:autoextend
innodb_buffer_pool_size = 512M
innodb_buffer_pool_instances = 2
innodb_log_file_size = 512M
innodb_log_files_in_group = 4
innodb_log_files_in_group = 4
log-bin = /bitnami/mysql/data/mysql-bin
max_binlog_size=1G
transaction_isolation = REPEATABLE-READ
default_storage_engine = innodb
character-set-server = utf8mb4
collation-server=utf8mb4_bin
binlog_format = ROW
binlog_rows_query_log_events=on
binlog_cache_size=4M
binlog_expire_logs_seconds = 1296000
max_binlog_cache_size=2G
gtid_mode = on
enforce_gtid_consistency = 1
sync_binlog = 1
innodb_flush_log_at_trx_commit = 1
innodb_flush_method = O_DIRECT
log_slave_updates=1
relay_log_recovery = 1
relay-log-purge = 1
default_time_zone = '+08:00'
lower_case_table_names=1
log_bin_trust_function_creators=1
group_concat_max_len=67108864
innodb_io_capacity = 4000
innodb_io_capacity_max = 8000
innodb_flush_sync = 0
innodb_flush_neighbors = 0
innodb_write_io_threads = 8
innodb_read_io_threads = 8
innodb_purge_threads = 4
innodb_page_cleaners = 4
innodb_open_files = 65535
innodb_max_dirty_pages_pct = 50
innodb_lru_scan_depth = 4000
innodb_checksum_algorithm = crc32
innodb_lock_wait_timeout = 10
innodb_rollback_on_timeout = 1
innodb_print_all_deadlocks = 1
innodb_file_per_table = 1
innodb_online_alter_log_max_size = 4G
innodb_stats_on_metadata = 0
innodb_thread_concurrency = 0
innodb_sync_spin_loops = 100
innodb_spin_wait_delay = 30
lock_wait_timeout = 3600
slow_query_log = 1
long_query_time = 10
log_queries_not_using_indexes =1
log_throttle_queries_not_using_indexes = 60
min_examined_row_limit = 100
log_slow_admin_statements = 1
log_slow_slave_statements = 1
default_authentication_plugin=mysql_native_password
skip-name-resolve=1
explicit_defaults_for_timestamp=1
plugin_dir=/opt/bitnami/mysql/plugin
max_allowed_packet=128M
max_connections = 2000
max_connect_errors = 1000000
table_definition_cache=2000
table_open_cache_instances=64
tablespace_definition_cache=1024
thread_cache_size=256
interactive_timeout = 600
wait_timeout = 600
tmpdir=/opt/bitnami/mysql/tmp
max_allowed_packet=32M
bind-address=0.0.0.0
performance_schema = 1
performance_schema_instrument = '%memory%=on'
performance_schema_instrument = '%lock%=on'
innodb_monitor_enable=ALL
[mysql]
no-auto-rehash
[mysqldump]
quick
max_allowed_packet = 32M
[client]
port=3306
socket=/opt/bitnami/mysql/tmp/mysql.sock
default-character-set=UTF8
plugin_dir=/opt/bitnami/mysql/plugin
[manager]
port=3306
socket=/opt/bitnami/mysql/tmp/mysql.sock
pid-file=/opt/bitnami/mysql/tmp/mysqld.pid
---
apiVersion: v1
kind: ConfigMap
metadata:
name: helm-mysql-init-scripts
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/name: mysql-db
octopus.control: mysql-db-wdd
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/managed-by: octopus
app.kubernetes.io/component: primary
data:
create_users_grants_core.sql: |-
create user zyly@'%' identified by 'Cmii@451315';
grant select on *.* to zyly@'%';
create user zyly_qc@'%' identified by 'Uh)E_owCyb16';
grant all on *.* to zyly_qc@'%';
create user k8s_admin@'%' identified by 'fP#UaH6qQ3)8';
grant all on *.* to k8s_admin@'%';
create user audit_dba@'%' identified by 'PjCzqiBmJaTpgkoYXynH';
grant all on *.* to audit_dba@'%';
create user db_backup@'%' identified by 'RU5Pu(4FGdT9';
GRANT SELECT, RELOAD, PROCESS, LOCK TABLES, REPLICATION CLIENT, EVENT on *.* to db_backup@'%';
create user monitor@'%' identified by 'PL3#nGtrWbf-';
grant REPLICATION CLIENT on *.* to monitor@'%';
flush privileges;
---
kind: Service
apiVersion: v1
metadata:
name: cmii-mysql
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/component: primary
app.kubernetes.io/managed-by: octopus
app.kubernetes.io/name: mysql-db
app.kubernetes.io/release: sc-cd-uav-260207
cmii.app: mysql
cmii.type: middleware
octopus.control: mysql-db-wdd
spec:
ports:
- name: mysql
protocol: TCP
port: 13306
targetPort: mysql
selector:
app.kubernetes.io/component: primary
app.kubernetes.io/name: mysql-db
app.kubernetes.io/release: sc-cd-uav-260207
cmii.app: mysql
cmii.type: middleware
type: ClusterIP
---
apiVersion: v1
kind: Service
metadata:
name: helm-mysql-headless
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/name: mysql-db
octopus.control: mysql-db-wdd
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/managed-by: octopus
cmii.type: middleware
cmii.app: mysql
app.kubernetes.io/component: primary
annotations: {}
spec:
type: ClusterIP
clusterIP: None
publishNotReadyAddresses: true
ports:
- name: mysql
port: 3306
targetPort: mysql
selector:
app.kubernetes.io/name: mysql-db
app.kubernetes.io/release: sc-cd-uav-260207
cmii.type: middleware
cmii.app: mysql
app.kubernetes.io/component: primary
---
apiVersion: v1
kind: Service
metadata:
name: helm-mysql
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/name: mysql-db
octopus.control: mysql-db-wdd
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/managed-by: octopus
cmii.type: middleware
cmii.app: mysql
app.kubernetes.io/component: primary
annotations: {}
spec:
type: NodePort
ports:
- name: mysql
port: 3306
protocol: TCP
targetPort: mysql
nodePort: 33306
selector:
app.kubernetes.io/name: mysql-db
app.kubernetes.io/release: sc-cd-uav-260207
cmii.type: middleware
cmii.app: mysql
app.kubernetes.io/component: primary
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: helm-mysql
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/name: mysql-db
octopus.control: mysql-db-wdd
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/managed-by: octopus
cmii.type: middleware
cmii.app: mysql
app.kubernetes.io/component: primary
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: mysql-db
app.kubernetes.io/release: sc-cd-uav-260207
cmii.type: middleware
cmii.app: mysql
app.kubernetes.io/component: primary
serviceName: helm-mysql
updateStrategy:
type: RollingUpdate
template:
metadata:
annotations:
checksum/configuration: 6b60fa0f3a846a6ada8effdc4f823cf8003d42a8c8f630fe8b1b66d3454082dd
labels:
app.kubernetes.io/name: mysql-db
octopus.control: mysql-db-wdd
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/managed-by: octopus
cmii.type: middleware
cmii.app: mysql
app.kubernetes.io/component: primary
spec:
imagePullSecrets:
- name: harborsecret
serviceAccountName: helm-mysql
affinity: {}
nodeSelector:
mysql-deploy: "true"
securityContext:
fsGroup: 1001
initContainers:
- name: change-volume-permissions
image: 172.22.106.77:8033/cmii/bitnami-shell:11-debian-11-r136
imagePullPolicy: "Always"
command:
- /bin/bash
- -ec
- |
chown -R 1001:1001 /bitnami/mysql
securityContext:
runAsUser: 0
volumeMounts:
- name: mysql-data
mountPath: /bitnami/mysql
containers:
- name: mysql
image: 172.22.106.77:8033/cmii/mysql:8.1.0-debian-11-r42
imagePullPolicy: "IfNotPresent"
securityContext:
runAsUser: 1001
env:
- name: BITNAMI_DEBUG
value: "true"
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: helm-mysql
key: mysql-root-password
- name: MYSQL_DATABASE
value: "cmii"
ports:
- name: mysql
containerPort: 3306
livenessProbe:
failureThreshold: 5
initialDelaySeconds: 120
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 3
exec:
command:
- /bin/bash
- -ec
- |
password_aux="${MYSQL_ROOT_PASSWORD:-}"
if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then
password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE")
fi
mysqladmin status -uroot -p"${password_aux}"
readinessProbe:
failureThreshold: 5
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 3
exec:
command:
- /bin/bash
- -ec
- |
password_aux="${MYSQL_ROOT_PASSWORD:-}"
if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then
password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE")
fi
mysqladmin status -uroot -p"${password_aux}"
startupProbe:
failureThreshold: 60
initialDelaySeconds: 120
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
exec:
command:
- /bin/bash
- -ec
- |
password_aux="${MYSQL_ROOT_PASSWORD:-}"
if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then
password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE")
fi
mysqladmin status -uroot -p"${password_aux}"
resources:
limits: {}
requests: {}
volumeMounts:
- name: mysql-data
mountPath: /bitnami/mysql
- name: custom-init-scripts
mountPath: /docker-entrypoint-initdb.d
- name: config
mountPath: /opt/bitnami/mysql/conf/my.cnf
subPath: my.cnf
volumes:
- name: config
configMap:
name: helm-mysql
- name: custom-init-scripts
configMap:
name: helm-mysql-init-scripts
- name: mysql-data
hostPath:
path: /var/lib/docker/mysql-pv/sc-cd-uav-260207/

130
73-202602-成都市工业职业技术学院/k8s-depoly/k8s-nacos.yaml Normal file
View File

@@ -0,0 +1,130 @@
---
apiVersion: v1
kind: ConfigMap
metadata:
name: helm-nacos-cm
namespace: sc-cd-uav-260207
labels:
cmii.app: helm-nacos
cmii.type: middleware
octopus.control: nacos-wdd
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/version: "2.0"
data:
mysql.db.name: "cmii_nacos_config"
mysql.db.host: "helm-mysql"
mysql.port: "3306"
mysql.user: "k8s_admin"
mysql.password: "fP#UaH6qQ3)8"
---
apiVersion: v1
kind: Service
metadata:
name: helm-nacos
namespace: sc-cd-uav-260207
labels:
cmii.app: helm-nacos
cmii.type: middleware
octopus.control: nacos-wdd
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/version: "2.0"
spec:
type: NodePort
selector:
cmii.app: helm-nacos
cmii.type: middleware
ports:
- port: 8848
name: server
targetPort: 8848
nodePort: 38848
- port: 9848
name: server12
targetPort: 9848
- port: 9849
name: server23
targetPort: 9849
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: helm-nacos
namespace: sc-cd-uav-260207
labels:
cmii.app: helm-nacos
cmii.type: middleware
octopus.control: nacos-wdd
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/version: "2.0"
spec:
serviceName: helm-nacos
replicas: 1
selector:
matchLabels:
cmii.app: helm-nacos
cmii.type: middleware
template:
metadata:
labels:
cmii.app: helm-nacos
cmii.type: middleware
octopus.control: nacos-wdd
app.kubernetes.io/managed-by: octopus
app.kubernetes.io/version: "2.0"
annotations:
pod.alpha.kubernetes.io/initialized: "true"
spec:
imagePullSecrets:
- name: harborsecret
affinity: {}
containers:
- name: nacos-server
image: 172.22.106.77:8033/cmii/nacos-server:v2.1.2
ports:
- containerPort: 8848
name: dashboard
- containerPort: 9848
name: tcp-9848
- containerPort: 9849
name: tcp-9849
env:
- name: NACOS_AUTH_ENABLE
value: "false"
- name: NACOS_REPLICAS
value: "1"
- name: MYSQL_SERVICE_DB_NAME
valueFrom:
configMapKeyRef:
name: helm-nacos-cm
key: mysql.db.name
- name: MYSQL_SERVICE_PORT
valueFrom:
configMapKeyRef:
name: helm-nacos-cm
key: mysql.port
- name: MYSQL_SERVICE_USER
valueFrom:
configMapKeyRef:
name: helm-nacos-cm
key: mysql.user
- name: MYSQL_SERVICE_PASSWORD
valueFrom:
configMapKeyRef:
name: helm-nacos-cm
key: mysql.password
- name: MYSQL_SERVICE_HOST
valueFrom:
configMapKeyRef:
name: helm-nacos-cm
key: mysql.db.host
- name: NACOS_SERVER_PORT
value: "8848"
- name: NACOS_APPLICATION_PORT
value: "8848"
- name: PREFER_HOST_MODE
value: "hostname"
- name: MODE
value: standalone
- name: SPRING_DATASOURCE_PLATFORM
value: mysql
---

38
73-202602-成都市工业职业技术学院/k8s-depoly/k8s-nfs-test.yaml Normal file
View File

@@ -0,0 +1,38 @@
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: test-claim
annotations:
volume.beta.kubernetes.io/storage-class: "nfs-prod-distribute" #与nfs-StorageClass.yaml metadata.name保持一致
spec:
accessModes:
- ReadWriteOnce
storageClassName: nfs-prod-distribute
resources:
requests:
storage: 1Mi
---
kind: Pod
apiVersion: v1
metadata:
name: test-pod
spec:
imagePullSecrets:
- name: harborsecret
containers:
- name: test-pod
image: 172.22.106.77:8033/cmii/busybox:latest
command:
- "/bin/sh"
args:
- "-c"
- "touch /mnt/NFS-CREATE-SUCCESS && exit 0 || exit 1" #创建一个SUCCESS文件后退出
volumeMounts:
- name: nfs-pvc
mountPath: "/mnt"
restartPolicy: "Never"
volumes:
- name: nfs-pvc
persistentVolumeClaim:
claimName: test-claim #与PVC名称保持一致

114
73-202602-成都市工业职业技术学院/k8s-depoly/k8s-nfs.yaml Normal file
View File

@@ -0,0 +1,114 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: nfs-client-provisioner
# replace with namespace where provisioner is deployed
namespace: kube-system #根据实际环境设定namespace,下面类同
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: nfs-client-provisioner-runner
rules:
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "create", "delete"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list", "watch", "update"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["events"]
verbs: ["create", "update", "patch"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: run-nfs-client-provisioner
subjects:
- kind: ServiceAccount
name: nfs-client-provisioner
# replace with namespace where provisioner is deployed
namespace: kube-system
roleRef:
kind: ClusterRole
# name: nfs-client-provisioner-runner
name: cluster-admin
apiGroup: rbac.authorization.k8s.io
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: leader-locking-nfs-client-provisioner
# replace with namespace where provisioner is deployed
namespace: kube-system
rules:
- apiGroups: [""]
resources: ["endpoints"]
verbs: ["get", "list", "watch", "create", "update", "patch"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: leader-locking-nfs-client-provisioner
subjects:
- kind: ServiceAccount
name: nfs-client-provisioner
# replace with namespace where provisioner is deployed
namespace: kube-system
roleRef:
kind: Role
name: leader-locking-nfs-client-provisioner
apiGroup: rbac.authorization.k8s.io
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: nfs-prod-distribute
provisioner: cmlc-nfs-storage #这里的名称要和provisioner配置文件中的环境变量PROVISIONER_NAME保持一致parameters: archiveOnDelete: "false"
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: nfs-client-provisioner
labels:
app: nfs-client-provisioner
# replace with namespace where provisioner is deployed
namespace: kube-system #与RBAC文件中的namespace保持一致
spec:
replicas: 1
selector:
matchLabels:
app: nfs-client-provisioner
strategy:
type: Recreate
template:
metadata:
labels:
app: nfs-client-provisioner
spec:
imagePullSecrets:
- name: harborsecret
serviceAccountName: nfs-client-provisioner
containers:
- name: nfs-client-provisioner
image: 172.22.106.77:8033/cmii/nfs-subdir-external-provisioner:v4.0.2
volumeMounts:
- name: nfs-client-root
mountPath: /persistentvolumes
env:
- name: PROVISIONER_NAME
value: cmlc-nfs-storage
- name: NFS_SERVER
value: 172.22.106.77
- name: NFS_PATH
value: /var/lib/docker/nfs_data
volumes:
- name: nfs-client-root
nfs:
server: 172.22.106.77
path: /var/lib/docker/nfs_data

76
73-202602-成都市工业职业技术学院/k8s-depoly/k8s-pvc.yaml Normal file
View File

@@ -0,0 +1,76 @@
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: nfs-backend-log-pvc
namespace: sc-cd-uav-260207
labels:
cmii.type: middleware-base
cmii.app: nfs-backend-log-pvc
helm.sh/chart: all-persistence-volume-claims-1.1.0
app.kubernetes.io/version: "2.0"
spec:
storageClassName: nfs-prod-distribute
accessModes:
- ReadWriteMany
volumeMode: Filesystem
resources:
requests:
storage: 100Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: helm-emqxs
namespace: sc-cd-uav-260207
labels:
cmii.type: middleware-base
cmii.app: helm-emqxs
helm.sh/chart: all-persistence-volume-claims-1.1.0
app.kubernetes.io/version: "2.0"
spec:
storageClassName: nfs-prod-distribute
accessModes:
- ReadWriteMany
volumeMode: Filesystem
resources:
requests:
storage: 20Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: helm-mongo
namespace: sc-cd-uav-260207
labels:
cmii.type: middleware-base
cmii.app: helm-mongo
helm.sh/chart: all-persistence-volume-claims-1.1.0
app.kubernetes.io/version: "2.0"
spec:
storageClassName: nfs-prod-distribute
accessModes:
- ReadWriteMany
volumeMode: Filesystem
resources:
requests:
storage: 30Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: helm-rabbitmq
namespace: sc-cd-uav-260207
labels:
cmii.type: middleware-base
cmii.app: helm-rabbitmq
helm.sh/chart: all-persistence-volume-claims-1.1.0
app.kubernetes.io/version: "2.0"
spec:
storageClassName: nfs-prod-distribute
accessModes:
- ReadWriteMany
volumeMode: Filesystem
resources:
requests:
storage: 20Gi

328
73-202602-成都市工业职业技术学院/k8s-depoly/k8s-rabbitmq.yaml Normal file
View File

@@ -0,0 +1,328 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: helm-rabbitmq
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/name: helm-rabbitmq
helm.sh/chart: rabbitmq-8.26.1
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/managed-by: rabbitmq
automountServiceAccountToken: true
secrets:
- name: helm-rabbitmq
---
apiVersion: v1
kind: Secret
metadata:
name: helm-rabbitmq
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/name: helm-rabbitmq
helm.sh/chart: rabbitmq-8.26.1
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/managed-by: rabbitmq
type: Opaque
data:
rabbitmq-password: "blljUk45MXIuX2hq"
rabbitmq-erlang-cookie: "emFBRmt1ZU1xMkJieXZvdHRYbWpoWk52UThuVXFzcTU="
---
apiVersion: v1
kind: ConfigMap
metadata:
name: helm-rabbitmq-config
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/name: helm-rabbitmq
helm.sh/chart: rabbitmq-8.26.1
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/managed-by: rabbitmq
data:
rabbitmq.conf: |-
## Username and password
##
default_user = admin
default_pass = nYcRN91r._hj
## Clustering
##
cluster_formation.peer_discovery_backend = rabbit_peer_discovery_k8s
cluster_formation.k8s.host = kubernetes.default.svc.cluster.local
cluster_formation.node_cleanup.interval = 10
cluster_formation.node_cleanup.only_log_warning = true
cluster_partition_handling = autoheal
# queue master locator
queue_master_locator = min-masters
# enable guest user
loopback_users.guest = false
#default_vhost = default-vhost
#disk_free_limit.absolute = 50MB
#load_definitions = /app/load_definition.json
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: helm-rabbitmq-endpoint-reader
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/name: helm-rabbitmq
helm.sh/chart: rabbitmq-8.26.1
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/managed-by: rabbitmq
rules:
- apiGroups: [""]
resources: ["endpoints"]
verbs: ["get"]
- apiGroups: [""]
resources: ["events"]
verbs: ["create"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: helm-rabbitmq-endpoint-reader
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/name: helm-rabbitmq
helm.sh/chart: rabbitmq-8.26.1
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/managed-by: rabbitmq
subjects:
- kind: ServiceAccount
name: helm-rabbitmq
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: helm-rabbitmq-endpoint-reader
---
apiVersion: v1
kind: Service
metadata:
name: helm-rabbitmq-headless
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/name: helm-rabbitmq
helm.sh/chart: rabbitmq-8.26.1
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/managed-by: rabbitmq
spec:
clusterIP: None
ports:
- name: epmd
port: 4369
targetPort: epmd
- name: amqp
port: 5672
targetPort: amqp
- name: dist
port: 25672
targetPort: dist
- name: dashboard
port: 15672
targetPort: stats
selector:
app.kubernetes.io/name: helm-rabbitmq
app.kubernetes.io/release: sc-cd-uav-260207
publishNotReadyAddresses: true
---
apiVersion: v1
kind: Service
metadata:
name: helm-rabbitmq
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/name: helm-rabbitmq
helm.sh/chart: rabbitmq-8.26.1
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/managed-by: rabbitmq
spec:
type: NodePort
ports:
- name: amqp
port: 5672
targetPort: amqp
nodePort: 35672
- name: dashboard
port: 15672
targetPort: dashboard
nodePort: 36675
selector:
app.kubernetes.io/name: helm-rabbitmq
app.kubernetes.io/release: sc-cd-uav-260207
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: helm-rabbitmq
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/name: helm-rabbitmq
helm.sh/chart: rabbitmq-8.26.1
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/managed-by: rabbitmq
spec:
serviceName: helm-rabbitmq-headless
podManagementPolicy: OrderedReady
replicas: 1
updateStrategy:
type: RollingUpdate
selector:
matchLabels:
app.kubernetes.io/name: helm-rabbitmq
app.kubernetes.io/release: sc-cd-uav-260207
template:
metadata:
labels:
app.kubernetes.io/name: helm-rabbitmq
helm.sh/chart: rabbitmq-8.26.1
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/managed-by: rabbitmq
annotations:
checksum/config: d6c2caa9572f64a06d9f7daa34c664a186b4778cd1697ef8e59663152fc628f1
checksum/secret: d764e7b3d999e7324d1afdfec6140092a612f04b6e0306818675815cec2f454f
spec:
imagePullSecrets:
- name: harborsecret
serviceAccountName: helm-rabbitmq
affinity: {}
securityContext:
fsGroup: 5001
runAsUser: 5001
terminationGracePeriodSeconds: 120
initContainers:
- name: volume-permissions
image: 172.22.106.77:8033/cmii/bitnami-shell:11-debian-11-r136
imagePullPolicy: "Always"
command:
- /bin/bash
args:
- -ec
- |
mkdir -p "/bitnami/rabbitmq/mnesia"
chown -R "5001:5001" "/bitnami/rabbitmq/mnesia"
securityContext:
runAsUser: 0
resources:
limits: {}
requests: {}
volumeMounts:
- name: data
mountPath: /bitnami/rabbitmq/mnesia
containers:
- name: rabbitmq
image: 172.22.106.77:8033/cmii/rabbitmq:3.9.12-debian-10-r3
imagePullPolicy: "Always"
env:
- name: BITNAMI_DEBUG
value: "false"
- name: MY_POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: MY_POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: MY_POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: K8S_SERVICE_NAME
value: "helm-rabbitmq-headless"
- name: K8S_ADDRESS_TYPE
value: hostname
- name: RABBITMQ_FORCE_BOOT
value: "no"
- name: RABBITMQ_NODE_NAME
value: "rabbit@$(MY_POD_NAME).$(K8S_SERVICE_NAME).$(MY_POD_NAMESPACE).svc.cluster.local"
- name: K8S_HOSTNAME_SUFFIX
value: ".$(K8S_SERVICE_NAME).$(MY_POD_NAMESPACE).svc.cluster.local"
- name: RABBITMQ_MNESIA_DIR
value: "/bitnami/rabbitmq/mnesia/$(RABBITMQ_NODE_NAME)"
- name: RABBITMQ_LDAP_ENABLE
value: "no"
- name: RABBITMQ_LOGS
value: "-"
- name: RABBITMQ_ULIMIT_NOFILES
value: "65536"
- name: RABBITMQ_USE_LONGNAME
value: "true"
- name: RABBITMQ_ERL_COOKIE
valueFrom:
secretKeyRef:
name: helm-rabbitmq
key: rabbitmq-erlang-cookie
- name: RABBITMQ_LOAD_DEFINITIONS
value: "no"
- name: RABBITMQ_SECURE_PASSWORD
value: "yes"
- name: RABBITMQ_USERNAME
value: "admin"
- name: RABBITMQ_PASSWORD
valueFrom:
secretKeyRef:
name: helm-rabbitmq
key: rabbitmq-password
- name: RABBITMQ_PLUGINS
value: "rabbitmq_management, rabbitmq_peer_discovery_k8s, rabbitmq_shovel, rabbitmq_shovel_management, rabbitmq_auth_backend_ldap"
ports:
- name: amqp
containerPort: 5672
- name: dist
containerPort: 25672
- name: dashboard
containerPort: 15672
- name: epmd
containerPort: 4369
livenessProbe:
exec:
command:
- /bin/bash
- -ec
- rabbitmq-diagnostics -q ping
initialDelaySeconds: 120
periodSeconds: 30
timeoutSeconds: 20
successThreshold: 1
failureThreshold: 6
readinessProbe:
exec:
command:
- /bin/bash
- -ec
- rabbitmq-diagnostics -q check_running && rabbitmq-diagnostics -q check_local_alarms
initialDelaySeconds: 10
periodSeconds: 30
timeoutSeconds: 20
successThreshold: 1
failureThreshold: 3
lifecycle:
preStop:
exec:
command:
- /bin/bash
- -ec
- |
if [[ -f /opt/bitnami/scripts/rabbitmq/nodeshutdown.sh ]]; then
/opt/bitnami/scripts/rabbitmq/nodeshutdown.sh -t "120" -d "false"
else
rabbitmqctl stop_app
fi
resources:
limits: {}
requests: {}
volumeMounts:
- name: configuration
mountPath: /bitnami/rabbitmq/conf
- name: data
mountPath: /bitnami/rabbitmq/mnesia
volumes:
- name: configuration
configMap:
name: helm-rabbitmq-config
items:
- key: rabbitmq.conf
path: rabbitmq.conf
- name: data
persistentVolumeClaim:
claimName: helm-rabbitmq

585
73-202602-成都市工业职业技术学院/k8s-depoly/k8s-redis.yaml Normal file
View File

@@ -0,0 +1,585 @@
---
apiVersion: v1
kind: ServiceAccount
automountServiceAccountToken: true
metadata:
name: helm-redis
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/name: redis-db
octopus.control: redis-db-wdd
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/managed-by: octopus
---
apiVersion: v1
kind: Secret
metadata:
name: helm-redis
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/name: redis-db
octopus.control: redis-db-wdd
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/managed-by: octopus
type: Opaque
data:
redis-password: "TWNhY2hlQDQ1MjI="
---
apiVersion: v1
kind: ConfigMap
metadata:
name: helm-redis-configuration
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/name: redis-db
octopus.control: redis-db-wdd
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/managed-by: octopus
data:
redis.conf: |-
# User-supplied common configuration:
# Enable AOF https://redis.io/topics/persistence#append-only-file
appendonly yes
# Disable RDB persistence, AOF persistence already enabled.
save ""
# End of common configuration
master.conf: |-
dir /data
# User-supplied master configuration:
rename-command FLUSHDB ""
rename-command FLUSHALL ""
# End of master configuration
replica.conf: |-
dir /data
slave-read-only yes
# User-supplied replica configuration:
rename-command FLUSHDB ""
rename-command FLUSHALL ""
# End of replica configuration
---
# Source: outside-deploy/charts/redis-db/templates/health-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: helm-redis-health
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/name: redis-db
octopus.control: redis-db-wdd
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/managed-by: octopus
data:
ping_readiness_local.sh: |-
#!/bin/bash
[[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")"
[[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD"
response=$(
timeout -s 3 $1 \
redis-cli \
-h localhost \
-p $REDIS_PORT \
ping
)
if [ "$response" != "PONG" ]; then
echo "$response"
exit 1
fi
ping_liveness_local.sh: |-
#!/bin/bash
[[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")"
[[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD"
response=$(
timeout -s 3 $1 \
redis-cli \
-h localhost \
-p $REDIS_PORT \
ping
)
if [ "$response" != "PONG" ] && [ "$response" != "LOADING Redis is loading the dataset in memory" ]; then
echo "$response"
exit 1
fi
ping_readiness_master.sh: |-
#!/bin/bash
[[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")"
[[ -n "$REDIS_MASTER_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_MASTER_PASSWORD"
response=$(
timeout -s 3 $1 \
redis-cli \
-h $REDIS_MASTER_HOST \
-p $REDIS_MASTER_PORT_NUMBER \
ping
)
if [ "$response" != "PONG" ]; then
echo "$response"
exit 1
fi
ping_liveness_master.sh: |-
#!/bin/bash
[[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")"
[[ -n "$REDIS_MASTER_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_MASTER_PASSWORD"
response=$(
timeout -s 3 $1 \
redis-cli \
-h $REDIS_MASTER_HOST \
-p $REDIS_MASTER_PORT_NUMBER \
ping
)
if [ "$response" != "PONG" ] && [ "$response" != "LOADING Redis is loading the dataset in memory" ]; then
echo "$response"
exit 1
fi
ping_readiness_local_and_master.sh: |-
script_dir="$(dirname "$0")"
exit_status=0
"$script_dir/ping_readiness_local.sh" $1 || exit_status=$?
"$script_dir/ping_readiness_master.sh" $1 || exit_status=$?
exit $exit_status
ping_liveness_local_and_master.sh: |-
script_dir="$(dirname "$0")"
exit_status=0
"$script_dir/ping_liveness_local.sh" $1 || exit_status=$?
"$script_dir/ping_liveness_master.sh" $1 || exit_status=$?
exit $exit_status
---
# Source: outside-deploy/charts/redis-db/templates/scripts-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: helm-redis-scripts
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/name: redis-db
octopus.control: redis-db-wdd
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/managed-by: octopus
data:
start-master.sh: |
#!/bin/bash
[[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")"
if [[ ! -f /opt/bitnami/redis/etc/master.conf ]];then
cp /opt/bitnami/redis/mounted-etc/master.conf /opt/bitnami/redis/etc/master.conf
fi
if [[ ! -f /opt/bitnami/redis/etc/redis.conf ]];then
cp /opt/bitnami/redis/mounted-etc/redis.conf /opt/bitnami/redis/etc/redis.conf
fi
ARGS=("--port" "${REDIS_PORT}")
ARGS+=("--requirepass" "${REDIS_PASSWORD}")
ARGS+=("--masterauth" "${REDIS_PASSWORD}")
ARGS+=("--include" "/opt/bitnami/redis/etc/redis.conf")
ARGS+=("--include" "/opt/bitnami/redis/etc/master.conf")
exec redis-server "${ARGS[@]}"
start-replica.sh: |
#!/bin/bash
get_port() {
hostname="$1"
type="$2"
port_var=$(echo "${hostname^^}_SERVICE_PORT_$type" | sed "s/-/_/g")
port=${!port_var}
if [ -z "$port" ]; then
case $type in
"SENTINEL")
echo 26379
;;
"REDIS")
echo 6379
;;
esac
else
echo $port
fi
}
get_full_hostname() {
hostname="$1"
echo "${hostname}.${HEADLESS_SERVICE}"
}
REDISPORT=$(get_port "$HOSTNAME" "REDIS")
[[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")"
[[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")"
if [[ ! -f /opt/bitnami/redis/etc/replica.conf ]];then
cp /opt/bitnami/redis/mounted-etc/replica.conf /opt/bitnami/redis/etc/replica.conf
fi
if [[ ! -f /opt/bitnami/redis/etc/redis.conf ]];then
cp /opt/bitnami/redis/mounted-etc/redis.conf /opt/bitnami/redis/etc/redis.conf
fi
echo "" >> /opt/bitnami/redis/etc/replica.conf
echo "replica-announce-port $REDISPORT" >> /opt/bitnami/redis/etc/replica.conf
echo "replica-announce-ip $(get_full_hostname "$HOSTNAME")" >> /opt/bitnami/redis/etc/replica.conf
ARGS=("--port" "${REDIS_PORT}")
ARGS+=("--slaveof" "${REDIS_MASTER_HOST}" "${REDIS_MASTER_PORT_NUMBER}")
ARGS+=("--requirepass" "${REDIS_PASSWORD}")
ARGS+=("--masterauth" "${REDIS_MASTER_PASSWORD}")
ARGS+=("--include" "/opt/bitnami/redis/etc/redis.conf")
ARGS+=("--include" "/opt/bitnami/redis/etc/replica.conf")
exec redis-server "${ARGS[@]}"
---
# Source: outside-deploy/charts/redis-db/templates/headless-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: helm-redis-headless
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/name: redis-db
octopus.control: redis-db-wdd
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/managed-by: octopus
spec:
type: ClusterIP
clusterIP: None
ports:
- name: tcp-redis
port: 6379
targetPort: redis
selector:
app.kubernetes.io/name: redis-db
app.kubernetes.io/release: sc-cd-uav-260207
---
# Source: outside-deploy/charts/redis-db/templates/master/service.yaml
apiVersion: v1
kind: Service
metadata:
name: helm-redis-master
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/name: redis-db
octopus.control: redis-db-wdd
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/managed-by: octopus
cmii.type: middleware
cmii.app: redis
app.kubernetes.io/component: master
spec:
type: ClusterIP
ports:
- name: tcp-redis
port: 6379
targetPort: redis
nodePort: null
selector:
app.kubernetes.io/name: redis-db
app.kubernetes.io/release: sc-cd-uav-260207
cmii.type: middleware
cmii.app: redis
app.kubernetes.io/component: master
---
# Source: outside-deploy/charts/redis-db/templates/replicas/service.yaml
apiVersion: v1
kind: Service
metadata:
name: helm-redis-replicas
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/name: redis-db
octopus.control: redis-db-wdd
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/managed-by: octopus
app.kubernetes.io/component: replica
spec:
type: ClusterIP
ports:
- name: tcp-redis
port: 6379
targetPort: redis
nodePort: null
selector:
app.kubernetes.io/name: redis-db
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/component: replica
---
# Source: outside-deploy/charts/redis-db/templates/master/statefulset.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: helm-redis-master
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/name: redis-db
octopus.control: redis-db-wdd
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/managed-by: octopus
cmii.type: middleware
cmii.app: redis
app.kubernetes.io/component: master
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: redis-db
app.kubernetes.io/release: sc-cd-uav-260207
cmii.type: middleware
cmii.app: redis
app.kubernetes.io/component: master
serviceName: helm-redis-headless
updateStrategy:
rollingUpdate: {}
type: RollingUpdate
template:
metadata:
labels:
app.kubernetes.io/name: redis-db
octopus.control: redis-db-wdd
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/managed-by: octopus
cmii.type: middleware
cmii.app: redis
app.kubernetes.io/component: master
annotations:
checksum/configmap: b64aa5db67e6e63811f3c1095b9fce34d83c86a471fccdda0e48eedb53a179b0
checksum/health: 6e0a6330e5ac63e565ae92af1444527d72d8897f91266f333555b3d323570623
checksum/scripts: b88df93710b7c42a76006e20218f05c6e500e6cc2affd4bb1985832f03166e98
checksum/secret: 43f1b0e20f9cb2de936bd182bc3683b720fc3cf4f4e76cb23c06a52398a50e8d
spec:
affinity: {}
securityContext:
fsGroup: 1001
serviceAccountName: helm-redis
imagePullSecrets:
- name: harborsecret
terminationGracePeriodSeconds: 30
containers:
- name: redis
image: 172.22.106.77:8033/cmii/redis:6.2.14-debian-11-r1
imagePullPolicy: "Always"
securityContext:
runAsUser: 1001
command:
- /bin/bash
args:
- -c
- /opt/bitnami/scripts/start-scripts/start-master.sh
env:
- name: BITNAMI_DEBUG
value: "false"
- name: REDIS_REPLICATION_MODE
value: master
- name: ALLOW_EMPTY_PASSWORD
value: "no"
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: helm-redis
key: redis-password
- name: REDIS_TLS_ENABLED
value: "no"
- name: REDIS_PORT
value: "6379"
ports:
- name: redis
containerPort: 6379
livenessProbe:
initialDelaySeconds: 20
periodSeconds: 5
# One second longer than command timeout should prevent generation of zombie processes.
timeoutSeconds: 6
successThreshold: 1
failureThreshold: 5
exec:
command:
- sh
- -c
- /health/ping_liveness_local.sh 5
readinessProbe:
initialDelaySeconds: 20
periodSeconds: 5
timeoutSeconds: 2
successThreshold: 1
failureThreshold: 5
exec:
command:
- sh
- -c
- /health/ping_readiness_local.sh 1
resources:
limits:
cpu: "2"
memory: 8Gi
requests:
cpu: "2"
memory: 8Gi
volumeMounts:
- name: start-scripts
mountPath: /opt/bitnami/scripts/start-scripts
- name: health
mountPath: /health
- name: redis-data
mountPath: /data
subPath:
- name: config
mountPath: /opt/bitnami/redis/mounted-etc
- name: redis-tmp-conf
mountPath: /opt/bitnami/redis/etc/
- name: tmp
mountPath: /tmp
volumes:
- name: start-scripts
configMap:
name: helm-redis-scripts
defaultMode: 0755
- name: health
configMap:
name: helm-redis-health
defaultMode: 0755
- name: config
configMap:
name: helm-redis-configuration
- name: redis-tmp-conf
emptyDir: {}
- name: tmp
emptyDir: {}
- name: redis-data
emptyDir: {}
---
# Source: outside-deploy/charts/redis-db/templates/replicas/statefulset.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: helm-redis-replicas
namespace: sc-cd-uav-260207
labels:
app.kubernetes.io/name: redis-db
octopus.control: redis-db-wdd
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/managed-by: octopus
app.kubernetes.io/component: replica
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: redis-db
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/component: replica
serviceName: helm-redis-headless
updateStrategy:
rollingUpdate: {}
type: RollingUpdate
template:
metadata:
labels:
app.kubernetes.io/name: redis-db
octopus.control: redis-db-wdd
app.kubernetes.io/release: sc-cd-uav-260207
app.kubernetes.io/managed-by: octopus
app.kubernetes.io/component: replica
annotations:
checksum/configmap: b64aa5db67e6e63811f3c1095b9fce34d83c86a471fccdda0e48eedb53a179b0
checksum/health: 6e0a6330e5ac63e565ae92af1444527d72d8897f91266f333555b3d323570623
checksum/scripts: b88df93710b7c42a76006e20218f05c6e500e6cc2affd4bb1985832f03166e98
checksum/secret: 43f1b0e20f9cb2de936bd182bc3683b720fc3cf4f4e76cb23c06a52398a50e8d
spec:
imagePullSecrets:
- name: harborsecret
securityContext:
fsGroup: 1001
serviceAccountName: helm-redis
terminationGracePeriodSeconds: 30
containers:
- name: redis
image: 172.22.106.77:8033/cmii/redis:6.2.14-debian-11-r1
imagePullPolicy: "Always"
securityContext:
runAsUser: 1001
command:
- /bin/bash
args:
- -c
- /opt/bitnami/scripts/start-scripts/start-replica.sh
env:
- name: BITNAMI_DEBUG
value: "false"
- name: REDIS_REPLICATION_MODE
value: slave
- name: REDIS_MASTER_HOST
value: helm-redis-master-0.helm-redis-headless.sc-cd-uav-260207.svc.cluster.local
- name: REDIS_MASTER_PORT_NUMBER
value: "6379"
- name: ALLOW_EMPTY_PASSWORD
value: "no"
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: helm-redis
key: redis-password
- name: REDIS_MASTER_PASSWORD
valueFrom:
secretKeyRef:
name: helm-redis
key: redis-password
- name: REDIS_TLS_ENABLED
value: "no"
- name: REDIS_PORT
value: "6379"
ports:
- name: redis
containerPort: 6379
livenessProbe:
initialDelaySeconds: 20
periodSeconds: 5
timeoutSeconds: 6
successThreshold: 1
failureThreshold: 5
exec:
command:
- sh
- -c
- /health/ping_liveness_local_and_master.sh 5
readinessProbe:
initialDelaySeconds: 20
periodSeconds: 5
timeoutSeconds: 2
successThreshold: 1
failureThreshold: 5
exec:
command:
- sh
- -c
- /health/ping_readiness_local_and_master.sh 1
resources:
limits:
cpu: "2"
memory: 8Gi
requests:
cpu: "2"
memory: 8Gi
volumeMounts:
- name: start-scripts
mountPath: /opt/bitnami/scripts/start-scripts
- name: health
mountPath: /health
- name: redis-data
mountPath: /data
subPath:
- name: config
mountPath: /opt/bitnami/redis/mounted-etc
- name: redis-tmp-conf
mountPath: /opt/bitnami/redis/etc
volumes:
- name: start-scripts
configMap:
name: helm-redis-scripts
defaultMode: 0755
- name: health
configMap:
name: helm-redis-health
defaultMode: 0755
- name: config
configMap:
name: helm-redis-configuration
- name: redis-tmp-conf
emptyDir: {}
- name: redis-data
emptyDir: {}

496
73-202602-成都市工业职业技术学院/k8s-depoly/k8s-srs.yaml Normal file
View File

@@ -0,0 +1,496 @@
---
kind: ConfigMap
apiVersion: v1
metadata:
name: helm-live-srs-cm
namespace: sc-cd-uav-260207
labels:
cmii.app: live-srs
cmii.type: live
octopus.control: wdd
app.kubernetes.io/managed-by: octopus
helm.sh/chart: cmlc-live-srs-rtc-2.0.0
data:
srs.rtc.conf: |-
listen 31935;
max_connections 4096;
srs_log_tank console;
srs_log_level info;
srs_log_file /home/srs.log;
daemon off;
http_api {
enabled on;
listen 1985;
crossdomain on;
}
stats {
network 0;
}
http_server {
enabled on;
listen 8080;
dir /home/hls;
}
srt_server {
enabled on;
listen 30556;
maxbw 1000000000;
connect_timeout 4000;
peerlatency 600;
recvlatency 600;
}
rtc_server {
enabled on;
listen 30090;
candidate $CANDIDATE;
}
vhost __defaultVhost__ {
http_hooks {
enabled on;
on_publish http://helm-live-op-svc-v2:8080/hooks/on_push;
}
http_remux {
enabled on;
}
rtc {
enabled on;
rtmp_to_rtc on;
rtc_to_rtmp on;
keep_bframe off;
}
tcp_nodelay on;
min_latency on;
play {
gop_cache off;
mw_latency 100;
mw_msgs 10;
}
publish {
firstpkt_timeout 8000;
normal_timeout 4000;
mr on;
}
dvr {
enabled off;
dvr_path /home/dvr/[app]/[stream]/[2006][01]/[timestamp].mp4;
dvr_plan session;
}
hls {
enabled on;
hls_path /home/hls;
hls_fragment 10;
hls_window 60;
hls_m3u8_file [app]/[stream].m3u8;
hls_ts_file [app]/[stream]/[2006][01][02]/[timestamp]-[duration].ts;
hls_cleanup on;
hls_entry_prefix http://172.22.106.77:8088;
}
}
---
kind: Service
apiVersion: v1
metadata:
name: helm-live-srs-svc-exporter
namespace: sc-cd-uav-260207
labels:
octopus.control: wdd
app.kubernetes.io/managed-by: octopus
spec:
ports:
- name: rtmp
protocol: TCP
port: 31935
targetPort: 31935
nodePort: 31935
- name: rtc
protocol: UDP
port: 30090
targetPort: 30090
nodePort: 30090
- name: rtc-tcp
protocol: TCP
port: 30090
targetPort: 30090
nodePort: 30090
- name: srt
protocol: UDP
port: 30556
targetPort: 30556
nodePort: 30556
- name: api
protocol: TCP
port: 1985
targetPort: 1985
nodePort: 30080
selector:
srs-role: rtc
type: NodePort
sessionAffinity: None
externalTrafficPolicy: Cluster
---
kind: Service
apiVersion: v1
metadata:
name: helm-live-srs-svc
namespace: sc-cd-uav-260207
labels:
octopus.control: wdd
app.kubernetes.io/managed-by: octopus
spec:
ports:
- name: http
protocol: TCP
port: 8080
targetPort: 8080
- name: api
protocol: TCP
port: 1985
targetPort: 1985
selector:
srs-role: rtc
type: ClusterIP
sessionAffinity: None
---
kind: Service
apiVersion: v1
metadata:
name: helm-live-srsrtc-svc
namespace: sc-cd-uav-260207
labels:
octopus.control: wdd
app.kubernetes.io/managed-by: octopus
spec:
ports:
- name: rtmp
protocol: TCP
port: 31935
targetPort: 31935
selector:
srs-role: rtc
type: ClusterIP
sessionAffinity: None
---
kind: StatefulSet
apiVersion: apps/v1
metadata:
name: helm-live-srs-rtc
namespace: sc-cd-uav-260207
labels:
octopus.control: wdd
app.kubernetes.io/managed-by: octopus
cmii.app: live-srs
cmii.type: live
helm.sh/chart: cmlc-live-srs-rtc-2.0.0
srs-role: rtc
spec:
replicas: 1
selector:
matchLabels:
srs-role: rtc
template:
metadata:
labels:
srs-role: rtc
spec:
volumes:
- name: srs-conf-file
configMap:
name: helm-live-srs-cm
items:
- key: srs.rtc.conf
path: docker.conf
defaultMode: 420
- name: srs-vol
emptyDir:
sizeLimit: 8Gi
containers:
- name: srs-rtc
image: 172.22.106.77:8033/cmii/srs:v5.0.195
ports:
- name: srs-rtmp
containerPort: 31935
protocol: TCP
- name: srs-api
containerPort: 1985
protocol: TCP
- name: srs-flv
containerPort: 8080
protocol: TCP
- name: srs-webrtc
containerPort: 30090
protocol: UDP
- name: srs-webrtc-tcp
containerPort: 30090
protocol: TCP
- name: srs-srt
containerPort: 30556
protocol: UDP
env:
- name: CANDIDATE
value: 172.22.106.77
resources:
limits:
cpu: 2000m
memory: 4Gi
requests:
cpu: 100m
memory: 256Mi
volumeMounts:
- name: srs-conf-file
mountPath: /usr/local/srs/conf/docker.conf
subPath: docker.conf
- name: srs-vol
mountPath: /home/dvr
subPath: sc-cd-uav-260207/helm-live/dvr
- name: srs-vol
mountPath: /home/hls
subPath: sc-cd-uav-260207/helm-live/hls
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: Always
- name: oss-adaptor
image: 172.22.106.77:8033/cmii/cmii-srs-oss-adaptor:2023-SA-skip-CHL
env:
- name: OSS_ENDPOINT
value: 'http://helm-minio:9000'
- name: OSS_AK
value: cmii
- name: OSS_SK
value: 'B#923fC7mk'
- name: OSS_BUCKET
value: live-cluster-hls
- name: SRS_OP
value: 'http://helm-live-op-svc-v2:8080'
- name: MYSQL_ENDPOINT
value: 'helm-mysql:3306'
- name: MYSQL_USERNAME
value: k8s_admin
- name: MYSQL_PASSWORD
value: fP#UaH6qQ3)8
- name: MYSQL_DATABASE
value: cmii_live_srs_op
- name: MYSQL_TABLE
value: live_segment
- name: LOG_LEVEL
value: info
- name: OSS_META
value: 'yes'
resources:
limits:
cpu: 2000m
memory: 4Gi
requests:
cpu: 100m
memory: 256Mi
volumeMounts:
- name: srs-vol
mountPath: /cmii/share/hls
subPath: sc-cd-uav-260207/helm-live/hls
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: Always
restartPolicy: Always
terminationGracePeriodSeconds: 30
dnsPolicy: ClusterFirst
securityContext: {}
imagePullSecrets:
- name: harborsecret
affinity: {}
schedulerName: default-scheduler
serviceName: helm-live-srsrtc-svc
podManagementPolicy: OrderedReady
updateStrategy:
type: RollingUpdate
rollingUpdate:
partition: 0
revisionHistoryLimit: 10
---
# live-srs部分
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: helm-live-op-v2
namespace: sc-cd-uav-260207
labels:
octopus.control: wdd
app.kubernetes.io/managed-by: octopus
cmii.app: live-engine
cmii.type: live
helm.sh/chart: cmlc-live-live-op-2.0.0
live-role: op-v2
spec:
replicas: 1
selector:
matchLabels:
live-role: op-v2
template:
metadata:
labels:
live-role: op-v2
spec:
volumes:
- name: srs-conf-file
configMap:
name: helm-live-op-cm-v2
items:
- key: live.op.conf
path: bootstrap.yaml
defaultMode: 420
containers:
- name: helm-live-op-v2
image: 172.22.106.77:8033/cmii/cmii-live-operator:5.2.0
ports:
- name: operator
containerPort: 8080
protocol: TCP
resources:
limits:
cpu: 4800m
memory: 4Gi
requests:
cpu: 100m
memory: 256Mi
volumeMounts:
- name: srs-conf-file
mountPath: /cmii/bootstrap.yaml
subPath: bootstrap.yaml
livenessProbe:
httpGet:
path: /cmii/health
port: 8080
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
periodSeconds: 20
successThreshold: 1
failureThreshold: 3
readinessProbe:
httpGet:
path: /cmii/health
port: 8080
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
periodSeconds: 20
successThreshold: 1
failureThreshold: 3
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: Always
restartPolicy: Always
terminationGracePeriodSeconds: 30
dnsPolicy: ClusterFirst
securityContext: {}
imagePullSecrets:
- name: harborsecret
affinity: {}
schedulerName: default-scheduler
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 25%
maxSurge: 25%
revisionHistoryLimit: 10
progressDeadlineSeconds: 600
---
kind: Service
apiVersion: v1
metadata:
name: helm-live-op-svc-v2
namespace: sc-cd-uav-260207
labels:
octopus.control: wdd
app.kubernetes.io/managed-by: octopus
spec:
ports:
- protocol: TCP
port: 8080
targetPort: 8080
nodePort: 30333
selector:
live-role: op-v2
type: NodePort
sessionAffinity: None
---
kind: Service
apiVersion: v1
metadata:
name: helm-live-op-svc
namespace: sc-cd-uav-260207
labels:
octopus.control: wdd
app.kubernetes.io/managed-by: octopus
spec:
ports:
- protocol: TCP
port: 8080
targetPort: 8080
selector:
live-role: op
type: ClusterIP
sessionAffinity: None
---
kind: ConfigMap
apiVersion: v1
metadata:
name: helm-live-op-cm-v2
namespace: sc-cd-uav-260207
labels:
octopus.control: wdd
app.kubernetes.io/managed-by: octopus
cmii.app: live-engine
cmii.type: live
data:
live.op.conf: |-
server:
port: 8080
spring:
main:
allow-bean-definition-overriding: true
allow-circular-references: true
application:
name: cmii-live-operator
platform:
info:
name: cmii-live-operator
description: cmii-live-operator
version: 2.0
scanPackage: com.cmii.live.op
cloud:
nacos:
config:
username: nacos
password: KingKong@95461234
server-addr: helm-nacos:8848
extension-configs:
- data-id: cmii-live-operator.yml
group: 2.0
refresh: true
shared-configs:
- data-id: cmii-backend-system.yml
group: 2.0
refresh: true
discovery:
enabled: false
live:
engine:
type: srs
endpoint: 'http://helm-live-srs-svc:1985'
proto:
rtmp: 'rtmp://172.22.106.77:31935'
rtsp: 'rtsp://172.22.106.77:30554'
srt: 'srt://172.22.106.77:30556'
flv: 'http://172.22.106.77:30500'
hls: 'http://172.22.106.77:30500'
rtc: 'webrtc://172.22.106.77:30080'
replay: 'https://172.22.106.77:30333'
minio:
endpoint: http://helm-minio:9000
access-key: cmii
secret-key: B#923fC7mk
bucket: live-cluster-hls

220
73-202602-成都市工业职业技术学院/rke-13014-cluster.yml Normal file
View File

@@ -0,0 +1,220 @@
nodes:
- address: 172.22.106.77
user: root
role:
- controlplane
- etcd
- worker
internal_address: 172.22.106.77
hostname_override: "0-master-172-22-106-77"
labels:
ingress-deploy: true
uavcloud.env: yuansong
mysql-deploy: true
minio-deploy: true
authentication:
strategy: x509
sans:
- "172.22.106.77"
private_registries:
- url: 172.22.106.77:8033 # 私有镜像库地址
user: admin
password: "V2ryStr@ngPss"
is_default: true
##############################################################################
# 默认值为false如果设置为true当发现不支持的Docker版本时RKE不会报错
ignore_docker_version: true
# Set the name of the Kubernetes cluster
cluster_name: rke-cluster
kubernetes_version: v1.30.14-rancher1-1
ssh_key_path: /root/.ssh/id_ed25519
# Enable running cri-dockerd
# Up to Kubernetes 1.23, kubelet contained code called dockershim
# to support Docker runtime. The replacement is called cri-dockerd
# and should be enabled if you want to keep using Docker as your
# container runtime
# Only available to enable in Kubernetes 1.21 and higher
enable_cri_dockerd: true
services:
etcd:
backup_config:
enabled: false
interval_hours: 72
retention: 3
safe_timestamp: false
timeout: 300
creation: 12h
extra_args:
election-timeout: 5000
heartbeat-interval: 500
cipher-suites: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA
gid: 0
retention: 72h
snapshot: false
uid: 0
kube-api:
# IP range for any services created on Kubernetes
# This must match the service_cluster_ip_range in kube-controller
service_cluster_ip_range: 10.74.0.0/16
# Expose a different port range for NodePort services
service_node_port_range: 30000-40000
always_pull_images: false
pod_security_policy: false
# Add additional arguments to the kubernetes API server
# This WILL OVERRIDE any existing defaults
extra_args:
# Enable audit log to stdout
audit-log-path: "-"
# Increase number of delete workers
delete-collection-workers: 3
# Set the level of log output to warning-level
v: 1
kube-controller:
# CIDR pool used to assign IP addresses to pods in the cluster
cluster_cidr: 10.96.0.0/16
# IP range for any services created on Kubernetes
# This must match the service_cluster_ip_range in kube-api
service_cluster_ip_range: 10.74.0.0/16
# Add additional arguments to the kubernetes API server
# This WILL OVERRIDE any existing defaults
extra_args:
# Set the level of log output to debug-level
v: 1
# Enable RotateKubeletServerCertificate feature gate
feature-gates: RotateKubeletServerCertificate=true
# Enable TLS Certificates management
# https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster/
cluster-signing-cert-file: "/etc/kubernetes/ssl/kube-ca.pem"
cluster-signing-key-file: "/etc/kubernetes/ssl/kube-ca-key.pem"
kubelet:
# Base domain for the cluster
cluster_domain: cluster.local
# IP address for the DNS service endpoint
cluster_dns_server: 10.74.0.10
# Fail if swap is on
fail_swap_on: false
# Set max pods to 250 instead of default 110
extra_binds:
- "/data/minio-pv:/hostStorage" # 不要修改 为minio的pv添加
extra_args:
max-pods: 122
# Optionally define additional volume binds to a service
scheduler:
extra_args:
# Set the level of log output to warning-level
v: 0
tls-cipher-suites: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA
kubeproxy:
extra_args:
# Set the level of log output to warning-level
v: 1
authorization:
mode: rbac
addon_job_timeout: 30
# Specify network plugin-in (canal, calico, flannel, weave, or none)
network:
mtu: 1440
options:
flannel_backend_type: vxlan
plugin: calico
tolerations:
- key: "node.kubernetes.io/unreachable"
operator: "Exists"
effect: "NoExecute"
tolerationseconds: 300
- key: "node.kubernetes.io/not-ready"
operator: "Exists"
effect: "NoExecute"
tolerationseconds: 300
# Specify DNS provider (coredns or kube-dns)
dns:
provider: coredns
nodelocal: {}
# Available as of v1.1.0
update_strategy:
strategy: RollingUpdate
rollingUpdate:
maxUnavailable: 20%
maxSurge: 15%
linear_autoscaler_params:
cores_per_replica: 0.34
nodes_per_replica: 4
prevent_single_point_failure: true
min: 2
max: 3
tolerations:
- key: "node.kubernetes.io/unreachable"
operator: "Exists"
effect: "NoExecute"
tolerationseconds: 300
- key: "node.kubernetes.io/not-ready"
operator: "Exists"
effect: "NoExecute"
tolerationseconds: 300
# Specify monitoring provider (metrics-server)
monitoring:
provider: metrics-server
# Available as of v1.1.0
update_strategy:
strategy: RollingUpdate
rollingUpdate:
maxUnavailable: 8
ingress:
provider: nginx
default_backend: true
http_port: 30500
https_port: 31500
extra_envs:
- name: TZ
value: Asia/Shanghai
node_selector:
ingress-deploy: true
options:
use-forwarded-headers: "true"
access-log-path: /var/log/nginx/access.log
client-body-timeout: '6000'
compute-full-forwarded-for: 'true'
enable-underscores-in-headers: 'true'
log-format-escape-json: 'true'
log-format-upstream: >-
{ "msec": "$msec", "connection": "$connection", "connection_requests":
"$connection_requests", "pid": "$pid", "request_id": "$request_id",
"request_length": "$request_length", "remote_addr": "$remote_addr",
"remote_user": "$remote_user", "remote_port": "$remote_port",
"http_x_forwarded_for": "$http_x_forwarded_for", "time_local":
"$time_local", "time_iso8601": "$time_iso8601", "request": "$request",
"request_uri": "$request_uri", "args": "$args", "status": "$status",
"body_bytes_sent": "$body_bytes_sent", "bytes_sent": "$bytes_sent",
"http_referer": "$http_referer", "http_user_agent": "$http_user_agent",
"http_host": "$http_host", "server_name": "$server_name", "request_time":
"$request_time", "upstream": "$upstream_addr", "upstream_connect_time":
"$upstream_connect_time", "upstream_header_time": "$upstream_header_time",
"upstream_response_time": "$upstream_response_time",
"upstream_response_length": "$upstream_response_length",
"upstream_cache_status": "$upstream_cache_status", "ssl_protocol":
"$ssl_protocol", "ssl_cipher": "$ssl_cipher", "scheme": "$scheme",
"request_method": "$request_method", "server_protocol": "$server_protocol",
"pipe": "$pipe", "gzip_ratio": "$gzip_ratio", "http_cf_ray": "$http_cf_ray",
"geoip_country_code": "$geoip_country_code" }
proxy-body-size: 5120m
proxy-read-timeout: '6000'
proxy-send-timeout: '6000'

618
73-202602-成都市工业职业技术学院/srs/all-configmap.yaml Normal file
View File

@@ -0,0 +1,618 @@
---
# Source: cmii-live-services/templates/cmii-live-helper-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
namespace: sc-cd-uav-260207
name: cmii-live-helper-config
labels:
app: cmii-live-helper
chart: cmii-live-services-1.0.0
release: cmii-live
data:
config.yaml: |
app:
port: 7080
workers: 4
log:
level: INFO
client:
zlm: "http://cmii-live-zlm:7088"
downloader:
allow_domains: all
---
---
# Source: cmii-live-services/templates/live-op-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
namespace: sc-cd-uav-260207
name: cmii-live-operator-config
labels:
app: cmii-live-operator
chart: cmii-live-services-1.0.0
release: cmii-live
data:
application.yaml: |
debug: false
server:
port: 7086
spring:
web:
resources:
static-locations: classpath:/static/
main:
allow-bean-definition-overriding: true
allow-circular-references: true
application:
name: cmii-live-operator
thymeleaf:
check-template-location: false
cache: false
platform:
info:
name: cmii-live-operator
description: cmii-live-operator
version: 5.8.0
scanPackage: com.cmii.live.op
jackson:
time-zone: GMT+8
mvc:
pathmatch:
matching-strategy: ANT_PATH_MATCHER
datasource:
driver-class-name: com.mysql.cj.jdbc.Driver
type: com.alibaba.druid.pool.DruidDataSource
url: jdbc:mysql://helm-mysql:3306/cmii_live_operator?characterEncoding=utf8&useSSL=false&serverTimezone=GMT%2B8&allowPublicKeyRetrieval=true
username: k8s_admin
password: fP#UaH6qQ3)8
druid:
initial-size: 10
min-idle: 5
max-active: 20
max-wait: 60000
time-between-eviction-runs-millis: 60000
min-evictable-idle-time-millis: 300000
validation-query: SELECT 1
test-while-idle: true
test-on-borrow: false
test-on-return: false
use-ping-method: false
keep-alive: true
redis:
host: helm-redis-master
port: 6379
database: 1
password: Mcache@4522
live:
sync:
pool:
monitor:
enabled: false
core: 10
max: 20
queue: 1
keepalive: 20
logging:
config: classpath:logback-operator.xml
level:
root: info
com.cmii.live.op.mapper: info
mybatis-plus:
global-config:
banner: false
knife4j:
enable: true
---
---
# Source: cmii-live-services/templates/live-proxy-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
namespace: sc-cd-uav-260207
name: cmii-live-proxy-config
labels:
app: cmii-live-proxy
chart: cmii-live-services-1.0.0
release: cmii-live
data:
application.yaml: |
server:
port: 7081
live:
proxy:
ffmpeg:
ffmpeg-path: /usr/bin/ffmpeg
ffprobe-path: /usr/bin/ffprobe
ffplay-path: /usr/bin/ffplay
check-win-pid: tasklist /FI "PID eq %s " /FO LIST
check-unix-pid: ps -p %s
os-name: windows
upload:
path: /proxy/uploads
src-all-size: 4294967296
dest-all-size: 4294967296
ws:
url: "172.22.106.77:37081"
minio:
endpoint: http://helm-minio:9000
access-key: cmii
secret-key: B#923fC7mk
bucket-name: ilm-detect
spring:
platform:
info:
name: cmii-live-proxy
description: ffmpeg服务小工具
version: 1.0.3
scanPackage: com.cmii.live.proxy.web.controller
profiles:
active: local
jackson:
time-zone: GMT+8
mvc:
pathmatch:
matching-strategy: ANT_PATH_MATCHER
thymeleaf:
check-template-location: false
cache: false
servlet:
multipart:
max-file-size: 1024MB
max-request-size: 1024MB
datasource:
driver-class-name: com.mysql.cj.jdbc.Driver
type: com.alibaba.druid.pool.DruidDataSource
druid:
url: jdbc:mysql://helm-mysql:3306/cmii_live_proxy?characterEncoding=utf8&useSSL=false&serverTimezone=GMT%2B8&allowPublicKeyRetrieval=true
username: k8s_admin
password: fP#UaH6qQ3)8
initial-size: 5
min-idle: 5
max-active: 20
max-wait: 60000
time-between-eviction-runs-millis: 60000
min-evictable-idle-time-millis: 300000
max-evictable-idle-time-millis: 600000
validation-query: SELECT 1
test-while-idle: true
test-on-borrow: false
test-on-return: false
filters: stat,wall,slf4j
connection-properties: connectTimeout=10000;socketTimeout=30000
redis:
host: helm-redis-master
port: 6379
password: Mcache@4522
database: 3
timeout: 10s
lettuce:
pool:
min-idle: 0
max-idle: 10
max-active: 10
max-wait: -1ms
springdoc:
api-docs:
enabled: true
swagger-ui:
enabled: true
mybatis-plus:
global-config:
banner: false
logging:
config: classpath:logback-proxy.xml
level:
com.cmii.live.proxy.web.mapper: info
---
---
# Source: cmii-live-services/templates/wvp-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
namespace: sc-cd-uav-260207
name: cmii-live-wvp-config
labels:
app: wvp
chart: cmii-live-services-1.0.0
release: cmii-live
data:
application.yaml: |
spring:
cache:
type: redis
thymeleaf:
cache: false
mvc:
async:
request-timeout: 20000
servlet:
multipart:
max-file-size: 10MB
max-request-size: 100MB
data:
redis:
host: helm-redis-master
port: 6379
database: 2
password: Mcache@4522
timeout: 10000
datasource:
type: com.zaxxer.hikari.HikariDataSource
driver-class-name: com.mysql.cj.jdbc.Driver
url: jdbc:mysql://helm-mysql:3306/wvp?useUnicode=true&characterEncoding=UTF8&rewriteBatchedStatements=true&serverTimezone=PRC&useSSL=false&allowMultiQueries=true&allowPublicKeyRetrieval=true
username: k8s_admin
password: fP#UaH6qQ3)8
server:
port: 7082
ssl:
enabled: false
sip:
ip: ${NODE_IP}
show-ip: ${NODE_IP}
port: 7060
domain: 5101000049
id: "51010000492000000228"
password: 035c7GB5cc
register-time-interval: 60
ptz-speed: 50
keepalliveToOnline: true
alarm: true
timeout: 1000
media:
id: koisi_gb_228
ip: 127.0.0.1
http-port: 7088
http-ssl-port: 0
flv-port: 7088
flv-ssl-port: 7089
ws-flv-port: 7088
ws-flv-ssl-port: 7089
rtp-proxy-port: 7088
rtmp-port: 7089
rtmp-ssl-port: 0
rtsp-port: 7554
rtsp-ssl-port: 0
auto-config: false
secret: 035c7GB5cc
rtp:
enable: true
port-range: 7200,7250
send-port-range: 30800,30990
record-path: /opt/media/bin/www/record/
record-day: 7
record-assist-port: 0
user-settings:
auto-apply-play: true
play-timeout: 30000
wait-track: false
record-push-live: false
record-sip: true
stream-on-demand: true
interface-authentication: true
broadcast-for-platform: TCP-PASSIVE
push-stream-after-ack: true
send-to-platforms-when-id-lost: true
interface-authentication-excludes:
- /api/**
push-authority: true
logging:
config: classpath:logback-spring.xml
---
---
# Source: cmii-live-services/templates/zlm-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
namespace: sc-cd-uav-260207
name: cmii-live-zlm-config
labels:
app: zlm
chart: cmii-live-services-1.0.0
release: cmii-live
data:
zlm.ini: |
[api]
apiDebug = 0
secret = 035c7GB5cc
snapRoot = ./www/snap/
defaultSnap = ./www/logo.png
downloadRoot = ./www
[ffmpeg]
bin = /usr/bin/ffmpeg
cmd = %s -re -i %s -c:a aac -strict -2 -ar 44100 -ab 48k -c:v libx264 -f flv %s
log = ./ffmpeg/ffmpeg.log
restart_sec = 0
snap = %s -rtsp_transport tcp -i %s -y -f mjpeg -frames:v 1 %s
[protocol]
modify_stamp = 2
enable_audio = 1
add_mute_audio = 0
auto_close = 0
continue_push_ms = 3000
paced_sender_ms = 0
enable_hls = 1
enable_hls_fmp4 = 0
enable_rtmp = 1
enable_ts = 1
enable_fmp4 = 1
enable_rtsp = 1
enable_mp4 = 0
mp4_as_player = 0
mp4_max_second = 3600
mp4_save_path = ./www
hls_save_path = ./www/zlm/hls
hls_demand = 0
rtsp_demand = 0
rtmp_demand = 0
ts_demand = 0
fmp4_demand = 0
[general]
enableVhost = 0
flowThreshold = 1024
enable_ffmpeg_log = 0
listen_ip = ::
maxStreamWaitMS = 0
streamNoneReaderDelayMS = 120000
resetWhenRePlay = 1
mergeWriteMS = 0
mediaServerId = koisi_gb_228
wait_audio_track_data_ms = 1000
wait_track_ready_ms = 8000
wait_add_track_ms = 2000
unready_frame_cache = 96
check_nvidia_dev = 1
broadcast_player_count_changed = 0
[hls]
fileBufSize = 65536
segDur = 10
segNum = 3
segDelay = 0
segRetain = 5
broadcastRecordTs = 1
deleteDelaySec = 10
segKeep = 0
fastRegister = 0
[hook]
enable = 1
on_flow_report =
on_http_access =
# ZLM → Live Operator
on_play = http://cmii-live-operator:7086/hooks/on_play
on_publish = http://cmii-live-operator:7086/hooks/on_push
on_stream_changed = http://cmii-live-operator:7086/hooks/on_stream_changed
# ZLM → WVP
on_stream_none_reader = http://127.0.0.1:7082/index/hook/on_stream_none_reader
on_stream_not_found = http://127.0.0.1:7082/index/hook/on_stream_not_found
on_rtp_server_timeout = http://127.0.0.1:7082/index/hook/on_rtp_server_timeout
on_send_rtp_stopped = http://127.0.0.1:7082/index/hook/on_send_rtp_stopped
on_server_started = http://127.0.0.1:7082/index/hook/on_server_started
on_server_keepalive = http://127.0.0.1:7082/index/hook/on_server_keepalive
on_record_mp4 = http://127.0.0.1:7082/index/hook/on_record_mp4
on_server_exited =
on_rtsp_auth =
on_rtsp_realm =
on_shell_login =
# ZLM → ZLM OSS
on_record_ts = http://127.0.0.1:7084/hooks/on_record_ts
stream_changed_schemas = rtsp/rtmp/fmp4/ts/hls/hls.fmp4
timeoutSec = 30
alive_interval = 10.0
retry = 1
retry_delay = 3.0
[cluster]
origin_url =
timeout_sec = 15
retry_count = 3
[http]
port = 7088
sslport = 7089
charSet = utf-8
keepAliveSecond = 30
maxReqSize = 40960
notFound = <html><head><title>404 Not Found</title></head><body><div>404 Not Found</div></body></html>
rootPath = ./www
sendBufSize = 65536
dirMenu = 1
virtualPath =
forbidCacheSuffix =
allow_cross_domains = 1
allow_ip_range = ::1,127.0.0.1,172.1.0.0-172.31.255.255,192.168.0.0-192.168.255.255,10.0.0.0-10.255.255.255
[multicast]
addrMax = 239.255.255.255
addrMin = 239.0.0.0
udpTTL = 64
[record]
appName = record
fileBufSize = 65536
sampleMS = 500
fastStart = 0
fileRepeat = 0
enableFmp4 = 0
[rtmp]
port = 7935
sslport = 0
handshakeSecond = 15
keepAliveSecond = 15
directProxy = 1
enhanced = 0
[rtp]
audioMtuSize = 600
videoMtuSize = 1400
rtpMaxSize = 10
lowLatency = 0
h264_stap_a = 1
[rtp_proxy]
port = 7100
port_range = 7200-7250
dumpDir =
timeoutSec = 5
h264_pt = 98
h265_pt = 99
ps_pt = 96
opus_pt = 100
gop_cache = 1
rtp_g711_dur_ms = 100
udp_recv_socket_buffer = 4194304
[rtc]
bfilter=0
datachannel_echo=0
maxRtpCacheMS=5000
maxRtpCacheSize=2048
externIP = $(NODE_IP)
port = 7090
tcpPort = 7090
timeoutSec = 30
rembBitRate = 0
preferredCodecA = PCMA,PCMU,opus,mpeg4-generic
preferredCodecV = H264,H265,AV1,VP9,VP8
start_bitrate = 0
max_bitrate = 0
min_bitrate = 0
maxNackMS = 4000
rtpCacheCheckInterval = 96
nackMaxSize = 2048
nackMaxMS = 3000
nackMaxCount = 15
nackIntervalRatio = 1.0
nackRtpSize = 8
[srt]
port = 7556
timeoutSec = 5
latencyMul = 4
pktBufSize = 8192
passPhrase=
[rtsp]
port = 7554
sslport = 0
authBasic = 0
directProxy = 1
handshakeSecond = 15
keepAliveSecond = 15
lowLatency = 1
rtpTransportType = -1
[shell]
maxReqSize = 1024
port = 0
---
---
# Source: cmii-live-services/templates/zlm-oss-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
namespace: sc-cd-uav-260207
name: cmii-live-zlm-oss-config
labels:
app: media-suite
chart: cmii-live-services-1.0.0
release: cmii-live
data:
config.yaml: |
app:
env: default
listen:
host: 0.0.0.0
port: 7084
workers: 4
thread_pool: 8
log:
level: INFO
onfile_logger_interval: 10
backup_on_fails: true
skip_on_initializing_seconds: 4
skip_hubs: "Hangar, ai-5g-a"
file_dir:
shared: "/cmii/share/hls"
backup: "/cmii/backup"
debug:
save_all: false
save_to: "UASMS"
max_duration: 120
minio:
endpoint: "http://helm-minio:9000"
access_key: "cmii"
secret_key: "B#923fC7mk"
mysql:
host: helm-mysql
port: 3306
username: k8s_admin
password: fP#UaH6qQ3)8
redis:
host: helm-redis-master
port: 6379
database: 1
password: Mcache@4522
rabbitmq:
host: helm-rabbitmq
port: 5672
username: admin
password: nYcRN91r._hj
platforms:
live_op:
db_schema: "cmii_live_operator"
old_cmlc:
cloud_live: "cmii-uav-cloud-live"
quota: false
oss_bucket: "ilm-detect"
meta:
src_id: "1323096648758464518"
user_id: 0
company_id: 0
uasms:
scope_prefix: "UASMS"
oss_bucket: "ilm-detect"
meta:
src_id: "1323096648758464523"
platform: "REGULATOR"
user_id: 0
lite:
scope_prefix: "LITE"
oss_bucket: "ilm-detect"
routing_key: "sky.live.video"
meta:
src_id: "1111111112222222222"
platform: "LITE"
user_id: 0

73
73-202602-成都市工业职业技术学院/srs/cmii-live-helper-deployment.yaml Normal file
View File

@@ -0,0 +1,73 @@
---
# Source: cmii-live-services/templates/cmii-live-helper-deployment.yaml
apiVersion: v1
kind: Service
metadata:
namespace: sc-cd-uav-260207
name: cmii-live-helper
labels:
app: cmii-live-helper
chart: cmii-live-services-1.0.0
release: cmii-live
spec:
type: NodePort
ports:
- name: http
port: 7080
targetPort: http
nodePort: 37080
protocol: TCP
selector:
app: cmii-live-helper
release: cmii-live
---
# Source: cmii-live-services/templates/cmii-live-helper-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: sc-cd-uav-260207
name: cmii-live-helper
labels:
app: cmii-live-helper
chart: cmii-live-services-1.0.0
release: cmii-live
spec:
replicas: 1
selector:
matchLabels:
app: cmii-live-helper
release: cmii-live
template:
metadata:
labels:
app: cmii-live-helper
release: cmii-live
spec:
containers:
- name: cmii-live-helper
image: "172.22.106.77:8033/cmii/cmii-hls-downloader:v2.7.4"
imagePullPolicy: IfNotPresent
ports:
- name: http
containerPort: 7080
protocol: TCP
env:
- name: ALLOW_DOWNLOAD
value: "all"
volumeMounts:
- name: config
mountPath: /cmii/cmii-live-helper/config.yaml
subPath: config.yaml
resources:
limits:
cpu: "1"
memory: 1Gi
requests:
cpu: 500m
memory: 512Mi
volumes:
- name: config
configMap:
name: cmii-live-helper-config
imagePullSecrets:
- name: harborsecret

105
73-202602-成都市工业职业技术学院/srs/cmii-live-op-deployment.yaml Normal file
View File

@@ -0,0 +1,105 @@
---
# Source: cmii-live-services/templates/cmii-live-op-deployment.yaml
apiVersion: v1
kind: Service
metadata:
namespace: sc-cd-uav-260207
name: cmii-live-operator
labels:
app: cmii-live-operator
chart: cmii-live-services-1.0.0
release: cmii-live
spec:
type: NodePort
ports:
- name: http
port: 7086
targetPort: http
nodePort: 37086
protocol: TCP
selector:
app: cmii-live-operator
release: cmii-live
---
# Source: cmii-live-services/templates/cmii-live-op-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: sc-cd-uav-260207
name: cmii-live-operator
labels:
app: cmii-live-operator
chart: cmii-live-services-1.0.0
release: cmii-live
spec:
replicas: 1
selector:
matchLabels:
app: cmii-live-operator
release: cmii-live
template:
metadata:
labels:
app: cmii-live-operator
release: cmii-live
spec:
containers:
- name: cmii-live-operator
image: "172.22.106.77:8033/cmii/cmii-live-operator:v5.8.0"
imagePullPolicy: Always
ports:
- name: http
containerPort: 7086
protocol: TCP
env:
- name: LIVE_IP_PUBLIC
value: "172.22.106.77"
- name: LIVE_IP_PRIVATE
value: "172.22.106.77"
- name: LIVE_OP_PORT_HTTP
value: "7086"
- name: LIVE_WVP_PORT_HTTP
value: "7082"
- name: LIVE_ZLM_PORT_HTTP
value: "7088"
- name: LIVE_ZLM_PORT_HTTPS
value: "7089"
- name: LIVE_ZLM_PORT_RTMP
value: "7935"
- name: LIVE_ZLM_PORT_RTSP
value: "7554"
- name: LIVE_ZLM_PORT_SRT
value: "7556"
- name: LIVE_ZLM_API_PASSWD
value: "035c7GB5cc"
- name: OSS_ENDPOINT
value: "http://helm-minio:9000"
- name: OSS_AK
value: "cmii"
- name: OSS_SK
value: "B#923fC7mk"
- name: RABBITMQ_HOST
value: "helm-rabbitmq"
- name: RABBITMQ_USERNAME
value: "admin"
- name: RABBITMQ_PASSWORD
value: "nYcRN91r._hj"
- name: RABBITMQ_PORT
value: "5672"
volumeMounts:
- name: config
mountPath: /cmii/application.yaml
subPath: application.yaml
resources:
limits:
cpu: "2"
memory: 2Gi
requests:
cpu: "1"
memory: 1Gi
volumes:
- name: config
configMap:
name: cmii-live-operator-config
imagePullSecrets:
- name: harborsecret

89
73-202602-成都市工业职业技术学院/srs/cmii-live-proxy-deployment.yaml Normal file
View File

@@ -0,0 +1,89 @@
---
# Source: cmii-live-services/templates/cmii-live-proxy-deployment.yaml
apiVersion: v1
kind: Service
metadata:
namespace: sc-cd-uav-260207
name: cmii-live-proxy
labels:
app: cmii-live-proxy
chart: cmii-live-services-1.0.0
release: cmii-live
spec:
type: NodePort
ports:
- name: http
port: 7081
targetPort: http
nodePort: 37081
protocol: TCP
selector:
app: cmii-live-proxy
release: cmii-live
---
# Source: cmii-live-services/templates/cmii-live-proxy-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: sc-cd-uav-260207
name: cmii-live-proxy
labels:
app: cmii-live-proxy
chart: cmii-live-services-1.0.0
release: cmii-live
spec:
replicas: 1
selector:
matchLabels:
app: cmii-live-proxy
release: cmii-live
template:
metadata:
labels:
app: cmii-live-proxy
release: cmii-live
spec:
containers:
- name: cmii-live-proxy
image: "172.22.106.77:8033/cmii/cmii-live-proxy:v1.0.3"
imagePullPolicy: IfNotPresent
ports:
- name: http
containerPort: 7081
protocol: TCP
env:
- name: LIVE_IP_PRIVATE
value: "172.22.106.77"
- name: LIVE_ZLM_PORT_HTTP
value: "7088"
- name: LIVE_ZLM_PORT_HTTPS
value: "7089"
- name: LIVE_ZLM_PORT_RTMP
value: "7935"
- name: LIVE_ZLM_PORT_RTSP
value: "7554"
- name: LIVE_OP_PORT_HTTP
value: "37086"
volumeMounts:
- name: config
mountPath: /proxy/application.yaml
subPath: application.yaml
- name: shared-data
mountPath: /cmii/uploads
subPath: uploads
resources:
limits:
cpu: "1"
memory: 2Gi
requests:
cpu: "1"
memory: 1Gi
volumes:
- name: config
configMap:
name: cmii-live-proxy-config
- name: shared-data
persistentVolumeClaim:
claimName: cmii-live-shared-data-pvc
imagePullSecrets:
- name: harborsecret

369
73-202602-成都市工业职业技术学院/srs/media-suite-deployment.yaml Normal file
View File

@@ -0,0 +1,369 @@
---
# Source: cmii-live-services/templates/media-suite-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: sc-cd-uav-260207
name: cmii-live-media-suite
labels:
app: media-suite
chart: cmii-live-services-1.0.0
release: cmii-live
spec:
replicas: 1
selector:
matchLabels:
app: media-suite
release: cmii-live
template:
metadata:
labels:
app: media-suite
release: cmii-live
spec:
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
# 配置到固定node上
nodeSelector:
kubernetes.io/hostname: "0-master-172-22-106-77"
containers:
# WVP Container
- name: wvp
image: "172.22.106.77:8033/cmii/wvp:v2.7.4"
imagePullPolicy: IfNotPresent
ports:
- name: wvp-http
containerPort: 7082
hostPort: 7082
protocol: TCP
- name: wvp-sip
containerPort: 7060
hostPort: 7060
protocol: UDP
env:
- name: TZ
value: "Asia/Shanghai"
- name: NODE_IP
valueFrom:
fieldRef:
fieldPath: status.hostIP
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.hostIP
volumeMounts:
- name: wvp-config
mountPath: /home/koisi/wvp.yaml
subPath: application.yaml
resources:
limits:
cpu: "2"
memory: 4Gi
requests:
cpu: "1"
memory: 2Gi
# ZLM Container
- name: zlm
image: "172.22.106.77:8033/cmii/zlm:v2.7.5"
imagePullPolicy: IfNotPresent
ports:
- name: zlm-http
containerPort: 7088
hostPort: 7088
protocol: TCP
- name: zlm-https
containerPort: 7089
hostPort: 7089
protocol: TCP
- name: zlm-rtmp
containerPort: 7935
hostPort: 7935
protocol: TCP
- name: zlm-rtsp
containerPort: 7554
hostPort: 7554
protocol: TCP
- name: zlm-webrtc-tcp
containerPort: 7090
hostPort: 7090
protocol: TCP
- name: zlm-webrtc-udp
containerPort: 7090
hostPort: 7090
protocol: UDP
- name: zlm-srt
containerPort: 7556
hostPort: 7556
protocol: TCP
- name: zlm-rtp-proxy
containerPort: 7100
hostPort: 7100
protocol: UDP
- name: zlm-rtp-7200
containerPort: 7200
hostPort: 7200
protocol: UDP
- name: zlm-rtp-7201
containerPort: 7201
hostPort: 7201
protocol: UDP
- name: zlm-rtp-7202
containerPort: 7202
hostPort: 7202
protocol: UDP
- name: zlm-rtp-7203
containerPort: 7203
hostPort: 7203
protocol: UDP
- name: zlm-rtp-7204
containerPort: 7204
hostPort: 7204
protocol: UDP
- name: zlm-rtp-7205
containerPort: 7205
hostPort: 7205
protocol: UDP
- name: zlm-rtp-7206
containerPort: 7206
hostPort: 7206
protocol: UDP
- name: zlm-rtp-7207
containerPort: 7207
hostPort: 7207
protocol: UDP
- name: zlm-rtp-7208
containerPort: 7208
hostPort: 7208
protocol: UDP
- name: zlm-rtp-7209
containerPort: 7209
hostPort: 7209
protocol: UDP
- name: zlm-rtp-7210
containerPort: 7210
hostPort: 7210
protocol: UDP
- name: zlm-rtp-7211
containerPort: 7211
hostPort: 7211
protocol: UDP
- name: zlm-rtp-7212
containerPort: 7212
hostPort: 7212
protocol: UDP
- name: zlm-rtp-7213
containerPort: 7213
hostPort: 7213
protocol: UDP
- name: zlm-rtp-7214
containerPort: 7214
hostPort: 7214
protocol: UDP
- name: zlm-rtp-7215
containerPort: 7215
hostPort: 7215
protocol: UDP
- name: zlm-rtp-7216
containerPort: 7216
hostPort: 7216
protocol: UDP
- name: zlm-rtp-7217
containerPort: 7217
hostPort: 7217
protocol: UDP
- name: zlm-rtp-7218
containerPort: 7218
hostPort: 7218
protocol: UDP
- name: zlm-rtp-7219
containerPort: 7219
hostPort: 7219
protocol: UDP
- name: zlm-rtp-7220
containerPort: 7220
hostPort: 7220
protocol: UDP
- name: zlm-rtp-7221
containerPort: 7221
hostPort: 7221
protocol: UDP
- name: zlm-rtp-7222
containerPort: 7222
hostPort: 7222
protocol: UDP
- name: zlm-rtp-7223
containerPort: 7223
hostPort: 7223
protocol: UDP
- name: zlm-rtp-7224
containerPort: 7224
hostPort: 7224
protocol: UDP
- name: zlm-rtp-7225
containerPort: 7225
hostPort: 7225
protocol: UDP
- name: zlm-rtp-7226
containerPort: 7226
hostPort: 7226
protocol: UDP
- name: zlm-rtp-7227
containerPort: 7227
hostPort: 7227
protocol: UDP
- name: zlm-rtp-7228
containerPort: 7228
hostPort: 7228
protocol: UDP
- name: zlm-rtp-7229
containerPort: 7229
hostPort: 7229
protocol: UDP
- name: zlm-rtp-7230
containerPort: 7230
hostPort: 7230
protocol: UDP
- name: zlm-rtp-7231
containerPort: 7231
hostPort: 7231
protocol: UDP
- name: zlm-rtp-7232
containerPort: 7232
hostPort: 7232
protocol: UDP
- name: zlm-rtp-7233
containerPort: 7233
hostPort: 7233
protocol: UDP
- name: zlm-rtp-7234
containerPort: 7234
hostPort: 7234
protocol: UDP
- name: zlm-rtp-7235
containerPort: 7235
hostPort: 7235
protocol: UDP
- name: zlm-rtp-7236
containerPort: 7236
hostPort: 7236
protocol: UDP
- name: zlm-rtp-7237
containerPort: 7237
hostPort: 7237
protocol: UDP
- name: zlm-rtp-7238
containerPort: 7238
hostPort: 7238
protocol: UDP
- name: zlm-rtp-7239
containerPort: 7239
hostPort: 7239
protocol: UDP
- name: zlm-rtp-7240
containerPort: 7240
hostPort: 7240
protocol: UDP
- name: zlm-rtp-7241
containerPort: 7241
hostPort: 7241
protocol: UDP
- name: zlm-rtp-7242
containerPort: 7242
hostPort: 7242
protocol: UDP
- name: zlm-rtp-7243
containerPort: 7243
hostPort: 7243
protocol: UDP
- name: zlm-rtp-7244
containerPort: 7244
hostPort: 7244
protocol: UDP
- name: zlm-rtp-7245
containerPort: 7245
hostPort: 7245
protocol: UDP
- name: zlm-rtp-7246
containerPort: 7246
hostPort: 7246
protocol: UDP
- name: zlm-rtp-7247
containerPort: 7247
hostPort: 7247
protocol: UDP
- name: zlm-rtp-7248
containerPort: 7248
hostPort: 7248
protocol: UDP
- name: zlm-rtp-7249
containerPort: 7249
hostPort: 7249
protocol: UDP
- name: zlm-rtp-7250
containerPort: 7250
hostPort: 7250
protocol: UDP
env:
- name: TZ
value: "Asia/Shanghai"
- name: NODE_IP
valueFrom:
fieldRef:
fieldPath: status.hostIP
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.hostIP
volumeMounts:
- name: zlm-config
mountPath: /home/koisi/zlm.ini
subPath: zlm.ini
- name: shared-data
mountPath: /home/koisi/zlm/www/zlm/hls
subPath: hls
resources:
limits:
cpu: "2"
memory: 4Gi
requests:
cpu: "2"
memory: 2Gi
# ZLM-OSS Container
- name: zlm-oss
image: "172.22.106.77:8033/cmii/zlm-oss-adaptor:v2.7.5"
imagePullPolicy: IfNotPresent
ports:
- name: zlm-oss-http
containerPort: 7084
hostPort: 7084
protocol: TCP
volumeMounts:
- name: zlm-oss-config
mountPath: /cmii/oss-adaptor/boot/config.yaml
subPath: config.yaml
- name: shared-data
mountPath: /cmii/share/hls
subPath: hls
resources:
limits:
cpu: "2"
memory: 2Gi
requests:
cpu: "1"
memory: 1Gi
volumes:
- name: wvp-config
configMap:
name: cmii-live-wvp-config
- name: zlm-config
configMap:
name: cmii-live-zlm-config
- name: zlm-oss-config
configMap:
name: cmii-live-zlm-oss-config
- name: shared-data
persistentVolumeClaim:
claimName: cmii-live-shared-data-pvc
imagePullSecrets:
- name: harborsecret

19
73-202602-成都市工业职业技术学院/srs/pvc.yaml Normal file
View File

@@ -0,0 +1,19 @@
---
# Source: cmii-live-services/templates/pvc.yaml
# 单个共享 PVC通过 subPath 区分不同服务的数据
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
namespace: sc-cd-uav-260207
name: cmii-live-shared-data-pvc
labels:
app: media-suite
chart: cmii-live-services-1.0.0
release: cmii-live
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 20Gi
storageClassName: nfs-prod-distribute

4
73-202602-成都市工业职业技术学院/srs/替换模板.txt Normal file
View File

@@ -0,0 +1,4 @@
sc-cd-uav-260207
172.22.106.77:8033
172.22.106.77
0-master-172-22-106-77

6
73-202602-成都市工业职业技术学院/连接信息.txt Normal file
View File

@@ -0,0 +1,6 @@
https://172.22.106.77:39999
eyJhbGciOiJSUzI1NiIsImtpZCI6IkNfTERZQ1l1c2RGZ2Vvd2pTcGRlY1BZTUM4b24wS2s3OTk3S3NOOGNxdnMifQ.eyJhdWQiOlsidW5rbm93biJdLCJleHAiOjE4NjUwMzkxMTgsImlhdCI6MTc3MDQzMTExOCwiaXNzIjoicmtlIiwianRpIjoiNmQ0ZGRjY2ItYzJjZi00ZGY4LWFjMDYtMDQxY2QxMjgwYjkxIiwia3ViZXJuZXRlcy5pbyI6eyJuYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsInNlcnZpY2VhY2NvdW50Ijp7Im5hbWUiOiJhZG1pbi11c2VyIiwidWlkIjoiNTYyZDNlYmYtZTA0OC00OTYwLTg4NGMtYjc0ZjI2NzFhZjIxIn19LCJuYmYiOjE3NzA0MzExMTgsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlcm5ldGVzLWRhc2hib2FyZDphZG1pbi11c2VyIn0.RGNwIiR93x8iyZ7t8ZTrawzjQ61X_1sE7QvA6JjlBv9U1swauFgvdpxt2_8t1mTFcYp272nH3qG3xKNx3Pyqv8cfcuEuA-6Ct1gzz3AOl5hFJw9iUOQm_EGHvo2BwNj3d0tDxH5kSQX-4n5qkUTL0MVdRBJNGFHYFaYrUD2CGwQeyVApHrwjfhhkBMXh-6GlTzjVKTb0zk6wHdlUIZ2OT89h6JMg33fuogzmYD19-EKej072w3ZS4sajS7UBuwJj-PUOTsTFakW9SIBwlbfUs4gNOZ-uXf6-2ygyx_YeVEa-vKgXROJjrqphnsqDZTf5CeL__L0__HOB2eFlyjRg1Q