大量更新

2026-05-19 14:28:44 +08:00
parent a8f6bda703
commit 9fc3372fa3
5299 changed files with 423176 additions and 426690 deletions
--- a/84-202605-北京三河测试/1-批量脚本.sh
+++ b/84-202605-北京三河测试/1-批量脚本.sh
@@ -0,0 +1,24 @@
+host_list=(
+  192.168.3.32
+  192.168.3.33
+)
+# 环境测试
+DEFAULT_HTTP_BACKEND_IP=$(kubectl -n ingress-nginx get svc default-http-backend -o jsonpath='{.spec.clusterIP}')
+
+# master节点
+curl -s "http://${DEFAULT_HTTP_BACKEND_IP}"
+
+
+for server in "${host_list[@]}"; do
+   echo "===== current ip is $server ====="
+
+    # worker节点
+    ssh root@"$server" "DEFAULT_HTTP_BACKEND_IP='$DEFAULT_HTTP_BACKEND_IP' bash -s" <<'EOF'
+    echo "DEFAULT_HTTP_BACKEND_IP=$DEFAULT_HTTP_BACKEND_IP"
+
+    curl -s "http://${DEFAULT_HTTP_BACKEND_IP}"
+    echo
+EOF
+
+   echo ""
+done
--- a/84-202605-北京三河测试/authrozied.enc
+++ b/84-202605-北京三河测试/authrozied.enc
--- a/84-202605-北京三河测试/b-高级磁盘-多物理盘.sh
+++ b/84-202605-北京三河测试/b-高级磁盘-多物理盘.sh
@@ -0,0 +1,132 @@
+#!/bin/bash
+set -euo pipefail
+
+#----------------------------------------------------------
+# 用户配置部分
+#----------------------------------------------------------
+DISKS=("/dev/sda" "/dev/sdb" "/dev/sdc" "/dev/sdd")   # 4块物理磁盘
+MOUNT_PATH="/data"                         # 挂载点路径（目录会自动创建）
+FS_TYPE="ext4"                                        # 文件系统类型（支持 ext4/xfs，默认 ext4）
+
+VG_NAME="bigdatavg"                                      # 卷组名
+LV_NAME="biglvdata"                                      # 逻辑卷名
+
+#----------------------------------------------------------
+# 核心逻辑（建议非必要不修改）
+#----------------------------------------------------------
+
+function check_prerequisites() {
+  # 必须 root 权限运行检查
+  [[ $EUID -ne 0 ]] && echo -e "\033[31m错误：必须使用 root 权限运行此脚本\033[0m" && exit 1
+
+  # 文件系统类型校验
+  if [[ "$FS_TYPE" != "ext4" && "$FS_TYPE" != "xfs" ]]; then
+    echo -e "\033[31m错误：不支持的磁盘格式 $FS_TYPE，仅支持 ext4/xfs\033[0m"
+    exit 1
+  fi
+
+  # 磁盘存在性检查
+  for disk in "${DISKS[@]}"; do
+    [[ ! -b "$disk" ]] && echo -e "\033[31m错误：磁盘 $disk 不存在\033[0m" && exit 1
+  done
+
+  # 检查 VG / LV 是否已存在，避免误操作
+  if vgdisplay "$VG_NAME" >/dev/null 2>&1; then
+    echo -e "\033[31m错误：卷组 $VG_NAME 已存在，请先检查环境\033[0m"
+    exit 1
+  fi
+
+  if lvdisplay "/dev/${VG_NAME}/${LV_NAME}" >/dev/null 2>&1; then
+    echo -e "\033[31m错误：逻辑卷 /dev/${VG_NAME}/${LV_NAME} 已存在，请先检查环境\033[0m"
+    exit 1
+  fi
+}
+
+function prepare_disks() {
+  PARTITIONS=()
+
+  echo -e "\033[34m正在初始化磁盘分区...\033[0m"
+  for disk in "${DISKS[@]}"; do
+    echo -e "\033[34m处理磁盘: $disk\033[0m"
+
+    parted "$disk" --script mklabel gpt
+    parted "$disk" --script mkpart primary 0% 100%
+    parted "$disk" --script set 1 lvm on
+    partprobe "$disk"
+
+    # 兼容 nvme 和普通 sd/vd 设备命名
+    if [[ "$disk" =~ nvme ]]; then
+      partition="${disk}p1"
+    else
+      partition="${disk}1"
+    fi
+
+    # 等待分区节点出现
+    udevadm settle
+    sleep 1
+
+    [[ ! -b "$partition" ]] && echo -e "\033[31m错误：分区 $partition 未识别成功\033[0m" && exit 1
+
+    PARTITIONS+=("$partition")
+  done
+}
+
+function create_lvm() {
+  echo -e "\033[34m正在创建 LVM 结构...\033[0m"
+
+  pvcreate "${PARTITIONS[@]}"
+  vgcreate "$VG_NAME" "${PARTITIONS[@]}"
+  lvcreate -y -l 100%FREE -n "$LV_NAME" "$VG_NAME"
+}
+
+function format_and_mount() {
+  local lv_path="/dev/${VG_NAME}/${LV_NAME}"
+
+  echo -e "\033[34m格式化逻辑卷...\033[0m"
+  if [[ "$FS_TYPE" == "ext4" ]]; then
+    mkfs.ext4 -F "$lv_path"
+  else
+    mkfs.xfs -f "$lv_path"
+  fi
+
+  echo -e "\033[34m设置挂载配置...\033[0m"
+  mkdir -p "$MOUNT_PATH"
+
+  UUID=$(blkid -s UUID -o value "$lv_path")
+  [[ -z "$UUID" ]] && echo -e "\033[31m错误：未获取到逻辑卷 UUID\033[0m" && exit 1
+
+  # 避免重复写入 fstab
+  if ! grep -q "$UUID" /etc/fstab; then
+    echo "UUID=$UUID $MOUNT_PATH $FS_TYPE defaults 0 0" >> /etc/fstab
+  else
+    echo -e "\033[33m提示：/etc/fstab 中已存在该 UUID，跳过写入\033[0m"
+  fi
+
+  mount -a
+}
+
+function verify_result() {
+  echo -e "\n\033[1;36m最终验证结果：\033[0m"
+
+  echo -e "\n\033[1;36m1. 查看块设备和 LVM 结构：\033[0m"
+  lsblk -f
+
+  echo -e "\n\033[1;36m2. 查看挂载结果：\033[0m"
+  df -hT "$MOUNT_PATH"
+
+  echo -e "\n\033[1;36m3. 查看 VG/LV 信息：\033[0m"
+  vgs
+  lvs
+  pvs
+}
+
+#----------------------------------------------------------
+# 主执行流程
+#----------------------------------------------------------
+check_prerequisites
+prepare_disks
+create_lvm
+format_and_mount
+verify_result
+
+echo -e "\n\033[32m操作执行完毕，请仔细核查上述输出信息\033[0m"
--- a/84-202605-北京三河测试/bootstrap-chiper.json
+++ b/84-202605-北京三河测试/bootstrap-chiper.json
--- a/84-202605-北京三河测试/config.yaml
+++ b/84-202605-北京三河测试/config.yaml
@@ -0,0 +1,84 @@
+runtime:
+  mode: "d"   # r=R-Mode, d=D-Mode
+
+# 可直接使用 center /api/project/bootstrap/export 导出的引导密文文件挂载启动。
+project_bootstrap:
+  cipher_text: ""       # 直接填入密文（JSON/Base64 JSON）
+  cipher_text_file: "/root/wdd/rmdc-watchdog/bootstrap-cipher.json"  # 优先项：挂载的引导密文文件路径，例如 /etc/rmdc-watchdog/bootstrap/project-bootstrap.cipher.json
+
+
+d_mode:
+  auto_discover_on_start: true
+  node_request_timeout_sec: 8
+  exec_poll_timeout_sec: 90
+  exec_poll_interval_ms: 1200
+  # node_tls 由 center 下发的项目引导密文自动注入，禁止在本地手动配置。
+  nodes:
+    - name: "node-3.31"
+      inner_ip: "192.168.3.31"
+      node_port: 8349
+      role: "worker"
+    - name: "node-3.32"
+      inner_ip: "192.168.3.32"
+      node_port: 8349
+      role: "worker"
+    - name: "node-3.33"
+      inner_ip: "192.168.3.33"
+      node_port: 8349
+      role: "worker"
+
+database:
+  sqlite:
+    path: "/root/wdd/rmdc-watchdog/watchdog.db"
+
+server:
+  port: "8080"
+  debug: true
+  tls:
+    cert_file: "/etc/rmdc-watchdog/tls/server.crt"
+    key_file: "/etc/rmdc-watchdog/tls/server.key"
+    mtls:
+      client_ca_file: "/etc/rmdc-watchdog/tls/ca.crt"
+      trusted_client_cns:
+        - "rmdc-watchdog-agent"
+
+tier_one_auth:
+  time_offset_allowed: 30
+
+# 授权文件（AuthorizationFile/AuthorizationCode）的运行态都存入数据库。
+# 该路径仅用于离线交付时导出“授权码字符串”（Base64），为空时不会自动写文件。
+authorization:
+  export_code_file: ""
+
+mqtt:
+  broker: tcp://192.168.40.80:31883
+  username: admin
+  password: odD8#Ve7.B
+  keep_alive: 60
+  connect_timeout: 30
+  reconnect_interval: 5
+  qos: 1
+  clean_session: false
+
+registration:
+  enable_totp_verification: true
+  enable_server_totp_verification: true
+  retry_interval: 30
+  max_retries: 5
+
+kubernetes:
+  kube_config_path: "C:\\Users\\wddsh\\Documents\\IdeaProjects\\RMDC\\rmdc-watchdog\\configs\\wdd-rmdc-kubeconfig.yaml"
+  use_in_cluster: false
+
+security:
+  bootstrap_token_ttl_sec: 300
+  bootstrap_token_header: "X-Bootstrap-Token"
+  bootstrap_token_issue_prefix: "bt"
+  clock_forward_threshold_sec: 7200
+  replay_persistence_enabled: true
+  cors_allow_origins:
+    - "https://ops.example.com"
+  rate_limit_enabled: true
+  rate_limit_global_rps: 100
+  rate_limit_ip_rps: 30
+  rate_limit_burst: 60
--- a/84-202605-北京三河测试/doris-deploy/doris-be-service.yaml
+++ b/84-202605-北京三河测试/doris-deploy/doris-be-service.yaml
@@ -0,0 +1,50 @@
+kind: Service
+apiVersion: v1
+metadata:
+  name: doris-cluster-be-service
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/component: doris-cluster-be
+spec:
+  ports:
+    - name: be-port
+      protocol: TCP
+      port: 9060
+      targetPort: 9060
+      nodePort: 32189
+    - name: webserver-port
+      protocol: TCP
+      port: 8040
+      targetPort: 8040
+      nodePort: 31624
+    - name: heartbeat-port
+      protocol: TCP
+      port: 9050
+      targetPort: 9050
+      nodePort: 31625
+    - name: brpc-port
+      protocol: TCP
+      port: 8060
+      targetPort: 8060
+      nodePort: 31627
+  selector:
+    app.kubernetes.io/component: doris-cluster-be
+  type: NodePort
+---
+kind: Service
+apiVersion: v1
+metadata:
+  namespace: bj-sh-uas-260511
+  name: doris-cluster-be-internal
+  labels:
+    app.kubernetes.io/component: doris-cluster-be-internal
+spec:
+  ports:
+    - name: heartbeat-port
+      protocol: TCP
+      port: 9050
+      targetPort: 9050
+  selector:
+    app.kubernetes.io/component: doris-cluster-be
+  clusterIP: None
+  type: ClusterIP
--- a/84-202605-北京三河测试/doris-deploy/doris-be-statusfulset.yaml
+++ b/84-202605-北京三河测试/doris-deploy/doris-be-statusfulset.yaml
@@ -0,0 +1,299 @@
+kind: StatefulSet
+apiVersion: apps/v1
+metadata:
+  name: doris-cluster-be
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/component: doris-cluster-be
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/component: doris-cluster-be
+  template:
+    metadata:
+      name: doris-cluster-be
+      labels:
+        app.kubernetes.io/component: doris-cluster-be
+    spec:
+      imagePullSecrets:
+        - name: harborsecret
+      volumes:
+        - name: podinfo
+          downwardAPI:
+            items:
+              - path: labels
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.labels
+              - path: annotations
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.annotations
+            defaultMode: 420
+        - name: doris-cluster-be-conf
+          configMap:
+            name: doris-cluster-be-conf
+            defaultMode: 420
+        - name: be-storage
+          hostPath:
+            path: /var/lib/docker/be-storage/
+            type: ""
+        - name: be-log
+          hostPath:
+            path: /data/be-log/
+            type: ""
+      initContainers:
+        - name: default-init
+          image: '192.168.3.31:8033/cmii/tools:1.0'
+          command:
+            - /bin/sh
+          args:
+            - '-c'
+            - sysctl -w vm.max_map_count=2000000 && swapoff -a
+          resources:
+            limits:
+              cpu: '1'
+              memory: 1Gi
+            requests:
+              cpu: '0.5'
+              memory: 500Mi
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          imagePullPolicy: IfNotPresent
+          securityContext:
+            privileged: true
+      containers:
+        - name: be
+          image: '192.168.3.31:8033/cmii/doris.be-ubuntu:2.1.6'
+          command:
+            - /opt/apache-doris/be_entrypoint.sh
+          args:
+            - $(ENV_FE_ADDR)
+          ports:
+            - name: be-port
+              containerPort: 9060
+              protocol: TCP
+            - name: webserver-port
+              containerPort: 8040
+              protocol: TCP
+            - name: heartbeat-port
+              containerPort: 9050
+              protocol: TCP
+            - name: brpc-port
+              containerPort: 8060
+              protocol: TCP
+          env:
+            - name: POD_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.name
+            - name: POD_IP
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.podIP
+            - name: HOST_IP
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.hostIP
+            - name: POD_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.namespace
+            - name: CONFIGMAP_MOUNT_PATH
+              value: /etc/doris
+            - name: USER
+              value: root
+            - name: DORIS_ROOT
+              value: /opt/apache-doris
+            - name: ENV_FE_ADDR
+              value: doris-cluster-fe-service
+            - name: FE_QUERY_PORT
+              value: '9030'
+          resources:
+            limits:
+              cpu: '8'
+              memory: 8Gi
+            requests:
+              cpu: '4'
+              memory: 4Gi
+          volumeMounts:
+            - name: podinfo
+              mountPath: /etc/podinfo
+            - name: be-storage
+              mountPath: /opt/apache-doris/be/storage
+            - name: be-log
+              mountPath: /opt/apache-doris/be/log
+            - name: doris-cluster-be-conf
+              mountPath: /etc/doris
+          livenessProbe:
+            tcpSocket:
+              port: 9050
+            initialDelaySeconds: 80
+            timeoutSeconds: 180
+            periodSeconds: 5
+            successThreshold: 1
+            failureThreshold: 3
+          readinessProbe:
+            httpGet:
+              path: /api/health
+              port: 8040
+              scheme: HTTP
+            timeoutSeconds: 1
+            periodSeconds: 5
+            successThreshold: 1
+            failureThreshold: 3
+          startupProbe:
+            tcpSocket:
+              port: 9050
+            timeoutSeconds: 1
+            periodSeconds: 5
+            successThreshold: 1
+            failureThreshold: 60
+          lifecycle:
+            preStop:
+              exec:
+                command:
+                  - /opt/apache-doris/be_prestop.sh
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          imagePullPolicy: IfNotPresent
+      restartPolicy: Always
+      terminationGracePeriodSeconds: 30
+      dnsPolicy: ClusterFirst
+      securityContext: {}
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+              - matchExpressions:
+                  - key: doris.cluster
+                    operator: In
+                    values:
+                      - "true"
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+            - weight: 100
+              podAffinityTerm:
+                labelSelector:
+                  matchExpressions:
+                    - key: app.kubernetes.io/component
+                      operator: In
+                      values:
+                        - doris-cluster-be
+                topologyKey: kubernetes.io/hostname
+      schedulerName: default-scheduler
+#  volumeClaimTemplates:
+#    - kind: PersistentVolumeClaim
+#      apiVersion: v1
+#      metadata:
+#        name: be-storage
+#      spec:
+#        accessModes:
+#          - ReadWriteOnce
+#        resources:
+#          requests:
+#            storage: '10'
+#        storageClassName: nfs-prod-distribute
+#        volumeMode: Filesystem
+#    - kind: PersistentVolumeClaim
+#      apiVersion: v1
+#      metadata:
+#        name: be-log
+#      spec:
+#        accessModes:
+#          - ReadWriteOnce
+#        resources:
+#          requests:
+#            storage: '10'
+#        storageClassName: nfs-prod-distribute
+#        volumeMode: Filesystem
+  serviceName: doris-cluster-be-internal
+  podManagementPolicy: Parallel
+---
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: doris-cluster-be-conf
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/component: be
+data:
+  be.conf: >
+    CUR_DATE=`date +%Y%m%d-%H%M%S`
+    
+    # Log dir
+    LOG_DIR="${DORIS_HOME}/log/"
+    
+    # For jdk 8
+    JAVA_OPTS="-Dfile.encoding=UTF-8 -Xmx2048m -DlogPath=$LOG_DIR/jni.log -Xloggc:$LOG_DIR/be.gc.log.$CUR_DATE -XX:+UseGCLogFileRotation -XX:NumberOfGCLogFiles=10 -XX:GCLogFileSize=50M -Djavax.security.auth.useSubjectCredsOnly=false -Dsun.security.krb5.debug=true -Dsun.java.command=DorisBE -XX:-CriticalJNINatives"
+    
+    # Set your own JAVA_HOME
+    # JAVA_HOME=/path/to/jdk/
+    
+    # https://github.com/apache/doris/blob/master/docs/zh-CN/community/developer-guide/debug-tool.md#jemalloc-heap-profile
+    # https://jemalloc.net/jemalloc.3.html jemalloc 内存分配器设置参数
+    JEMALLOC_CONF="percpu_arena:percpu,background_thread:true,metadata_thp:auto,muzzy_decay_ms:15000,dirty_decay_ms:15000,oversize_threshold:0,prof:false,lg_prof_interval:32,lg_prof_sample:19,prof_gdump:false,prof_accum:false,prof_leak:false,prof_final:false"
+    JEMALLOC_PROF_PRFIX=""
+    
+    # ports for admin, web, heartbeat service
+    be_port = 9060
+    webserver_port = 8040
+    heartbeat_service_port = 9050
+    brpc_port = 8060
+    arrow_flight_sql_port = -1
+    
+    # HTTPS configures
+    enable_https = false
+    # path of certificate in PEM format.
+    #ssl_certificate_path = "$DORIS_HOME/conf/cert.pem"
+    # path of private key in PEM format.
+    #ssl_private_key_path = "$DORIS_HOME/conf/key.pem"
+    
+    # Choose one if there are more than one ip except loopback address.
+    # Note that there should at most one ip match this list.
+    # If no ip match this rule, will choose one randomly.
+    # use CIDR format, e.g. 10.10.10.0/24 or IP format, e.g. 10.10.10.1
+    # Default value is empty.
+    # priority_networks = 10.10.10.0/24;192.168.0.0/16
+    
+    # data root path, separate by ';'
+    # You can specify the storage type for each root path, HDD (cold data) or SSD (hot data)
+    # eg:
+    # storage_root_path = /home/disk1/doris;/home/disk2/doris;/home/disk2/doris
+    # storage_root_path = /home/disk1/doris,medium:SSD;/home/disk2/doris,medium:SSD;/home/disk2/doris,medium:HDD
+    # /home/disk2/doris,medium:HDD(default)
+    #
+    # you also can specify the properties by setting '<property>:<value>', separate by ','
+    # property 'medium' has a higher priority than the extension of path
+    #
+    # Default value is ${DORIS_HOME}/storage, you should create it by hand.
+    # storage_root_path = ${DORIS_HOME}/storage
+    
+    # Default dirs to put jdbc drivers,default value is ${DORIS_HOME}/jdbc_drivers
+    # jdbc_drivers_dir = ${DORIS_HOME}/jdbc_drivers
+    
+    # Advanced configurations
+    # INFO, WARNING, ERROR, FATAL
+    sys_log_level = INFO
+    # sys_log_roll_mode = SIZE-MB-1024
+    # sys_log_roll_num = 10
+    # sys_log_verbose_modules = *
+    # log_buffer_level = -1
+    
+    # aws sdk log level
+    #    Off = 0,
+    #    Fatal = 1,
+    #    Error = 2,
+    #    Warn = 3,
+    #    Info = 4,
+    #    Debug = 5,
+    #    Trace = 6
+    # Default to turn off aws sdk log, because aws sdk errors that need to be cared will be output through Doris logs
+    #aws_log_level=0
+    ## If you are not running in aws cloud, you can disable EC2 metadata
+    #AWS_EC2_METADATA_DISABLED=false
--- a/84-202605-北京三河测试/doris-deploy/doris-fe-service.yaml
+++ b/84-202605-北京三河测试/doris-deploy/doris-fe-service.yaml
@@ -0,0 +1,50 @@
+kind: Service
+apiVersion: v1
+metadata:
+  name: doris-cluster-fe-service
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/component: doris-cluster-fe
+spec:
+  ports:
+    - name: http-port
+      protocol: TCP
+      port: 8030
+      targetPort: 8030
+      nodePort: 31620
+    - name: rpc-port
+      protocol: TCP
+      port: 9020
+      targetPort: 9020
+      nodePort: 31621
+    - name: query-port
+      protocol: TCP
+      port: 9030
+      targetPort: 9030
+      nodePort: 31622
+    - name: edit-log-port
+      protocol: TCP
+      port: 9010
+      targetPort: 9010
+      nodePort: 31623
+  selector:
+    app.kubernetes.io/component: doris-cluster-fe
+  type: NodePort
+---
+kind: Service
+apiVersion: v1
+metadata:
+  name: doris-cluster-fe-internal
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/component: doris-cluster-fe
+spec:
+  ports:
+    - name: query-port
+      protocol: TCP
+      port: 9030
+      targetPort: 9030
+  selector:
+    app.kubernetes.io/component: doris-cluster-fe
+  clusterIP: None
+  type: ClusterIP
--- a/84-202605-北京三河测试/doris-deploy/doris-fe-statusfulset.yaml
+++ b/84-202605-北京三河测试/doris-deploy/doris-fe-statusfulset.yaml
@@ -0,0 +1,266 @@
+kind: StatefulSet
+apiVersion: apps/v1
+metadata:
+  name: doris-cluster-fe
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/component: doris-cluster-fe
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/component: doris-cluster-fe
+  template:
+    metadata:
+      name: doris-cluster-fe
+      labels:
+        app.kubernetes.io/component: doris-cluster-fe
+    spec:
+      imagePullSecrets:
+        - name: harborsecret
+      volumes:
+        - name: meta
+          hostPath:
+            path: /var/lib/docker/fe-meta/
+            type: ""
+        - name: log
+          hostPath:
+            path: /data/fe-log/
+            type: ""
+        - name: podinfo
+          downwardAPI:
+            items:
+              - path: labels
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.labels
+              - path: annotations
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.annotations
+            defaultMode: 420
+        - name: doris-cluster-fe-conf
+          configMap:
+            name: doris-cluster-fe-conf
+            defaultMode: 420
+      containers:
+        - name: doris-cluster-fe
+          image: '192.168.3.31:8033/cmii/doris.fe-ubuntu:2.1.6'
+          command:
+            - /opt/apache-doris/fe_entrypoint.sh
+          args:
+            - $(ENV_FE_ADDR)
+          ports:
+            - name: http-port
+              containerPort: 8030
+              protocol: TCP
+            - name: rpc-port
+              containerPort: 9020
+              protocol: TCP
+            - name: query-port
+              containerPort: 9030
+              protocol: TCP
+            - name: edit-log-port
+              containerPort: 9010
+              protocol: TCP
+          env:
+            - name: POD_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.name
+            - name: POD_IP
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.podIP
+            - name: HOST_IP
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.hostIP
+            - name: POD_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.namespace
+            - name: CONFIGMAP_MOUNT_PATH
+              value: /etc/doris
+            - name: USER
+              value: root
+            - name: DORIS_ROOT
+              value: /opt/apache-doris
+            - name: ENV_FE_ADDR
+              value: doris-cluster-fe-service
+            - name: FE_QUERY_PORT
+              value: '9030'
+            - name: ELECT_NUMBER
+              value: '3'
+          resources:
+            limits:
+              cpu: '4'
+              memory: 8Gi
+            requests:
+              cpu: '2'
+              memory: 4Gi
+          volumeMounts:
+            - name: podinfo
+              mountPath: /etc/podinfo
+            - name: log
+              mountPath: /opt/apache-doris/fe/log
+            - name: meta
+              mountPath: /opt/apache-doris/fe/doris-meta
+            - name: doris-cluster-fe-conf
+              mountPath: /etc/doris
+          livenessProbe:
+            tcpSocket:
+              port: 9030
+            initialDelaySeconds: 80
+            timeoutSeconds: 180
+            periodSeconds: 5
+            successThreshold: 1
+            failureThreshold: 3
+          readinessProbe:
+            httpGet:
+              path: /api/health
+              port: 8030
+              scheme: HTTP
+            timeoutSeconds: 1
+            periodSeconds: 5
+            successThreshold: 1
+            failureThreshold: 3
+          startupProbe:
+            tcpSocket:
+              port: 9030
+            timeoutSeconds: 1
+            periodSeconds: 5
+            successThreshold: 1
+            failureThreshold: 60
+          lifecycle:
+            preStop:
+              exec:
+                command:
+                  - /opt/apache-doris/fe_prestop.sh
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          imagePullPolicy: IfNotPresent
+      restartPolicy: Always
+      terminationGracePeriodSeconds: 30
+      dnsPolicy: ClusterFirst
+      securityContext: {}
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+              - matchExpressions:
+                  - key: doris.cluster
+                    operator: In
+                    values:
+                      - "true"
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+            - weight: 100
+              podAffinityTerm:
+                labelSelector:
+                  matchExpressions:
+                    - key: app.kubernetes.io/component
+                      operator: In
+                      values:
+                        - doris-cluster-fe
+                topologyKey: kubernetes.io/hostname
+      schedulerName: default-scheduler
+#  volumeClaimTemplates:
+#    - kind: PersistentVolumeClaim
+#      apiVersion: v1
+#      metadata:
+#        name: meta
+#      spec:
+#        accessModes:
+#          - ReadWriteOnce
+#        resources:
+#          requests:
+#            storage: 10G
+#        storageClassName: hcms-efs-class
+#        volumeMode: Filesystem
+#    - kind: PersistentVolumeClaim
+#      apiVersion: v1
+#      metadata:
+#        name: log
+#      spec:
+#        accessModes:
+#          - ReadWriteOnce
+#        resources:
+#          requests:
+#            storage: '10'
+#        storageClassName: hcms-efs-class
+#        volumeMode: Filesystem
+  serviceName: doris-cluster-fe-internal
+  podManagementPolicy: Parallel
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: doris-cluster-fe-conf
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/component: fe
+data:
+  fe.conf: |
+    #####################################################################
+    ## The uppercase properties are read and exported by bin/start_fe.sh.
+    ## To see all Frontend configurations,
+    ## see fe/src/org/apache/doris/common/Config.java
+    #####################################################################
+    
+    CUR_DATE=`date +%Y%m%d-%H%M%S`
+    
+    # Log dir
+    LOG_DIR = ${DORIS_HOME}/log
+    
+    # For jdk 8
+    JAVA_OPTS="-Dfile.encoding=UTF-8 -Djavax.security.auth.useSubjectCredsOnly=false -Xss4m -Xmx8192m -XX:+UnlockExperimentalVMOptions -XX:+UseG1GC -XX:MaxGCPauseMillis=200 -XX:+PrintGCDateStamps -XX:+PrintGCDetails -Xloggc:$LOG_DIR/log/fe.gc.log.$CUR_DATE -XX:+UseGCLogFileRotation -XX:NumberOfGCLogFiles=10 -XX:GCLogFileSize=50M -Dlog4j2.formatMsgNoLookups=true"
+        
+    # Set your own JAVA_HOME
+    # JAVA_HOME=/path/to/jdk/
+    
+    ##
+    ## the lowercase properties are read by main program.
+    ##
+    
+    # store metadata, must be created before start FE.
+    # Default value is ${DORIS_HOME}/doris-meta
+    # meta_dir = ${DORIS_HOME}/doris-meta
+    
+    # Default dirs to put jdbc drivers,default value is ${DORIS_HOME}/jdbc_drivers
+    # jdbc_drivers_dir = ${DORIS_HOME}/jdbc_drivers
+    
+    http_port = 8030
+    rpc_port = 9020
+    query_port = 9030
+    edit_log_port = 9010
+    arrow_flight_sql_port = -1
+    
+    # Choose one if there are more than one ip except loopback address.
+    # Note that there should at most one ip match this list.
+    # If no ip match this rule, will choose one randomly.
+    # use CIDR format, e.g. 10.10.10.0/24 or IP format, e.g. 10.10.10.1
+    # Default value is empty.
+    # priority_networks = 10.10.10.0/24;192.168.0.0/16
+    
+    # Advanced configurations
+    # log_roll_size_mb = 1024
+    # INFO, WARN, ERROR, FATAL
+    sys_log_level = INFO
+    # NORMAL, BRIEF, ASYNC,FE 日志的输出模式，其中 NORMAL 为默认的输出模式，日志同步输出且包含位置信息。ASYNC 默认是日志异步输出且包含位置信息。 BRIEF 模式是日志异步输出但不包含位置信息。三种日志输出模式的性能依次递增
+    sys_log_mode = ASYNC
+    # sys_log_roll_num = 10
+    # sys_log_verbose_modules = org.apache.doris
+    # audit_log_dir = $LOG_DIR
+    # audit_log_modules = slow_query, query
+    # audit_log_roll_num = 10
+    # meta_delay_toleration_second = 10
+    # qe_max_connection = 1024
+    # qe_query_timeout_second = 300
+    # qe_slow_log_ms = 5000
+    #Fully Qualified Domain Name，完全限定域名,开启后各节点之间通信基于FQDN
+    enable_fqdn_mode = true
--- a/84-202605-北京三河测试/doris-deploy/doris-pvc.yaml
+++ b/84-202605-北京三河测试/doris-deploy/doris-pvc.yaml
@@ -0,0 +1,60 @@
+---
+# pvc.yaml
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: doris-fe-meta-pvc
+  namespace: bj-sh-uas-260511
+spec:
+  storageClassName: nfs-prod-distribute
+  volumeMode: Filesystem
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 100Gi
+
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: doris-fe-log-pvc
+  namespace: bj-sh-uas-260511
+spec:
+  storageClassName: nfs-prod-distribute
+  volumeMode: Filesystem
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 100Gi
+
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: doris-be-storage-pvc
+  namespace: bj-sh-uas-260511
+spec:
+  storageClassName: nfs-prod-distribute
+  volumeMode: Filesystem
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 500Gi  # 根据实际存储需求调整
+
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: doris-be-log-pvc
+  namespace: bj-sh-uas-260511
+spec:
+  storageClassName: nfs-prod-distribute
+  volumeMode: Filesystem
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 100Gi
--- a/84-202605-北京三河测试/doris-deploy/替换模板.txt
+++ b/84-202605-北京三河测试/doris-deploy/替换模板.txt
@@ -0,0 +1,2 @@
+bj-sh-uas-260511
+192.168.3.31:8033
--- a/84-202605-北京三河测试/install-rmdc-watchdog-node.sh
+++ b/84-202605-北京三河测试/install-rmdc-watchdog-node.sh
@@ -0,0 +1,319 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+###############################################################################
+# Configuration
+###############################################################################
+
+# Space separated host IPs. Include the master IP if the master node also needs
+# rmdc-watchdog-node installed.
+INSTALL_HOSTS="192.168.3.31 192.168.3.32 192.168.3.33"
+
+# Absolute binary path on the master node. Remote nodes will receive the binary
+# at the same absolute path.
+RMDC_WATCHDOG_NODE_BIN="/root/wdd/rmdc-watchdog-node"
+
+# Replace WDD_BOOTSTRAP_PSK in the systemd service.
+WDD_BOOTSTRAP_PSK="hO8dKlh9hSXZ25Bv9xsySxDe2rh7XikV"
+
+# Main NIC name. The script reads each node's IPv4 address on this NIC and uses
+# it as WDD_LISTEN_IP.
+MAIN_NIC="eno3"
+
+# Master node private IP. This replaces WDD_BOOTSTRAP_ALLOW_IPS.
+MASTER_IP="192.168.3.31"
+
+# Systemd service install path on every node.
+SERVICE_PATH="/usr/lib/systemd/system/rmdc-watchdog-node.service"
+
+# SSH settings for remote nodes.
+SSH_PORT="22"
+SSH_CONNECT_TIMEOUT_SEC="10"
+SSH_CONTROL_PERSIST="10m"
+
+###############################################################################
+# Implementation
+###############################################################################
+
+SERVICE_NAME="$(basename "$SERVICE_PATH")"
+REMOTE_TMP_DIR="/tmp/rmdc-watchdog-node-deploy"
+REMOTE_SERVICE_TMP="${REMOTE_TMP_DIR}/${SERVICE_NAME}"
+SSH_CONTROL_DIR=""
+SSH_CONTROL_PATH=""
+
+log() {
+  printf '[%s] %s\n' "$(date '+%Y-%m-%d %H:%M:%S')" "$*"
+}
+
+die() {
+  printf 'error: %s\n' "$*" >&2
+  exit 1
+}
+
+shell_quote() {
+  printf "'"
+  printf '%s' "${1-}" | sed "s/'/'\\\\''/g"
+  printf "'"
+}
+
+require_command() {
+  command -v "$1" >/dev/null 2>&1 || die "required command not found: $1"
+}
+
+validate_config() {
+  [[ "$(id -u)" == "0" ]] || die "this script must run as root"
+  [[ "$#" == "0" ]] || die "this script does not accept command line arguments; edit the configuration section instead"
+  [[ -n "$INSTALL_HOSTS" ]] || die "INSTALL_HOSTS is empty"
+  [[ -f "$RMDC_WATCHDOG_NODE_BIN" ]] || die "binary not found: $RMDC_WATCHDOG_NODE_BIN"
+  [[ -n "$WDD_BOOTSTRAP_PSK" && "$WDD_BOOTSTRAP_PSK" != "change-me" ]] || die "WDD_BOOTSTRAP_PSK must be configured"
+  [[ -n "$MAIN_NIC" ]] || die "MAIN_NIC must be configured"
+  [[ -n "$MASTER_IP" ]] || die "MASTER_IP must be configured"
+  [[ "$SERVICE_PATH" = /* ]] || die "SERVICE_PATH must be an absolute path"
+  [[ "$RMDC_WATCHDOG_NODE_BIN" = /* ]] || die "RMDC_WATCHDOG_NODE_BIN must be an absolute path"
+
+  require_command awk
+  require_command basename
+  require_command dirname
+  require_command install
+  require_command ip
+  require_command mktemp
+  require_command sed
+  require_command systemctl
+}
+
+get_local_ipv4s() {
+  {
+    hostname -I 2>/dev/null | tr ' ' '\n' || true
+    ip -o -4 addr show 2>/dev/null | awk '{split($4, a, "/"); print a[1]}' || true
+  } | awk 'NF' | sort -u
+}
+
+is_local_host() {
+  local host="$1"
+
+  case "$host" in
+    localhost|127.0.0.1|::1)
+      return 0
+      ;;
+  esac
+
+  get_local_ipv4s | awk -v host="$host" '$0 == host {found = 1} END {exit found ? 0 : 1}'
+}
+
+local_nic_ip() {
+  ip -o -4 addr show dev "$MAIN_NIC" scope global |
+    awk '{split($4, a, "/"); print a[1]; exit}'
+}
+
+remote_sh() {
+  local host="$1"
+  local command="$2"
+
+  ssh \
+    -p "$SSH_PORT" \
+    -o ConnectTimeout="$SSH_CONNECT_TIMEOUT_SEC" \
+    -o StrictHostKeyChecking=no \
+    -o UserKnownHostsFile=/dev/null \
+    -o LogLevel=ERROR \
+    -o ControlMaster=auto \
+    -o ControlPersist="$SSH_CONTROL_PERSIST" \
+    -o ControlPath="$SSH_CONTROL_PATH" \
+    "root@${host}" \
+    "bash -lc $(shell_quote "$command")"
+}
+
+remote_scp() {
+  local source_path="$1"
+  local host="$2"
+  local target_path="$3"
+
+  scp \
+    -P "$SSH_PORT" \
+    -o ConnectTimeout="$SSH_CONNECT_TIMEOUT_SEC" \
+    -o StrictHostKeyChecking=no \
+    -o UserKnownHostsFile=/dev/null \
+    -o LogLevel=ERROR \
+    -o ControlMaster=auto \
+    -o ControlPersist="$SSH_CONTROL_PERSIST" \
+    -o ControlPath="$SSH_CONTROL_PATH" \
+    "$source_path" \
+    "root@${host}:${target_path}"
+}
+
+cleanup_ssh_control() {
+  local host
+
+  if [[ -n "${SSH_CONTROL_DIR:-}" && -d "$SSH_CONTROL_DIR" ]]; then
+    for host in $INSTALL_HOSTS; do
+      if ! is_local_host "$host"; then
+        ssh \
+          -p "$SSH_PORT" \
+          -o StrictHostKeyChecking=no \
+          -o UserKnownHostsFile=/dev/null \
+          -o LogLevel=ERROR \
+          -o ControlPath="$SSH_CONTROL_PATH" \
+          -O exit \
+          "root@${host}" >/dev/null 2>&1 || true
+      fi
+    done
+    rm -rf "$SSH_CONTROL_DIR"
+  fi
+}
+
+remote_nic_ip() {
+  local host="$1"
+  remote_sh "$host" "ip -o -4 addr show dev $(shell_quote "$MAIN_NIC") scope global | awk '{split(\$4, a, \"/\"); print a[1]; exit}'"
+}
+
+render_service() {
+  local listen_ip="$1"
+  local output_path="$2"
+  local working_dir
+
+  working_dir="$(dirname "$RMDC_WATCHDOG_NODE_BIN")"
+
+  cat > "$output_path" <<EOF
+[Unit]
+Description=RMDC Watchdog Node Daemon
+After=network.target
+
+[Service]
+Type=simple
+User=root
+Group=root
+WorkingDirectory=${working_dir}
+ExecStart=${RMDC_WATCHDOG_NODE_BIN}
+Restart=on-failure
+RestartSec=3
+
+Environment="WDD_LISTEN_IP=${listen_ip}"
+Environment="WDD_BOOTSTRAP_TIMEOUT_SEC=300"
+Environment="WDD_BOOTSTRAP_ALLOW_IPS=${MASTER_IP}"
+Environment="WDD_BOOTSTRAP_RE_ALLOW=false"
+Environment="WDD_RUNTIME_MAX_CONCURRENT=4"
+Environment="WDD_RUNTIME_QUEUE_CAPACITY=128"
+Environment="WDD_RUNTIME_TASK_TIMEOUT_SEC=1800"
+Environment="WDD_SECURITY_REQUIRE_ROOT=true"
+Environment="WDD_SECURITY_TOTP_WINDOW=1"
+Environment="WDD_BOOTSTRAP_PSK=${WDD_BOOTSTRAP_PSK}"
+
+[Install]
+WantedBy=multi-user.target
+EOF
+}
+
+install_local() {
+  local host="$1"
+  local listen_ip
+  local rendered_service
+
+  listen_ip="$(local_nic_ip)"
+  [[ -n "$listen_ip" ]] || die "failed to get local IPv4 address from NIC ${MAIN_NIC}"
+
+  rendered_service="$(mktemp)"
+  render_service "$listen_ip" "$rendered_service"
+
+  log "${host}: installing local service with WDD_LISTEN_IP=${listen_ip}"
+  chmod 0755 "$RMDC_WATCHDOG_NODE_BIN"
+  chown root:root "$RMDC_WATCHDOG_NODE_BIN"
+  install -d -m 0755 "$(dirname "$SERVICE_PATH")"
+  install -m 0644 -o root -g root "$rendered_service" "$SERVICE_PATH"
+  rm -f "$rendered_service"
+
+  systemctl daemon-reload
+  systemctl enable "$SERVICE_NAME"
+  systemctl restart "$SERVICE_NAME"
+  systemctl is-active --quiet "$SERVICE_NAME"
+}
+
+install_remote() {
+  local host="$1"
+  local listen_ip
+  local rendered_service
+  local binary_dir
+  local service_dir
+
+  listen_ip="$(remote_nic_ip "$host")"
+  [[ -n "$listen_ip" ]] || die "${host}: failed to get IPv4 address from NIC ${MAIN_NIC}"
+
+  rendered_service="$(mktemp)"
+  render_service "$listen_ip" "$rendered_service"
+
+  binary_dir="$(dirname "$RMDC_WATCHDOG_NODE_BIN")"
+  service_dir="$(dirname "$SERVICE_PATH")"
+
+  log "${host}: preparing remote directories"
+  remote_sh "$host" "mkdir -p $(shell_quote "$binary_dir") $(shell_quote "$service_dir") $(shell_quote "$REMOTE_TMP_DIR")"
+
+  log "${host}: uploading binary to ${RMDC_WATCHDOG_NODE_BIN}"
+  remote_scp "$RMDC_WATCHDOG_NODE_BIN" "$host" "$RMDC_WATCHDOG_NODE_BIN"
+
+  log "${host}: uploading service with WDD_LISTEN_IP=${listen_ip}"
+  remote_scp "$rendered_service" "$host" "$REMOTE_SERVICE_TMP"
+  rm -f "$rendered_service"
+
+  log "${host}: reloading and restarting ${SERVICE_NAME}"
+  remote_sh "$host" "set -euo pipefail
+chmod 0755 $(shell_quote "$RMDC_WATCHDOG_NODE_BIN")
+chown root:root $(shell_quote "$RMDC_WATCHDOG_NODE_BIN")
+install -m 0644 -o root -g root $(shell_quote "$REMOTE_SERVICE_TMP") $(shell_quote "$SERVICE_PATH")
+systemctl daemon-reload
+systemctl enable $(shell_quote "$SERVICE_NAME")
+systemctl restart $(shell_quote "$SERVICE_NAME")
+systemctl is-active --quiet $(shell_quote "$SERVICE_NAME")
+rm -f $(shell_quote "$REMOTE_SERVICE_TMP")"
+}
+
+print_failure_diagnostics() {
+  local host="$1"
+
+  if is_local_host "$host"; then
+    systemctl --no-pager --full status "$SERVICE_NAME" || true
+    journalctl -u "$SERVICE_NAME" -n 80 --no-pager || true
+  else
+    remote_sh "$host" "systemctl --no-pager --full status $(shell_quote "$SERVICE_NAME") || true; journalctl -u $(shell_quote "$SERVICE_NAME") -n 80 --no-pager || true" || true
+  fi
+}
+
+main() {
+  validate_config "$@"
+
+  local has_remote="false"
+  local host
+  for host in $INSTALL_HOSTS; do
+    if ! is_local_host "$host"; then
+      has_remote="true"
+      break
+    fi
+  done
+
+  if [[ "$has_remote" == "true" ]]; then
+    require_command ssh
+    require_command scp
+    SSH_CONTROL_DIR="$(mktemp -d -t rmdc-watchdog-node-ssh.XXXXXX)"
+    SSH_CONTROL_PATH="${SSH_CONTROL_DIR}/%r@%h:%p"
+    trap cleanup_ssh_control EXIT
+  fi
+
+  for host in $INSTALL_HOSTS; do
+    log "${host}: deployment started"
+    if is_local_host "$host"; then
+      if ! install_local "$host"; then
+        print_failure_diagnostics "$host"
+        die "${host}: deployment failed"
+      fi
+    else
+      if ! install_remote "$host"; then
+        print_failure_diagnostics "$host"
+        die "${host}: deployment failed"
+      fi
+    fi
+    log "${host}: deployment finished"
+  done
+
+  log "all deployments finished"
+}
+
+if [[ "${BASH_SOURCE[0]}" == "$0" ]]; then
+  main "$@"
+fi
--- a/84-202605-北京三河测试/k8s-app/all-ingress.yaml
+++ b/84-202605-北京三河测试/k8s-app/all-ingress.yaml
@@ -0,0 +1,989 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  labels:
+    app.kubernetes.io/managed-by: octopus-control
+    app.kubernetes.io/version: uas-2.3
+    octopus.control: all-ingress-config-1.1.0
+    type: api-gateway
+  name: all-gateways-ingress
+  namespace: bj-sh-uas-260511
+  annotations:
+    kubernetes.io/ingress.class: nginx
+    nginx.ingress.kubernetes.io/enable-cors: 'true'
+    nginx.ingress.kubernetes.io/proxy-read-timeout: '3600'
+    nginx.ingress.kubernetes.io/proxy-send-timeout: '3600'
+    nginx.ingress.kubernetes.io/rewrite-target: /$1
+spec:
+  rules:
+    - host: fake-domain.bj-sh-uas-260511.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-admin-gateway
+                port:
+                  number: 8080
+            path: /oms/api/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-open-gateway
+                port:
+                  number: 8080
+            path: /open/api/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-gateway
+                port:
+                  number: 8080
+            path: /api/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uas-gateway
+                port:
+                  number: 8080
+            path: /uas/api/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-sky-converge
+                port:
+                  number: 8080
+            path: /converge/?(.*)
+            pathType: ImplementationSpecific
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  labels:
+    app.kubernetes.io/managed-by: octopus-control
+    app.kubernetes.io/version: uas-2.3
+    octopus.control: all-ingress-config-wdd
+    type: backend
+  name: backend-applications-ingress
+  namespace: bj-sh-uas-260511
+spec:
+  rules:
+    - host: cmii-admin-data.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-admin-data
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-admin-gateway.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-admin-gateway
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-admin-user.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-admin-user
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-app-release.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-app-release
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-open-gateway.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-open-gateway
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-sky-converge.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-sky-converge
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-suav-supervision.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-suav-supervision
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uas-datahub.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uas-datahub
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uas-gateway.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uas-gateway
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uas-lifecycle.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uas-lifecycle
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-advanced5g.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-advanced5g
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-airspace.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-airspace
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-alarm.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-alarm
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-autowaypoint.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-autowaypoint
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-brain.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-brain
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-bridge.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-bridge
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-cloud-live.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-cloud-live
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-clusters.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-clusters
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-cms.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-cms
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-data-post-process.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-data-post-process
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-depotautoreturn.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-depotautoreturn
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-developer.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-developer
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-device.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-device
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-emergency.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-emergency
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-fwdd.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-fwdd
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-gateway.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-gateway
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-gis-server.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-gis-server
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-grid-datasource.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-grid-datasource
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-grid-engine.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-grid-engine
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-grid-manage.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-grid-manage
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-industrial-portfolio.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-industrial-portfolio
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-integration.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-integration
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-iot-dispatcher.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-iot-dispatcher
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-iot-manager.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-iot-manager
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-kpi-monitor.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-kpi-monitor
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-logger.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-logger
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-material-warehouse.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-material-warehouse
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-mission.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-mission
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-mqtthandler.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-mqtthandler
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-multilink.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-multilink
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-notice.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-notice
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-oauth.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-oauth
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-process.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-process
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-sec-awareness.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-sec-awareness
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-security-trace.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-security-trace
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-sense-adapter.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-sense-adapter
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-surveillance.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-surveillance
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-sync.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-sync
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-tcp-server.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-tcp-server
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-threedsimulation.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-threedsimulation
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-tower.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-tower
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-user.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-user
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-watchdog.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-watchdog
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uav-waypoint.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-waypoint
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uavms-pyfusion.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uavms-pyfusion
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+    - host: cmii-uavms-security-center.uavcloud-xadcity-uas.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uavms-security-center
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  labels:
+    app.kubernetes.io/managed-by: octopus-control
+    app.kubernetes.io/version: uas-2.3
+    octopus.control: all-ingress-config-wdd
+    type: frontend
+  name: frontend-applications-ingress
+  namespace: bj-sh-uas-260511
+spec:
+  rules:
+    - host: fake-domain.bj-sh-uas-260511.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: cmii-uav-platform
+                port:
+                  number: 9528
+            path: /?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-suav-platform-supervision
+                port:
+                  number: 9528
+            path: /supervision/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-suav-platform-supervisionh5
+                port:
+                  number: 9528
+            path: /supervisionh5/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform
+                port:
+                  number: 9528
+            path: /pangu/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-ai-brain
+                port:
+                  number: 9528
+            path: /ai-brain/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-armypeople
+                port:
+                  number: 9528
+            path: /armypeople/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-awareness
+                port:
+                  number: 9528
+            path: /awareness/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-base
+                port:
+                  number: 9528
+            path: /base/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-blockchain
+                port:
+                  number: 9528
+            path: /blockchain/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-classification
+                port:
+                  number: 9528
+            path: /classification/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-cms-portal
+                port:
+                  number: 9528
+            path: /cmsportal/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-detection
+                port:
+                  number: 9528
+            path: /detection/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-dikongzhixingh5
+                port:
+                  number: 9528
+            path: /dikongzhixingh5/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-dispatchh5
+                port:
+                  number: 9528
+            path: /dispatchh5/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-emergency-rescue
+                port:
+                  number: 9528
+            path: /emergency/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-eventsh5
+                port:
+                  number: 9528
+            path: /eventsh5/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-flight-control
+                port:
+                  number: 9528
+            path: /flight-control/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-hljtt
+                port:
+                  number: 9528
+            path: /hljtt/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-hyperspectral
+                port:
+                  number: 9528
+            path: /hyper/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-iot-manager
+                port:
+                  number: 9528
+            path: /iot/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-jiangsuwenlv
+                port:
+                  number: 9528
+            path: /jiangsuwenlv/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-logistics
+                port:
+                  number: 9528
+            path: /logistics/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-media
+                port:
+                  number: 9528
+            path: /media/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-mianyangbackend
+                port:
+                  number: 9528
+            path: /mianyangbackend/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-multiterminal
+                port:
+                  number: 9528
+            path: /multiterminal/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-mws
+                port:
+                  number: 9528
+            path: /mws/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-oms
+                port:
+                  number: 9528
+            path: /oms/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-open
+                port:
+                  number: 9528
+            path: /open/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-pilot2-to-cloud
+                port:
+                  number: 9528
+            path: /pilot2cloud/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-qingdao
+                port:
+                  number: 9528
+            path: /qingdao/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-qinghaitourism
+                port:
+                  number: 9528
+            path: /qinghaitourism/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-renyike
+                port:
+                  number: 9528
+            path: /renyike/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-scanner
+                port:
+                  number: 9528
+            path: /scanner/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-security
+                port:
+                  number: 9528
+            path: /security/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-securityh5
+                port:
+                  number: 9528
+            path: /securityh5/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-seniclive
+                port:
+                  number: 9528
+            path: /seniclive/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-share
+                port:
+                  number: 9528
+            path: /share/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-smauth
+                port:
+                  number: 9528
+            path: /smauth/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-smsecret
+                port:
+                  number: 9528
+            path: /smsecret/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-splice
+                port:
+                  number: 9528
+            path: /splice/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-threedsimulation
+                port:
+                  number: 9528
+            path: /threedsimulation/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-traffic
+                port:
+                  number: 9528
+            path: /traffic/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-uas
+                port:
+                  number: 9528
+            path: /uas/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-uaskny
+                port:
+                  number: 9528
+            path: /uas/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-uasms
+                port:
+                  number: 9528
+            path: /uasms/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-uasmskny
+                port:
+                  number: 9528
+            path: /uasms/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uav-platform-visualization
+                port:
+                  number: 9528
+            path: /visualization/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uavms-platform-manager
+                port:
+                  number: 9528
+            path: /uavmsmanager/?(.*)
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: cmii-uavms-platform-security-center
+                port:
+                  number: 9528
+            path: /secenter/?(.*)
+            pathType: ImplementationSpecific
--- a/84-202605-北京三河测试/k8s-app/cmii-inference-hub.yaml
+++ b/84-202605-北京三河测试/k8s-app/cmii-inference-hub.yaml
@@ -0,0 +1,195 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app.kubernetes.io/app-version: uas-2.3
+    app.kubernetes.io/managed-by: octopus
+    cmii.app: cmii-inference-hub
+    cmii.type: backend
+    octopus/control: backend-app-1.0.0
+  name: cmii-inference-hub
+  namespace: bj-sh-uas-260511
+spec:
+  progressDeadlineSeconds: 600
+  replicas: 0
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      cmii.app: cmii-inference-hub
+      cmii.type: backend
+  strategy:
+    rollingUpdate:
+      maxSurge: 25%
+      maxUnavailable: 1
+    type: RollingUpdate
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        cmii.app: cmii-inference-hub
+        cmii.type: backend
+    spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+              - matchExpressions:
+                  - key: uavcloud.env
+                    operator: In
+                    values:
+                      - bj-sh-uas-260511
+      containers:
+        - env:
+            - name: K8S_NAMESPACE
+              value: bj-sh-uas-260511
+            - name: APPLICATION_NAME
+              value: cmii-inference-hub
+            - name: CUST_JAVA_OPTS
+              value: -Xms200m -Xmx1500m -Dlog4j2.formatMsgNoLookups=true
+            - name: NACOS_REGISTRY
+              value: helm-nacos:8848
+            - name: NACOS_DISCOVERY_IP
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.podIP
+            - name: NACOS_DISCOVERY_PORT
+              value: "8080"
+            - name: BIZ_CONFIG_GROUP
+              value: uas-2.3
+            - name: SYS_CONFIG_GROUP
+              value: uas-2.3
+            - name: NACOS_USERNAME
+              value: developer
+            - name: NACOS_PASSWORD
+              value: Deve@9128201
+            - name: IMAGE_NAME
+              value: 192.168.3.31:8088/cmii/cmii-inference-hub:2.2.0-pro-20251031
+            - name: POD_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.name
+            - name: POD_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.namespace
+            - name: NODE_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: spec.nodeName
+            - name: NODE_IP
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.hostIP
+            - name: LIMIT_CPU
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-inference-hub
+                  divisor: "0"
+                  resource: limits.cpu
+            - name: LIMIT_MEMORY
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-inference-hub
+                  divisor: "0"
+                  resource: limits.memory
+            - name: REQUEST_CPU
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-inference-hub
+                  divisor: "0"
+                  resource: requests.cpu
+            - name: REQUEST_MEMORY
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-inference-hub
+                  divisor: "0"
+                  resource: requests.memory
+          image: 192.168.3.31:8088/cmii/cmii-inference-hub:2.2.0-pro-20251031
+          imagePullPolicy: Always
+          livenessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 5
+          name: cmii-inference-hub
+          ports:
+            - containerPort: 8080
+              name: pod-port
+              protocol: TCP
+          readinessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 5
+          resources:
+            limits:
+              cpu: "2"
+              memory: 2Gi
+            requests:
+              cpu: 200m
+              memory: 200Mi
+          startupProbe:
+            failureThreshold: 5
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 3
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /cmii/logs
+              name: nfs-backend-log-volume
+              subPath: bj-sh-uas-260511/cmii-inference-hub
+      dnsPolicy: ClusterFirst
+      imagePullSecrets:
+        - name: harborsecret
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext: {}
+      terminationGracePeriodSeconds: 30
+      volumes:
+        - name: nfs-backend-log-volume
+          emptyDir: {}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app.kubernetes.io/app-version: uas-2.3
+    app.kubernetes.io/managed-by: octopus
+    cmii.app: cmii-inference-hub
+    cmii.type: backend
+    octopus/control: backend-app-1.0.0
+  name: cmii-inference-hub
+  namespace: bj-sh-uas-260511
+spec:
+  ports:
+    - name: backend-tcp
+      port: 8080
+      protocol: TCP
+      targetPort: 8080
+  selector:
+    cmii.app: cmii-inference-hub
+    cmii.type: backend
+  sessionAffinity: None
+  type: ClusterIP
--- a/84-202605-北京三河测试/k8s-app/cmii-nginx-cm.yaml
+++ b/84-202605-北京三河测试/k8s-app/cmii-nginx-cm.yaml
@@ -0,0 +1,25 @@
+---
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: nginx-cm
+  namespace: 命名空间
+  labels:
+    cmii.type: frontend
+data:
+  nginx.conf: |
+    server {
+        listen       9528;
+        server_name  localhost;
+        gzip on;
+
+        location / {
+            root   /home/cmii-platform/dist;
+            index  index.html index.htm;
+        }
+
+        error_page   500 502 503 504  /50x.html;
+        location = /50x.html {
+            root   html;
+        }
+    }
--- a/84-202605-北京三河测试/k8s-app/cmii-uas-datahub.yaml
+++ b/84-202605-北京三河测试/k8s-app/cmii-uas-datahub.yaml
@@ -0,0 +1,195 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app.kubernetes.io/app-version: uas-2.3
+    app.kubernetes.io/managed-by: octopus
+    cmii.app: cmii-uas-datahub
+    cmii.type: backend
+    octopus/control: backend-app-1.0.0
+  name: cmii-uas-datahub
+  namespace: bj-sh-uas-260511
+spec:
+  progressDeadlineSeconds: 600
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      cmii.app: cmii-uas-datahub
+      cmii.type: backend
+  strategy:
+    rollingUpdate:
+      maxSurge: 25%
+      maxUnavailable: 1
+    type: RollingUpdate
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        cmii.app: cmii-uas-datahub
+        cmii.type: backend
+    spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+              - matchExpressions:
+                  - key: uavcloud.env
+                    operator: In
+                    values:
+                      - bj-sh-uas-260511
+      containers:
+        - env:
+            - name: K8S_NAMESPACE
+              value: bj-sh-uas-260511
+            - name: APPLICATION_NAME
+              value: cmii-uas-datahub
+            - name: CUST_JAVA_OPTS
+              value: -Xms200m -Xmx1500m -XX:+UseG1GC -XX:MaxGCPauseMillis=200  -Dlog4j2.formatMsgNoLookups=true -Duser.timezone=Asia/Shanghai
+            - name: NACOS_REGISTRY
+              value: helm-nacos:8848
+            - name: NACOS_DISCOVERY_IP
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.podIP
+            - name: NACOS_DISCOVERY_PORT
+              value: "8080"
+            - name: BIZ_CONFIG_GROUP
+              value: uas-2.3
+            - name: SYS_CONFIG_GROUP
+              value: uas-2.3
+            - name: NACOS_USERNAME
+              value: developer
+            - name: NACOS_PASSWORD
+              value: Deve@9128201
+            - name: IMAGE_NAME
+              value: uas-2.3
+            - name: POD_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.name
+            - name: POD_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.namespace
+            - name: NODE_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: spec.nodeName
+            - name: NODE_IP
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.hostIP
+            - name: LIMIT_CPU
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uas-datahub
+                  divisor: "0"
+                  resource: limits.cpu
+            - name: LIMIT_MEMORY
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uas-datahub
+                  divisor: "0"
+                  resource: limits.memory
+            - name: REQUEST_CPU
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uas-datahub
+                  divisor: "0"
+                  resource: requests.cpu
+            - name: REQUEST_MEMORY
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uas-datahub
+                  divisor: "0"
+                  resource: requests.memory
+          image: 192.168.3.31:8088/cmii/cmii-uas-datahub:2.3.0-pro-20260226
+          imagePullPolicy: Always
+          livenessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 5
+          name: cmii-uas-datahub
+          ports:
+            - containerPort: 8080
+              name: pod-port
+              protocol: TCP
+          readinessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 5
+          resources:
+            limits:
+              cpu: "2"
+              memory: 2Gi
+            requests:
+              cpu: 200m
+              memory: 200Mi
+          startupProbe:
+            failureThreshold: 5
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 3
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /cmii/logs
+              name: nfs-backend-log-volume
+              subPath: bj-sh-uas-260511/cmii-uas-datahub
+      dnsPolicy: ClusterFirst
+      imagePullSecrets:
+        - name: harborsecret
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext: {}
+      terminationGracePeriodSeconds: 30
+      volumes:
+        - name: nfs-backend-log-volume
+          emptyDir: {}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app.kubernetes.io/app-version: uas-2.0
+    app.kubernetes.io/managed-by: octopus
+    cmii.app: cmii-uas-datahub
+    cmii.type: backend
+    octopus/control: backend-app-1.0.0
+  name: cmii-uas-datahub
+  namespace: bj-sh-uas-260511
+spec:
+  ports:
+    - name: backend-tcp
+      port: 8080
+      protocol: TCP
+      targetPort: 8080
+  selector:
+    cmii.app: cmii-uas-datahub
+    cmii.type: backend
+  sessionAffinity: None
+  type: ClusterIP
--- a/84-202605-北京三河测试/k8s-app/cmii-uas-fusion.yaml
+++ b/84-202605-北京三河测试/k8s-app/cmii-uas-fusion.yaml
@@ -0,0 +1,195 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app.kubernetes.io/app-version: uas-2.0
+    app.kubernetes.io/managed-by: octopus
+    cmii.app: cmii-uas-fusion
+    cmii.type: backend
+    octopus/control: backend-app-1.0.0
+  name: cmii-uas-fusion
+  namespace: bj-sh-uas-260511
+spec:
+  progressDeadlineSeconds: 600
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      cmii.app: cmii-uas-fusion
+      cmii.type: backend
+  strategy:
+    rollingUpdate:
+      maxSurge: 25%
+      maxUnavailable: 1
+    type: RollingUpdate
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        cmii.app: cmii-uas-fusion
+        cmii.type: backend
+    spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+              - matchExpressions:
+                  - key: uavcloud.env
+                    operator: In
+                    values:
+                      - bj-sh-uas-260511
+      containers:
+        - env:
+            - name: K8S_NAMESPACE
+              value: bj-sh-uas-260511
+            - name: APPLICATION_NAME
+              value: cmii-uas-fusion
+            - name: CUST_JAVA_OPTS
+              value: -Xms200m -Xmx1500m -XX:+UseG1GC -XX:MaxGCPauseMillis=200  -Dlog4j2.formatMsgNoLookups=true
+            - name: NACOS_REGISTRY
+              value: helm-nacos:8848
+            - name: NACOS_DISCOVERY_IP
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.podIP
+            - name: NACOS_DISCOVERY_PORT
+              value: "8080"
+            - name: BIZ_CONFIG_GROUP
+              value: uas-2.3
+            - name: SYS_CONFIG_GROUP
+              value: uas-2.3
+            - name: NACOS_USERNAME
+              value: developer
+            - name: NACOS_PASSWORD
+              value: Deve@9128201
+            - name: IMAGE_NAME
+              value: uas-2.3
+            - name: POD_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.name
+            - name: POD_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.namespace
+            - name: NODE_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: spec.nodeName
+            - name: NODE_IP
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.hostIP
+            - name: LIMIT_CPU
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uas-fusion
+                  divisor: "0"
+                  resource: limits.cpu
+            - name: LIMIT_MEMORY
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uas-fusion
+                  divisor: "0"
+                  resource: limits.memory
+            - name: REQUEST_CPU
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uas-fusion
+                  divisor: "0"
+                  resource: requests.cpu
+            - name: REQUEST_MEMORY
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uas-fusion
+                  divisor: "0"
+                  resource: requests.memory
+          image: 192.168.3.31:8088/cmii/cmii-uas-fusion:2.2.0-112
+          imagePullPolicy: Always
+          livenessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 5
+          name: cmii-uas-fusion
+          ports:
+            - containerPort: 8080
+              name: pod-port
+              protocol: TCP
+          readinessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 5
+          resources:
+            limits:
+              cpu: "2"
+              memory: 2Gi
+            requests:
+              cpu: 200m
+              memory: 200Mi
+          startupProbe:
+            failureThreshold: 5
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 3
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /cmii/logs
+              name: nfs-backend-log-volume
+              subPath: bj-sh-uas-260511/cmii-uas-fusion
+      dnsPolicy: ClusterFirst
+      imagePullSecrets:
+        - name: harborsecret
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext: {}
+      terminationGracePeriodSeconds: 30
+      volumes:
+        - name: nfs-backend-log-volume
+          emptyDir: {}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app.kubernetes.io/app-version: uas-2.0
+    app.kubernetes.io/managed-by: octopus
+    cmii.app: cmii-uas-fusion
+    cmii.type: backend
+    octopus/control: backend-app-1.0.0
+  name: cmii-uas-fusion
+  namespace: bj-sh-uas-260511
+spec:
+  ports:
+    - name: backend-tcp
+      port: 8080
+      protocol: TCP
+      targetPort: 8080
+  selector:
+    cmii.app: cmii-uas-fusion
+    cmii.type: backend
+  sessionAffinity: None
+  type: ClusterIP
--- a/84-202605-北京三河测试/k8s-app/cmii-uas-gateway.yaml
+++ b/84-202605-北京三河测试/k8s-app/cmii-uas-gateway.yaml
@@ -0,0 +1,195 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app.kubernetes.io/app-version: uas-2.3
+    app.kubernetes.io/managed-by: octopus
+    cmii.app: cmii-uas-gateway
+    cmii.type: backend
+    octopus/control: backend-app-1.0.0
+  name: cmii-uas-gateway
+  namespace: bj-sh-uas-260511
+spec:
+  progressDeadlineSeconds: 600
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      cmii.app: cmii-uas-gateway
+      cmii.type: backend
+  strategy:
+    rollingUpdate:
+      maxSurge: 25%
+      maxUnavailable: 1
+    type: RollingUpdate
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        cmii.app: cmii-uas-gateway
+        cmii.type: backend
+    spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+              - matchExpressions:
+                  - key: uavcloud.env
+                    operator: In
+                    values:
+                      - bj-sh-uas-260511
+      containers:
+        - env:
+            - name: K8S_NAMESPACE
+              value: bj-sh-uas-260511
+            - name: APPLICATION_NAME
+              value: cmii-uas-gateway
+            - name: CUST_JAVA_OPTS
+              value: -Xms200m -Xmx1500m -Dlog4j2.formatMsgNoLookups=true
+            - name: NACOS_REGISTRY
+              value: helm-nacos:8848
+            - name: NACOS_DISCOVERY_IP
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.podIP
+            - name: NACOS_DISCOVERY_PORT
+              value: "8080"
+            - name: BIZ_CONFIG_GROUP
+              value: uas-2.3
+            - name: SYS_CONFIG_GROUP
+              value: uas-2.3
+            - name: NACOS_USERNAME
+              value: developer
+            - name: NACOS_PASSWORD
+              value: Deve@9128201
+            - name: IMAGE_NAME
+              value: 192.168.3.31:8088/cmii/cmii-uas-gateway:2.2.0-pro-20251031
+            - name: POD_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.name
+            - name: POD_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.namespace
+            - name: NODE_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: spec.nodeName
+            - name: NODE_IP
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.hostIP
+            - name: LIMIT_CPU
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uas-gateway
+                  divisor: "0"
+                  resource: limits.cpu
+            - name: LIMIT_MEMORY
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uas-gateway
+                  divisor: "0"
+                  resource: limits.memory
+            - name: REQUEST_CPU
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uas-gateway
+                  divisor: "0"
+                  resource: requests.cpu
+            - name: REQUEST_MEMORY
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uas-gateway
+                  divisor: "0"
+                  resource: requests.memory
+          image: 192.168.3.31:8088/cmii/cmii-uas-gateway:2.3.0-pro-20260226
+          imagePullPolicy: Always
+          livenessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 5
+          name: cmii-uas-gateway
+          ports:
+            - containerPort: 8080
+              name: pod-port
+              protocol: TCP
+          readinessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 5
+          resources:
+            limits:
+              cpu: "2"
+              memory: 2Gi
+            requests:
+              cpu: 200m
+              memory: 200Mi
+          startupProbe:
+            failureThreshold: 5
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 3
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /cmii/logs
+              name: nfs-backend-log-volume
+              subPath: bj-sh-uas-260511/cmii-uas-gateway
+      dnsPolicy: ClusterFirst
+      imagePullSecrets:
+        - name: harborsecret
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext: {}
+      terminationGracePeriodSeconds: 30
+      volumes:
+        - name: nfs-backend-log-volume
+          emptyDir: {}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app.kubernetes.io/app-version: uas-2.3
+    app.kubernetes.io/managed-by: octopus
+    cmii.app: cmii-uas-gateway
+    cmii.type: backend
+    octopus/control: backend-app-1.0.0
+  name: cmii-uas-gateway
+  namespace: bj-sh-uas-260511
+spec:
+  ports:
+    - name: backend-tcp
+      port: 8080
+      protocol: TCP
+      targetPort: 8080
+  selector:
+    cmii.app: cmii-uas-gateway
+    cmii.type: backend
+  sessionAffinity: None
+  type: ClusterIP
--- a/84-202605-北京三河测试/k8s-app/cmii-uas-lifecycle.yaml
+++ b/84-202605-北京三河测试/k8s-app/cmii-uas-lifecycle.yaml
@@ -0,0 +1,195 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app.kubernetes.io/app-version: uas-2.3
+    app.kubernetes.io/managed-by: octopus
+    cmii.app: cmii-uas-lifecycle
+    cmii.type: backend
+    octopus/control: backend-app-1.0.0
+  name: cmii-uas-lifecycle
+  namespace: bj-sh-uas-260511
+spec:
+  progressDeadlineSeconds: 600
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      cmii.app: cmii-uas-lifecycle
+      cmii.type: backend
+  strategy:
+    rollingUpdate:
+      maxSurge: 25%
+      maxUnavailable: 1
+    type: RollingUpdate
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        cmii.app: cmii-uas-lifecycle
+        cmii.type: backend
+    spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+              - matchExpressions:
+                  - key: uavcloud.env
+                    operator: In
+                    values:
+                      - bj-sh-uas-260511
+      containers:
+        - env:
+            - name: K8S_NAMESPACE
+              value: bj-sh-uas-260511
+            - name: APPLICATION_NAME
+              value: cmii-uas-lifecycle
+            - name: CUST_JAVA_OPTS
+              value: -Xms1500m -Xmx5500m -Dlog4j2.formatMsgNoLookups=true
+            - name: NACOS_REGISTRY
+              value: helm-nacos:8848
+            - name: NACOS_DISCOVERY_IP
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.podIP
+            - name: NACOS_DISCOVERY_PORT
+              value: "8080"
+            - name: BIZ_CONFIG_GROUP
+              value: uas-2.3
+            - name: SYS_CONFIG_GROUP
+              value: uas-2.3
+            - name: NACOS_USERNAME
+              value: developer
+            - name: NACOS_PASSWORD
+              value: Deve@9128201
+            - name: IMAGE_NAME
+              value: 192.168.3.31:8088/cmii/cmii-uas-lifecycle:2.2.0-pro-20251120
+            - name: POD_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.name
+            - name: POD_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.namespace
+            - name: NODE_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: spec.nodeName
+            - name: NODE_IP
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.hostIP
+            - name: LIMIT_CPU
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uas-lifecycle
+                  divisor: "0"
+                  resource: limits.cpu
+            - name: LIMIT_MEMORY
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uas-lifecycle
+                  divisor: "0"
+                  resource: limits.memory
+            - name: REQUEST_CPU
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uas-lifecycle
+                  divisor: "0"
+                  resource: requests.cpu
+            - name: REQUEST_MEMORY
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uas-lifecycle
+                  divisor: "0"
+                  resource: requests.memory
+          image: 192.168.3.31:8088/cmii/cmii-uas-lifecycle:2.3.4-xa-2026042901
+          imagePullPolicy: Always
+          livenessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 5
+          name: cmii-uas-lifecycle
+          ports:
+            - containerPort: 8080
+              name: pod-port
+              protocol: TCP
+          readinessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 5
+          resources:
+            limits:
+              cpu: "6"
+              memory: 6Gi
+            requests:
+              cpu: "1"
+              memory: 1500Mi
+          startupProbe:
+            failureThreshold: 5
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 3
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /cmii/logs
+              name: nfs-backend-log-volume
+              subPath: bj-sh-uas-260511/cmii-uas-lifecycle
+      dnsPolicy: ClusterFirst
+      imagePullSecrets:
+        - name: harborsecret
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext: {}
+      terminationGracePeriodSeconds: 30
+      volumes:
+        - name: nfs-backend-log-volume
+          emptyDir: {}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app.kubernetes.io/app-version: uas-2.3
+    app.kubernetes.io/managed-by: octopus
+    cmii.app: cmii-uas-lifecycle
+    cmii.type: backend
+    octopus/control: backend-app-1.0.0
+  name: cmii-uas-lifecycle
+  namespace: bj-sh-uas-260511
+spec:
+  ports:
+    - name: backend-tcp
+      port: 8080
+      protocol: TCP
+      targetPort: 8080
+  selector:
+    cmii.app: cmii-uas-lifecycle
+    cmii.type: backend
+  sessionAffinity: None
+  type: ClusterIP
--- a/84-202605-北京三河测试/k8s-app/cmii-uas-perception-live.yaml
+++ b/84-202605-北京三河测试/k8s-app/cmii-uas-perception-live.yaml
@@ -0,0 +1,195 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app.kubernetes.io/app-version: uas-2.3
+    app.kubernetes.io/managed-by: octopus
+    cmii.app: cmii-uas-perception-live
+    cmii.type: backend
+    octopus/control: backend-app-1.0.0
+  name: cmii-uas-perception-live
+  namespace: bj-sh-uas-260511
+spec:
+  progressDeadlineSeconds: 600
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      cmii.app: cmii-uas-perception-live
+      cmii.type: backend
+  strategy:
+    rollingUpdate:
+      maxSurge: 25%
+      maxUnavailable: 1
+    type: RollingUpdate
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        cmii.app: cmii-uas-perception-live
+        cmii.type: backend
+    spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+              - matchExpressions:
+                  - key: uavcloud.env
+                    operator: In
+                    values:
+                      - bj-sh-uas-260511
+      containers:
+        - env:
+            - name: K8S_NAMESPACE
+              value: bj-sh-uas-260511
+            - name: APPLICATION_NAME
+              value: cmii-uas-perception-live
+            - name: CUST_JAVA_OPTS
+              value: -Xms200m -Xmx1500m -Dlog4j2.formatMsgNoLookups=true
+            - name: NACOS_REGISTRY
+              value: helm-nacos:8848
+            - name: NACOS_DISCOVERY_IP
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.podIP
+            - name: NACOS_DISCOVERY_PORT
+              value: "8080"
+            - name: BIZ_CONFIG_GROUP
+              value: uas-2.3
+            - name: SYS_CONFIG_GROUP
+              value: uas-2.3
+            - name: NACOS_USERNAME
+              value: developer
+            - name: NACOS_PASSWORD
+              value: Deve@9128201
+            - name: IMAGE_NAME
+              value: 192.168.3.31:8088/cmii/cmii-uas-perception-live:2.2.0-pro-20251031
+            - name: POD_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.name
+            - name: POD_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.namespace
+            - name: NODE_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: spec.nodeName
+            - name: NODE_IP
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.hostIP
+            - name: LIMIT_CPU
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uas-perception-live
+                  divisor: "0"
+                  resource: limits.cpu
+            - name: LIMIT_MEMORY
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uas-perception-live
+                  divisor: "0"
+                  resource: limits.memory
+            - name: REQUEST_CPU
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uas-perception-live
+                  divisor: "0"
+                  resource: requests.cpu
+            - name: REQUEST_MEMORY
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uas-perception-live
+                  divisor: "0"
+                  resource: requests.memory
+          image: 192.168.3.31:8088/cmii/cmii-uas-perception-live:2.3.0-pro-2.3.1-0428-04
+          imagePullPolicy: Always
+          livenessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 5
+          name: cmii-uas-perception-live
+          ports:
+            - containerPort: 8080
+              name: pod-port
+              protocol: TCP
+          readinessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 5
+          resources:
+            limits:
+              cpu: "2"
+              memory: 2Gi
+            requests:
+              cpu: 200m
+              memory: 200Mi
+          startupProbe:
+            failureThreshold: 5
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 3
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /cmii/logs
+              name: nfs-backend-log-volume
+              subPath: bj-sh-uas-260511/cmii-uas-perception-live
+      dnsPolicy: ClusterFirst
+      imagePullSecrets:
+        - name: harborsecret
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext: {}
+      terminationGracePeriodSeconds: 30
+      volumes:
+        - name: nfs-backend-log-volume
+          emptyDir: {}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app.kubernetes.io/app-version: uas-2.3
+    app.kubernetes.io/managed-by: octopus
+    cmii.app: cmii-uas-perception-live
+    cmii.type: backend
+    octopus/control: backend-app-1.0.0
+  name: cmii-uas-perception-live
+  namespace: bj-sh-uas-260511
+spec:
+  ports:
+    - name: backend-tcp
+      port: 8080
+      protocol: TCP
+      targetPort: 8080
+  selector:
+    cmii.app: cmii-uas-perception-live
+    cmii.type: backend
+  sessionAffinity: None
+  type: ClusterIP
--- a/84-202605-北京三河测试/k8s-app/cmii-uav-data-center.yaml
+++ b/84-202605-北京三河测试/k8s-app/cmii-uav-data-center.yaml
@@ -0,0 +1,195 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app.kubernetes.io/app-version: uas-2.3
+    app.kubernetes.io/managed-by: octopus
+    cmii.app: cmii-uav-data-center
+    cmii.type: backend
+    octopus/control: backend-app-1.0.0
+  name: cmii-uav-data-center
+  namespace: bj-sh-uas-260511
+spec:
+  progressDeadlineSeconds: 600
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      cmii.app: cmii-uav-data-center
+      cmii.type: backend
+  strategy:
+    rollingUpdate:
+      maxSurge: 25%
+      maxUnavailable: 1
+    type: RollingUpdate
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        cmii.app: cmii-uav-data-center
+        cmii.type: backend
+    spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+              - matchExpressions:
+                  - key: uavcloud.env
+                    operator: In
+                    values:
+                      - bj-sh-uas-260511
+      containers:
+        - env:
+            - name: K8S_NAMESPACE
+              value: bj-sh-uas-260511
+            - name: APPLICATION_NAME
+              value: cmii-uav-data-center
+            - name: CUST_JAVA_OPTS
+              value: -Xms1024m -Xmx3072m -XX:+UseG1GC -XX:MaxGCPauseMillis=200  -Dlog4j2.formatMsgNoLookups=true -Duser.timezone=Asia/Shanghai
+            - name: NACOS_REGISTRY
+              value: helm-nacos:8848
+            - name: NACOS_DISCOVERY_IP
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.podIP
+            - name: NACOS_DISCOVERY_PORT
+              value: "8080"
+            - name: BIZ_CONFIG_GROUP
+              value: uas-2.3
+            - name: SYS_CONFIG_GROUP
+              value: uas-2.3
+            - name: NACOS_USERNAME
+              value: developer
+            - name: NACOS_PASSWORD
+              value: Deve@9128201
+            - name: IMAGE_NAME
+              value: uas-2.3
+            - name: POD_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.name
+            - name: POD_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.namespace
+            - name: NODE_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: spec.nodeName
+            - name: NODE_IP
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.hostIP
+            - name: LIMIT_CPU
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uav-data-center
+                  divisor: "0"
+                  resource: limits.cpu
+            - name: LIMIT_MEMORY
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uav-data-center
+                  divisor: "0"
+                  resource: limits.memory
+            - name: REQUEST_CPU
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uav-data-center
+                  divisor: "0"
+                  resource: requests.cpu
+            - name: REQUEST_MEMORY
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uav-data-center
+                  divisor: "0"
+                  resource: requests.memory
+          image: 192.168.3.31:8088/cmii/cmii-uav-data-center:2.3.3-xa-260402
+          imagePullPolicy: Always
+          livenessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 5
+          name: cmii-uav-data-center
+          ports:
+            - containerPort: 8080
+              name: pod-port
+              protocol: TCP
+          readinessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 5
+          resources:
+            limits:
+              cpu: "2"
+              memory: 4Gi
+            requests:
+              cpu: 200m
+              memory: 200Mi
+          startupProbe:
+            failureThreshold: 5
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 3
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /cmii/logs
+              name: nfs-backend-log-volume
+              subPath: bj-sh-uas-260511/cmii-uav-data-center
+      dnsPolicy: ClusterFirst
+      imagePullSecrets:
+        - name: harborsecret
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext: {}
+      terminationGracePeriodSeconds: 30
+      volumes:
+        - name: nfs-backend-log-volume
+          emptyDir: {}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app.kubernetes.io/app-version: uas-2.3
+    app.kubernetes.io/managed-by: octopus
+    cmii.app: cmii-uav-data-center
+    cmii.type: backend
+    octopus/control: backend-app-1.0.0
+  name: cmii-uav-data-center
+  namespace: bj-sh-uas-260511
+spec:
+  ports:
+    - name: backend-tcp
+      port: 8080
+      protocol: TCP
+      targetPort: 8080
+  selector:
+    cmii.app: cmii-uav-data-center
+    cmii.type: backend
+  sessionAffinity: None
+  type: ClusterIP
--- a/84-202605-北京三河测试/k8s-app/cmii-uav-iot-dispatcher.yaml
+++ b/84-202605-北京三河测试/k8s-app/cmii-uav-iot-dispatcher.yaml
@@ -0,0 +1,207 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app.kubernetes.io/app-version: uas-2.3
+    app.kubernetes.io/managed-by: octopus
+    cmii.app: cmii-uav-iot-dispatcher
+    cmii.type: backend
+    octopus/control: backend-app-1.0.0
+  name: cmii-uav-iot-dispatcher
+  namespace: bj-sh-uas-260511
+spec:
+  progressDeadlineSeconds: 600
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      cmii.app: cmii-uav-iot-dispatcher
+      cmii.type: backend
+  strategy:
+    rollingUpdate:
+      maxSurge: 25%
+      maxUnavailable: 1
+    type: RollingUpdate
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        cmii.app: cmii-uav-iot-dispatcher
+        cmii.type: backend
+    spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+              - matchExpressions:
+                  - key: uavcloud.env
+                    operator: In
+                    values:
+                      - bj-sh-uas-260511
+      containers:
+        - env:
+            - name: ENV
+              value: production
+            - name: NACOS_SYSTEM_CONFIG_NAME
+              value: cmii-backend-system
+            - name: NACOS_SERVICE_CONFIG_NAME
+              value: cmii-uav-iot-dispatcher
+            - name: NACOS_SERVER_ADDRESS
+              value: helm-nacos:8848
+            - name: NACOS_NAMESPACE_ID
+              value: public
+            - name: K8S_NAMESPACE
+              value: bj-sh-uas-260511
+            - name: APPLICATION_NAME
+              value: cmii-uav-iot-dispatcher
+            - name: IMAGE_VERSION
+              value: uas-2.3
+            - name: CUST_JAVA_OPTS
+              value: -Xms200m -Xmx1500m -Dlog4j2.formatMsgNoLookups=true
+            - name: NACOS_REGISTRY
+              value: helm-nacos:8848
+            - name: NACOS_DISCOVERY_IP
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.podIP
+            - name: NACOS_DISCOVERY_PORT
+              value: "8080"
+            - name: BIZ_CONFIG_GROUP
+              value: uas-2.3
+            - name: SYS_CONFIG_GROUP
+              value: uas-2.3
+            - name: NACOS_USERNAME
+              value: developer
+            - name: NACOS_PASSWORD
+              value: Deve@9128201
+            - name: IMAGE_NAME
+              value: 192.168.3.31:8088/cmii/cmii-uav-iot-dispatcher:2.2.0-pro-20251104
+            - name: POD_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.name
+            - name: POD_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.namespace
+            - name: NODE_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: spec.nodeName
+            - name: NODE_IP
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.hostIP
+            - name: LIMIT_CPU
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uav-iot-dispatcher
+                  divisor: "0"
+                  resource: limits.cpu
+            - name: LIMIT_MEMORY
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uav-iot-dispatcher
+                  divisor: "0"
+                  resource: limits.memory
+            - name: REQUEST_CPU
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uav-iot-dispatcher
+                  divisor: "0"
+                  resource: requests.cpu
+            - name: REQUEST_MEMORY
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uav-iot-dispatcher
+                  divisor: "0"
+                  resource: requests.memory
+          image: 192.168.3.31:8088/cmii/cmii-uav-iot-dispatcher:2.3.0-20260211-fix-live-record-v4
+          imagePullPolicy: Always
+          livenessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 5
+          name: cmii-uav-iot-dispatcher
+          ports:
+            - containerPort: 8080
+              name: pod-port
+              protocol: TCP
+          readinessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 5
+          resources:
+            limits:
+              cpu: "2"
+              memory: 2Gi
+            requests:
+              cpu: 200m
+              memory: 200Mi
+          startupProbe:
+            failureThreshold: 5
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 3
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /cmii/logs
+              name: nfs-backend-log-volume
+              subPath: bj-sh-uas-260511/cmii-uav-iot-dispatcher
+      dnsPolicy: ClusterFirst
+      imagePullSecrets:
+        - name: harborsecret
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext: {}
+      terminationGracePeriodSeconds: 30
+      volumes:
+        - name: nfs-backend-log-volume
+          emptyDir: {}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app.kubernetes.io/app-version: uas-2.3
+    app.kubernetes.io/managed-by: octopus
+    cmii.app: cmii-uav-iot-dispatcher
+    cmii.type: backend
+    octopus/control: backend-app-1.0.0
+  name: cmii-uav-iot-dispatcher
+  namespace: bj-sh-uas-260511
+spec:
+  ports:
+    - name: backend-tcp
+      port: 8080
+      protocol: TCP
+      targetPort: 8080
+  selector:
+    cmii.app: cmii-uav-iot-dispatcher
+    cmii.type: backend
+  sessionAffinity: None
+  type: ClusterIP
--- a/84-202605-北京三河测试/k8s-app/cmii-uav-material-warehouse.yaml
+++ b/84-202605-北京三河测试/k8s-app/cmii-uav-material-warehouse.yaml
@@ -0,0 +1,195 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app.kubernetes.io/app-version: uas-2.3
+    app.kubernetes.io/managed-by: octopus
+    cmii.app: cmii-uav-material-warehouse
+    cmii.type: backend
+    octopus/control: backend-app-1.0.0
+  name: cmii-uav-material-warehouse
+  namespace: bj-sh-uas-260511
+spec:
+  progressDeadlineSeconds: 600
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      cmii.app: cmii-uav-material-warehouse
+      cmii.type: backend
+  strategy:
+    rollingUpdate:
+      maxSurge: 25%
+      maxUnavailable: 1
+    type: RollingUpdate
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        cmii.app: cmii-uav-material-warehouse
+        cmii.type: backend
+    spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+              - matchExpressions:
+                  - key: uavcloud.env
+                    operator: In
+                    values:
+                      - bj-sh-uas-260511
+      containers:
+        - env:
+            - name: K8S_NAMESPACE
+              value: bj-sh-uas-260511
+            - name: APPLICATION_NAME
+              value: cmii-uav-material-warehouse
+            - name: CUST_JAVA_OPTS
+              value: -Xms200m -Xmx1500m -Dlog4j2.formatMsgNoLookups=true
+            - name: NACOS_REGISTRY
+              value: helm-nacos:8848
+            - name: NACOS_DISCOVERY_IP
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.podIP
+            - name: NACOS_DISCOVERY_PORT
+              value: "8080"
+            - name: BIZ_CONFIG_GROUP
+              value: uas-2.3
+            - name: SYS_CONFIG_GROUP
+              value: uas-2.3
+            - name: NACOS_USERNAME
+              value: developer
+            - name: NACOS_PASSWORD
+              value: Deve@9128201
+            - name: IMAGE_NAME
+              value: 192.168.3.31:8088/cmii/cmii-uav-material-warehouse:2.2.0-pro-20251104
+            - name: POD_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.name
+            - name: POD_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.namespace
+            - name: NODE_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: spec.nodeName
+            - name: NODE_IP
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.hostIP
+            - name: LIMIT_CPU
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uav-material-warehouse
+                  divisor: "0"
+                  resource: limits.cpu
+            - name: LIMIT_MEMORY
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uav-material-warehouse
+                  divisor: "0"
+                  resource: limits.memory
+            - name: REQUEST_CPU
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uav-material-warehouse
+                  divisor: "0"
+                  resource: requests.cpu
+            - name: REQUEST_MEMORY
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uav-material-warehouse
+                  divisor: "0"
+                  resource: requests.memory
+          image: 192.168.3.31:8088/cmii/cmii-uav-material-warehouse:2.3.0-pro-20260225
+          imagePullPolicy: Always
+          livenessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 5
+          name: cmii-uav-material-warehouse
+          ports:
+            - containerPort: 8080
+              name: pod-port
+              protocol: TCP
+          readinessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 5
+          resources:
+            limits:
+              cpu: "2"
+              memory: 2Gi
+            requests:
+              cpu: 200m
+              memory: 200Mi
+          startupProbe:
+            failureThreshold: 5
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 3
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /cmii/logs
+              name: nfs-backend-log-volume
+              subPath: bj-sh-uas-260511/cmii-uav-material-warehouse
+      dnsPolicy: ClusterFirst
+      imagePullSecrets:
+        - name: harborsecret
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext: {}
+      terminationGracePeriodSeconds: 30
+      volumes:
+        - name: nfs-backend-log-volume
+          emptyDir: {}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app.kubernetes.io/app-version: uas-2.3
+    app.kubernetes.io/managed-by: octopus
+    cmii.app: cmii-uav-material-warehouse
+    cmii.type: backend
+    octopus/control: backend-app-1.0.0
+  name: cmii-uav-material-warehouse
+  namespace: bj-sh-uas-260511
+spec:
+  ports:
+    - name: backend-tcp
+      port: 8080
+      protocol: TCP
+      targetPort: 8080
+  selector:
+    cmii.app: cmii-uav-material-warehouse
+    cmii.type: backend
+  sessionAffinity: None
+  type: ClusterIP
--- a/84-202605-北京三河测试/k8s-app/cmii-uav-platform-uas.yaml
+++ b/84-202605-北京三河测试/k8s-app/cmii-uav-platform-uas.yaml
@@ -0,0 +1,125 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app.kubernetes.io/app-version: uas-2.3
+    cmii.app: cmii-uav-platform-uas
+    cmii.type: frontend
+    octopus.control: frontend-app-wdd
+  name: cmii-uav-platform-uas
+  namespace: bj-sh-uas-260511
+spec:
+  progressDeadlineSeconds: 600
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      cmii.app: cmii-uav-platform-uas
+      cmii.type: frontend
+  strategy:
+    rollingUpdate:
+      maxSurge: 25%
+      maxUnavailable: 1
+    type: RollingUpdate
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        cmii.app: cmii-uav-platform-uas
+        cmii.type: frontend
+    spec:
+      containers:
+        - env:
+            - name: K8S_NAMESPACE
+              value: bj-sh-uas-260511
+            - name: APPLICATION_NAME
+              value: cmii-uav-platform-uas
+          image: 192.168.3.31:8088/cmii/cmii-uav-platform-uas:2.3.4-xa-20260427
+          imagePullPolicy: Always
+          name: cmii-uav-platform-uas
+          ports:
+            - containerPort: 9528
+              name: platform-9528
+              protocol: TCP
+          resources:
+            limits:
+              cpu: "1"
+              memory: 1Gi
+            requests:
+              cpu: 50m
+              memory: 50Mi
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /etc/nginx/conf.d/nginx.conf
+              name: nginx-conf
+              subPath: nginx.conf
+            - mountPath: /home/cmii-platform/dist/ingress-config.js
+              name: tenant-prefix
+              subPath: ingress-config.js
+      dnsPolicy: ClusterFirst
+      imagePullSecrets:
+        - name: harborsecret
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext: {}
+      terminationGracePeriodSeconds: 30
+      volumes:
+        - configMap:
+            defaultMode: 420
+            items:
+              - key: nginx.conf
+                path: nginx.conf
+            name: nginx-cm
+          name: nginx-conf
+        - configMap:
+            defaultMode: 420
+            items:
+              - key: ingress-config.js
+                path: ingress-config.js
+            name: tenant-prefix-uas
+          name: tenant-prefix
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app.kubernetes.io/version: uas-2.3
+    cmii.app: cmii-uav-platform-uas
+    cmii.type: frontend
+    octopus.control: frontend-app-wdd
+  name: cmii-uav-platform-uas
+  namespace: bj-sh-uas-260511
+spec:
+  ports:
+    - name: web-svc-port
+      port: 9528
+      protocol: TCP
+      targetPort: 9528
+  selector:
+    cmii.app: cmii-uav-platform-uas
+    cmii.type: frontend
+  sessionAffinity: None
+  type: ClusterIP
+---
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: tenant-prefix-uas
+  namespace: bj-sh-uas-260511
+data:
+  ingress-config.js: |-
+    var __GlobalIngressConfig = {
+        TenantEnvironment: "",
+        CloudHOST: "实际公网入口CloudHOST",
+        ApplicationShortName: "uas",
+        TdtToken: '0b0f172571340ced0900bf2fd08cdbfd',
+        AppClientId: "empty",
+        brandConfig: {
+            title: '三河低空应用公共服务平台'
+        },
+        MapConfigs:{
+            center: [115.941198, 39.049656]
+        }
+    }
--- a/84-202605-北京三河测试/k8s-app/cmii-uav-platform-uasms.yaml
+++ b/84-202605-北京三河测试/k8s-app/cmii-uav-platform-uasms.yaml
@@ -0,0 +1,127 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app.kubernetes.io/app-version: uas-2.3
+    cmii.app: cmii-uav-platform-uasms
+    cmii.type: frontend
+    octopus.control: frontend-app-wdd
+  name: cmii-uav-platform-uasms
+  namespace: bj-sh-uas-260511
+spec:
+  progressDeadlineSeconds: 600
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      cmii.app: cmii-uav-platform-uasms
+      cmii.type: frontend
+  strategy:
+    rollingUpdate:
+      maxSurge: 25%
+      maxUnavailable: 1
+    type: RollingUpdate
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        cmii.app: cmii-uav-platform-uasms
+        cmii.type: frontend
+    spec:
+      containers:
+        - env:
+            - name: K8S_NAMESPACE
+              value: bj-sh-uas-260511
+            - name: APPLICATION_NAME
+              value: cmii-uav-platform-uasms
+          image: 192.168.3.31:8088/cmii/cmii-uav-platform-uasms:2.3.4-xa-2026050801
+          imagePullPolicy: Always
+          name: cmii-uav-platform-uasms
+          ports:
+            - containerPort: 9528
+              name: platform-9528
+              protocol: TCP
+          resources:
+            limits:
+              cpu: "1"
+              memory: 1Gi
+            requests:
+              cpu: 50m
+              memory: 50Mi
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /etc/nginx/conf.d/nginx.conf
+              name: nginx-conf
+              subPath: nginx.conf
+            - mountPath: /home/cmii-platform/dist/ingress-config.js
+              name: tenant-prefix
+              subPath: ingress-config.js
+      dnsPolicy: ClusterFirst
+      imagePullSecrets:
+        - name: harborsecret
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext: {}
+      terminationGracePeriodSeconds: 30
+      volumes:
+        - configMap:
+            defaultMode: 420
+            items:
+              - key: nginx.conf
+                path: nginx.conf
+            name: nginx-cm
+          name: nginx-conf
+        - configMap:
+            defaultMode: 420
+            items:
+              - key: ingress-config.js
+                path: ingress-config.js
+            name: tenant-prefix-uasms
+          name: tenant-prefix
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app.kubernetes.io/version: uas-2.3
+    cmii.app: cmii-uav-platform-uasms
+    cmii.type: frontend
+    octopus.control: frontend-app-wdd
+  name: cmii-uav-platform-uasms
+  namespace: bj-sh-uas-260511
+spec:
+  ports:
+    - name: web-svc-port
+      port: 9528
+      protocol: TCP
+      targetPort: 9528
+  selector:
+    cmii.app: cmii-uav-platform-uasms
+    cmii.type: frontend
+  sessionAffinity: None
+  type: ClusterIP
+---
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: tenant-prefix-uasms
+  namespace: bj-sh-uas-260511
+data:
+  ingress-config.js: |-
+    var __GlobalIngressConfig = {
+        TenantEnvironment: "",
+        CloudHOST: "实际公网入口CloudHOST",
+        ApplicationShortName: "uasms",
+        TdtToken: '1f905fbf3a730cecc43256a87afaa2b8',
+        AppClientId: "empty",
+        brandConfig: {
+            title: '三河低空应用公共服务平台',
+            name: '',
+            logoImg: './security.png'
+        },
+        MapConfigs:{
+            center: [115.941198, 39.049656]
+        }
+    }
--- a/84-202605-北京三河测试/k8s-app/cmii-uav-sense-adapter.yaml
+++ b/84-202605-北京三河测试/k8s-app/cmii-uav-sense-adapter.yaml
@@ -0,0 +1,211 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app.kubernetes.io/app-version: uas-2.3
+    app.kubernetes.io/managed-by: octopus
+    cmii.app: cmii-uav-sense-adapter
+    cmii.type: backend
+    octopus/control: backend-app-1.0.0
+  name: cmii-uav-sense-adapter
+  namespace: bj-sh-uas-260511
+spec:
+  progressDeadlineSeconds: 600
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      cmii.app: cmii-uav-sense-adapter
+      cmii.type: backend
+  strategy:
+    rollingUpdate:
+      maxSurge: 25%
+      maxUnavailable: 1
+    type: RollingUpdate
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        cmii.app: cmii-uav-sense-adapter
+        cmii.type: backend
+    spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+              - matchExpressions:
+                  - key: uavcloud.env
+                    operator: In
+                    values:
+                      - bj-sh-uas-260511
+      containers:
+        - env:
+            - name: K8S_NAMESPACE
+              value: bj-sh-uas-260511
+            - name: APPLICATION_NAME
+              value: cmii-uav-sense-adapter
+            - name: CUST_JAVA_OPTS
+              value: -Xms200m -Xmx1500m -Dlog4j2.formatMsgNoLookups=true
+            - name: NACOS_REGISTRY
+              value: helm-nacos:8848
+            - name: NACOS_DISCOVERY_IP
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.podIP
+            - name: NACOS_DISCOVERY_PORT
+              value: "8080"
+            - name: BIZ_CONFIG_GROUP
+              value: uas-2.3
+            - name: SYS_CONFIG_GROUP
+              value: uas-2.3
+            - name: NACOS_USERNAME
+              value: developer
+            - name: NACOS_PASSWORD
+              value: Deve@9128201
+            - name: IMAGE_NAME
+              value: 192.168.3.31:8088/cmii/cmii-uav-sense-adapter:2.2.0-pro-20251031
+            - name: POD_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.name
+            - name: POD_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.namespace
+            - name: NODE_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: spec.nodeName
+            - name: NODE_IP
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.hostIP
+            - name: LIMIT_CPU
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uav-sense-adapter
+                  divisor: "0"
+                  resource: limits.cpu
+            - name: LIMIT_MEMORY
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uav-sense-adapter
+                  divisor: "0"
+                  resource: limits.memory
+            - name: REQUEST_CPU
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uav-sense-adapter
+                  divisor: "0"
+                  resource: requests.cpu
+            - name: REQUEST_MEMORY
+              valueFrom:
+                resourceFieldRef:
+                  containerName: cmii-uav-sense-adapter
+                  divisor: "0"
+                  resource: requests.memory
+          image: 192.168.3.31:8088/cmii/cmii-uav-sense-adapter:2.2.0-pro-20251031
+          imagePullPolicy: Always
+          livenessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 5
+          name: cmii-uav-sense-adapter
+          ports:
+            - name: pod-port
+              containerPort: 8080
+              protocol: TCP
+            - name: tcp8010
+              containerPort: 8010
+              protocol: TCP
+            - name: udp8011
+              containerPort: 8011
+              protocol: UDP
+          readinessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 5
+          resources:
+            limits:
+              cpu: "2"
+              memory: 2Gi
+            requests:
+              cpu: 200m
+              memory: 200Mi
+          startupProbe:
+            failureThreshold: 5
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 20
+            successThreshold: 1
+            timeoutSeconds: 3
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /cmii/logs
+              name: nfs-backend-log-volume
+              subPath: bj-sh-uas-260511/cmii-uav-sense-adapter
+      dnsPolicy: ClusterFirst
+      imagePullSecrets:
+        - name: harborsecret
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext: {}
+      terminationGracePeriodSeconds: 30
+      volumes:
+        - name: nfs-backend-log-volume
+          emptyDir: {}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app.kubernetes.io/app-version: uas-2.3
+    app.kubernetes.io/managed-by: octopus
+    cmii.app: cmii-uav-sense-adapter
+    cmii.type: backend
+    octopus/control: backend-app-1.0.0
+  name: cmii-uav-sense-adapter
+  namespace: bj-sh-uas-260511
+spec:
+  ports:
+    - name: backend-tcp
+      protocol: TCP
+      port: 8080
+      targetPort: 8080
+    - name: tcp-8010
+      protocol: TCP
+      port: 8010
+      targetPort: 8010
+      nodePort: 31554
+    - name: tcp-8011
+      protocol: UDP
+      port: 8011
+      targetPort: 8011
+      nodePort: 31556
+  selector:
+    cmii.app: cmii-uav-sense-adapter
+    cmii.type: backend
+  sessionAffinity: None
+  type: NodePort
--- a/84-202605-北京三河测试/k8s-app/doris-cluster-be.yaml
+++ b/84-202605-北京三河测试/k8s-app/doris-cluster-be.yaml
@@ -0,0 +1,207 @@
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  labels:
+    app.kubernetes.io/component: doris-cluster-be
+  name: doris-cluster-be
+  namespace: bj-sh-uas-260511
+spec:
+  persistentVolumeClaimRetentionPolicy:
+    whenDeleted: Retain
+    whenScaled: Retain
+  podManagementPolicy: Parallel
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      app.kubernetes.io/component: doris-cluster-be
+  serviceName: doris-cluster-be-internal
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        app.kubernetes.io/component: doris-cluster-be
+      name: doris-cluster-be
+    spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+              - matchExpressions:
+                  - key: doris-be
+                    operator: In
+                    values:
+                      - "true"
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+            - podAffinityTerm:
+                labelSelector:
+                  matchExpressions:
+                    - key: app.kubernetes.io/component
+                      operator: In
+                      values:
+                        - doris-cluster-be
+                topologyKey: kubernetes.io/hostname
+              weight: 100
+      containers:
+        - args:
+            - $(ENV_FE_ADDR)
+          command:
+            - /opt/apache-doris/be_entrypoint.sh
+          env:
+            - name: POD_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.name
+            - name: POD_IP
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.podIP
+            - name: HOST_IP
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.hostIP
+            - name: POD_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.namespace
+            - name: CONFIGMAP_MOUNT_PATH
+              value: /etc/doris
+            - name: USER
+              value: root
+            - name: DORIS_ROOT
+              value: /opt/apache-doris
+            - name: ENV_FE_ADDR
+              value: doris-cluster-fe-service
+            - name: FE_QUERY_PORT
+              value: "9030"
+          image: 192.168.3.31:8088/cmii/doris.be-ubuntu:2.1.6
+          imagePullPolicy: IfNotPresent
+          lifecycle:
+            preStop:
+              exec:
+                command:
+                  - /opt/apache-doris/be_prestop.sh
+          livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 80
+            periodSeconds: 5
+            successThreshold: 1
+            tcpSocket:
+              port: 9050
+            timeoutSeconds: 180
+          name: be
+          ports:
+            - containerPort: 9060
+              name: be-port
+              protocol: TCP
+            - containerPort: 8040
+              name: webserver-port
+              protocol: TCP
+            - containerPort: 9050
+              name: heartbeat-port
+              protocol: TCP
+            - containerPort: 8060
+              name: brpc-port
+              protocol: TCP
+          readinessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /api/health
+              port: 8040
+              scheme: HTTP
+            periodSeconds: 5
+            successThreshold: 1
+            timeoutSeconds: 1
+          resources:
+            limits:
+              cpu: "8"
+              memory: 28Gi
+            requests:
+              cpu: "2"
+              memory: 16Gi
+          securityContext:
+            capabilities:
+              add:
+                - SYS_RESOURCE
+                - IPC_LOCK
+            runAsUser: 0
+          startupProbe:
+            failureThreshold: 60
+            periodSeconds: 5
+            successThreshold: 1
+            tcpSocket:
+              port: 9050
+            timeoutSeconds: 1
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /etc/podinfo
+              name: podinfo
+            - mountPath: /opt/apache-doris/be/storage
+              name: be-storage
+            - mountPath: /opt/apache-doris/be/log
+              name: be-log
+            - mountPath: /etc/doris
+              name: doris-cluster-be-conf
+      dnsPolicy: ClusterFirst
+      hostname: $(POD_NAME)
+      imagePullSecrets:
+        - name: harborsecret
+      initContainers:
+        - args:
+            - -c
+            - sysctl -w vm.max_map_count=2000000 ; swapoff -a ; ulimit -n 655350
+          command:
+            - /bin/sh
+          image: 192.168.3.31:8088/cmii/alpine:3.23.0
+          imagePullPolicy: IfNotPresent
+          name: default-init
+          resources:
+            limits:
+              cpu: "1"
+              memory: 1Gi
+            requests:
+              cpu: 500m
+              memory: 500Mi
+          securityContext:
+            privileged: true
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext: {}
+      subdomain: doris-cluster-be-internal
+      terminationGracePeriodSeconds: 30
+      volumes:
+        - downwardAPI:
+            defaultMode: 420
+            items:
+              - fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.labels
+                path: labels
+              - fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.annotations
+                path: annotations
+          name: podinfo
+        - configMap:
+            defaultMode: 420
+            name: doris-cluster-be-conf
+          name: doris-cluster-be-conf
+        - name: be-storage
+          persistentVolumeClaim:
+            claimName: doris-be-storage-pvc
+        - name: be-log
+          persistentVolumeClaim:
+            claimName: doris-fe-log-pvc
+  updateStrategy:
+    rollingUpdate:
+      partition: 0
+    type: RollingUpdate
--- a/84-202605-北京三河测试/k8s-app/doris-cluster-fe.yaml
+++ b/84-202605-北京三河测试/k8s-app/doris-cluster-fe.yaml
@@ -0,0 +1,173 @@
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  labels:
+    app.kubernetes.io/component: doris-cluster-fe
+  name: doris-cluster-fe
+  namespace: bj-sh-uas-260511
+spec:
+  persistentVolumeClaimRetentionPolicy:
+    whenDeleted: Retain
+    whenScaled: Retain
+  podManagementPolicy: Parallel
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      app.kubernetes.io/component: doris-cluster-fe
+  serviceName: doris-cluster-fe-internal
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        app.kubernetes.io/component: doris-cluster-fe
+      name: doris-cluster-fe
+    spec:
+      affinity:
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+            - podAffinityTerm:
+                labelSelector:
+                  matchExpressions:
+                    - key: app.kubernetes.io/component
+                      operator: In
+                      values:
+                        - doris-cluster-fe
+                topologyKey: kubernetes.io/hostname
+              weight: 100
+      containers:
+        - args:
+            - $(ENV_FE_ADDR)
+          command:
+            - /opt/apache-doris/fe_entrypoint.sh
+          env:
+            - name: POD_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.name
+            - name: POD_IP
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.podIP
+            - name: HOST_IP
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.hostIP
+            - name: POD_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.namespace
+            - name: CONFIGMAP_MOUNT_PATH
+              value: /etc/doris
+            - name: USER
+              value: root
+            - name: DORIS_ROOT
+              value: /opt/apache-doris
+            - name: ENV_FE_ADDR
+              value: doris-cluster-fe-service
+            - name: FE_QUERY_PORT
+              value: "9030"
+            - name: ELECT_NUMBER
+              value: "3"
+          image: 192.168.3.31:8088/cmii/doris.fe-ubuntu:2.1.6
+          imagePullPolicy: IfNotPresent
+          lifecycle:
+            preStop:
+              exec:
+                command:
+                  - /opt/apache-doris/fe_prestop.sh
+          livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 80
+            periodSeconds: 5
+            successThreshold: 1
+            tcpSocket:
+              port: 9030
+            timeoutSeconds: 180
+          name: doris-cluster-fe
+          ports:
+            - containerPort: 8030
+              name: http-port
+              protocol: TCP
+            - containerPort: 9020
+              name: rpc-port
+              protocol: TCP
+            - containerPort: 9030
+              name: query-port
+              protocol: TCP
+            - containerPort: 9010
+              name: edit-log-port
+              protocol: TCP
+          readinessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /api/health
+              port: 8030
+              scheme: HTTP
+            periodSeconds: 5
+            successThreshold: 1
+            timeoutSeconds: 1
+          resources:
+            limits:
+              cpu: "4"
+              memory: 4Gi
+            requests:
+              cpu: "1"
+              memory: 2Gi
+          startupProbe:
+            failureThreshold: 60
+            periodSeconds: 5
+            successThreshold: 1
+            tcpSocket:
+              port: 9030
+            timeoutSeconds: 1
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /etc/podinfo
+              name: podinfo
+            - mountPath: /opt/apache-doris/fe/log
+              name: log
+            - mountPath: /opt/apache-doris/fe/doris-meta
+              name: meta
+            - mountPath: /etc/doris
+              name: doris-cluster-fe-conf
+      dnsPolicy: ClusterFirst
+      imagePullSecrets:
+        - name: harborsecret
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext: {}
+      terminationGracePeriodSeconds: 30
+      volumes:
+        - name: meta
+          persistentVolumeClaim:
+            claimName: doris-fe-meta-pvc
+        - name: log
+          persistentVolumeClaim:
+            claimName: doris-fe-log-pvc
+        - downwardAPI:
+            defaultMode: 420
+            items:
+              - fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.labels
+                path: labels
+              - fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.annotations
+                path: annotations
+          name: podinfo
+        - configMap:
+            defaultMode: 420
+            name: doris-cluster-fe-conf
+          name: doris-cluster-fe-conf
+  updateStrategy:
+    rollingUpdate:
+      partition: 0
+    type: RollingUpdate
--- a/84-202605-北京三河测试/k8s-app/helm-emqxs.yaml
+++ b/84-202605-北京三河测试/k8s-app/helm-emqxs.yaml
@@ -0,0 +1,266 @@
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  labels:
+    cmii.app: helm-emqxs
+    cmii.emqx.architecture: cluster
+    cmii.type: middleware
+  name: helm-emqxs
+  namespace: bj-sh-uas-260511
+spec:
+  persistentVolumeClaimRetentionPolicy:
+    whenDeleted: Retain
+    whenScaled: Retain
+  podManagementPolicy: Parallel
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      cmii.app: helm-emqxs
+      cmii.emqx.architecture: cluster
+      cmii.type: middleware
+  serviceName: helm-emqxs-headless
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        cmii.app: helm-emqxs
+        cmii.emqx.architecture: cluster
+        cmii.type: middleware
+    spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+              - matchExpressions:
+                  - key: uavcloud.env
+                    operator: In
+                    values:
+                      - bj-sh-uas-260511
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+            - podAffinityTerm:
+                labelSelector:
+                  matchExpressions:
+                    - key: cmii.app
+                      operator: In
+                      values:
+                        - helm-emqxs
+                topologyKey: kubernetes.io/hostname
+              weight: 100
+      containers:
+        - env:
+            - name: POD_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.name
+            - name: EMQX_DATA_DIR
+              value: /opt/emqx/data
+          image: 192.168.3.31:8088/cmii/emqx:5.8.8
+          imagePullPolicy: IfNotPresent
+          livenessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /status
+              port: 18083
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 30
+            successThreshold: 1
+            timeoutSeconds: 10
+          name: emqx
+          ports:
+            - containerPort: 1883
+              name: mqtt
+              protocol: TCP
+            - containerPort: 8883
+              name: mqttssl
+              protocol: TCP
+            - containerPort: 8083
+              name: ws
+              protocol: TCP
+            - containerPort: 18083
+              name: dashboard
+              protocol: TCP
+            - containerPort: 4370
+              name: ekka
+              protocol: TCP
+          readinessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /status
+              port: 18083
+              scheme: HTTP
+            initialDelaySeconds: 10
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+          resources:
+            limits:
+              cpu: "2"
+              memory: 2Gi
+            requests:
+              cpu: 500m
+              memory: 512Mi
+          startupProbe:
+            failureThreshold: 30
+            httpGet:
+              path: /status
+              port: 18083
+              scheme: HTTP
+            initialDelaySeconds: 10
+            periodSeconds: 5
+            successThreshold: 1
+            timeoutSeconds: 1
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /opt/emqx/data
+              name: emqx-data
+            - mountPath: /opt/emqx/etc/emqx.conf
+              name: bootstrap-config
+              subPath: emqx.conf
+        - command:
+            - /bin/sh
+            - -c
+            - |
+              # 等待主容器启动
+              echo "等待EMQX启动..."
+              sleep 20
+
+              # 执行初始化
+              /bin/sh /scripts/init-dashboard.sh
+
+              # 保持运行
+              echo "初始化完成，进入守护模式..."
+              while true; do sleep 3600; done
+          env:
+            - name: DASHBOARD_ADMIN_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  key: dashboard-admin-password
+                  name: emqx-credentials
+          image: 192.168.3.31:8088/cmii/tools:1.0
+          imagePullPolicy: IfNotPresent
+          name: init-dashboard
+          resources:
+            limits:
+              cpu: 200m
+              memory: 128Mi
+            requests:
+              cpu: 100m
+              memory: 64Mi
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /scripts
+              name: init-script
+            - mountPath: /bootstrap
+              name: bootstrap-users
+      dnsPolicy: ClusterFirst
+      imagePullSecrets:
+        - name: harborsecret
+      initContainers:
+        - command:
+            - /bin/sh
+            - -c
+            - |
+              echo "准备bootstrap文件..."
+
+              # 创建数据目录
+              mkdir -p /opt/emqx/data
+
+              # 复制bootstrap文件到数据目录
+              # 只在文件不存在时复制，避免覆盖已有数据
+              if [ ! -f /opt/emqx/data/bootstrap_users.json ]; then
+                cp /bootstrap-src/bootstrap_users.json /opt/emqx/data/
+                echo "✓ 已复制用户bootstrap文件"
+              else
+                echo "ℹ 用户bootstrap文件已存在，跳过"
+              fi
+
+              # 设置权限 (现在有root权限，可以成功)
+              chown -R 1000:1000 /opt/emqx/data
+
+              echo "✓ Bootstrap准备完成"
+          image: 192.168.3.31:8088/cmii/tools:1.0
+          imagePullPolicy: IfNotPresent
+          name: prepare-bootstrap
+          resources: {}
+          securityContext:
+            runAsUser: 0
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /opt/emqx/data
+              name: emqx-data
+            - mountPath: /bootstrap-src
+              name: bootstrap-users
+      nodeSelector:
+        mysql-deploy: "true"
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext:
+        fsGroup: 1000
+        runAsUser: 1000
+      serviceAccount: helm-emqxs
+      serviceAccountName: helm-emqxs
+      terminationGracePeriodSeconds: 30
+      volumes:
+        - configMap:
+            defaultMode: 420
+            name: emqx-bootstrap-config
+          name: bootstrap-config
+        - configMap:
+            defaultMode: 420
+            name: emqx-bootstrap-users
+          name: bootstrap-users
+        - configMap:
+            defaultMode: 493
+            name: emqx-init-dashboard
+          name: init-script
+        - name: emqx-data
+          hostPath:
+            path: /var/lib/docker/emqx-pv/bj-sh-uas-260511/
+            type: ""
+  updateStrategy:
+    type: RollingUpdate
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    cmii.app: helm-emqxs
+    cmii.type: middleware
+  name: helm-emqxs
+  namespace: bj-sh-uas-260511
+spec:
+  ports:
+    - name: mqtt
+      nodePort: 31883
+      port: 1883
+      protocol: TCP
+      targetPort: 1883
+    - name: dashboard
+      nodePort: 38085
+      port: 18083
+      protocol: TCP
+      targetPort: 18083
+    - name: ws
+      nodePort: 38083
+      port: 8083
+      protocol: TCP
+      targetPort: 8083
+    - name: mqttssl
+      nodePort: 38883
+      port: 8883
+      protocol: TCP
+      targetPort: 8883
+  selector:
+    cmii.app: helm-emqxs
+    cmii.emqx.architecture: cluster
+    cmii.type: middleware
+  sessionAffinity: None
+  type: NodePort
--- a/84-202605-北京三河测试/k8s-app/helm-minio.yaml
+++ b/84-202605-北京三河测试/k8s-app/helm-minio.yaml
@@ -0,0 +1,103 @@
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: helm-minio
+  namespace: bj-sh-uas-260511
+spec:
+  persistentVolumeClaimRetentionPolicy:
+    whenDeleted: Retain
+    whenScaled: Retain
+  podManagementPolicy: OrderedReady
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      app: helm-minio
+  serviceName: helm-minio
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        app: helm-minio
+    spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+              - matchExpressions:
+                  - key: minio-deploy
+                    operator: In
+                    values:
+                      - "true"
+      containers:
+        - args:
+            - minio server /data --console-address ":9001"
+          command:
+            - /bin/sh
+            - -c
+          env:
+            - name: MINIO_ACCESS_KEY
+              value: cmii
+            - name: MINIO_SECRET_KEY
+              value: B#923fC7mk
+          image: 192.168.3.31:8088/cmii/minio:RELEASE.2023-06-02T23-17-26Z
+          imagePullPolicy: IfNotPresent
+          name: minio
+          ports:
+            - containerPort: 9000
+              name: api
+              protocol: TCP
+            - containerPort: 9001
+              name: console
+              protocol: TCP
+          resources:
+            limits:
+              cpu: "2"
+              memory: 2Gi
+            requests:
+              cpu: 200m
+              memory: 200Mi
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /data
+              name: data
+      dnsPolicy: ClusterFirst
+      imagePullSecrets:
+        - name: harborsecret
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext: {}
+      terminationGracePeriodSeconds: 30
+      volumes:
+        - hostPath:
+            path: /data/minio-pv/
+            type: ""
+          name: data
+  updateStrategy:
+    rollingUpdate:
+      partition: 0
+    type: RollingUpdate
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: helm-minio
+  namespace: bj-sh-uas-260511
+spec:
+  ports:
+    - name: api
+      nodePort: 39000
+      port: 9000
+      protocol: TCP
+      targetPort: 9000
+    - name: console
+      nodePort: 39001
+      port: 9001
+      protocol: TCP
+      targetPort: 9001
+  selector:
+    app: helm-minio
+  sessionAffinity: None
+  type: NodePort
--- a/84-202605-北京三河测试/k8s-app/helm-mongo.yaml
+++ b/84-202605-北京三河测试/k8s-app/helm-mongo.yaml
@@ -0,0 +1,99 @@
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  labels:
+    app.kubernetes.io/managed-by: octopus-control
+    app.kubernetes.io/version: uas-2.3
+    cmii.app: helm-mongo
+    cmii.type: middleware
+    helm.sh/chart: mongo-1.1.0
+  name: helm-mongo
+  namespace: bj-sh-uas-260511
+spec:
+  persistentVolumeClaimRetentionPolicy:
+    whenDeleted: Retain
+    whenScaled: Retain
+  podManagementPolicy: OrderedReady
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      cmii.app: helm-mongo
+      cmii.type: middleware
+  serviceName: helm-mongo
+  template:
+    metadata:
+      annotations:
+        pod.alpha.kubernetes.io/initialized: "true"
+      creationTimestamp: null
+      labels:
+        app.kubernetes.io/managed-by: octopus-control
+        app.kubernetes.io/version: uas-2.3
+        cmii.app: helm-mongo
+        cmii.type: middleware
+        helm.sh/chart: mongo-1.1.0
+    spec:
+      affinity: {}
+      containers:
+        - env:
+            - name: MONGO_INITDB_ROOT_USERNAME
+              value: cmlc
+            - name: MONGO_INITDB_ROOT_PASSWORD
+              value: REdPza8#oVlt
+          image: 192.168.3.31:8088/cmii/mongo:5.0
+          imagePullPolicy: IfNotPresent
+          name: helm-mongo
+          ports:
+            - containerPort: 27017
+              name: mongo27017
+              protocol: TCP
+          resources: {}
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /data/db
+              name: mongo-data
+              subPath: default/helm-mongo/data/db
+      nodeSelector:
+        mysql-deploy: "true"
+      dnsPolicy: ClusterFirst
+      imagePullSecrets:
+        - name: harborsecret
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext: {}
+      terminationGracePeriodSeconds: 30
+      volumes:
+        - name: mongo-data
+          hostPath:
+            path: /var/lib/docker/mongo-pv/bj-sh-uas-260511/
+            type: ""
+  updateStrategy:
+    rollingUpdate:
+      partition: 0
+    type: RollingUpdate
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app.kubernetes.io/managed-by: octopus-control
+    app.kubernetes.io/version: uas-2.3
+    cmii.app: helm-mongo
+    cmii.type: middleware
+    helm.sh/chart: mongo-1.1.0
+  name: helm-mongo
+  namespace: bj-sh-uas-260511
+spec:
+  ports:
+    - name: server-27017
+      nodePort: 37017
+      port: 27017
+      protocol: TCP
+      targetPort: 27017
+  selector:
+    cmii.app: helm-mongo
+    cmii.type: middleware
+  sessionAffinity: None
+  type: NodePort
--- a/84-202605-北京三河测试/k8s-app/helm-mysql.yaml
+++ b/84-202605-北京三河测试/k8s-app/helm-mysql.yaml
@@ -0,0 +1,315 @@
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  labels:
+    app.kubernetes.io/component: primary
+    app.kubernetes.io/managed-by: octopus
+    app.kubernetes.io/name: mysql-db
+    app.kubernetes.io/release: bj-sh-uas-260511
+    cmii.app: mysql
+    cmii.type: middleware
+    octopus.control: mysql-db-wdd
+  name: helm-mysql
+  namespace: bj-sh-uas-260511
+spec:
+  persistentVolumeClaimRetentionPolicy:
+    whenDeleted: Retain
+    whenScaled: Retain
+  podManagementPolicy: OrderedReady
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      app.kubernetes.io/component: primary
+      app.kubernetes.io/name: mysql-db
+      app.kubernetes.io/release: bj-sh-uas-260511
+      cmii.app: mysql
+      cmii.type: middleware
+  serviceName: helm-mysql
+  template:
+    metadata:
+      annotations:
+        checksum/configuration: 6b60fa0f3a846a6ada8effdc4f823cf8003d42a8c8f630fe8b1b66d3454082dd
+      creationTimestamp: null
+      labels:
+        app.kubernetes.io/component: primary
+        app.kubernetes.io/managed-by: octopus
+        app.kubernetes.io/name: mysql-db
+        app.kubernetes.io/release: bj-sh-uas-260511
+        cmii.app: mysql
+        cmii.type: middleware
+        octopus.control: mysql-db-wdd
+    spec:
+      affinity: {}
+      containers:
+        - env:
+            - name: BITNAMI_DEBUG
+              value: "true"
+            - name: MYSQL_ROOT_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  key: mysql-root-password
+                  name: helm-mysql
+            - name: MYSQL_DATABASE
+              value: cmii
+          image: 192.168.3.31:8088/cmii/mysql:8.1.0-debian-11-r42
+          imagePullPolicy: IfNotPresent
+          livenessProbe:
+            exec:
+              command:
+                - /bin/bash
+                - -ec
+                - |
+                  password_aux="${MYSQL_ROOT_PASSWORD:-}"
+                  if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then
+                      password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE")
+                  fi
+                  mysqladmin status -uroot -p"${password_aux}"
+            failureThreshold: 5
+            initialDelaySeconds: 120
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 3
+          name: mysql
+          ports:
+            - containerPort: 3306
+              name: mysql
+              protocol: TCP
+          readinessProbe:
+            exec:
+              command:
+                - /bin/bash
+                - -ec
+                - |
+                  password_aux="${MYSQL_ROOT_PASSWORD:-}"
+                  if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then
+                      password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE")
+                  fi
+                  mysqladmin status -uroot -p"${password_aux}"
+            failureThreshold: 5
+            initialDelaySeconds: 30
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 3
+          resources: {}
+          securityContext:
+            runAsUser: 1001
+          startupProbe:
+            exec:
+              command:
+                - /bin/bash
+                - -ec
+                - |
+                  password_aux="${MYSQL_ROOT_PASSWORD:-}"
+                  if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then
+                      password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE")
+                  fi
+                  mysqladmin status -uroot -p"${password_aux}"
+            failureThreshold: 60
+            initialDelaySeconds: 120
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 1
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /bitnami/mysql
+              name: mysql-data
+            - mountPath: /docker-entrypoint-initdb.d
+              name: custom-init-scripts
+            - mountPath: /opt/bitnami/mysql/conf/my.cnf
+              name: config
+              subPath: my.cnf
+      dnsPolicy: ClusterFirst
+      imagePullSecrets:
+        - name: harborsecret
+      initContainers:
+        - command:
+            - /bin/bash
+            - -ec
+            - |
+              chown -R 1001:1001 /bitnami/mysql
+          image: 192.168.3.31:8088/cmii/bitnami-shell:11-debian-11-r136
+          imagePullPolicy: Always
+          name: change-volume-permissions
+          resources: {}
+          securityContext:
+            runAsUser: 0
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /bitnami/mysql
+              name: mysql-data
+      nodeSelector:
+        mysql-deploy: "true"
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext:
+        fsGroup: 1001
+      serviceAccount: helm-mysql
+      serviceAccountName: helm-mysql
+      terminationGracePeriodSeconds: 30
+      volumes:
+        - configMap:
+            defaultMode: 420
+            name: helm-mysql
+          name: config
+        - configMap:
+            defaultMode: 420
+            name: helm-mysql-init-scripts
+          name: custom-init-scripts
+        - hostPath:
+            path: /var/lib/docker/mysql-pv/bj-sh-uas-260511/
+            type: ""
+          name: mysql-data
+  updateStrategy:
+    type: RollingUpdate
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app.kubernetes.io/component: primary
+    app.kubernetes.io/managed-by: octopus
+    app.kubernetes.io/name: mysql-db
+    app.kubernetes.io/release: bj-sh-uas-260511
+    cmii.app: mysql
+    cmii.type: middleware
+    octopus.control: mysql-db-wdd
+  name: helm-mysql
+  namespace: bj-sh-uas-260511
+spec:
+  ports:
+    - name: mysql
+      nodePort: 33306
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+  selector:
+    app.kubernetes.io/component: primary
+    app.kubernetes.io/name: mysql-db
+    app.kubernetes.io/release: bj-sh-uas-260511
+    cmii.app: mysql
+    cmii.type: middleware
+  sessionAffinity: None
+  type: NodePort
+---
+apiVersion: v1
+data:
+  my.cnf: |2-
+    [mysqld]
+    port=3306
+    basedir=/opt/bitnami/mysql
+    datadir=/bitnami/mysql/data
+    pid-file=/opt/bitnami/mysql/tmp/mysqld.pid
+    socket=/opt/bitnami/mysql/tmp/mysql.sock
+    log-error=/bitnami/mysql/data/error.log
+    general_log_file = /bitnami/mysql/data/general.log
+    slow_query_log_file = /bitnami/mysql/data/slow.log
+    innodb_data_file_path = ibdata1:512M:autoextend
+    innodb_buffer_pool_size = 512M
+    innodb_buffer_pool_instances = 2
+    innodb_log_file_size = 512M
+    innodb_log_files_in_group = 4
+    innodb_log_files_in_group = 4
+    log-bin = /bitnami/mysql/data/mysql-bin
+    max_binlog_size=1G
+    transaction_isolation = REPEATABLE-READ
+    default_storage_engine = innodb
+    character-set-server = utf8mb4
+    collation-server=utf8mb4_bin
+    binlog_format = ROW
+    binlog_rows_query_log_events=on
+    binlog_cache_size=4M
+    binlog_expire_logs_seconds  = 1296000
+    max_binlog_cache_size=2G
+    gtid_mode = on
+    enforce_gtid_consistency = 1
+    sync_binlog = 1
+    innodb_flush_log_at_trx_commit = 1
+    innodb_flush_method = O_DIRECT
+    log_slave_updates=1
+    relay_log_recovery = 1
+    relay-log-purge = 1
+    default_time_zone = '+08:00'
+    lower_case_table_names=1
+    log_bin_trust_function_creators=1
+    group_concat_max_len=67108864
+    innodb_io_capacity = 4000
+    innodb_io_capacity_max = 8000
+    innodb_flush_sync = 0
+    innodb_flush_neighbors = 0
+    innodb_write_io_threads = 8
+    innodb_read_io_threads = 8
+    innodb_purge_threads = 4
+    innodb_page_cleaners = 4
+    innodb_open_files = 65535
+    innodb_max_dirty_pages_pct = 50
+    innodb_lru_scan_depth = 4000
+    innodb_checksum_algorithm = crc32
+    innodb_lock_wait_timeout = 10
+    innodb_rollback_on_timeout = 1
+    innodb_print_all_deadlocks = 1
+    innodb_file_per_table = 1
+    innodb_online_alter_log_max_size = 4G
+    innodb_stats_on_metadata = 0
+    innodb_thread_concurrency = 0
+    innodb_sync_spin_loops = 100
+    innodb_spin_wait_delay = 30
+    lock_wait_timeout = 3600
+    slow_query_log = 1
+    long_query_time = 10
+    log_queries_not_using_indexes =1
+    log_throttle_queries_not_using_indexes = 60
+    min_examined_row_limit = 100
+    log_slow_admin_statements = 1
+    log_slow_slave_statements = 1
+    default_authentication_plugin=mysql_native_password
+    skip-name-resolve=1
+    explicit_defaults_for_timestamp=1
+    plugin_dir=/opt/bitnami/mysql/plugin
+    max_allowed_packet=128M
+    max_connections = 2000
+    max_connect_errors = 1000000
+    table_definition_cache=2000
+    table_open_cache_instances=64
+    tablespace_definition_cache=1024
+    thread_cache_size=256
+    interactive_timeout = 600
+    wait_timeout = 600
+    tmpdir=/opt/bitnami/mysql/tmp
+    max_allowed_packet=32M
+    bind-address=0.0.0.0
+    performance_schema = 1
+    performance_schema_instrument = '%memory%=on'
+    performance_schema_instrument = '%lock%=on'
+    innodb_monitor_enable=ALL
+
+    [mysql]
+    no-auto-rehash
+
+    [mysqldump]
+    quick
+    max_allowed_packet = 32M
+
+    [client]
+    port=3306
+    socket=/opt/bitnami/mysql/tmp/mysql.sock
+    default-character-set=UTF8
+    plugin_dir=/opt/bitnami/mysql/plugin
+
+    [manager]
+    port=3306
+    socket=/opt/bitnami/mysql/tmp/mysql.sock
+    pid-file=/opt/bitnami/mysql/tmp/mysqld.pid
+kind: ConfigMap
+metadata:
+  labels:
+    app.kubernetes.io/component: primary
+    app.kubernetes.io/managed-by: octopus
+    app.kubernetes.io/name: mysql-db
+    app.kubernetes.io/release: bj-sh-uas-260511
+    octopus.control: mysql-db-wdd
+  name: helm-mysql
+  namespace: bj-sh-uas-260511
--- a/84-202605-北京三河测试/k8s-app/helm-nacos.yaml
+++ b/84-202605-北京三河测试/k8s-app/helm-nacos.yaml
@@ -0,0 +1,139 @@
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  labels:
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/version: uas-2.3
+    cmii.app: helm-nacos
+    cmii.type: middleware
+    octopus.control: nacos-wdd
+  name: helm-nacos
+  namespace: bj-sh-uas-260511
+spec:
+  persistentVolumeClaimRetentionPolicy:
+    whenDeleted: Retain
+    whenScaled: Retain
+  podManagementPolicy: OrderedReady
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      cmii.app: helm-nacos
+      cmii.type: middleware
+  serviceName: helm-nacos
+  template:
+    metadata:
+      annotations:
+        pod.alpha.kubernetes.io/initialized: "true"
+      creationTimestamp: null
+      labels:
+        app.kubernetes.io/managed-by: octopus
+        app.kubernetes.io/version: uas-2.3
+        cmii.app: helm-nacos
+        cmii.type: middleware
+        octopus.control: nacos-wdd
+    spec:
+      affinity: {}
+      containers:
+        - env:
+            - name: NACOS_AUTH_ENABLE
+              value: "false"
+            - name: NACOS_REPLICAS
+              value: "1"
+            - name: MYSQL_SERVICE_DB_NAME
+              valueFrom:
+                configMapKeyRef:
+                  key: mysql.db.name
+                  name: helm-nacos-cm
+            - name: MYSQL_SERVICE_PORT
+              valueFrom:
+                configMapKeyRef:
+                  key: mysql.port
+                  name: helm-nacos-cm
+            - name: MYSQL_SERVICE_USER
+              valueFrom:
+                configMapKeyRef:
+                  key: mysql.user
+                  name: helm-nacos-cm
+            - name: MYSQL_SERVICE_PASSWORD
+              valueFrom:
+                configMapKeyRef:
+                  key: mysql.password
+                  name: helm-nacos-cm
+            - name: MYSQL_SERVICE_HOST
+              valueFrom:
+                configMapKeyRef:
+                  key: mysql.db.host
+                  name: helm-nacos-cm
+            - name: NACOS_SERVER_PORT
+              value: "8848"
+            - name: NACOS_APPLICATION_PORT
+              value: "8848"
+            - name: PREFER_HOST_MODE
+              value: hostname
+            - name: MODE
+              value: standalone
+            - name: SPRING_DATASOURCE_PLATFORM
+              value: mysql
+          image: 192.168.3.31:8088/cmii/nacos-server:v2.1.2
+          imagePullPolicy: IfNotPresent
+          name: nacos-server
+          ports:
+            - containerPort: 8848
+              name: dashboard
+              protocol: TCP
+            - containerPort: 9848
+              name: tcp-9848
+              protocol: TCP
+            - containerPort: 9849
+              name: tcp-9849
+              protocol: TCP
+          resources: {}
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+      dnsPolicy: ClusterFirst
+      imagePullSecrets:
+        - name: harborsecret
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext: {}
+      terminationGracePeriodSeconds: 30
+  updateStrategy:
+    rollingUpdate:
+      partition: 0
+    type: RollingUpdate
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/version: uas-2.3
+    cmii.app: helm-nacos
+    cmii.type: middleware
+    octopus.control: nacos-wdd
+  name: helm-nacos
+  namespace: bj-sh-uas-260511
+spec:
+  ports:
+    - name: server
+      nodePort: 38848
+      port: 8848
+      protocol: TCP
+      targetPort: 8848
+    - name: server12
+      nodePort: 34933
+      port: 9848
+      protocol: TCP
+      targetPort: 9848
+    - name: server23
+      nodePort: 35584
+      port: 9849
+      protocol: TCP
+      targetPort: 9849
+  selector:
+    cmii.app: helm-nacos
+    cmii.type: middleware
+  sessionAffinity: None
+  type: NodePort
--- a/84-202605-北京三河测试/k8s-app/helm-rabbitmq.yaml
+++ b/84-202605-北京三河测试/k8s-app/helm-rabbitmq.yaml
@@ -0,0 +1,225 @@
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  labels:
+    app.kubernetes.io/managed-by: rabbitmq
+    app.kubernetes.io/name: helm-rabbitmq
+    app.kubernetes.io/release: bj-sh-uas-260511
+    helm.sh/chart: rabbitmq-8.26.1
+  name: helm-rabbitmq
+  namespace: bj-sh-uas-260511
+spec:
+  persistentVolumeClaimRetentionPolicy:
+    whenDeleted: Retain
+    whenScaled: Retain
+  podManagementPolicy: OrderedReady
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: helm-rabbitmq
+      app.kubernetes.io/release: bj-sh-uas-260511
+  serviceName: helm-rabbitmq-headless
+  template:
+    metadata:
+      annotations:
+        checksum/config: d6c2caa9572f64a06d9f7daa34c664a186b4778cd1697ef8e59663152fc628f1
+        checksum/secret: d764e7b3d999e7324d1afdfec6140092a612f04b6e0306818675815cec2f454f
+      creationTimestamp: null
+      labels:
+        app.kubernetes.io/managed-by: rabbitmq
+        app.kubernetes.io/name: helm-rabbitmq
+        app.kubernetes.io/release: bj-sh-uas-260511
+        helm.sh/chart: rabbitmq-8.26.1
+    spec:
+      affinity: {}
+      containers:
+        - env:
+            - name: BITNAMI_DEBUG
+              value: "false"
+            - name: MY_POD_IP
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: status.podIP
+            - name: MY_POD_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.name
+            - name: MY_POD_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: metadata.namespace
+            - name: K8S_SERVICE_NAME
+              value: helm-rabbitmq-headless
+            - name: K8S_ADDRESS_TYPE
+              value: hostname
+            - name: RABBITMQ_FORCE_BOOT
+              value: "no"
+            - name: RABBITMQ_NODE_NAME
+              value: rabbit@$(MY_POD_NAME).$(K8S_SERVICE_NAME).$(MY_POD_NAMESPACE).svc.cluster.local
+            - name: K8S_HOSTNAME_SUFFIX
+              value: .$(K8S_SERVICE_NAME).$(MY_POD_NAMESPACE).svc.cluster.local
+            - name: RABBITMQ_MNESIA_DIR
+              value: /bitnami/rabbitmq/mnesia/$(RABBITMQ_NODE_NAME)
+            - name: RABBITMQ_LDAP_ENABLE
+              value: "no"
+            - name: RABBITMQ_LOGS
+              value: '-'
+            - name: RABBITMQ_ULIMIT_NOFILES
+              value: "65536"
+            - name: RABBITMQ_USE_LONGNAME
+              value: "true"
+            - name: RABBITMQ_ERL_COOKIE
+              valueFrom:
+                secretKeyRef:
+                  key: rabbitmq-erlang-cookie
+                  name: helm-rabbitmq
+            - name: RABBITMQ_LOAD_DEFINITIONS
+              value: "no"
+            - name: RABBITMQ_SECURE_PASSWORD
+              value: "yes"
+            - name: RABBITMQ_USERNAME
+              value: admin
+            - name: RABBITMQ_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  key: rabbitmq-password
+                  name: helm-rabbitmq
+            - name: RABBITMQ_PLUGINS
+              value: rabbitmq_management, rabbitmq_peer_discovery_k8s, rabbitmq_shovel, rabbitmq_shovel_management, rabbitmq_auth_backend_ldap
+          image: 192.168.3.31:8088/cmii/rabbitmq:3.9.12-debian-10-r3
+          imagePullPolicy: Always
+          lifecycle:
+            preStop:
+              exec:
+                command:
+                  - /bin/bash
+                  - -ec
+                  - |
+                    if [[ -f /opt/bitnami/scripts/rabbitmq/nodeshutdown.sh ]]; then
+                        /opt/bitnami/scripts/rabbitmq/nodeshutdown.sh -t "120" -d  "false"
+                    else
+                        rabbitmqctl stop_app
+                    fi
+          livenessProbe:
+            exec:
+              command:
+                - /bin/bash
+                - -ec
+                - rabbitmq-diagnostics -q ping
+            failureThreshold: 6
+            initialDelaySeconds: 120
+            periodSeconds: 30
+            successThreshold: 1
+            timeoutSeconds: 20
+          name: rabbitmq
+          ports:
+            - containerPort: 5672
+              name: amqp
+              protocol: TCP
+            - containerPort: 25672
+              name: dist
+              protocol: TCP
+            - containerPort: 15672
+              name: dashboard
+              protocol: TCP
+            - containerPort: 4369
+              name: epmd
+              protocol: TCP
+          readinessProbe:
+            exec:
+              command:
+                - /bin/bash
+                - -ec
+                - rabbitmq-diagnostics -q check_running && rabbitmq-diagnostics -q check_local_alarms
+            failureThreshold: 3
+            initialDelaySeconds: 10
+            periodSeconds: 30
+            successThreshold: 1
+            timeoutSeconds: 20
+          resources: {}
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /bitnami/rabbitmq/conf
+              name: configuration
+            - mountPath: /bitnami/rabbitmq/mnesia
+              name: data
+      dnsPolicy: ClusterFirst
+      imagePullSecrets:
+        - name: harborsecret
+      initContainers:
+        - args:
+            - -ec
+            - |
+              mkdir -p "/bitnami/rabbitmq/mnesia"
+              chown -R "5001:5001" "/bitnami/rabbitmq/mnesia"
+          command:
+            - /bin/bash
+          image: 192.168.3.31:8088/cmii/bitnami-shell:11-debian-11-r136
+          imagePullPolicy: Always
+          name: volume-permissions
+          resources: {}
+          securityContext:
+            runAsUser: 0
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /bitnami/rabbitmq/mnesia
+              name: data
+      nodeSelector:
+        mysql-deploy: "true"
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext:
+        fsGroup: 5001
+        runAsUser: 5001
+      serviceAccount: helm-rabbitmq
+      serviceAccountName: helm-rabbitmq
+      terminationGracePeriodSeconds: 120
+      volumes:
+        - configMap:
+            defaultMode: 420
+            items:
+              - key: rabbitmq.conf
+                path: rabbitmq.conf
+            name: helm-rabbitmq-config
+          name: configuration
+        - name: data
+          hostPath:
+            path: /var/lib/docker/rabbitmq-pv/bj-sh-uas-260511/
+            type: ""
+  updateStrategy:
+    type: RollingUpdate
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app.kubernetes.io/managed-by: rabbitmq
+    app.kubernetes.io/name: helm-rabbitmq
+    app.kubernetes.io/release: bj-sh-uas-260511
+    helm.sh/chart: rabbitmq-8.26.1
+  name: helm-rabbitmq
+  namespace: bj-sh-uas-260511
+spec:
+  ports:
+    - name: amqp
+      nodePort: 35672
+      port: 5672
+      protocol: TCP
+      targetPort: amqp
+    - name: dashboard
+      nodePort: 36675
+      port: 15672
+      protocol: TCP
+      targetPort: dashboard
+  selector:
+    app.kubernetes.io/name: helm-rabbitmq
+    app.kubernetes.io/release: bj-sh-uas-260511
+  sessionAffinity: None
+  type: NodePort
--- a/84-202605-北京三河测试/k8s-app/helm-redis-master.yaml
+++ b/84-202605-北京三河测试/k8s-app/helm-redis-master.yaml
@@ -0,0 +1,184 @@
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  labels:
+    app.kubernetes.io/component: master
+    app.kubernetes.io/managed-by: octopus
+    app.kubernetes.io/name: redis-db
+    app.kubernetes.io/release: bj-sh-uas-260511
+    cmii.app: redis
+    cmii.type: middleware
+    octopus.control: redis-db-wdd
+  name: helm-redis-master
+  namespace: bj-sh-uas-260511
+spec:
+  persistentVolumeClaimRetentionPolicy:
+    whenDeleted: Retain
+    whenScaled: Retain
+  podManagementPolicy: OrderedReady
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      app.kubernetes.io/component: master
+      app.kubernetes.io/name: redis-db
+      app.kubernetes.io/release: bj-sh-uas-260511
+      cmii.app: redis
+      cmii.type: middleware
+  serviceName: helm-redis-headless
+  template:
+    metadata:
+      annotations:
+        checksum/configmap: b64aa5db67e6e63811f3c1095b9fce34d83c86a471fccdda0e48eedb53a179b0
+        checksum/health: 6e0a6330e5ac63e565ae92af1444527d72d8897f91266f333555b3d323570623
+        checksum/scripts: b88df93710b7c42a76006e20218f05c6e500e6cc2affd4bb1985832f03166e98
+        checksum/secret: 43f1b0e20f9cb2de936bd182bc3683b720fc3cf4f4e76cb23c06a52398a50e8d
+      creationTimestamp: null
+      labels:
+        app.kubernetes.io/component: master
+        app.kubernetes.io/managed-by: octopus
+        app.kubernetes.io/name: redis-db
+        app.kubernetes.io/release: bj-sh-uas-260511
+        cmii.app: redis
+        cmii.type: middleware
+        octopus.control: redis-db-wdd
+    spec:
+      affinity: {}
+      containers:
+        - args:
+            - -c
+            - /opt/bitnami/scripts/start-scripts/start-master.sh
+          command:
+            - /bin/bash
+          env:
+            - name: BITNAMI_DEBUG
+              value: "false"
+            - name: REDIS_REPLICATION_MODE
+              value: master
+            - name: ALLOW_EMPTY_PASSWORD
+              value: "no"
+            - name: REDIS_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  key: redis-password
+                  name: helm-redis
+            - name: REDIS_TLS_ENABLED
+              value: "no"
+            - name: REDIS_PORT
+              value: "6379"
+          image: 192.168.3.31:8088/cmii/redis:6.2.14-debian-11-r1
+          imagePullPolicy: Always
+          livenessProbe:
+            exec:
+              command:
+                - sh
+                - -c
+                - /health/ping_liveness_local.sh 5
+            failureThreshold: 5
+            initialDelaySeconds: 20
+            periodSeconds: 5
+            successThreshold: 1
+            timeoutSeconds: 6
+          name: redis
+          ports:
+            - containerPort: 6379
+              name: redis
+              protocol: TCP
+          readinessProbe:
+            exec:
+              command:
+                - sh
+                - -c
+                - /health/ping_readiness_local.sh 1
+            failureThreshold: 5
+            initialDelaySeconds: 20
+            periodSeconds: 5
+            successThreshold: 1
+            timeoutSeconds: 2
+          resources:
+            limits:
+              cpu: "2"
+              memory: 8Gi
+            requests:
+              cpu: "2"
+              memory: 8Gi
+          securityContext:
+            runAsUser: 1001
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /opt/bitnami/scripts/start-scripts
+              name: start-scripts
+            - mountPath: /health
+              name: health
+            - mountPath: /data
+              name: redis-data
+            - mountPath: /opt/bitnami/redis/mounted-etc
+              name: config
+            - mountPath: /opt/bitnami/redis/etc/
+              name: redis-tmp-conf
+            - mountPath: /tmp
+              name: tmp
+      dnsPolicy: ClusterFirst
+      imagePullSecrets:
+        - name: harborsecret
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext:
+        fsGroup: 1001
+      serviceAccount: helm-redis
+      serviceAccountName: helm-redis
+      terminationGracePeriodSeconds: 30
+      volumes:
+        - configMap:
+            defaultMode: 493
+            name: helm-redis-scripts
+          name: start-scripts
+        - configMap:
+            defaultMode: 493
+            name: helm-redis-health
+          name: health
+        - configMap:
+            defaultMode: 420
+            name: helm-redis-configuration
+          name: config
+        - emptyDir: {}
+          name: redis-tmp-conf
+        - emptyDir: {}
+          name: tmp
+        - emptyDir: {}
+          name: redis-data
+  updateStrategy:
+    rollingUpdate:
+      partition: 0
+    type: RollingUpdate
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app.kubernetes.io/component: master
+    app.kubernetes.io/managed-by: octopus
+    app.kubernetes.io/name: redis-db
+    app.kubernetes.io/release: bj-sh-uas-260511
+    cmii.app: redis
+    cmii.type: middleware
+    octopus.control: redis-db-wdd
+  name: helm-redis-master
+  namespace: bj-sh-uas-260511
+spec:
+  ports:
+    - name: tcp-redis
+      nodePort: 38532
+      port: 6379
+      protocol: TCP
+      targetPort: redis
+  selector:
+    app.kubernetes.io/component: master
+    app.kubernetes.io/name: redis-db
+    app.kubernetes.io/release: bj-sh-uas-260511
+    cmii.app: redis
+    cmii.type: middleware
+  sessionAffinity: None
+  type: NodePort
--- a/84-202605-北京三河测试/k8s-app/helm-redis-replicas.yaml
+++ b/84-202605-北京三河测试/k8s-app/helm-redis-replicas.yaml
@@ -0,0 +1,177 @@
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  labels:
+    app.kubernetes.io/component: replica
+    app.kubernetes.io/managed-by: octopus
+    app.kubernetes.io/name: redis-db
+    app.kubernetes.io/release: bj-sh-uas-260511
+    octopus.control: redis-db-wdd
+  name: helm-redis-replicas
+  namespace: bj-sh-uas-260511
+spec:
+  persistentVolumeClaimRetentionPolicy:
+    whenDeleted: Retain
+    whenScaled: Retain
+  podManagementPolicy: OrderedReady
+  replicas: 0
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      app.kubernetes.io/component: replica
+      app.kubernetes.io/name: redis-db
+      app.kubernetes.io/release: bj-sh-uas-260511
+  serviceName: helm-redis-headless
+  template:
+    metadata:
+      annotations:
+        checksum/configmap: b64aa5db67e6e63811f3c1095b9fce34d83c86a471fccdda0e48eedb53a179b0
+        checksum/health: 6e0a6330e5ac63e565ae92af1444527d72d8897f91266f333555b3d323570623
+        checksum/scripts: b88df93710b7c42a76006e20218f05c6e500e6cc2affd4bb1985832f03166e98
+        checksum/secret: 43f1b0e20f9cb2de936bd182bc3683b720fc3cf4f4e76cb23c06a52398a50e8d
+      creationTimestamp: null
+      labels:
+        app.kubernetes.io/component: replica
+        app.kubernetes.io/managed-by: octopus
+        app.kubernetes.io/name: redis-db
+        app.kubernetes.io/release: bj-sh-uas-260511
+        octopus.control: redis-db-wdd
+    spec:
+      containers:
+        - args:
+            - -c
+            - /opt/bitnami/scripts/start-scripts/start-replica.sh
+          command:
+            - /bin/bash
+          env:
+            - name: BITNAMI_DEBUG
+              value: "false"
+            - name: REDIS_REPLICATION_MODE
+              value: slave
+            - name: REDIS_MASTER_HOST
+              value: helm-redis-master-0.helm-redis-headless.bj-sh-uas-260511.svc.cluster.local
+            - name: REDIS_MASTER_PORT_NUMBER
+              value: "6379"
+            - name: ALLOW_EMPTY_PASSWORD
+              value: "no"
+            - name: REDIS_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  key: redis-password
+                  name: helm-redis
+            - name: REDIS_MASTER_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  key: redis-password
+                  name: helm-redis
+            - name: REDIS_TLS_ENABLED
+              value: "no"
+            - name: REDIS_PORT
+              value: "6379"
+          image: 192.168.3.31:8088/cmii/redis:6.2.14-debian-11-r1
+          imagePullPolicy: Always
+          livenessProbe:
+            exec:
+              command:
+                - sh
+                - -c
+                - /health/ping_liveness_local_and_master.sh 5
+            failureThreshold: 5
+            initialDelaySeconds: 20
+            periodSeconds: 5
+            successThreshold: 1
+            timeoutSeconds: 6
+          name: redis
+          ports:
+            - containerPort: 6379
+              name: redis
+              protocol: TCP
+          readinessProbe:
+            exec:
+              command:
+                - sh
+                - -c
+                - /health/ping_readiness_local_and_master.sh 1
+            failureThreshold: 5
+            initialDelaySeconds: 20
+            periodSeconds: 5
+            successThreshold: 1
+            timeoutSeconds: 2
+          resources:
+            limits:
+              cpu: "2"
+              memory: 8Gi
+            requests:
+              cpu: "2"
+              memory: 8Gi
+          securityContext:
+            runAsUser: 1001
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /opt/bitnami/scripts/start-scripts
+              name: start-scripts
+            - mountPath: /health
+              name: health
+            - mountPath: /data
+              name: redis-data
+            - mountPath: /opt/bitnami/redis/mounted-etc
+              name: config
+            - mountPath: /opt/bitnami/redis/etc
+              name: redis-tmp-conf
+      dnsPolicy: ClusterFirst
+      imagePullSecrets:
+        - name: harborsecret
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext:
+        fsGroup: 1001
+      serviceAccount: helm-redis
+      serviceAccountName: helm-redis
+      terminationGracePeriodSeconds: 30
+      volumes:
+        - configMap:
+            defaultMode: 493
+            name: helm-redis-scripts
+          name: start-scripts
+        - configMap:
+            defaultMode: 493
+            name: helm-redis-health
+          name: health
+        - configMap:
+            defaultMode: 420
+            name: helm-redis-configuration
+          name: config
+        - emptyDir: {}
+          name: redis-tmp-conf
+        - emptyDir: {}
+          name: redis-data
+  updateStrategy:
+    rollingUpdate:
+      partition: 0
+    type: RollingUpdate
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app.kubernetes.io/component: replica
+    app.kubernetes.io/managed-by: octopus
+    app.kubernetes.io/name: redis-db
+    app.kubernetes.io/release: bj-sh-uas-260511
+    octopus.control: redis-db-wdd
+  name: helm-redis-replicas
+  namespace: bj-sh-uas-260511
+spec:
+  ports:
+    - name: tcp-redis
+      port: 6379
+      protocol: TCP
+      targetPort: redis
+  selector:
+    app.kubernetes.io/component: replica
+    app.kubernetes.io/name: redis-db
+    app.kubernetes.io/release: bj-sh-uas-260511
+  sessionAffinity: None
+  type: ClusterIP
--- a/84-202605-北京三河测试/k8s-app/k8s-dashboard.yaml
+++ b/84-202605-北京三河测试/k8s-app/k8s-dashboard.yaml
@@ -0,0 +1,315 @@
+---
+# ------------------- Dashboard Namespace ------------------- #
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: kubernetes-dashboard
+
+---
+# ------------------- Service Account ------------------- #
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  labels:
+    k8s-app: kubernetes-dashboard
+  name: kubernetes-dashboard
+  namespace: kubernetes-dashboard
+
+---
+# ------------------- Dashboard Service (NodePort 39999) ------------------- #
+kind: Service
+apiVersion: v1
+metadata:
+  labels:
+    k8s-app: kubernetes-dashboard
+  name: kubernetes-dashboard
+  namespace: kubernetes-dashboard
+spec:
+  type: NodePort
+  ports:
+    - port: 443
+      targetPort: 8443
+      nodePort: 39999
+  selector:
+    k8s-app: kubernetes-dashboard
+
+---
+# ------------------- Dashboard Secrets ------------------- #
+apiVersion: v1
+kind: Secret
+metadata:
+  labels:
+    k8s-app: kubernetes-dashboard
+  name: kubernetes-dashboard-certs
+  namespace: kubernetes-dashboard
+type: Opaque
+
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  labels:
+    k8s-app: kubernetes-dashboard
+  name: kubernetes-dashboard-csrf
+  namespace: kubernetes-dashboard
+type: Opaque
+data:
+  csrf: ""
+
+---
+# ------------------- Dashboard Role (FIXED) ------------------- #
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  labels:
+    k8s-app: kubernetes-dashboard
+  name: kubernetes-dashboard-minimal
+  namespace: kubernetes-dashboard
+rules:
+  # [修复] 允许创建 Secrets，解决 panic 问题
+  - apiGroups: [""]
+    resources: ["secrets"]
+    verbs: ["create"]
+  # 允许对特定 Secrets 进行操作
+  - apiGroups: [""]
+    resources: ["secrets"]
+    resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs", "kubernetes-dashboard-csrf"]
+    verbs: ["get", "update", "delete"]
+  # ConfigMaps 权限
+  - apiGroups: [""]
+    resources: ["configmaps"]
+    resourceNames: ["kubernetes-dashboard-settings"]
+    verbs: ["get", "update"]
+  # Metrics 权限
+  - apiGroups: [""]
+    resources: ["services"]
+    resourceNames: ["heapster", "dashboard-metrics-scraper"]
+    verbs: ["proxy"]
+  - apiGroups: [""]
+    resources: ["services/proxy"]
+    resourceNames: ["heapster", "http:heapster:", "https:heapster:", "dashboard-metrics-scraper", "http:dashboard-metrics-scraper"]
+    verbs: ["get"]
+
+---
+# ------------------- Dashboard RoleBinding ------------------- #
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  labels:
+    k8s-app: kubernetes-dashboard
+  name: kubernetes-dashboard-minimal
+  namespace: kubernetes-dashboard
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: kubernetes-dashboard-minimal
+subjects:
+  - kind: ServiceAccount
+    name: kubernetes-dashboard
+    namespace: kubernetes-dashboard
+
+---
+# ------------------- Dashboard Deployment ------------------- #
+kind: Deployment
+apiVersion: apps/v1
+metadata:
+  labels:
+    k8s-app: kubernetes-dashboard
+  name: kubernetes-dashboard
+  namespace: kubernetes-dashboard
+spec:
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      k8s-app: kubernetes-dashboard
+  template:
+    metadata:
+      labels:
+        k8s-app: kubernetes-dashboard
+    spec:
+      containers:
+        - name: kubernetes-dashboard
+          image: 192.168.3.31:8033/cmii/dashboard:v2.7.0
+          imagePullPolicy: Always
+          ports:
+            - containerPort: 8443
+              protocol: TCP
+          args:
+            - --auto-generate-certificates
+            - --namespace=kubernetes-dashboard
+          volumeMounts:
+            - name: kubernetes-dashboard-certs
+              mountPath: /certs
+            - mountPath: /tmp
+              name: tmp-volume
+          livenessProbe:
+            httpGet:
+              scheme: HTTPS
+              path: /
+              port: 8443
+            initialDelaySeconds: 30
+            timeoutSeconds: 30
+          securityContext:
+            allowPrivilegeEscalation: false
+            readOnlyRootFilesystem: true
+            runAsUser: 1001
+            runAsGroup: 2001
+      volumes:
+        - name: kubernetes-dashboard-certs
+          secret:
+            secretName: kubernetes-dashboard-certs
+        - name: tmp-volume
+          emptyDir: {}
+      serviceAccountName: kubernetes-dashboard
+      nodeSelector:
+        "kubernetes.io/os": linux
+      tolerations:
+        - key: node-role.kubernetes.io/master
+          effect: NoSchedule
+        - key: node-role.kubernetes.io/control-plane
+          effect: NoSchedule
+
+---
+# ------------------- Metrics Scraper Service ------------------- #
+kind: Service
+apiVersion: v1
+metadata:
+  labels:
+    k8s-app: dashboard-metrics-scraper
+  name: dashboard-metrics-scraper
+  namespace: kubernetes-dashboard
+spec:
+  ports:
+    - port: 8000
+      targetPort: 8000
+  selector:
+    k8s-app: dashboard-metrics-scraper
+
+---
+# ------------------- Metrics Scraper Deployment ------------------- #
+kind: Deployment
+apiVersion: apps/v1
+metadata:
+  labels:
+    k8s-app: dashboard-metrics-scraper
+  name: dashboard-metrics-scraper
+  namespace: kubernetes-dashboard
+spec:
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      k8s-app: dashboard-metrics-scraper
+  template:
+    metadata:
+      labels:
+        k8s-app: dashboard-metrics-scraper
+      annotations:
+        seccomp.security.alpha.kubernetes.io/pod: 'runtime/default'
+    spec:
+      containers:
+        - name: dashboard-metrics-scraper
+          image: 192.168.3.31:8033/cmii/metrics-scraper:v1.0.9
+          ports:
+            - containerPort: 8000
+              protocol: TCP
+          livenessProbe:
+            httpGet:
+              scheme: HTTP
+              path: /
+              port: 8000
+            initialDelaySeconds: 30
+            timeoutSeconds: 30
+          volumeMounts:
+            - mountPath: /tmp
+              name: tmp-volume
+          securityContext:
+            allowPrivilegeEscalation: false
+            readOnlyRootFilesystem: true
+            runAsUser: 1001
+            runAsGroup: 2001
+      serviceAccountName: kubernetes-dashboard
+      nodeSelector:
+        "kubernetes.io/os": linux
+      volumes:
+        - name: tmp-volume
+          emptyDir: {}
+      tolerations:
+        - key: node-role.kubernetes.io/master
+          effect: NoSchedule
+        - key: node-role.kubernetes.io/control-plane
+          effect: NoSchedule
+
+---
+# ==================================================================
+#                自定义用户配置部分 (ADMIN & READ-ONLY)
+# ==================================================================
+
+# ------------------- 1. Admin User (全部权限) ------------------- #
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: admin-user
+  namespace: kubernetes-dashboard
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: admin-user
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cluster-admin
+subjects:
+  - kind: ServiceAccount
+    name: admin-user
+    namespace: kubernetes-dashboard
+
+---
+# ------------------- 2. Read-Only User (只读+看日志) ------------------- #
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: read-only-user
+  namespace: kubernetes-dashboard
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: dashboard-view-with-logs
+rules:
+  - apiGroups: [""]
+    resources: ["configmaps", "endpoints", "persistentvolumeclaims", "pods", "replicationcontrollers", "replicationcontrollers/scale", "serviceaccounts", "services", "nodes", "persistentvolumeclaims", "persistentvolumes", "namespaces"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: [""]
+    resources: ["pods/log"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["apps"]
+    resources: ["daemonsets", "deployments", "replicasets", "statefulsets"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["batch"]
+    resources: ["cronjobs", "jobs"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["networking.k8s.io"]
+    resources: ["ingresses", "networkpolicies"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["storage.k8s.io"]
+    resources: ["storageclasses"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["events.k8s.io"]
+    resources: ["events"]
+    verbs: ["get", "list", "watch"]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: read-only-user
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: dashboard-view-with-logs
+subjects:
+  - kind: ServiceAccount
+    name: read-only-user
+    namespace: kubernetes-dashboard
--- a/84-202605-北京三河测试/k8s-app/替换模板.txt
+++ b/84-202605-北京三河测试/k8s-app/替换模板.txt
@@ -0,0 +1,4 @@
+bj-sh-uas-260511
+192.168.3.31:8088
+实际公网入口CloudHOST
+三河低空应用公共服务平台
--- a/84-202605-北京三河测试/k8s-app/监管2.3.txt
+++ b/84-202605-北京三河测试/k8s-app/监管2.3.txt
@@ -0,0 +1,10 @@
+https://oss.demo.uavcmlc.com/cmlc-installation/tmp/cmii-uas-gateway=2.3.0-pro-20260226=2026-03-13=986.tar.gz
+https://oss.demo.uavcmlc.com/cmlc-installation/tmp/cmii-uas-lifecycle=2.3.0-pro-20260304=2026-03-13=626.tar.gz
+https://oss.demo.uavcmlc.com/cmlc-installation/tmp/cmii-uas-perception-live=2.3.0-pro-20260226=2026-03-13=110.tar.gz
+https://oss.demo.uavcmlc.com/cmlc-installation/tmp/cmii-uas-datahub=2.3.0-comp=2026-04-11=742.tar.gz
+https://oss.demo.uavcmlc.com/cmlc-installation/tmp/cmii-uav-material-warehouse=2.3.0-pro-20260225=2026-03-13=879.tar.gz
+https://oss.demo.uavcmlc.com/cmlc-installation/tmp/cmii-uav-data-center=2.3.0-pro-20260225=2026-03-13=358.tar.gz
+https://oss.demo.uavcmlc.com/cmlc-installation/tmp/cmii-uav-platform-uasms=2.3.0-pro-20260403=2026-04-03=450.tar.gz
+https://oss.demo.uavcmlc.com/cmlc-installation/tmp/cmii-uav-platform-uas=2.3.0-pro-20260403=2026-04-03=864.tar.gz
+https://oss.demo.uavcmlc.com/cmlc-installation/tmp/cmii-uas-fusion=2.2.0-112=2026-03-13=454.tar.gz
+
--- a/84-202605-北京三河测试/k8s-mid/harborsecret.yaml
+++ b/84-202605-北京三河测试/k8s-mid/harborsecret.yaml
@@ -0,0 +1,9 @@
+kind: Secret
+apiVersion: v1
+metadata:
+  name: harborsecret
+  namespace: bj-sh-uas-260511
+data:
+  .dockerconfigjson: >-
+    eyJhdXRocyI6eyJjaG9uZ3FpbmdzaGNpcy1hMTg5ZWM5OC5lY2lzLmNob25ncWluZy0xLmNtZWNsb3VkLmNuIjp7InVzZXJuYW1lIjoiY3FjbWlpIiwicGFzc3dvcmQiOiJwTDgka3E5QG0iLCJhdXRoIjoiWTNGamJXbHBPbkJNT0NScmNUbEFiUT09In19fQ==
+type: kubernetes.io/dockerconfigjson
--- a/84-202605-北京三河测试/k8s-mid/k8s-emqx.yaml
+++ b/84-202605-北京三河测试/k8s-mid/k8s-emqx.yaml
@@ -0,0 +1,655 @@
+---
+---
+# ============== Secret - 密码管理 ==============
+apiVersion: v1
+kind: Secret
+metadata:
+  name: emqx-credentials
+  namespace: bj-sh-uas-260511
+  labels:
+    cmii.type: middleware
+    cmii.app: helm-emqxs
+    app.kubernetes.io/managed-by: octopus-control
+    app.kubernetes.io/version: "2.3"
+type: Opaque
+stringData:
+  # Dashboard管理员密码
+  dashboard-admin-password: "odD8#Ve7.B"
+  # MQTT用户密码
+  mqtt-admin-password: "odD8#Ve7.B"
+
+---
+# ============== ServiceAccount ==============
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: helm-emqxs
+  namespace: bj-sh-uas-260511
+
+---
+# ============== Role - RBAC ==============
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: helm-emqxs
+  namespace: bj-sh-uas-260511
+rules:
+  - apiGroups: [""]
+    resources:
+      - endpoints
+      - pods
+    verbs:
+      - get
+      - watch
+      - list
+
+---
+# ============== RoleBinding ==============
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: helm-emqxs
+  namespace: bj-sh-uas-260511
+subjects:
+  - kind: ServiceAccount
+    name: helm-emqxs
+    namespace: bj-sh-uas-260511
+roleRef:
+  kind: Role
+  name: helm-emqxs
+  apiGroup: rbac.authorization.k8s.io
+
+---
+# ============== ConfigMap - Bootstrap配置文件 ==============
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: emqx-bootstrap-config
+  namespace: bj-sh-uas-260511
+  labels:
+    cmii.type: middleware
+    cmii.app: helm-emqxs
+data:
+  # 主配置文件 - 覆盖默认配置
+  emqx.conf: |
+    # 节点配置
+    node {
+      name = "emqx@${POD_NAME}.helm-emqxs-headless.bj-sh-uas-260511.svc.cluster.local"
+      cookie = "emqx-cluster-cookie-secret"
+      data_dir = "/opt/emqx/data"
+    }
+    
+    # 集群配置
+    cluster {
+      name = emqxcl
+      # 单节点 建议为 manual 多节点为k8s
+      discovery_strategy = manual
+      k8s {
+        apiserver = "https://kubernetes.default.svc.cluster.local:443"
+        service_name = "helm-emqxs-headless"
+        # 这里可以改为 hostname
+        address_type = dns
+        namespace = "bj-sh-uas-260511"
+        suffix = "svc.cluster.local"
+      }
+    }
+    
+    # 日志配置
+    log {
+      console {
+        enable = true
+        level = info
+      }
+      file {
+        enable = true
+        level = warning
+        path = "/opt/emqx/log"
+      }
+    }
+    
+    # Dashboard配置
+    dashboard {
+      listeners.http {
+        bind = "0.0.0.0:18083"
+      }
+      default_username = "admin"
+      default_password = "public"
+    }
+    
+    # 监听器配置
+    listeners.tcp.default {
+      bind = "0.0.0.0:1883"
+      max_connections = 1024000
+    }
+    
+    listeners.ws.default {
+      bind = "0.0.0.0:8083"
+      max_connections = 1024000
+      websocket.mqtt_path = "/mqtt"
+    }
+    
+    listeners.ssl.default {
+      bind = "0.0.0.0:8883"
+      max_connections = 512000
+    }
+    
+    # 认证配置 - 使用内置数据库
+    authentication = [
+      {
+        mechanism = password_based
+        backend = built_in_database
+        user_id_type = username
+        password_hash_algorithm {
+          name = sha256
+          salt_position = suffix
+        }
+        # Bootstrap文件路径 - 用于初始化用户
+        bootstrap_file = "/opt/emqx/data/bootstrap_users.json"
+        bootstrap_type = plain
+      }
+    ]
+    
+    # 授权配置
+    authorization {
+      no_match = deny
+      deny_action = disconnect
+    
+      sources = [
+        {
+          type = built_in_database
+          enable = true
+        }
+      ]
+    }
+    
+    # MQTT协议配置
+    mqtt {
+      max_packet_size = "1MB"
+      max_clientid_len = 65535
+      max_topic_levels = 128
+      max_qos_allowed = 2
+      max_topic_alias = 65535
+      retain_available = true
+      wildcard_subscription = true
+      shared_subscription = true
+    }
+
+---
+# ============== ConfigMap - Users & ACL (严格 JSON 格式) ==============
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: emqx-bootstrap-users
+  namespace: bj-sh-uas-260511
+data:
+  bootstrap_users.json: |
+    [
+      { "user_id": "admin", "password": "odD8#Ve7.B", "is_superuser": true },
+      { "user_id": "cmlc", "password": "odD8#Ve7.B", "is_superuser": false }
+    ]
+
+  # 【修改点】既然有jq，这里使用标准的 JSON 数组格式，最不容易出错
+  bootstrap_acl.json: |
+    [
+      {
+        "username": "admin",
+        "rules": [
+          {"action": "all", "permission": "allow", "topic": "#"}
+        ]
+      },
+      {
+        "username": "cmlc",
+        "rules": [
+          {"action": "publish", "permission": "allow", "topic": "#"},
+          {"action": "subscribe", "permission": "allow", "topic": "#"}
+        ]
+      }
+    ]
+
+---
+# ============== ConfigMap - 初始化脚本 (修正版) ==============
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: emqx-init-dashboard
+  namespace: bj-sh-uas-260511
+data:
+  init-dashboard.sh: |
+    #!/bin/bash
+    set -e
+    
+    DASHBOARD_USER="admin"
+    DASHBOARD_PASS="${DASHBOARD_ADMIN_PASSWORD}"
+    EMQX_API="http://localhost:18083/api/v5"
+    ACL_FILE="/bootstrap/bootstrap_acl.json"
+    
+    # 辅助函数：打印带时间戳的日志
+    log() {
+      echo "[$(date +'%H:%M:%S')] $1"
+    }
+    
+    log "======================================"
+    log "初始化 Dashboard 与 ACL (Debug Version)"
+    log "======================================"
+    
+    # ----------------------------------------------------------------
+    # 1. 等待 EMQX API 就绪
+    # ----------------------------------------------------------------
+    log "[1/4] 等待 EMQX API 就绪..."
+    for i in $(seq 1 60); do
+      if curl -s -f -m 5 "${EMQX_API}/status" > /dev/null 2>&1; then
+        log "✓ EMQX API 已就绪"
+        break
+      fi
+      if [ $i -eq 60 ]; then
+        log "✗ EMQX API 启动超时"
+        exit 1
+      fi
+      sleep 5
+    done
+    
+    # ----------------------------------------------------------------
+    # 2. 修改 Dashboard 密码
+    # ----------------------------------------------------------------
+    log "[2/4] 检查/更新 Dashboard 密码..."
+    
+    # 获取 Token (尝试默认密码)
+    LOGIN_RESP=$(curl -s -X POST "${EMQX_API}/login" \
+      -H 'Content-Type: application/json' \
+      -d "{\"username\":\"${DASHBOARD_USER}\",\"password\":\"public\"}")
+    
+    TOKEN=$(echo "$LOGIN_RESP" | jq -r '.token // empty')
+    
+    if [ -n "$TOKEN" ]; then
+      log "  检测到默认密码，正在更新..."
+      curl -s -f -X POST "${EMQX_API}/users/${DASHBOARD_USER}/change_pwd" \
+        -H "Authorization: Bearer ${TOKEN}" \
+        -H 'Content-Type: application/json' \
+        -d "{\"old_pwd\":\"public\",\"new_pwd\":\"${DASHBOARD_PASS}\"}"
+      log "  ✓ Dashboard 密码已更新"
+    else
+      log "  ℹ 无法使用默认密码登录，跳过更新（可能已修改）"
+    fi
+    
+    # ----------------------------------------------------------------
+    # 3. 导入 ACL 规则
+    # ----------------------------------------------------------------
+    echo "[3/3] 导入ACL规则..."
+
+    # 重新登录获取最新 Token
+    LOGIN_RESP=$(curl -sS -X POST "${EMQX_API}/login" \
+      -H 'Content-Type: application/json' \
+      -d "{\"username\":\"${DASHBOARD_USER}\",\"password\":\"${DASHBOARD_PASS}\"}")
+
+    TOKEN=$(echo "$LOGIN_RESP" | jq -r '.token // empty')
+
+    if [ -z "$TOKEN" ]; then
+      echo "  ✗ 无法获取Token，请检查密码设置"
+      exit 0
+    fi
+
+    if [ -f "$ACL_FILE" ]; then
+      echo "  正在解析 ACL 文件: $ACL_FILE"
+
+      if ! jq -e . "$ACL_FILE" >/dev/null 2>&1; then
+         echo "  ✗ ACL 文件 JSON 格式错误，跳过处理"
+         exit 0
+      fi
+
+      jq -c '.[]' "$ACL_FILE" | while read -r user_config; do
+        USERNAME=$(echo "$user_config" | jq -r '.username // empty')
+
+        # ✅ PUT/POST 都需要 username + rules（username 是 required）
+        REQ_BODY=$(echo "$user_config" | jq -c '{username: .username, rules: .rules}')
+
+        if [ -z "$USERNAME" ]; then
+          echo "  ✗ ACL 条目缺少 username，跳过"
+          continue
+        fi
+
+        echo "  配置用户 ${USERNAME} 的ACL规则..."
+
+        # 1) 优先 PUT（覆盖更新）
+        http_code=$(curl -sS -o /tmp/emqx_acl_resp.json -w '%{http_code}' \
+          -X PUT "${EMQX_API}/authorization/sources/built_in_database/rules/users/${USERNAME}" \
+          -H "Authorization: Bearer ${TOKEN}" \
+          -H 'Content-Type: application/json' \
+          -d "$REQ_BODY")
+
+        if [ "$http_code" = "204" ]; then
+          echo "    ✓ PUT 更新成功"
+        elif [ "$http_code" = "404" ]; then
+          # 2) 不存在则 POST 创建
+          http_code2=$(curl -sS -o /tmp/emqx_acl_resp.json -w '%{http_code}' \
+            -X POST "${EMQX_API}/authorization/sources/built_in_database/rules/users" \
+            -H "Authorization: Bearer ${TOKEN}" \
+            -H 'Content-Type: application/json' \
+            -d "$REQ_BODY")
+
+          if [ "$http_code2" = "204" ]; then
+            echo "    ✓ POST 创建成功"
+          else
+            echo "    ✗ POST 失败 (HTTP ${http_code2})：$(cat /tmp/emqx_acl_resp.json 2>/dev/null || true)"
+            exit 1
+          fi
+        else
+          echo "    ✗ PUT 失败 (HTTP ${http_code})：$(cat /tmp/emqx_acl_resp.json 2>/dev/null || true)"
+          exit 1
+        fi
+
+        # 3) 导入后验证（可选但强烈建议保留）
+        verify_code=$(curl -sS -o /tmp/emqx_acl_verify.json -w '%{http_code}' \
+          -H "Authorization: Bearer ${TOKEN}" \
+          "${EMQX_API}/authorization/sources/built_in_database/rules/users/${USERNAME}")
+
+        if [ "$verify_code" = "200" ]; then
+          echo "    ✓ 验证成功：$(cat /tmp/emqx_acl_verify.json | jq -c '.')"
+        else
+          echo "    ✗ 验证失败 (HTTP ${verify_code})：$(cat /tmp/emqx_acl_verify.json 2>/dev/null || true)"
+          exit 1
+        fi
+      done
+
+      echo "  ✓ ACL 规则导入完成"
+    else
+      echo "  ℹ 未找到 ACL 文件"
+    fi
+
+---
+# ============== StatefulSet ==============
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: helm-emqxs
+  namespace: bj-sh-uas-260511
+  labels:
+    cmii.type: middleware
+    cmii.app: helm-emqxs
+    cmii.emqx.architecture: cluster
+    helm.sh/chart: emqx-1.1.0
+    app.kubernetes.io/managed-by: octopus-control
+    app.kubernetes.io/version: "2.3"
+spec:
+  replicas: 1
+  serviceName: helm-emqxs-headless
+  podManagementPolicy: Parallel
+  updateStrategy:
+    type: RollingUpdate
+  selector:
+    matchLabels:
+      cmii.type: middleware
+      cmii.app: helm-emqxs
+      cmii.emqx.architecture: cluster
+
+  template:
+    metadata:
+      labels:
+        cmii.type: middleware
+        cmii.app: helm-emqxs
+        cmii.emqx.architecture: cluster
+        helm.sh/chart: emqx-1.1.0
+        app.kubernetes.io/managed-by: octopus-control
+        app.kubernetes.io/version: "2.3"
+    spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+              - matchExpressions:
+                  - key: uavcloud.env
+                    operator: In
+                    values:
+                      - bj-sh-uas-260511
+
+      imagePullSecrets:
+        - name: harborsecret
+
+      serviceAccountName: helm-emqxs
+
+      securityContext:
+        fsGroup: 1000
+        runAsUser: 1000
+
+      # InitContainer - 准备bootstrap文件
+      initContainers:
+        - name: prepare-bootstrap
+          # 动态选择 tools 镜像
+          image: 192.168.3.31:8033/cmii/os-shell:12-debian-12-r51
+          imagePullPolicy: IfNotPresent
+          # =========================================================
+          # 权限: 必须以 root 身份运行才能 chown
+          # =========================================================
+          securityContext:
+            runAsUser: 0
+          command:
+            - /bin/sh
+            - -c
+            - |
+              echo "准备bootstrap文件..."
+              
+              # 创建数据目录
+              mkdir -p /opt/emqx/data
+              
+              # 复制bootstrap文件到数据目录
+              # 只在文件不存在时复制，避免覆盖已有数据
+              if [ ! -f /opt/emqx/data/bootstrap_users.json ]; then
+                cp /bootstrap-src/bootstrap_users.json /opt/emqx/data/
+                echo "✓ 已复制用户bootstrap文件"
+              else
+                echo "ℹ 用户bootstrap文件已存在，跳过"
+              fi
+              
+              # 设置权限 (现在有root权限，可以成功)
+              chown -R 1000:1000 /opt/emqx/data
+              
+              echo "✓ Bootstrap准备完成"
+          volumeMounts:
+            - name: emqx-data
+              mountPath: /opt/emqx/data
+            - name: bootstrap-users
+              mountPath: /bootstrap-src
+
+      containers:
+        # 主容器 - EMQX
+        - name: emqx
+          # 动态选择 emqx 镜像
+          image: 192.168.3.31:8033/cmii/emqx:5.8.8
+          imagePullPolicy: IfNotPresent
+
+          env:
+            # Pod信息
+            - name: POD_NAME
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.name
+            - name: EMQX_DATA_DIR
+              value: "/opt/emqx/data"
+
+          ports:
+            - name: mqtt
+              containerPort: 1883
+            - name: mqttssl
+              containerPort: 8883
+            - name: ws
+              containerPort: 8083
+            - name: dashboard
+              containerPort: 18083
+            - name: ekka
+              containerPort: 4370
+
+          resources:
+            requests:
+              cpu: "500m"
+              memory: "512Mi"
+            limits:
+              cpu: "2000m"
+              memory: "2Gi"
+
+          livenessProbe:
+            httpGet:
+              path: /status
+              port: 18083
+            initialDelaySeconds: 60
+            periodSeconds: 30
+            timeoutSeconds: 10
+            failureThreshold: 3
+
+          readinessProbe:
+            httpGet:
+              path: /status
+              port: 18083
+            initialDelaySeconds: 10
+            periodSeconds: 10
+            timeoutSeconds: 5
+            failureThreshold: 3
+
+          startupProbe:
+            httpGet:
+              path: /status
+              port: 18083
+            initialDelaySeconds: 10
+            periodSeconds: 5
+            failureThreshold: 30
+
+          volumeMounts:
+            - name: emqx-data
+              mountPath: /opt/emqx/data
+            # 使用 subPath 挂载单个配置文件，避免覆盖目录
+            - name: bootstrap-config
+              mountPath: /opt/emqx/etc/emqx.conf
+              subPath: emqx.conf
+
+        # Sidecar - 初始化Dashboard密码和ACL
+        - name: init-dashboard
+          # 动态选择 tools 镜像
+          image: 192.168.3.31:8033/cmii/os-shell:12-debian-12-r51
+          imagePullPolicy: IfNotPresent
+
+          command:
+            - /bin/sh
+            - -c
+            - |
+              # 等待主容器启动
+              echo "等待EMQX启动..."
+              sleep 20
+              
+              # 执行初始化
+              /bin/sh /scripts/init-dashboard.sh
+              
+              # 保持运行
+              echo "初始化完成，进入守护模式..."
+              while true; do sleep 3600; done
+
+          env:
+            - name: DASHBOARD_ADMIN_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: emqx-credentials
+                  key: dashboard-admin-password
+
+          resources:
+            requests:
+              cpu: "100m"
+              memory: "64Mi"
+            limits:
+              cpu: "200m"
+              memory: "128Mi"
+
+          volumeMounts:
+            - name: init-script
+              mountPath: /scripts
+            - name: bootstrap-users
+              mountPath: /bootstrap
+      nodeSelector:
+        mysql-deploy: "true"
+      volumes:
+        - name: bootstrap-config
+          configMap:
+            name: emqx-bootstrap-config
+        - name: bootstrap-users
+          configMap:
+            name: emqx-bootstrap-users
+        - name: init-script
+          configMap:
+            name: emqx-init-dashboard
+            defaultMode: 0755
+        - name: emqx-data
+          hostPath:
+            path: /var/lib/docker/emqx-pv/bj-sh-uas-260511/
+            type: ""
+
+---
+# ============== Service - Headless ==============
+apiVersion: v1
+kind: Service
+metadata:
+  name: helm-emqxs-headless
+  namespace: bj-sh-uas-260511
+  labels:
+    cmii.type: middleware
+    cmii.app: helm-emqxs
+    cmii.emqx.architecture: cluster
+    helm.sh/chart: emqx-1.1.0
+    app.kubernetes.io/managed-by: octopus-control
+    app.kubernetes.io/version: "2.3"
+spec:
+  type: ClusterIP
+  clusterIP: None
+  publishNotReadyAddresses: true
+  selector:
+    cmii.type: middleware
+    cmii.app: helm-emqxs
+    cmii.emqx.architecture: cluster
+  ports:
+    - name: mqtt
+      port: 1883
+      targetPort: 1883
+    - name: mqttssl
+      port: 8883
+      targetPort: 8883
+    - name: ws
+      port: 8083
+      targetPort: 8083
+    - name: dashboard
+      port: 18083
+      targetPort: 18083
+    - name: ekka
+      port: 4370
+      targetPort: 4370
+
+---
+# ============== Service - NodePort ==============
+apiVersion: v1
+kind: Service
+metadata:
+  name: helm-emqxs
+  namespace: bj-sh-uas-260511
+  labels:
+    cmii.type: middleware
+    cmii.app: helm-emqxs
+    cmii.emqx.architecture: cluster
+    helm.sh/chart: emqx-1.1.0
+    app.kubernetes.io/managed-by: octopus-control
+    app.kubernetes.io/version: "2.3"
+spec:
+  type: NodePort
+  selector:
+    cmii.type: middleware
+    cmii.app: helm-emqxs
+    cmii.emqx.architecture: cluster
+  ports:
+    - name: mqtt
+      port: 1883
+      targetPort: 1883
+      nodePort: 31883
+    - name: dashboard
+      port: 18083
+      targetPort: 18083
+      nodePort: 38085
+    - name: ws
+      port: 8083
+      targetPort: 8083
+      nodePort: 38083
+    - name: mqttssl
+      port: 8883
+      targetPort: 8883
--- a/84-202605-北京三河测试/k8s-mid/k8s-ingress-13014.yaml
+++ b/84-202605-北京三河测试/k8s-mid/k8s-ingress-13014.yaml
@@ -0,0 +1,680 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: frontend-applications-ingress
+  namespace: bj-sh-uas-260511
+  labels:
+    type: frontend
+    octopus.control: all-ingress-config-wdd
+    app.kubernetes.io/managed-by: octopus-control
+    app.kubernetes.io/version: uas-2.2
+  annotations:
+    kubernetes.io/ingress.class: nginx
+    nginx.ingress.kubernetes.io/enable-cors: 'true'
+    nginx.ingress.kubernetes.io/rewrite-target: /$1
+spec:
+  rules:
+    - host: fake-domain.bj-sh-uas-260511.io
+      http:
+        paths:
+          - path: /?(.*)
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-platform-lite
+                port:
+                  number: 9528
+          - path: /uas/?(.*)
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-platform-uas
+                port:
+                  number: 9528
+          - path: /lite/?(.*)
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-platform-lite
+                port:
+                  number: 9528
+          - path: /uasms/?(.*)
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-platform-uasms
+                port:
+                  number: 9528
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: backend-applications-ingress
+  namespace: bj-sh-uas-260511
+  labels:
+    type: backend
+    octopus.control: all-ingress-config-wdd
+    app.kubernetes.io/managed-by: octopus-control
+    app.kubernetes.io/version: uas-2.2
+  annotations:
+    kubernetes.io/ingress.class: nginx
+    nginx.ingress.kubernetes.io/enable-cors: 'true'
+spec:
+  rules:
+    - host: cmii-admin-data.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-admin-data
+                port:
+                  number: 8080
+    - host: cmii-admin-gateway.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-admin-gateway
+                port:
+                  number: 8080
+    - host: cmii-admin-user.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-admin-user
+                port:
+                  number: 8080
+    - host: cmii-app-release.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-app-release
+                port:
+                  number: 8080
+    - host: cmii-open-gateway.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-open-gateway
+                port:
+                  number: 8080
+    - host: cmii-sky-converge.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-sky-converge
+                port:
+                  number: 8080
+    - host: cmii-suav-supervision.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-suav-supervision
+                port:
+                  number: 8080
+    - host: cmii-uas-datahub.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uas-datahub
+                port:
+                  number: 8080
+    - host: cmii-uas-gateway.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uas-gateway
+                port:
+                  number: 8080
+    - host: cmii-uas-lifecycle.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uas-lifecycle
+                port:
+                  number: 8080
+    - host: cmii-uav-advanced5g.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-advanced5g
+                port:
+                  number: 8080
+    - host: cmii-uav-airspace.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-airspace
+                port:
+                  number: 8080
+    - host: cmii-uav-alarm.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-alarm
+                port:
+                  number: 8080
+    - host: cmii-uav-autowaypoint.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-autowaypoint
+                port:
+                  number: 8080
+    - host: cmii-uav-brain.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-brain
+                port:
+                  number: 8080
+    - host: cmii-uav-bridge.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-bridge
+                port:
+                  number: 8080
+    - host: cmii-uav-cloud-live.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-cloud-live
+                port:
+                  number: 8080
+    - host: cmii-uav-clusters.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-clusters
+                port:
+                  number: 8080
+    - host: cmii-uav-cms.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-cms
+                port:
+                  number: 8080
+    - host: cmii-uav-data-post-process.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-data-post-process
+                port:
+                  number: 8080
+    - host: cmii-uav-depotautoreturn.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-depotautoreturn
+                port:
+                  number: 8080
+    - host: cmii-uav-developer.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-developer
+                port:
+                  number: 8080
+    - host: cmii-uav-device.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-device
+                port:
+                  number: 8080
+    - host: cmii-uav-emergency.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-emergency
+                port:
+                  number: 8080
+    - host: cmii-uav-fwdd.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-fwdd
+                port:
+                  number: 8080
+    - host: cmii-uav-gateway.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-gateway
+                port:
+                  number: 8080
+    - host: cmii-uav-gis-server.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-gis-server
+                port:
+                  number: 8080
+    - host: cmii-uav-grid-datasource.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-grid-datasource
+                port:
+                  number: 8080
+    - host: cmii-uav-grid-engine.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-grid-engine
+                port:
+                  number: 8080
+    - host: cmii-uav-grid-manage.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-grid-manage
+                port:
+                  number: 8080
+    - host: cmii-uav-industrial-portfolio.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-industrial-portfolio
+                port:
+                  number: 8080
+    - host: cmii-uav-integration.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-integration
+                port:
+                  number: 8080
+    - host: cmii-uav-iot-dispatcher.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-iot-dispatcher
+                port:
+                  number: 8080
+    - host: cmii-uav-iot-manager.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-iot-manager
+                port:
+                  number: 8080
+    - host: cmii-uav-kpi-monitor.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-kpi-monitor
+                port:
+                  number: 8080
+    - host: cmii-uav-logger.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-logger
+                port:
+                  number: 8080
+    - host: cmii-uav-material-warehouse.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-material-warehouse
+                port:
+                  number: 8080
+    - host: cmii-uav-mission.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-mission
+                port:
+                  number: 8080
+    - host: cmii-uav-mqtthandler.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-mqtthandler
+                port:
+                  number: 8080
+    - host: cmii-uav-multilink.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-multilink
+                port:
+                  number: 8080
+    - host: cmii-uav-notice.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-notice
+                port:
+                  number: 8080
+    - host: cmii-uav-oauth.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-oauth
+                port:
+                  number: 8080
+    - host: cmii-uav-process.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-process
+                port:
+                  number: 8080
+    - host: cmii-uav-sec-awareness.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-sec-awareness
+                port:
+                  number: 8080
+    - host: cmii-uav-security-trace.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-security-trace
+                port:
+                  number: 8080
+    - host: cmii-uav-sense-adapter.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-sense-adapter
+                port:
+                  number: 8080
+    - host: cmii-uav-surveillance.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-surveillance
+                port:
+                  number: 8080
+    - host: cmii-uav-sync.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-sync
+                port:
+                  number: 8080
+    - host: cmii-uav-tcp-server.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-tcp-server
+                port:
+                  number: 8080
+    - host: cmii-uav-threedsimulation.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-threedsimulation
+                port:
+                  number: 8080
+    - host: cmii-uav-tower.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-tower
+                port:
+                  number: 8080
+    - host: cmii-uav-user.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-user
+                port:
+                  number: 8080
+    - host: cmii-uav-watchdog.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-watchdog
+                port:
+                  number: 8080
+    - host: cmii-uav-waypoint.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-waypoint
+                port:
+                  number: 8080
+    - host: cmii-uavms-pyfusion.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uavms-pyfusion
+                port:
+                  number: 8080
+    - host: cmii-uavms-security-center.uavcloud-sc-my-202602.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uavms-security-center
+                port:
+                  number: 8080
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: all-gateways-ingress
+  namespace: bj-sh-uas-260511
+  labels:
+    type: api-gateway
+    octopus.control: all-ingress-config-1.1.0
+    app.kubernetes.io/managed-by: octopus-control
+    app.kubernetes.io/version: uas-2.2
+  annotations:
+    kubernetes.io/ingress.class: nginx
+    nginx.ingress.kubernetes.io/enable-cors: 'true'
+    nginx.ingress.kubernetes.io/rewrite-target: /$1
+    nginx.ingress.kubernetes.io/proxy-read-timeout: '3600'
+    nginx.ingress.kubernetes.io/proxy-send-timeout: '3600'
+spec:
+  rules:
+    - host: fake-domain.bj-sh-uas-260511.io
+      http:
+        paths:
+          - path: /oms/api/?(.*)
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-admin-gateway
+                port:
+                  number: 8080
+          - path: /open/api/?(.*)
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-open-gateway
+                port:
+                  number: 8080
+          - path: /api/?(.*)
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uav-gateway
+                port:
+                  number: 8080
+          - path: /uas/api/?(.*)
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-uas-gateway
+                port:
+                  number: 8080
+          - path: /converge/?(.*)
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: cmii-sky-converge
+                port:
+                  number: 8080
--- a/84-202605-北京三河测试/k8s-mid/k8s-minio.yaml
+++ b/84-202605-北京三河测试/k8s-mid/k8s-minio.yaml
@@ -0,0 +1,71 @@
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  namespace: bj-sh-uas-260511
+  name: helm-minio-fly
+spec:
+  serviceName: helm-minio-fly
+  replicas: 1
+  selector:
+    matchLabels:
+      app: helm-minio-fly
+  template:
+    metadata:
+      labels:
+        app: helm-minio-fly
+    spec:
+      imagePullSecrets:
+        - name: harborsecret
+      affinity: {}
+      containers:
+        - name: minio
+          image: 192.168.3.31:8033/cmii/minio:RELEASE.2023-06-02T23-17-26Z
+          command: ["/bin/sh", "-c"]
+          args:
+            - minio server /data --console-address ":9001"
+          ports:
+            - containerPort: 9000
+              name: api
+            - containerPort: 9001
+              name: console
+          env:
+            - name: MINIO_ACCESS_KEY
+              value: "cmii"
+            - name: MINIO_SECRET_KEY
+              value: "B#923fC7mk"
+          volumeMounts:
+            - name: data
+              mountPath: /data
+          resources:
+            limits:
+              memory: 1Gi
+              cpu: "1"
+            requests:
+              memory: 200Mi
+              cpu: 200m
+      nodeSelector:
+        mysql-deploy: true
+      volumes:
+        - name: data
+          hostPath:
+            path: /data/minio-pv/
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: helm-minio-fly
+  namespace: bj-sh-uas-260511
+spec:
+  selector:
+    app: helm-minio-fly
+  ports:
+    - name: api
+      port: 9000
+      targetPort: 9000
+      nodePort: 31090
+    - name: console
+      port: 9001
+      targetPort: 9001
+      nodePort: 31091
+  type: NodePort
--- a/84-202605-北京三河测试/k8s-mid/k8s-mongo.yaml
+++ b/84-202605-北京三河测试/k8s-mid/k8s-mongo.yaml
@@ -0,0 +1,81 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: helm-mongo
+  namespace: bj-sh-uas-260511
+  labels:
+    cmii.app: helm-mongo
+    cmii.type: middleware
+    helm.sh/chart: mongo-1.1.0
+    app.kubernetes.io/managed-by: octopus-control
+    app.kubernetes.io/version: "2.3"
+spec:
+  type: NodePort
+  selector:
+    cmii.app: helm-mongo
+    cmii.type: middleware
+  ports:
+    - port: 27017
+      name: server-27017
+      targetPort: 27017
+      nodePort: 37017
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: helm-mongo
+  namespace: bj-sh-uas-260511
+  labels:
+    cmii.app: helm-mongo
+    cmii.type: middleware
+    helm.sh/chart: mongo-1.1.0
+    app.kubernetes.io/managed-by: octopus-control
+    app.kubernetes.io/version: "2.3"
+spec:
+  serviceName: helm-mongo
+  replicas: 1
+  selector:
+    matchLabels:
+      cmii.app: helm-mongo
+      cmii.type: middleware
+  template:
+    metadata:
+      labels:
+        cmii.app: helm-mongo
+        cmii.type: middleware
+        helm.sh/chart: mongo-1.1.0
+        app.kubernetes.io/managed-by: octopus-control
+        app.kubernetes.io/version: "2.3"
+      annotations:
+        pod.alpha.kubernetes.io/initialized: "true"
+    spec:
+      imagePullSecrets:
+        - name: harborsecret
+      nodeSelector:
+        mysql-deploy: "true"
+      affinity: {}
+      containers:
+        - name: helm-mongo
+          image: 192.168.3.31:8033/cmii/mongo:5.0
+          resources: {}
+          ports:
+            - containerPort: 27017
+              name: mongo27017
+              protocol: TCP
+          env:
+            - name: MONGO_INITDB_ROOT_USERNAME
+              value: cmlc
+            - name: MONGO_INITDB_ROOT_PASSWORD
+              value: REdPza8#oVlt
+          volumeMounts:
+            - name: mongo-data
+              mountPath: /data/db
+              readOnly: false
+              subPath: default/helm-mongo/data/db
+      volumes:
+        - name: mongo-data
+          hostPath:
+            path: /var/lib/docker/mongo-pv/bj-sh-uas-260511/
+            type: ""
+---
--- a/84-202605-北京三河测试/k8s-mid/k8s-mysql.yaml
+++ b/84-202605-北京三河测试/k8s-mid/k8s-mysql.yaml
@@ -0,0 +1,410 @@
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: helm-mysql
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/name: mysql-db
+    octopus.control: mysql-db-wdd
+    app.kubernetes.io/release: bj-sh-uas-260511
+    app.kubernetes.io/managed-by: octopus
+  annotations: {}
+secrets:
+  - name: helm-mysql
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: helm-mysql
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/name: mysql-db
+    octopus.control: mysql-db-wdd
+    app.kubernetes.io/release: bj-sh-uas-260511
+    app.kubernetes.io/managed-by: octopus
+type: Opaque
+data:
+  mysql-root-password: "UXpmWFFoZDNiUQ=="
+  mysql-password: "S0F0cm5PckFKNw=="
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: helm-mysql
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/name: mysql-db
+    octopus.control: mysql-db-wdd
+    app.kubernetes.io/release: bj-sh-uas-260511
+    app.kubernetes.io/managed-by: octopus
+    app.kubernetes.io/component: primary
+data:
+  my.cnf: |-
+    
+    [mysqld]
+    port=3306
+    basedir=/opt/bitnami/mysql
+    datadir=/bitnami/mysql/data
+    pid-file=/opt/bitnami/mysql/tmp/mysqld.pid
+    socket=/opt/bitnami/mysql/tmp/mysql.sock
+    log-error=/bitnami/mysql/data/error.log
+    general_log_file = /bitnami/mysql/data/general.log
+    slow_query_log_file = /bitnami/mysql/data/slow.log
+    innodb_data_file_path = ibdata1:512M:autoextend
+    innodb_buffer_pool_size = 512M
+    innodb_buffer_pool_instances = 2
+    innodb_log_file_size = 512M
+    innodb_log_files_in_group = 4
+    innodb_log_files_in_group = 4
+    log-bin = /bitnami/mysql/data/mysql-bin
+    max_binlog_size=1G
+    transaction_isolation = REPEATABLE-READ
+    default_storage_engine = innodb
+    character-set-server = utf8mb4
+    collation-server=utf8mb4_bin
+    binlog_format = ROW
+    binlog_rows_query_log_events=on
+    binlog_cache_size=4M
+    binlog_expire_logs_seconds  = 1296000
+    max_binlog_cache_size=2G
+    gtid_mode = on
+    enforce_gtid_consistency = 1
+    sync_binlog = 1
+    innodb_flush_log_at_trx_commit = 1
+    innodb_flush_method = O_DIRECT
+    log_slave_updates=1
+    relay_log_recovery = 1
+    relay-log-purge = 1
+    default_time_zone = '+08:00'
+    lower_case_table_names=1
+    log_bin_trust_function_creators=1
+    group_concat_max_len=67108864
+    innodb_io_capacity = 4000
+    innodb_io_capacity_max = 8000
+    innodb_flush_sync = 0
+    innodb_flush_neighbors = 0
+    innodb_write_io_threads = 8
+    innodb_read_io_threads = 8
+    innodb_purge_threads = 4
+    innodb_page_cleaners = 4
+    innodb_open_files = 65535
+    innodb_max_dirty_pages_pct = 50
+    innodb_lru_scan_depth = 4000
+    innodb_checksum_algorithm = crc32
+    innodb_lock_wait_timeout = 10
+    innodb_rollback_on_timeout = 1
+    innodb_print_all_deadlocks = 1
+    innodb_file_per_table = 1
+    innodb_online_alter_log_max_size = 4G
+    innodb_stats_on_metadata = 0
+    innodb_thread_concurrency = 0
+    innodb_sync_spin_loops = 100
+    innodb_spin_wait_delay = 30
+    lock_wait_timeout = 3600
+    slow_query_log = 1
+    long_query_time = 10
+    log_queries_not_using_indexes =1
+    log_throttle_queries_not_using_indexes = 60
+    min_examined_row_limit = 100
+    log_slow_admin_statements = 1
+    log_slow_slave_statements = 1
+    default_authentication_plugin=mysql_native_password
+    skip-name-resolve=1
+    explicit_defaults_for_timestamp=1
+    plugin_dir=/opt/bitnami/mysql/plugin
+    max_allowed_packet=128M
+    max_connections = 2000
+    max_connect_errors = 1000000
+    table_definition_cache=2000
+    table_open_cache_instances=64
+    tablespace_definition_cache=1024
+    thread_cache_size=256
+    interactive_timeout = 600
+    wait_timeout = 600
+    tmpdir=/opt/bitnami/mysql/tmp
+    max_allowed_packet=32M
+    bind-address=0.0.0.0
+    performance_schema = 1
+    performance_schema_instrument = '%memory%=on'
+    performance_schema_instrument = '%lock%=on'
+    innodb_monitor_enable=ALL
+    
+    [mysql]
+    no-auto-rehash
+    
+    [mysqldump]
+    quick
+    max_allowed_packet = 32M
+    
+    [client]
+    port=3306
+    socket=/opt/bitnami/mysql/tmp/mysql.sock
+    default-character-set=UTF8
+    plugin_dir=/opt/bitnami/mysql/plugin
+    
+    [manager]
+    port=3306
+    socket=/opt/bitnami/mysql/tmp/mysql.sock
+    pid-file=/opt/bitnami/mysql/tmp/mysqld.pid
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: helm-mysql-init-scripts
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/name: mysql-db
+    octopus.control: mysql-db-wdd
+    app.kubernetes.io/release: bj-sh-uas-260511
+    app.kubernetes.io/managed-by: octopus
+    app.kubernetes.io/component: primary
+data:
+  create_users_grants_core.sql: |-
+    create user zyly@'%' identified by 'Cmii@451315';
+    grant select on *.* to zyly@'%';
+    create user zyly_qc@'%' identified by 'Uh)E_owCyb16';
+    grant all on *.* to zyly_qc@'%';
+    create user k8s_admin@'%' identified by 'fP#UaH6qQ3)8';
+    grant all on *.* to k8s_admin@'%';
+    create user audit_dba@'%' identified by 'PjCzqiBmJaTpgkoYXynH';
+    grant all on *.* to audit_dba@'%';
+    create user db_backup@'%' identified by 'RU5Pu(4FGdT9';
+    GRANT SELECT, RELOAD, PROCESS, LOCK TABLES, REPLICATION CLIENT, EVENT on *.* to db_backup@'%';
+    create user monitor@'%' identified by 'PL3#nGtrWbf-';
+    grant REPLICATION CLIENT on *.* to monitor@'%';
+    flush privileges;
+---
+kind: Service
+apiVersion: v1
+metadata:
+  name: cmii-mysql
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/component: primary
+    app.kubernetes.io/managed-by: octopus
+    app.kubernetes.io/name: mysql-db
+    app.kubernetes.io/release: bj-sh-uas-260511
+    cmii.app: mysql
+    cmii.type: middleware
+    octopus.control: mysql-db-wdd
+spec:
+  ports:
+    - name: mysql
+      protocol: TCP
+      port: 13306
+      targetPort: mysql
+  selector:
+    app.kubernetes.io/component: primary
+    app.kubernetes.io/name: mysql-db
+    app.kubernetes.io/release: bj-sh-uas-260511
+    cmii.app: mysql
+    cmii.type: middleware
+  type: ClusterIP
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: helm-mysql-headless
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/name: mysql-db
+    octopus.control: mysql-db-wdd
+    app.kubernetes.io/release: bj-sh-uas-260511
+    app.kubernetes.io/managed-by: octopus
+    cmii.type: middleware
+    cmii.app: mysql
+    app.kubernetes.io/component: primary
+  annotations: {}
+spec:
+  type: ClusterIP
+  clusterIP: None
+  publishNotReadyAddresses: true
+  ports:
+    - name: mysql
+      port: 3306
+      targetPort: mysql
+  selector: 
+    app.kubernetes.io/name: mysql-db
+    app.kubernetes.io/release: bj-sh-uas-260511
+    cmii.type: middleware
+    cmii.app: mysql
+    app.kubernetes.io/component: primary
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: helm-mysql
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/name: mysql-db
+    octopus.control: mysql-db-wdd
+    app.kubernetes.io/release: bj-sh-uas-260511
+    app.kubernetes.io/managed-by: octopus
+    cmii.type: middleware
+    cmii.app: mysql
+    app.kubernetes.io/component: primary
+  annotations: {}
+spec:
+  type: NodePort
+  ports:
+    - name: mysql
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+      nodePort: 33306
+  selector: 
+    app.kubernetes.io/name: mysql-db
+    app.kubernetes.io/release: bj-sh-uas-260511
+    cmii.type: middleware
+    cmii.app: mysql
+    app.kubernetes.io/component: primary
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: helm-mysql
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/name: mysql-db
+    octopus.control: mysql-db-wdd
+    app.kubernetes.io/release: bj-sh-uas-260511
+    app.kubernetes.io/managed-by: octopus
+    cmii.type: middleware
+    cmii.app: mysql
+    app.kubernetes.io/component: primary
+spec:
+  replicas: 1
+  selector:
+    matchLabels: 
+      app.kubernetes.io/name: mysql-db
+      app.kubernetes.io/release: bj-sh-uas-260511
+      cmii.type: middleware
+      cmii.app: mysql
+      app.kubernetes.io/component: primary
+  serviceName: helm-mysql
+  updateStrategy:
+    type: RollingUpdate
+  template:
+    metadata:
+      annotations:
+        checksum/configuration: 6b60fa0f3a846a6ada8effdc4f823cf8003d42a8c8f630fe8b1b66d3454082dd
+      labels:
+        app.kubernetes.io/name: mysql-db
+        octopus.control: mysql-db-wdd
+        app.kubernetes.io/release: bj-sh-uas-260511
+        app.kubernetes.io/managed-by: octopus
+        cmii.type: middleware
+        cmii.app: mysql
+        app.kubernetes.io/component: primary
+    spec:
+      imagePullSecrets:
+        - name: harborsecret
+      serviceAccountName: helm-mysql
+      affinity: {}
+      nodeSelector:
+        mysql-deploy: "true"
+      securityContext:
+        fsGroup: 1001
+      initContainers:
+        - name: change-volume-permissions
+          image: 192.168.3.31:8033/cmii/os-shell:12-debian-12-r51
+          imagePullPolicy: "Always"
+          command:
+            - /bin/bash
+            - -ec
+            - |
+              chown -R 1001:1001 /bitnami/mysql
+          securityContext:
+            runAsUser: 0
+          volumeMounts:
+            - name: mysql-data
+              mountPath: /bitnami/mysql
+      containers:
+        - name: mysql
+          image: 192.168.3.31:8033/cmii/mysql:8.1.0-debian-11-r42
+          imagePullPolicy: "IfNotPresent"
+          securityContext:
+            runAsUser: 1001
+          env:
+            - name: BITNAMI_DEBUG
+              value: "true"
+            - name: MYSQL_ROOT_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: helm-mysql
+                  key: mysql-root-password
+            - name: MYSQL_DATABASE
+              value: "cmii"
+          ports:
+            - name: mysql
+              containerPort: 3306
+          livenessProbe:
+            failureThreshold: 5
+            initialDelaySeconds: 120
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 3
+            exec:
+              command:
+                - /bin/bash
+                - -ec
+                - |
+                  password_aux="${MYSQL_ROOT_PASSWORD:-}"
+                  if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then
+                      password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE")
+                  fi
+                  mysqladmin status -uroot -p"${password_aux}"
+          readinessProbe:
+            failureThreshold: 5
+            initialDelaySeconds: 30
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 3
+            exec:
+              command:
+                - /bin/bash
+                - -ec
+                - |
+                  password_aux="${MYSQL_ROOT_PASSWORD:-}"
+                  if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then
+                      password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE")
+                  fi
+                  mysqladmin status -uroot -p"${password_aux}"
+          startupProbe:
+            failureThreshold: 60
+            initialDelaySeconds: 120
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 1
+            exec:
+              command:
+                - /bin/bash
+                - -ec
+                - |
+                  password_aux="${MYSQL_ROOT_PASSWORD:-}"
+                  if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then
+                      password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE")
+                  fi
+                  mysqladmin status -uroot -p"${password_aux}"
+          resources: 
+            limits: {}
+            requests: {}
+          volumeMounts:
+            - name: mysql-data
+              mountPath: /bitnami/mysql
+            - name: custom-init-scripts
+              mountPath: /docker-entrypoint-initdb.d
+            - name: config
+              mountPath: /opt/bitnami/mysql/conf/my.cnf
+              subPath: my.cnf
+      volumes:
+        - name: config
+          configMap:
+            name: helm-mysql
+        - name: custom-init-scripts
+          configMap:
+            name: helm-mysql-init-scripts
+        - name: mysql-data
+          hostPath:
+            path: /var/lib/docker/mysql-pv/bj-sh-uas-260511/
--- a/84-202605-北京三河测试/k8s-mid/k8s-nacos.yaml
+++ b/84-202605-北京三河测试/k8s-mid/k8s-nacos.yaml
@@ -0,0 +1,130 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: helm-nacos-cm
+  namespace: bj-sh-uas-260511
+  labels:
+    cmii.app: helm-nacos
+    cmii.type: middleware
+    octopus.control: nacos-wdd
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/version: "2.3"
+data:
+  mysql.db.name: "cmii_nacos_config"
+  mysql.db.host: "helm-mysql"
+  mysql.port: "3306"
+  mysql.user: "k8s_admin"
+  mysql.password: "fP#UaH6qQ3)8"
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: helm-nacos
+  namespace: bj-sh-uas-260511
+  labels:
+    cmii.app: helm-nacos
+    cmii.type: middleware
+    octopus.control: nacos-wdd
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/version: "2.3"
+spec:
+  type: NodePort
+  selector:
+    cmii.app: helm-nacos
+    cmii.type: middleware
+  ports:
+    - port: 8848
+      name: server
+      targetPort: 8848
+      nodePort: 38848
+    - port: 9848
+      name: server12
+      targetPort: 9848
+    - port: 9849
+      name: server23
+      targetPort: 9849
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: helm-nacos
+  namespace: bj-sh-uas-260511
+  labels:
+    cmii.app: helm-nacos
+    cmii.type: middleware
+    octopus.control: nacos-wdd
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/version: "2.3"
+spec:
+  serviceName: helm-nacos
+  replicas: 1
+  selector:
+    matchLabels:
+      cmii.app: helm-nacos
+      cmii.type: middleware
+  template:
+    metadata:
+      labels:
+        cmii.app: helm-nacos
+        cmii.type: middleware
+        octopus.control: nacos-wdd
+        app.kubernetes.io/managed-by: octopus
+        app.kubernetes.io/version: "2.3"
+      annotations:
+        pod.alpha.kubernetes.io/initialized: "true"
+    spec:
+      imagePullSecrets:
+        - name: harborsecret
+      affinity: {}
+      containers:
+        - name: nacos-server
+          image: 192.168.3.31:8033/cmii/nacos-server:v2.1.2
+          ports:
+            - containerPort: 8848
+              name: dashboard
+            - containerPort: 9848
+              name: tcp-9848
+            - containerPort: 9849
+              name: tcp-9849
+          env:
+            - name: NACOS_AUTH_ENABLE
+              value: "false"
+            - name: NACOS_REPLICAS
+              value: "1"
+            - name: MYSQL_SERVICE_DB_NAME
+              valueFrom:
+                configMapKeyRef:
+                  name: helm-nacos-cm
+                  key: mysql.db.name
+            - name: MYSQL_SERVICE_PORT
+              valueFrom:
+                configMapKeyRef:
+                  name: helm-nacos-cm
+                  key: mysql.port
+            - name: MYSQL_SERVICE_USER
+              valueFrom:
+                configMapKeyRef:
+                  name: helm-nacos-cm
+                  key: mysql.user
+            - name: MYSQL_SERVICE_PASSWORD
+              valueFrom:
+                configMapKeyRef:
+                  name: helm-nacos-cm
+                  key: mysql.password
+            - name: MYSQL_SERVICE_HOST
+              valueFrom:
+                configMapKeyRef:
+                  name: helm-nacos-cm
+                  key: mysql.db.host
+            - name: NACOS_SERVER_PORT
+              value: "8848"
+            - name: NACOS_APPLICATION_PORT
+              value: "8848"
+            - name: PREFER_HOST_MODE
+              value: "hostname"
+            - name: MODE
+              value: standalone
+            - name: SPRING_DATASOURCE_PLATFORM
+              value: mysql
+---
--- a/84-202605-北京三河测试/k8s-mid/k8s-rabbitmq.yaml
+++ b/84-202605-北京三河测试/k8s-mid/k8s-rabbitmq.yaml
@@ -0,0 +1,331 @@
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: helm-rabbitmq
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/name: helm-rabbitmq
+    helm.sh/chart: rabbitmq-8.26.1
+    app.kubernetes.io/release: bj-sh-uas-260511
+    app.kubernetes.io/managed-by: rabbitmq
+automountServiceAccountToken: true
+secrets:
+    - name: helm-rabbitmq
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: helm-rabbitmq
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/name: helm-rabbitmq
+    helm.sh/chart: rabbitmq-8.26.1
+    app.kubernetes.io/release: bj-sh-uas-260511
+    app.kubernetes.io/managed-by: rabbitmq
+type: Opaque
+data:
+  rabbitmq-password: "blljUk45MXIuX2hq"
+  rabbitmq-erlang-cookie: "emFBRmt1ZU1xMkJieXZvdHRYbWpoWk52UThuVXFzcTU="
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: helm-rabbitmq-config
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/name: helm-rabbitmq
+    helm.sh/chart: rabbitmq-8.26.1
+    app.kubernetes.io/release: bj-sh-uas-260511
+    app.kubernetes.io/managed-by: rabbitmq
+data:
+  rabbitmq.conf: |-
+    ## Username and password
+    ##
+    default_user = admin
+    default_pass = nYcRN91r._hj
+    ## Clustering
+    ##
+    cluster_formation.peer_discovery_backend  = rabbit_peer_discovery_k8s
+    cluster_formation.k8s.host = kubernetes.default.svc.cluster.local
+    cluster_formation.node_cleanup.interval = 10
+    cluster_formation.node_cleanup.only_log_warning = true
+    cluster_partition_handling = autoheal
+    # queue master locator
+    queue_master_locator = min-masters
+    # enable guest user
+    loopback_users.guest = false
+    #default_vhost = default-vhost
+    #disk_free_limit.absolute = 50MB
+    #load_definitions = /app/load_definition.json
+---
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: helm-rabbitmq-endpoint-reader
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/name: helm-rabbitmq
+    helm.sh/chart: rabbitmq-8.26.1
+    app.kubernetes.io/release: bj-sh-uas-260511
+    app.kubernetes.io/managed-by: rabbitmq
+rules:
+  - apiGroups: [""]
+    resources: ["endpoints"]
+    verbs: ["get"]
+  - apiGroups: [""]
+    resources: ["events"]
+    verbs: ["create"]
+---
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: helm-rabbitmq-endpoint-reader
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/name: helm-rabbitmq
+    helm.sh/chart: rabbitmq-8.26.1
+    app.kubernetes.io/release: bj-sh-uas-260511
+    app.kubernetes.io/managed-by: rabbitmq
+subjects:
+  - kind: ServiceAccount
+    name: helm-rabbitmq
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: helm-rabbitmq-endpoint-reader
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: helm-rabbitmq-headless
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/name: helm-rabbitmq
+    helm.sh/chart: rabbitmq-8.26.1
+    app.kubernetes.io/release: bj-sh-uas-260511
+    app.kubernetes.io/managed-by: rabbitmq
+spec:
+  clusterIP: None
+  ports:
+    - name: epmd
+      port: 4369
+      targetPort: epmd
+    - name: amqp
+      port: 5672
+      targetPort: amqp
+    - name: dist
+      port: 25672
+      targetPort: dist
+    - name: dashboard
+      port: 15672
+      targetPort: stats
+  selector: 
+    app.kubernetes.io/name: helm-rabbitmq
+    app.kubernetes.io/release: bj-sh-uas-260511
+  publishNotReadyAddresses: true
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: helm-rabbitmq
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/name: helm-rabbitmq
+    helm.sh/chart: rabbitmq-8.26.1
+    app.kubernetes.io/release: bj-sh-uas-260511
+    app.kubernetes.io/managed-by: rabbitmq
+spec:
+  type: NodePort
+  ports:
+    - name: amqp
+      port: 5672
+      targetPort: amqp
+      nodePort: 35672
+    - name: dashboard
+      port: 15672
+      targetPort: dashboard
+      nodePort: 36675
+  selector: 
+    app.kubernetes.io/name: helm-rabbitmq
+    app.kubernetes.io/release: bj-sh-uas-260511
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: helm-rabbitmq
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/name: helm-rabbitmq
+    helm.sh/chart: rabbitmq-8.26.1
+    app.kubernetes.io/release: bj-sh-uas-260511
+    app.kubernetes.io/managed-by: rabbitmq
+spec:
+  serviceName: helm-rabbitmq-headless
+  podManagementPolicy: OrderedReady
+  replicas: 1
+  updateStrategy:
+    type: RollingUpdate
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: helm-rabbitmq
+      app.kubernetes.io/release: bj-sh-uas-260511
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: helm-rabbitmq
+        helm.sh/chart: rabbitmq-8.26.1
+        app.kubernetes.io/release: bj-sh-uas-260511
+        app.kubernetes.io/managed-by: rabbitmq
+      annotations:
+        checksum/config: d6c2caa9572f64a06d9f7daa34c664a186b4778cd1697ef8e59663152fc628f1
+        checksum/secret: d764e7b3d999e7324d1afdfec6140092a612f04b6e0306818675815cec2f454f
+    spec:
+      imagePullSecrets:
+        - name: harborsecret
+      serviceAccountName: helm-rabbitmq
+      affinity: {}
+      securityContext:
+        fsGroup: 5001
+        runAsUser: 5001
+      terminationGracePeriodSeconds: 120
+      initContainers:
+        - name: volume-permissions
+          image: 192.168.3.31:8033/cmii/os-shell:12-debian-12-r51
+          imagePullPolicy: "Always"
+          command:
+            - /bin/bash
+          args:
+            - -ec
+            - |
+              mkdir -p "/bitnami/rabbitmq/mnesia"
+              chown -R "5001:5001" "/bitnami/rabbitmq/mnesia"
+          securityContext:
+            runAsUser: 0
+          resources:
+            limits: {}
+            requests: {}
+          volumeMounts:
+            - name: data
+              mountPath: /bitnami/rabbitmq/mnesia
+      containers:
+        - name: rabbitmq
+          image: 192.168.3.31:8033/cmii/rabbitmq:3.13.7-debian-12-r5
+          imagePullPolicy: "Always"
+          env:
+            - name: BITNAMI_DEBUG
+              value: "false"
+            - name: MY_POD_IP
+              valueFrom:
+                fieldRef:
+                  fieldPath: status.podIP
+            - name: MY_POD_NAME
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.name
+            - name: MY_POD_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.namespace
+            - name: K8S_SERVICE_NAME
+              value: "helm-rabbitmq-headless"
+            - name: K8S_ADDRESS_TYPE
+              value: hostname
+            - name: RABBITMQ_FORCE_BOOT
+              value: "no"
+            - name: RABBITMQ_NODE_NAME
+              value: "rabbit@$(MY_POD_NAME).$(K8S_SERVICE_NAME).$(MY_POD_NAMESPACE).svc.cluster.local"
+            - name: K8S_HOSTNAME_SUFFIX
+              value: ".$(K8S_SERVICE_NAME).$(MY_POD_NAMESPACE).svc.cluster.local"
+            - name: RABBITMQ_MNESIA_DIR
+              value: "/bitnami/rabbitmq/mnesia/$(RABBITMQ_NODE_NAME)"
+            - name: RABBITMQ_LDAP_ENABLE
+              value: "no"
+            - name: RABBITMQ_LOGS
+              value: "-"
+            - name: RABBITMQ_ULIMIT_NOFILES
+              value: "65536"
+            - name: RABBITMQ_USE_LONGNAME
+              value: "true"
+            - name: RABBITMQ_ERL_COOKIE
+              valueFrom:
+                secretKeyRef:
+                  name: helm-rabbitmq
+                  key: rabbitmq-erlang-cookie
+            - name: RABBITMQ_LOAD_DEFINITIONS
+              value: "no"
+            - name: RABBITMQ_SECURE_PASSWORD
+              value: "yes"
+            - name: RABBITMQ_USERNAME
+              value: "admin"
+            - name: RABBITMQ_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: helm-rabbitmq
+                  key: rabbitmq-password
+            - name: RABBITMQ_PLUGINS
+              value: "rabbitmq_management, rabbitmq_peer_discovery_k8s, rabbitmq_shovel, rabbitmq_shovel_management, rabbitmq_auth_backend_ldap"
+          ports:
+            - name: amqp
+              containerPort: 5672
+            - name: dist
+              containerPort: 25672
+            - name: dashboard
+              containerPort: 15672
+            - name: epmd
+              containerPort: 4369
+          livenessProbe:
+            exec:
+              command:
+                - /bin/bash
+                - -ec
+                - rabbitmq-diagnostics -q ping
+            initialDelaySeconds: 120
+            periodSeconds: 30
+            timeoutSeconds: 20
+            successThreshold: 1
+            failureThreshold: 6
+          readinessProbe:
+            exec:
+              command:
+                - /bin/bash
+                - -ec
+                - rabbitmq-diagnostics -q check_running && rabbitmq-diagnostics -q check_local_alarms
+            initialDelaySeconds: 10
+            periodSeconds: 30
+            timeoutSeconds: 20
+            successThreshold: 1
+            failureThreshold: 3
+          lifecycle:
+            preStop:
+              exec:
+                command:
+                  - /bin/bash
+                  - -ec
+                  - |
+                    if [[ -f /opt/bitnami/scripts/rabbitmq/nodeshutdown.sh ]]; then
+                        /opt/bitnami/scripts/rabbitmq/nodeshutdown.sh -t "120" -d  "false"
+                    else
+                        rabbitmqctl stop_app
+                    fi
+          resources:
+            limits: {}
+            requests: {}
+          volumeMounts:
+            - name: configuration
+              mountPath: /bitnami/rabbitmq/conf
+            - name: data
+              mountPath: /bitnami/rabbitmq/mnesia
+      nodeSelector:
+        mysql-deploy: "true"
+      volumes:
+        - name: configuration
+          configMap:
+            name: helm-rabbitmq-config
+            items:
+              - key: rabbitmq.conf
+                path: rabbitmq.conf
+        - name: data
+          hostPath:
+            path: /var/lib/docker/rabbitmq-pv/bj-sh-uas-260511/
+            type: ""
--- a/84-202605-北京三河测试/k8s-mid/k8s-redis.yaml
+++ b/84-202605-北京三河测试/k8s-mid/k8s-redis.yaml
@@ -0,0 +1,585 @@
+---
+apiVersion: v1
+kind: ServiceAccount
+automountServiceAccountToken: true
+metadata:
+  name: helm-redis
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/name: redis-db
+    octopus.control: redis-db-wdd
+    app.kubernetes.io/release: bj-sh-uas-260511
+    app.kubernetes.io/managed-by: octopus
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: helm-redis
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/name: redis-db
+    octopus.control: redis-db-wdd
+    app.kubernetes.io/release: bj-sh-uas-260511
+    app.kubernetes.io/managed-by: octopus
+type: Opaque
+data:
+  redis-password: "TWNhY2hlQDQ1MjI="
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: helm-redis-configuration
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/name: redis-db
+    octopus.control: redis-db-wdd
+    app.kubernetes.io/release: bj-sh-uas-260511
+    app.kubernetes.io/managed-by: octopus
+data:
+  redis.conf: |-
+    # User-supplied common configuration:
+    # Enable AOF https://redis.io/topics/persistence#append-only-file
+    appendonly yes
+    # Disable RDB persistence, AOF persistence already enabled.
+    save ""
+    # End of common configuration
+  master.conf: |-
+    dir /data
+    # User-supplied master configuration:
+    rename-command FLUSHDB ""
+    rename-command FLUSHALL ""
+    # End of master configuration
+  replica.conf: |-
+    dir /data
+    slave-read-only yes
+    # User-supplied replica configuration:
+    rename-command FLUSHDB ""
+    rename-command FLUSHALL ""
+    # End of replica configuration
+---
+# Source: outside-deploy/charts/redis-db/templates/health-configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: helm-redis-health
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/name: redis-db
+    octopus.control: redis-db-wdd
+    app.kubernetes.io/release: bj-sh-uas-260511
+    app.kubernetes.io/managed-by: octopus
+data:
+  ping_readiness_local.sh: |-
+    #!/bin/bash
+
+    [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")"
+    [[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD"
+    response=$(
+      timeout -s 3 $1 \
+      redis-cli \
+        -h localhost \
+        -p $REDIS_PORT \
+        ping
+    )
+    if [ "$response" != "PONG" ]; then
+      echo "$response"
+      exit 1
+    fi
+  ping_liveness_local.sh: |-
+    #!/bin/bash
+
+    [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")"
+    [[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD"
+    response=$(
+      timeout -s 3 $1 \
+      redis-cli \
+        -h localhost \
+        -p $REDIS_PORT \
+        ping
+    )
+    if [ "$response" != "PONG" ] && [ "$response" != "LOADING Redis is loading the dataset in memory" ]; then
+      echo "$response"
+      exit 1
+    fi
+  ping_readiness_master.sh: |-
+    #!/bin/bash
+
+    [[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")"
+    [[ -n "$REDIS_MASTER_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_MASTER_PASSWORD"
+    response=$(
+      timeout -s 3 $1 \
+      redis-cli \
+        -h $REDIS_MASTER_HOST \
+        -p $REDIS_MASTER_PORT_NUMBER \
+        ping
+    )
+    if [ "$response" != "PONG" ]; then
+      echo "$response"
+      exit 1
+    fi
+  ping_liveness_master.sh: |-
+    #!/bin/bash
+
+    [[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")"
+    [[ -n "$REDIS_MASTER_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_MASTER_PASSWORD"
+    response=$(
+      timeout -s 3 $1 \
+      redis-cli \
+        -h $REDIS_MASTER_HOST \
+        -p $REDIS_MASTER_PORT_NUMBER \
+        ping
+    )
+    if [ "$response" != "PONG" ] && [ "$response" != "LOADING Redis is loading the dataset in memory" ]; then
+      echo "$response"
+      exit 1
+    fi
+  ping_readiness_local_and_master.sh: |-
+    script_dir="$(dirname "$0")"
+    exit_status=0
+    "$script_dir/ping_readiness_local.sh" $1 || exit_status=$?
+    "$script_dir/ping_readiness_master.sh" $1 || exit_status=$?
+    exit $exit_status
+  ping_liveness_local_and_master.sh: |-
+    script_dir="$(dirname "$0")"
+    exit_status=0
+    "$script_dir/ping_liveness_local.sh" $1 || exit_status=$?
+    "$script_dir/ping_liveness_master.sh" $1 || exit_status=$?
+    exit $exit_status
+---
+# Source: outside-deploy/charts/redis-db/templates/scripts-configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: helm-redis-scripts
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/name: redis-db
+    octopus.control: redis-db-wdd
+    app.kubernetes.io/release: bj-sh-uas-260511
+    app.kubernetes.io/managed-by: octopus
+data:
+  start-master.sh: |
+    #!/bin/bash
+
+    [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")"
+    if [[ ! -f /opt/bitnami/redis/etc/master.conf ]];then
+        cp /opt/bitnami/redis/mounted-etc/master.conf /opt/bitnami/redis/etc/master.conf
+    fi
+    if [[ ! -f /opt/bitnami/redis/etc/redis.conf ]];then
+        cp /opt/bitnami/redis/mounted-etc/redis.conf /opt/bitnami/redis/etc/redis.conf
+    fi
+    ARGS=("--port" "${REDIS_PORT}")
+    ARGS+=("--requirepass" "${REDIS_PASSWORD}")
+    ARGS+=("--masterauth" "${REDIS_PASSWORD}")
+    ARGS+=("--include" "/opt/bitnami/redis/etc/redis.conf")
+    ARGS+=("--include" "/opt/bitnami/redis/etc/master.conf")
+    exec redis-server "${ARGS[@]}"
+  start-replica.sh: |
+    #!/bin/bash
+
+    get_port() {
+        hostname="$1"
+        type="$2"
+
+        port_var=$(echo "${hostname^^}_SERVICE_PORT_$type" | sed "s/-/_/g")
+        port=${!port_var}
+        
+        if [ -z "$port" ]; then
+            case $type in
+                "SENTINEL")
+                    echo 26379
+                    ;;
+                "REDIS")
+                    echo 6379
+                    ;;
+            esac
+        else
+            echo $port
+        fi
+    }
+
+    get_full_hostname() {
+        hostname="$1"
+        echo "${hostname}.${HEADLESS_SERVICE}"
+    }
+
+    REDISPORT=$(get_port "$HOSTNAME" "REDIS")
+    
+    [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")"
+    [[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")"
+    if [[ ! -f /opt/bitnami/redis/etc/replica.conf ]];then
+        cp /opt/bitnami/redis/mounted-etc/replica.conf /opt/bitnami/redis/etc/replica.conf
+    fi
+    if [[ ! -f /opt/bitnami/redis/etc/redis.conf ]];then
+        cp /opt/bitnami/redis/mounted-etc/redis.conf /opt/bitnami/redis/etc/redis.conf
+    fi
+
+    echo "" >> /opt/bitnami/redis/etc/replica.conf
+    echo "replica-announce-port $REDISPORT" >> /opt/bitnami/redis/etc/replica.conf
+    echo "replica-announce-ip $(get_full_hostname "$HOSTNAME")" >> /opt/bitnami/redis/etc/replica.conf
+    ARGS=("--port" "${REDIS_PORT}")
+    ARGS+=("--slaveof" "${REDIS_MASTER_HOST}" "${REDIS_MASTER_PORT_NUMBER}")
+    ARGS+=("--requirepass" "${REDIS_PASSWORD}")
+    ARGS+=("--masterauth" "${REDIS_MASTER_PASSWORD}")
+    ARGS+=("--include" "/opt/bitnami/redis/etc/redis.conf")
+    ARGS+=("--include" "/opt/bitnami/redis/etc/replica.conf")
+    exec redis-server "${ARGS[@]}"
+---
+# Source: outside-deploy/charts/redis-db/templates/headless-svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: helm-redis-headless
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/name: redis-db
+    octopus.control: redis-db-wdd
+    app.kubernetes.io/release: bj-sh-uas-260511
+    app.kubernetes.io/managed-by: octopus
+spec:
+  type: ClusterIP
+  clusterIP: None
+  ports:
+    - name: tcp-redis
+      port: 6379
+      targetPort: redis
+  selector:
+    app.kubernetes.io/name: redis-db
+    app.kubernetes.io/release: bj-sh-uas-260511
+---
+# Source: outside-deploy/charts/redis-db/templates/master/service.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: helm-redis-master
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/name: redis-db
+    octopus.control: redis-db-wdd
+    app.kubernetes.io/release: bj-sh-uas-260511
+    app.kubernetes.io/managed-by: octopus
+    cmii.type: middleware
+    cmii.app: redis
+    app.kubernetes.io/component: master
+spec:
+  type: ClusterIP
+  
+  ports:
+    - name: tcp-redis
+      port: 6379
+      targetPort: redis
+      nodePort: null
+  selector:
+    app.kubernetes.io/name: redis-db
+    app.kubernetes.io/release: bj-sh-uas-260511
+    cmii.type: middleware
+    cmii.app: redis
+    app.kubernetes.io/component: master
+---
+# Source: outside-deploy/charts/redis-db/templates/replicas/service.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: helm-redis-replicas
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/name: redis-db
+    octopus.control: redis-db-wdd
+    app.kubernetes.io/release: bj-sh-uas-260511
+    app.kubernetes.io/managed-by: octopus
+    app.kubernetes.io/component: replica
+spec:
+  type: ClusterIP
+  ports:
+    - name: tcp-redis
+      port: 6379
+      targetPort: redis
+      nodePort: null
+  selector:
+    app.kubernetes.io/name: redis-db
+    app.kubernetes.io/release: bj-sh-uas-260511
+    app.kubernetes.io/component: replica
+---
+# Source: outside-deploy/charts/redis-db/templates/master/statefulset.yaml
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: helm-redis-master
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/name: redis-db
+    octopus.control: redis-db-wdd
+    app.kubernetes.io/release: bj-sh-uas-260511
+    app.kubernetes.io/managed-by: octopus
+    cmii.type: middleware
+    cmii.app: redis
+    app.kubernetes.io/component: master
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: redis-db
+      app.kubernetes.io/release: bj-sh-uas-260511
+      cmii.type: middleware
+      cmii.app: redis
+      app.kubernetes.io/component: master
+  serviceName: helm-redis-headless
+  updateStrategy:
+    rollingUpdate: {}
+    type: RollingUpdate
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: redis-db
+        octopus.control: redis-db-wdd
+        app.kubernetes.io/release: bj-sh-uas-260511
+        app.kubernetes.io/managed-by: octopus
+        cmii.type: middleware
+        cmii.app: redis
+        app.kubernetes.io/component: master
+      annotations:
+        checksum/configmap: b64aa5db67e6e63811f3c1095b9fce34d83c86a471fccdda0e48eedb53a179b0
+        checksum/health: 6e0a6330e5ac63e565ae92af1444527d72d8897f91266f333555b3d323570623
+        checksum/scripts: b88df93710b7c42a76006e20218f05c6e500e6cc2affd4bb1985832f03166e98
+        checksum/secret: 43f1b0e20f9cb2de936bd182bc3683b720fc3cf4f4e76cb23c06a52398a50e8d
+    spec:
+      affinity: {}
+      securityContext:
+        fsGroup: 1001
+      serviceAccountName: helm-redis
+      imagePullSecrets:
+        - name: harborsecret
+      terminationGracePeriodSeconds: 30
+      containers:
+        - name: redis
+          image: 192.168.3.31:8033/cmii/redis:6.2.14-debian-11-r1
+          imagePullPolicy: "Always"
+          securityContext:
+            runAsUser: 1001
+          command:
+            - /bin/bash
+          args:
+            - -c
+            - /opt/bitnami/scripts/start-scripts/start-master.sh
+          env:
+            - name: BITNAMI_DEBUG
+              value: "false"
+            - name: REDIS_REPLICATION_MODE
+              value: master
+            - name: ALLOW_EMPTY_PASSWORD
+              value: "no"
+            - name: REDIS_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: helm-redis
+                  key: redis-password
+            - name: REDIS_TLS_ENABLED
+              value: "no"
+            - name: REDIS_PORT
+              value: "6379"
+          ports:
+            - name: redis
+              containerPort: 6379
+          livenessProbe:
+            initialDelaySeconds: 20
+            periodSeconds: 5
+            # One second longer than command timeout should prevent generation of zombie processes.
+            timeoutSeconds: 6
+            successThreshold: 1
+            failureThreshold: 5
+            exec:
+              command:
+                - sh
+                - -c
+                - /health/ping_liveness_local.sh 5
+          readinessProbe:
+            initialDelaySeconds: 20
+            periodSeconds: 5
+            timeoutSeconds: 2
+            successThreshold: 1
+            failureThreshold: 5
+            exec:
+              command:
+                - sh
+                - -c
+                - /health/ping_readiness_local.sh 1
+          resources:
+            limits:
+              cpu: "2"
+              memory: 8Gi
+            requests:
+              cpu: "2"
+              memory: 8Gi
+          volumeMounts:
+            - name: start-scripts
+              mountPath: /opt/bitnami/scripts/start-scripts
+            - name: health
+              mountPath: /health
+            - name: redis-data
+              mountPath: /data
+              subPath: 
+            - name: config
+              mountPath: /opt/bitnami/redis/mounted-etc
+            - name: redis-tmp-conf
+              mountPath: /opt/bitnami/redis/etc/
+            - name: tmp
+              mountPath: /tmp
+      volumes:
+        - name: start-scripts
+          configMap:
+            name: helm-redis-scripts
+            defaultMode: 0755
+        - name: health
+          configMap:
+            name: helm-redis-health
+            defaultMode: 0755
+        - name: config
+          configMap:
+            name: helm-redis-configuration
+        - name: redis-tmp-conf
+          emptyDir: {}
+        - name: tmp
+          emptyDir: {}
+        - name: redis-data
+          emptyDir: {}
+---
+# Source: outside-deploy/charts/redis-db/templates/replicas/statefulset.yaml
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: helm-redis-replicas
+  namespace: bj-sh-uas-260511
+  labels:
+    app.kubernetes.io/name: redis-db
+    octopus.control: redis-db-wdd
+    app.kubernetes.io/release: bj-sh-uas-260511
+    app.kubernetes.io/managed-by: octopus
+    app.kubernetes.io/component: replica
+spec:
+  replicas: 0
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: redis-db
+      app.kubernetes.io/release: bj-sh-uas-260511
+      app.kubernetes.io/component: replica
+  serviceName: helm-redis-headless
+  updateStrategy:
+    rollingUpdate: {}
+    type: RollingUpdate
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: redis-db
+        octopus.control: redis-db-wdd
+        app.kubernetes.io/release: bj-sh-uas-260511
+        app.kubernetes.io/managed-by: octopus
+        app.kubernetes.io/component: replica
+      annotations:
+        checksum/configmap: b64aa5db67e6e63811f3c1095b9fce34d83c86a471fccdda0e48eedb53a179b0
+        checksum/health: 6e0a6330e5ac63e565ae92af1444527d72d8897f91266f333555b3d323570623
+        checksum/scripts: b88df93710b7c42a76006e20218f05c6e500e6cc2affd4bb1985832f03166e98
+        checksum/secret: 43f1b0e20f9cb2de936bd182bc3683b720fc3cf4f4e76cb23c06a52398a50e8d
+    spec:
+      imagePullSecrets:
+        - name: harborsecret
+      securityContext:
+        fsGroup: 1001
+      serviceAccountName: helm-redis
+      terminationGracePeriodSeconds: 30
+      containers:
+        - name: redis
+          image: 192.168.3.31:8033/cmii/redis:6.2.14-debian-11-r19
+          imagePullPolicy: "Always"
+          securityContext:
+            runAsUser: 1001
+          command:
+            - /bin/bash
+          args:
+            - -c
+            - /opt/bitnami/scripts/start-scripts/start-replica.sh
+          env:
+            - name: BITNAMI_DEBUG
+              value: "false"
+            - name: REDIS_REPLICATION_MODE
+              value: slave
+            - name: REDIS_MASTER_HOST
+              value: helm-redis-master-0.helm-redis-headless.bj-sh-uas-260511.svc.cluster.local
+            - name: REDIS_MASTER_PORT_NUMBER
+              value: "6379"
+            - name: ALLOW_EMPTY_PASSWORD
+              value: "no"
+            - name: REDIS_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: helm-redis
+                  key: redis-password
+            - name: REDIS_MASTER_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: helm-redis
+                  key: redis-password
+            - name: REDIS_TLS_ENABLED
+              value: "no"
+            - name: REDIS_PORT
+              value: "6379"
+          ports:
+            - name: redis
+              containerPort: 6379
+          livenessProbe:
+            initialDelaySeconds: 20
+            periodSeconds: 5
+            timeoutSeconds: 6
+            successThreshold: 1
+            failureThreshold: 5
+            exec:
+              command:
+                - sh
+                - -c
+                - /health/ping_liveness_local_and_master.sh 5
+          readinessProbe:
+            initialDelaySeconds: 20
+            periodSeconds: 5
+            timeoutSeconds: 2
+            successThreshold: 1
+            failureThreshold: 5
+            exec:
+              command:
+                - sh
+                - -c
+                - /health/ping_readiness_local_and_master.sh 1
+          resources:
+            limits:
+              cpu: "2"
+              memory: 8Gi
+            requests:
+              cpu: "2"
+              memory: 8Gi
+          volumeMounts:
+            - name: start-scripts
+              mountPath: /opt/bitnami/scripts/start-scripts
+            - name: health
+              mountPath: /health
+            - name: redis-data
+              mountPath: /data
+              subPath: 
+            - name: config
+              mountPath: /opt/bitnami/redis/mounted-etc
+            - name: redis-tmp-conf
+              mountPath: /opt/bitnami/redis/etc
+      volumes:
+        - name: start-scripts
+          configMap:
+            name: helm-redis-scripts
+            defaultMode: 0755
+        - name: health
+          configMap:
+            name: helm-redis-health
+            defaultMode: 0755
+        - name: config
+          configMap:
+            name: helm-redis-configuration
+        - name: redis-tmp-conf
+          emptyDir: {}
+        - name: redis-data
+          emptyDir: {}
+
--- a/84-202605-北京三河测试/k8s-token.txt
+++ b/84-202605-北京三河测试/k8s-token.txt
@@ -0,0 +1 @@
+eyJhbGciOiJSUzI1NiIsImtpZCI6IkhzRUJhQktCRmw4VmhrZHpHalpIeGUyYkpCQ1h2WncyS0lmUkZHcERwQncifQ.eyJhdWQiOlsidW5rbm93biJdLCJleHAiOjE4NzMwOTM1MTAsImlhdCI6MTc3ODQ4NTUxMCwiaXNzIjoicmtlIiwianRpIjoiZjJkZDEzZGEtZWFkNi00MTFkLWE1NDEtMTZjNTRiNjQ1ZWQ4Iiwia3ViZXJuZXRlcy5pbyI6eyJuYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsInNlcnZpY2VhY2NvdW50Ijp7Im5hbWUiOiJhZG1pbi11c2VyIiwidWlkIjoiMWRiMjgyMjQtNGJiMi00NGEzLWJmMGUtZjE3NWU2YTk4YzYxIn19LCJuYmYiOjE3Nzg0ODU1MTAsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlcm5ldGVzLWRhc2hib2FyZDphZG1pbi11c2VyIn0.lJDt8WfYB9Bhf0dPKQ6QtNxqIvD_qKnM1ulNsXUNUUFZzUlJ7T_CLW_dlTRavQ4Kn_9YhzQOydbR6XFV9NFfecnargDndG2d6DS_raDDqXHL3bj61KpSJgvx1pqzuF0oV4bxrz9ceUOa5xUdV7i9P2tWbjQtvMA-lYIpNxeiekLGQgFPVTaOU9ykGR5fi-VXR9oSXcKSo7ixodTS4HSus4tKgafw_NkTCIBdURc4SLST0z0Mvq9fZQO2EPLXz8qmtmlSnWRB48JRPe5bAGvkcYv6KthkFfACrr4GB3UvD_yrh6RsqWJuZTQeEhNEbu-W1aEBs0yfO5oYJEvGR9MMZw
--- a/84-202605-北京三河测试/real-public-nginx.conf
+++ b/84-202605-北京三河测试/real-public-nginx.conf
@@ -0,0 +1,36 @@
+upstream cc_server {
+    ip_hash;
+    server 192.168.3.31:30500;
+    server 192.168.3.32:30500;
+    server 192.168.3.33:30500;
+}
+
+server {
+  listen 8088;
+  server_name localhost;
+  location / {
+      proxy_pass http://cc_server;
+      client_max_body_size 5120m;
+      client_body_buffer_size 5120m;
+      client_body_timeout 6000s;
+      proxy_send_timeout 10000s;
+      proxy_read_timeout 10000s;
+      proxy_connect_timeout 600s;
+      proxy_max_temp_file_size 5120m;
+      proxy_request_buffering on;
+      proxy_buffering off;
+      proxy_buffer_size 4k;
+      proxy_buffers 4 12k;
+      proxy_set_header Host fake-domain.bj-sh-uas-260511.io;
+      proxy_set_header X-Real-IP $remote_addr;
+      proxy_set_header Upgrade $http_upgrade;
+      proxy_set_header Connection "upgrade";
+      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+  }
+
+    location ~ ^/.*/(actuator|swagger-resources|api-docs|env|ping|health)(/|$) {
+        return 403;
+    }
+
+}
+
--- a/84-202605-北京三河测试/rke-13014-cluster.yml
+++ b/84-202605-北京三河测试/rke-13014-cluster.yml
@@ -0,0 +1,237 @@
+nodes:
+  - address: 192.168.3.31
+    user: root
+    role:
+      - controlplane
+      - etcd
+      - worker
+    internal_address: 192.168.3.31
+    hostname_override: "0-master-192.168.3.31"
+    labels:
+      ingress-deploy: true
+  - address: 192.168.3.32
+    user: root
+    role:
+      - worker
+    internal_address: 192.168.3.32
+    hostname_override: "1-worker-fly-192.168.3.32"
+    labels:
+      ingress-deploy: true
+      uavcloud.env: bj-sh-uas-260511
+      doris-deploy: true
+  - address: 192.168.3.33
+    user: root
+    role:
+      - worker
+    internal_address: 192.168.3.33
+    hostname_override: "2-worker-fly-192.168.1.221"
+    labels:
+      ingress-deploy: true
+      uavcloud.env: bj-sh-uas-260511
+      mysql-deploy: true
+
+
+authentication:
+  strategy: x509
+  sans:
+    - "192.168.3.31"
+
+private_registries:
+  - url: 192.168.3.31:8033 # 私有镜像库地址
+    user: admin
+    password: "V2ryStr@ngPss"
+    is_default: true
+
+##############################################################################
+
+# 默认值为false，如果设置为true，当发现不支持的Docker版本时，RKE不会报错
+ignore_docker_version: true
+
+# Set the name of the Kubernetes cluster
+cluster_name: rke-cluster
+
+kubernetes_version: v1.30.14-rancher1-1
+
+ssh_key_path: /root/.ssh/id_ed25519
+
+# Enable running cri-dockerd
+# Up to Kubernetes 1.23, kubelet contained code called dockershim
+# to support Docker runtime. The replacement is called cri-dockerd
+# and should be enabled if you want to keep using Docker as your
+# container runtime
+# Only available to enable in Kubernetes 1.21 and higher
+enable_cri_dockerd: true
+
+services:
+  etcd:
+    backup_config:
+      enabled: false
+      interval_hours: 72
+      retention: 3
+      safe_timestamp: false
+      timeout: 300
+    creation: 12h
+    extra_args:
+        election-timeout: 5000
+        heartbeat-interval: 500
+        cipher-suites: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA
+    gid: 0
+    retention: 72h
+    snapshot: false
+    uid: 0
+
+  kube-api:
+    # IP range for any services created on Kubernetes
+    # This must match the service_cluster_ip_range in kube-controller
+    service_cluster_ip_range: 10.74.0.0/16
+    # Expose a different port range for NodePort services
+    service_node_port_range: 30000-40000
+    always_pull_images: false
+    pod_security_policy: false
+    # Add additional arguments to the kubernetes API server
+    # This WILL OVERRIDE any existing defaults
+    extra_args:
+      # Enable audit log to stdout
+      audit-log-path: "-"
+      # Increase number of delete workers
+      delete-collection-workers: 3
+      # Set the level of log output to warning-level
+      v: 1
+  kube-controller:
+    # CIDR pool used to assign IP addresses to pods in the cluster
+    cluster_cidr: 10.96.0.0/16
+    # IP range for any services created on Kubernetes
+    # This must match the service_cluster_ip_range in kube-api
+    service_cluster_ip_range: 10.74.0.0/16
+    # Add additional arguments to the kubernetes API server
+    # This WILL OVERRIDE any existing defaults
+    extra_args:
+      # Set the level of log output to debug-level
+      v: 1
+      # Enable RotateKubeletServerCertificate feature gate
+      feature-gates: RotateKubeletServerCertificate=true
+      # Enable TLS Certificates management
+      # https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster/
+      cluster-signing-cert-file: "/etc/kubernetes/ssl/kube-ca.pem"
+      cluster-signing-key-file: "/etc/kubernetes/ssl/kube-ca-key.pem"
+  kubelet:
+    # Base domain for the cluster
+    cluster_domain: cluster.local
+    # IP address for the DNS service endpoint
+    cluster_dns_server: 10.74.0.10
+    # Fail if swap is on
+    fail_swap_on: false
+    # Set max pods to 250 instead of default 110
+    extra_binds:
+      - "/data/minio-pv:/hostStorage" # 不要修改 为minio的pv添加
+    extra_args:
+      max-pods: 122
+    # Optionally define additional volume binds to a service
+  scheduler:
+    extra_args:
+      # Set the level of log output to warning-level
+      v: 0
+      tls-cipher-suites: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA
+  kubeproxy:
+    extra_args:
+      # Set the level of log output to warning-level
+      v: 1
+
+authorization:
+  mode: rbac
+
+addon_job_timeout: 30
+
+# Specify network plugin-in (canal, calico, flannel, weave, or none)
+network:
+  mtu: 1440
+  options:
+    flannel_backend_type: vxlan
+  plugin: calico
+  tolerations:
+    - key: "node.kubernetes.io/unreachable"
+      operator: "Exists"
+      effect: "NoExecute"
+      tolerationseconds: 300
+    - key: "node.kubernetes.io/not-ready"
+      operator: "Exists"
+      effect: "NoExecute"
+      tolerationseconds: 300
+
+# Specify DNS provider (coredns or kube-dns)
+dns:
+  provider: coredns
+  nodelocal: {}
+  # Available as of v1.1.0
+  update_strategy:
+    strategy: RollingUpdate
+    rollingUpdate:
+      maxUnavailable: 20%
+      maxSurge: 15%
+    linear_autoscaler_params:
+      cores_per_replica: 0.34
+      nodes_per_replica: 4
+      prevent_single_point_failure: true
+      min: 2
+      max: 3
+  tolerations:
+    - key: "node.kubernetes.io/unreachable"
+      operator: "Exists"
+      effect: "NoExecute"
+      tolerationseconds: 300
+    - key: "node.kubernetes.io/not-ready"
+      operator: "Exists"
+      effect: "NoExecute"
+      tolerationseconds: 300
+
+# Specify monitoring provider (metrics-server)
+monitoring:
+  provider: metrics-server
+  # Available as of v1.1.0
+  update_strategy:
+    strategy: RollingUpdate
+    rollingUpdate:
+      maxUnavailable: 8
+
+ingress:
+  provider: nginx
+  default_backend: true
+  http_port: 30500
+  https_port: 31500
+  extra_envs:
+    - name: TZ
+      value: Asia/Shanghai
+  node_selector:
+    ingress-deploy: true
+  options:
+    use-forwarded-headers: "true"
+    access-log-path: /var/log/nginx/access.log
+    client-body-timeout: '6000'
+    compute-full-forwarded-for: 'true'
+    enable-underscores-in-headers: 'true'
+    log-format-escape-json: 'true'
+    log-format-upstream: >-
+      { "msec": "$msec", "connection": "$connection", "connection_requests":
+      "$connection_requests", "pid": "$pid", "request_id": "$request_id",
+      "request_length": "$request_length", "remote_addr": "$remote_addr",
+      "remote_user": "$remote_user", "remote_port": "$remote_port",
+      "http_x_forwarded_for": "$http_x_forwarded_for", "time_local":
+      "$time_local", "time_iso8601": "$time_iso8601", "request": "$request",
+      "request_uri": "$request_uri", "args": "$args", "status": "$status",
+      "body_bytes_sent": "$body_bytes_sent", "bytes_sent": "$bytes_sent",
+      "http_referer": "$http_referer", "http_user_agent": "$http_user_agent",
+      "http_host": "$http_host", "server_name": "$server_name", "request_time":
+      "$request_time", "upstream": "$upstream_addr", "upstream_connect_time":
+      "$upstream_connect_time", "upstream_header_time": "$upstream_header_time",
+      "upstream_response_time": "$upstream_response_time",
+      "upstream_response_length": "$upstream_response_length",
+      "upstream_cache_status": "$upstream_cache_status", "ssl_protocol":
+      "$ssl_protocol", "ssl_cipher": "$ssl_cipher", "scheme": "$scheme",
+      "request_method": "$request_method", "server_protocol": "$server_protocol",
+      "pipe": "$pipe", "gzip_ratio": "$gzip_ratio", "http_cf_ray": "$http_cf_ray",
+      "geoip_country_code": "$geoip_country_code" }
+    proxy-body-size: 5120m
+    proxy-read-timeout: '6000'
+    proxy-send-timeout: '6000'
+
+
--- a/84-202605-北京三河测试/基本信息.txt
+++ b/84-202605-北京三河测试/基本信息.txt
@@ -0,0 +1,15 @@
+ubuntu/ubuntu123   root/Flzx3qc!
+ubuntu/ubuntu123   root/Flzx3qc!
+ubuntu/ubuntu123   root/Flzx3qc!
+
+192.168.3.31
+192.168.3.32
+192.168.3.33
+
+ToDesk信息
+186187213
+Ab123456.
+
+锁屏密码123
+
+
--- a/84-202605-北京三河测试/批量更新-prompt.md
+++ b/84-202605-北京三河测试/批量更新-prompt.md
@@ -0,0 +1,14 @@
+cmlc=cmii=cmii-uas-gateway=2.3.0-pro-20260226.tar.gz
+cmlc=cmii=cmii-uas-lifecycle=2.3.0-pro-20260304.tar.gz
+cmlc=cmii=cmii-uas-perception-live=2.3.0-pro-20260226.tar.gz
+cmlc=cmii=cmii-uas-datahub=2.3.0-pro-20260311.tar.gz
+cmlc=cmii=cmii-uav-material-warehouse=2.3.0-pro-20260225.tar.gz
+cmlc=cmii=cmii-uav-data-center=2.3.0-pro-20260225.tar.gz
+cmlc=cmii=cmii-uav-platform-uasms=2.3.0-pro-20260312.tar.gz
+cmlc=cmii=cmii-uav-platform-uas=2.3.0-pro-20260312.tar.gz
+cmlc=cmii=cmii-uas-fusion=2.2.0-112.tar.gz
+cmlc=cmii=cmii-uav-iot-dispatcher=2.3.0-20260211-fix-live-record-v4.tar.gz
+我有一个文档的内容如上，你需要实现一个shell脚本，实现如下的功能
+1. 命名空间为：bj-sh-uas-260511
+2. 以=为分隔符号，提取deployment名称为第三项 例如cmii-uas-gateway 提取镜像的Tag为第四项 例如 2.3.0-pro-20260226
+3. 使用kubectl一次更新每个deployment对应的镜像Tag
				`@@ -0,0 +1 @@`
				eyJhbGciOiJSUzI1NiIsImtpZCI6IkhzRUJhQktCRmw4VmhrZHpHalpIeGUyYkpCQ1h2WncyS0lmUkZHcERwQncifQ.eyJhdWQiOlsidW5rbm93biJdLCJleHAiOjE4NzMwOTM1MTAsImlhdCI6MTc3ODQ4NTUxMCwiaXNzIjoicmtlIiwianRpIjoiZjJkZDEzZGEtZWFkNi00MTFkLWE1NDEtMTZjNTRiNjQ1ZWQ4Iiwia3ViZXJuZXRlcy5pbyI6eyJuYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsInNlcnZpY2VhY2NvdW50Ijp7Im5hbWUiOiJhZG1pbi11c2VyIiwidWlkIjoiMWRiMjgyMjQtNGJiMi00NGEzLWJmMGUtZjE3NWU2YTk4YzYxIn19LCJuYmYiOjE3Nzg0ODU1MTAsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlcm5ldGVzLWRhc2hib2FyZDphZG1pbi11c2VyIn0.lJDt8WfYB9Bhf0dPKQ6QtNxqIvD_qKnM1ulNsXUNUUFZzUlJ7T_CLW_dlTRavQ4Kn_9YhzQOydbR6XFV9NFfecnargDndG2d6DS_raDDqXHL3bj61KpSJgvx1pqzuF0oV4bxrz9ceUOa5xUdV7i9P2tWbjQtvMA-lYIpNxeiekLGQgFPVTaOU9ykGR5fi-VXR9oSXcKSo7ixodTS4HSus4tKgafw_NkTCIBdURc4SLST0z0Mvq9fZQO2EPLXz8qmtmlSnWRB48JRPe5bAGvkcYv6KthkFfACrr4GB3UvD_yrh6RsqWJuZTQeEhNEbu-W1aEBs0yfO5oYJEvGR9MMZw