初始化项目

agent-deploy/OctopusDeploy.go

@@ -0,0 +1,261 @@
+package agent_deploy
+
+import (
+	"os"
+	image2 "wdd.io/agent-common/image"
+	"wdd.io/agent-common/logger"
+	"wdd.io/agent-common/utils"
+	"wdd.io/agent-deploy/a_dashboard"
+	"wdd.io/agent-deploy/b_nfs"
+	"wdd.io/agent-deploy/c_middle"
+	"wdd.io/agent-deploy/d_app"
+	"wdd.io/agent-deploy/e_cmii"
+	"wdd.io/agent-deploy/z_dep"
+)
+
+var log = logger.Log
+
+const (
+	dev          = "uavcloud-dev"
+	devFlight    = "uavcloud-devflight"
+	devOperation = "uavcloud-devoperation"
+	validation   = "uavcloud-feature"
+	integration  = "uavcloud-test"
+	uat          = "uavcloud-uat"
+	demo         = "uavcloud-demo"
+	uavms        = "uavcloud-uavms"
+)
+
+func OctopusDeploy() {
+
+	// common environment
+	common := &z_dep.CommonEnvironmentConfig{
+		WebIP:                       "10.250.0.110",
+		WebPort:                     "8888",
+		HarborIPOrCustomImagePrefix: "10.250.0.110",
+		HarborPort:                  "8033",
+		Namespace:                   "bjtg",
+		TagVersion:                  "5.5.0",
+		TenantEnv:                   "",
+		MinioPublicIP:               "10.250.0.110",
+		MinioInnerIP:                "10.250.0.110",
+		NFSServerIP:                 "10.250.0.110",
+	}
+
+	// kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')
+	a_dashboard.K8sDashboardDeploy(common)
+
+	b_nfs.NFSDeploy(common)
+	b_nfs.NFSTestDeploy(common)
+
+	// pvc
+	c_middle.PVCDeploy(common)
+
+	// middlewares
+	c_middle.MidMySQlDeploy(common)
+	c_middle.MidRedisDeploy(common)
+	c_middle.MidEmqxDeploy(common)
+	c_middle.MidMongoDeploy(common)
+	c_middle.MidRabbitMQDeploy(common)
+	c_middle.MidRabbitMQDeploy(common)
+	c_middle.MidNacosDeploy(common)
+
+	configMapDeploy(common)
+	d_app.IngressDeploy(common)
+
+	gzipFilePrefix := "/root/octopus_image/xjyd/"
+	frontendImageVersionMap, backendImageVersionMap, _ := image2.GzipFolderPathToCmiiImageTagMaps(gzipFilePrefix)
+
+	doDeployBackend(common, backendImageVersionMap)
+	doDeployFrontend(common, frontendImageVersionMap)
+	d_app.SRSDeploy(common)
+}
+
+func CmiiAppDeploy() {
+
+	// common environment
+	common := &z_dep.CommonEnvironmentConfig{
+		WebIP:                       "36.133.201.78",
+		WebPort:                     "8888",
+		HarborIPOrCustomImagePrefix: "192.168.0.14",
+		HarborPort:                  "",
+		Namespace:                   "xjyd",
+		TagVersion:                  "5.5.0",
+		TenantEnv:                   "",
+		MinioPublicIP:               "36.133.201.146",
+		MinioInnerIP:                "192.168.0.21",
+		NFSServerIP:                 "192.168.0.14",
+	}
+
+	//frontendImageVersionMap, backendImageVersionMap, _ := image.FrontendBackendSrsImageMapFromCmiiImageMap(zjjt.CmiiImageMap)
+	gzipFilePrefix := "/root/octopus_image/xjyd/"
+	frontendImageVersionMap, backendImageVersionMap, _ := image2.GzipFolderPathToCmiiImageTagMaps(gzipFilePrefix)
+
+	doDeployBackend(common, backendImageVersionMap)
+	doDeployFrontend(common, frontendImageVersionMap)
+	//utils.BeautifulPrint(frontendImageVersionMap)
+
+	//configMapDeploy(common)
+	//c_app.IngressDeploy(common)
+
+}
+
+func doDeployBackend(common *z_dep.CommonEnvironmentConfig, backendImageVersionMap map[string]string) {
+
+	os.Remove(z_dep.BackendApplyFilePath)
+
+	for appName, tag := range backendImageVersionMap {
+		d_app.DefaultCmiiBackendConfig.AppName = appName
+		d_app.DefaultCmiiBackendConfig.ImageTag = tag
+
+		// ignore some app
+		_, ok := d_app.IgnoreCmiiBackendAppName[appName]
+		if ok {
+			d_app.DefaultCmiiBackendConfig.Replicas = "0"
+		} else {
+			d_app.DefaultCmiiBackendConfig.Replicas = "1"
+		}
+
+		d_app.DefaultCmiiBackendConfig.BackendDeploy(common)
+	}
+}
+
+func doDeployFrontend(common *z_dep.CommonEnvironmentConfig, frontendImageVersionMap map[string]string) {
+
+	os.Remove(z_dep.FrontendApplyFilePath)
+
+	d_app.FrontendDefaultNginxDeploy(common)
+
+	for appName, tag := range frontendImageVersionMap {
+		d_app.DefaultCmiiFrontendConfig.AppName = appName
+		d_app.DefaultCmiiFrontendConfig.ImageTag = tag
+
+		// ignore some app
+		_, ok := d_app.IgnoreCmiiFrontendAppName[appName]
+		if ok {
+			d_app.DefaultCmiiFrontendConfig.Replicas = "0"
+		} else {
+			d_app.DefaultCmiiFrontendConfig.Replicas = "1"
+		}
+
+		value, ok := d_app.FrontendShortNameMaps[appName]
+		if !ok {
+			log.ErrorF("FrontendShortNameMaps error !  not contains %s", appName)
+			continue
+		}
+
+		d_app.DefaultCmiiFrontendConfig.ShortName = value
+
+		d_app.DefaultCmiiFrontendConfig.FrontendDeploy(common)
+	}
+}
+
+func configMapDeploy(common *z_dep.CommonEnvironmentConfig) {
+	os.Remove(z_dep.ConfigMapApplyFilePath)
+
+	for frontendName, shortName := range d_app.FrontendShortNameMaps {
+		d_app.DefaultCmiiFrontendConfig.AppName = frontendName
+		d_app.DefaultCmiiFrontendConfig.ShortName = shortName
+
+		value, ok := d_app.FrontendClientIdMaps[frontendName]
+		if !ok {
+			log.ErrorF("FrontendClientIdMaps error !  not contains %s", frontendName)
+			continue
+		}
+
+		d_app.DefaultCmiiFrontendConfig.ClientId = value
+
+		d_app.DefaultCmiiFrontendConfig.ConfigMapDeploy(common)
+	}
+}
+
+// CmiiEnvironmentDeploy 部署完整的CMII环境的所有组件
+func CmiiEnvironmentDeploy(isCompleteDeploy bool, commonEnv *z_dep.CommonEnvironmentConfig, backendImageVersionMap, frontendImageVersionMap map[string]string) {
+
+	// clear old apply file
+	_ = os.Mkdir(commonEnv.ApplyFilePrefix, os.ModePerm)
+
+	oldApplyFileFolder := commonEnv.ApplyFilePrefix + "old"
+	utils.RemoveFolderComplete(oldApplyFileFolder)
+	_ = os.Mkdir(oldApplyFileFolder, os.ModePerm)
+
+	// move all apply file to old folder
+	_ = utils.MoveFolerToAnother(commonEnv.ApplyFilePrefix, oldApplyFileFolder)
+
+	// get cmii env config from namespace
+	cmiiEnvConfig := getCmiiEnvConfigurationFromNamespace(commonEnv.Namespace)
+
+	// generate
+
+	// generate new apply file for specific environment
+	if isCompleteDeploy {
+
+		// dashboard
+		a_dashboard.K8sDashboardDeploy(commonEnv)
+		// nfs
+		b_nfs.NFSDeploy(commonEnv)
+		b_nfs.NFSTestDeploy(commonEnv)
+
+		// pvc
+		c_middle.PVCDeploy(commonEnv)
+
+		// middlewares
+		cmiiEnvConfig.MySQlConfig.MidMySQlDeploy(commonEnv)
+		cmiiEnvConfig.RedisConfig.MidRedisDeploy(commonEnv)
+		cmiiEnvConfig.EmqxConfig.MidEmqxDeploy(commonEnv)
+		cmiiEnvConfig.MongoConfig.MidMongoDeploy(commonEnv)
+		cmiiEnvConfig.RabbitMQConfig.MidRabbitMQDeploy(commonEnv)
+		cmiiEnvConfig.NacosConfig.MidNacosDeploy(commonEnv)
+
+	}
+
+	// frontend
+	configMapDeploy(commonEnv)
+	d_app.DefaultIngressConfig.IngressDeploy(commonEnv)
+	doDeployFrontend(commonEnv, frontendImageVersionMap)
+
+	// backend
+	doDeployBackend(commonEnv, backendImageVersionMap)
+
+	// srs
+	cmiiEnvConfig.CmiiSrsConfig.SRSDeploy(commonEnv)
+
+}
+
+func CmiiNewAppDeploy(commonEnv *z_dep.CommonEnvironmentConfig, backendImageVersionMap, frontendImageVersionMap map[string]string) {
+
+	// get cmii env config from namespace
+	//cmiiEnvConfig := getCmiiEnvConfigurationFromNamespace(commonEnv.Namespace)
+
+	// frontend
+	configMapDeploy(commonEnv)
+
+	d_app.DefaultIngressConfig.IngressDeploy(commonEnv)
+
+	// frontend
+	doDeployFrontend(commonEnv, frontendImageVersionMap)
+
+	// backend
+	doDeployBackend(commonEnv, backendImageVersionMap)
+}
+
+func getCmiiEnvConfigurationFromNamespace(namespace string) *e_cmii.CmiiEnvConfig {
+	switch namespace {
+	case dev:
+		return e_cmii.CmiiDevConfig
+	case devFlight:
+		return e_cmii.CmiiDevFlightConfig
+	case devOperation:
+		return e_cmii.CmiiDevOperationConfig
+	case integration:
+		return e_cmii.CmiiIntegrationConfig
+	case uat:
+		return e_cmii.CmiiUatConfig
+	case validation:
+		return e_cmii.CmiiValidationConfig
+	case uavms:
+		return e_cmii.CmiiDemoConfig
+	default:
+		return e_cmii.CmiiOutSideConfig
+	}
+}

agent-deploy/OctopusDeploy_test.go

@@ -0,0 +1,13 @@
+package agent_deploy
+
+import "testing"
+
+func TestOctopusDeploy(t *testing.T) {
+
+	OctopusDeploy()
+}
+
+func TestCmiiAppDeploy(t *testing.T) {
+
+	CmiiAppDeploy()
+}

agent-deploy/a_dashboard/DeployK8sDashboard.go

@@ -0,0 +1,14 @@
+package a_dashboard
+
+import (
+	"wdd.io/agent-common/logger"
+	"wdd.io/agent-deploy/z_dep"
+)
+
+var (
+	log = logger.Log
+)
+
+func K8sDashboardDeploy(commonEnv *z_dep.CommonEnvironmentConfig) bool {
+	return commonEnv.ParseCommonEnvToApplyFile(CmiiK8sDashboardTemplate, z_dep.K8sDashboardApplyFilePath)
+}

agent-deploy/a_dashboard/TemplateK8SDashboard.go

@@ -0,0 +1,320 @@
+package a_dashboard
+
+const CmiiK8sDashboardTemplate = `
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: kube-system
+
+---
+
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  labels:
+    k8s-app: kubernetes-dashboard
+  name: kubernetes-dashboard
+  namespace: kube-system
+
+---
+
+kind: Service
+apiVersion: v1
+metadata:
+  labels:
+    k8s-app: kubernetes-dashboard
+    kubernetes.io/cluster-service: "true"
+  name: kubernetes-dashboard
+  namespace: kube-system
+spec:
+  ports:
+    - port: 443
+      targetPort: 8443
+      nodePort: 39999
+  selector:
+    k8s-app: kubernetes-dashboard
+  type: NodePort
+
+---
+
+apiVersion: v1
+kind: Secret
+metadata:
+  labels:
+    k8s-app: kubernetes-dashboard
+  name: kubernetes-dashboard-certs
+  namespace: kube-system
+type: Opaque
+
+---
+
+apiVersion: v1
+kind: Secret
+metadata:
+  labels:
+    k8s-app: kubernetes-dashboard
+  name: kubernetes-dashboard-csrf
+  namespace: kube-system
+type: Opaque
+data:
+  csrf: ""
+
+---
+
+apiVersion: v1
+kind: Secret
+metadata:
+  labels:
+    k8s-app: kubernetes-dashboard
+  name: kubernetes-dashboard-key-holder
+  namespace: kube-system
+type: Opaque
+
+---
+
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  labels:
+    k8s-app: kubernetes-dashboard
+  name: kubernetes-dashboard-settings
+  namespace: kube-system
+
+---
+
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  labels:
+    k8s-app: kubernetes-dashboard
+  name: kubernetes-dashboard
+  namespace: kube-system
+rules:
+  # Allow Dashboard to get, update and delete Dashboard exclusive secrets.
+  - apiGroups: [""]
+    resources: ["secrets"]
+    resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs", "kubernetes-dashboard-csrf"]
+    verbs: ["get", "update", "delete"]
+    # Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map.
+  - apiGroups: [""]
+    resources: ["configmaps"]
+    resourceNames: ["kubernetes-dashboard-settings"]
+    verbs: ["get", "update"]
+    # Allow Dashboard to get metrics.
+  - apiGroups: [""]
+    resources: ["services"]
+    resourceNames: ["heapster", "dashboard-metrics-scraper"]
+    verbs: ["proxy"]
+  - apiGroups: [""]
+    resources: ["services/proxy"]
+    resourceNames: ["heapster", "http:heapster:", "https:heapster:", "dashboard-metrics-scraper", "http:dashboard-metrics-scraper"]
+    verbs: ["get"]
+
+---
+
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  labels:
+    k8s-app: kubernetes-dashboard
+  name: kubernetes-dashboard
+rules:
+  # Allow Metrics Scraper to get metrics from the Metrics server
+  - apiGroups: ["metrics.k8s.io"]
+    resources: ["pods", "nodes"]
+    verbs: ["get", "list", "watch"]
+
+---
+
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  labels:
+    k8s-app: kubernetes-dashboard
+  name: kubernetes-dashboard
+  namespace: kube-system
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: kubernetes-dashboard
+subjects:
+  - kind: ServiceAccount
+    name: kubernetes-dashboard
+    namespace: kube-system
+
+---
+
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: kubernetes-dashboard
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: kubernetes-dashboard
+subjects:
+  - kind: ServiceAccount
+    name: kubernetes-dashboard
+    namespace: kube-system
+
+---
+
+kind: Deployment
+apiVersion: apps/v1
+metadata:
+  labels:
+    k8s-app: kubernetes-dashboard
+  name: kubernetes-dashboard
+  namespace: kube-system
+spec:
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      k8s-app: kubernetes-dashboard
+  template:
+    metadata:
+      labels:
+        k8s-app: kubernetes-dashboard
+    spec:
+      imagePullSecrets:
+        - name: harborsecret
+      containers:
+        - name: kubernetes-dashboard
+          {{- if .HarborPort }}
+          image: {{ .HarborIPOrCustomImagePrefix }}:{{ .HarborPort }}/cmii/dashboard:v2.0.1
+          {{- else }}
+          image: {{ .HarborIPOrCustomImagePrefix }}dashboard:v2.0.1
+          {{- end }}
+          ports:
+            - containerPort: 8443
+              protocol: TCP
+          args:
+            - --auto-generate-certificates
+            - --namespace=kube-system
+            # Uncomment the following line to manually specify Kubernetes API server Host
+            # If not specified, Dashboard will attempt to auto discover the API server and connect
+            # to it. Uncomment only if the default does not work.
+            # - --apiserver-host=http://my-address:port
+          volumeMounts:
+            - name: kubernetes-dashboard-certs
+              mountPath: /certs
+              # Create on-disk volume to store exec logs
+            - mountPath: /tmp
+              name: tmp-volume
+          livenessProbe:
+            httpGet:
+              scheme: HTTPS
+              path: /
+              port: 8443
+            initialDelaySeconds: 30
+            timeoutSeconds: 30
+          securityContext:
+            allowPrivilegeEscalation: false
+            readOnlyRootFilesystem: true
+            runAsUser: 1001
+            runAsGroup: 2001
+      volumes:
+        - name: kubernetes-dashboard-certs
+          secret:
+            secretName: kubernetes-dashboard-certs
+        - name: tmp-volume
+          emptyDir: {}
+      serviceAccountName: kubernetes-dashboard
+      # Comment the following tolerations if Dashboard must not be deployed on master
+      tolerations:
+        - key: node-role.kubernetes.io/master
+          effect: NoSchedule
+
+---
+
+kind: Service
+apiVersion: v1
+metadata:
+  labels:
+    k8s-app: dashboard-metrics-scraper
+  name: dashboard-metrics-scraper
+  namespace: kube-system
+spec:
+  ports:
+    - port: 8000
+      targetPort: 8000
+  selector:
+    k8s-app: dashboard-metrics-scraper
+
+---
+
+kind: Deployment
+apiVersion: apps/v1
+metadata:
+  labels:
+    k8s-app: dashboard-metrics-scraper
+  name: dashboard-metrics-scraper
+  namespace: kube-system
+spec:
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      k8s-app: dashboard-metrics-scraper
+  template:
+    metadata:
+      labels:
+        k8s-app: dashboard-metrics-scraper
+      annotations:
+        seccomp.security.alpha.kubernetes.io/pod: 'runtime/default'
+    spec:
+      containers:
+        - name: dashboard-metrics-scraper
+          {{- if .HarborPort }}
+          image: {{ .HarborIPOrCustomImagePrefix }}:{{ .HarborPort }}/cmii/metrics-scraper:v1.0.4
+          {{- else }}
+          image: {{ .HarborIPOrCustomImagePrefix }}metrics-scraper:v1.0.4
+          {{- end }}
+          ports:
+            - containerPort: 8000
+              protocol: TCP
+          livenessProbe:
+            httpGet:
+              scheme: HTTP
+              path: /
+              port: 8000
+            initialDelaySeconds: 30
+            timeoutSeconds: 30
+          volumeMounts:
+            - mountPath: /tmp
+              name: tmp-volume
+          securityContext:
+            allowPrivilegeEscalation: false
+            readOnlyRootFilesystem: true
+            runAsUser: 1001
+            runAsGroup: 2001
+      serviceAccountName: kubernetes-dashboard
+      # Comment the following tolerations if Dashboard must not be deployed on master
+      tolerations:
+        - key: node-role.kubernetes.io/master
+          effect: NoSchedule
+      volumes:
+        - name: tmp-volume
+          emptyDir: {}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: admin-user
+  namespace: kube-system
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: admin-user
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cluster-admin
+subjects:
+  - kind: ServiceAccount
+    name: admin-user
+    namespace: kube-system
+`

agent-deploy/b_nfs/DeployNFS.go

@@ -0,0 +1,28 @@
+package b_nfs
+
+import (
+	"wdd.io/agent-common/logger"
+	"wdd.io/agent-deploy/z_dep"
+)
+
+var (
+	log = logger.Log
+)
+
+type NfsDeployConfig struct {
+	NfsLocalPath string
+}
+
+func NFSDeploy(commonEnv *z_dep.CommonEnvironmentConfig) bool {
+
+	if commonEnv.NFSServerIP == "" {
+		log.Error("Nfs server ip is nil")
+		return false
+	}
+
+	return commonEnv.ParseCommonEnvToApplyFile(CmiiNfsTemplate, z_dep.NfsApplyFilePath)
+}
+
+func NFSTestDeploy(commonEnv *z_dep.CommonEnvironmentConfig) bool {
+	return commonEnv.ParseCommonEnvToApplyFile(CmiiNFSTestTemplate, z_dep.NfsTestApplyFilePath)
+}

agent-deploy/b_nfs/TemplateNFS.go

@@ -0,0 +1,121 @@
+package b_nfs
+
+const CmiiNfsTemplate = `
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: nfs-client-provisioner
+  # replace with namespace where provisioner is deployed
+  namespace: kube-system        #根据实际环境设定namespace,下面类同
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: nfs-client-provisioner-runner
+rules:
+  - apiGroups: [""]
+    resources: ["persistentvolumes"]
+    verbs: ["get", "list", "watch", "create", "delete"]
+  - apiGroups: [""]
+    resources: ["persistentvolumeclaims"]
+    verbs: ["get", "list", "watch", "update"]
+  - apiGroups: ["storage.k8s.io"]
+    resources: ["storageclasses"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: [""]
+    resources: ["events"]
+    verbs: ["create", "update", "patch"]
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: run-nfs-client-provisioner
+subjects:
+  - kind: ServiceAccount
+    name: nfs-client-provisioner
+    # replace with namespace where provisioner is deployed
+    namespace: kube-system
+roleRef:
+  kind: ClusterRole
+#  name: nfs-client-provisioner-runner
+  name: cluster-admin
+  apiGroup: rbac.authorization.k8s.io
+---
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: leader-locking-nfs-client-provisioner
+  # replace with namespace where provisioner is deployed
+  namespace: kube-system
+rules:
+  - apiGroups: [""]
+    resources: ["endpoints"]
+    verbs: ["get", "list", "watch", "create", "update", "patch"]
+---
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: leader-locking-nfs-client-provisioner
+subjects:
+  - kind: ServiceAccount
+    name: nfs-client-provisioner
+    # replace with namespace where provisioner is deployed
+    namespace: kube-system
+roleRef:
+  kind: Role
+  name: leader-locking-nfs-client-provisioner
+  apiGroup: rbac.authorization.k8s.io
+
+---
+apiVersion: storage.k8s.io/v1
+kind: StorageClass
+metadata:
+  name: nfs-prod-distribute
+provisioner: cmlc-nfs-storage #这里的名称要和provisioner配置文件中的环境变量PROVISIONER_NAME保持一致parameters:  archiveOnDelete: "false"
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nfs-client-provisioner
+  labels:
+    app: nfs-client-provisioner
+  # replace with namespace where provisioner is deployed
+  namespace: kube-system  #与RBAC文件中的namespace保持一致
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: nfs-client-provisioner
+  strategy:
+    type: Recreate
+  template:
+    metadata:
+      labels:
+        app: nfs-client-provisioner
+    spec:
+      imagePullSecrets:
+        - name: harborsecret
+      serviceAccountName: nfs-client-provisioner
+      containers:
+        - name: nfs-client-provisioner
+          {{- if .HarborPort }}
+          image: {{ .HarborIPOrCustomImagePrefix }}:{{ .HarborPort }}/cmii/nfs-subdir-external-provisioner:v4.0.2
+          {{- else }}
+          image: {{ .HarborIPOrCustomImagePrefix }}nfs-subdir-external-provisioner:v4.0.2
+          {{- end }}
+          volumeMounts:
+            - name: nfs-client-root
+              mountPath: /persistentvolumes
+          env:
+            - name: PROVISIONER_NAME
+              value: cmlc-nfs-storage
+            - name: NFS_SERVER
+              value: {{ .NFSServerIP }}
+            - name: NFS_PATH
+              value: /var/lib/docker/nfs_data
+      volumes:
+        - name: nfs-client-root
+          nfs:
+            server: {{ .NFSServerIP }}
+            path: /var/lib/docker/nfs_data
+`

agent-deploy/b_nfs/TemplateNFSTest.go

@@ -0,0 +1,45 @@
+package b_nfs
+
+const CmiiNFSTestTemplate = `
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: test-claim
+  annotations:
+    volume.beta.kubernetes.io/storage-class: "nfs-prod-distribute"   #与nfs-StorageClass.yaml metadata.name保持一致
+spec:
+  accessModes:
+    - ReadWriteOnce
+  storageClassName: nfs-prod-distribute
+  resources:
+    requests:
+      storage: 1Mi
+---
+kind: Pod
+apiVersion: v1
+metadata:
+  name: test-pod
+spec:
+  imagePullSecrets:
+    - name: harborsecret
+  containers:
+    - name: test-pod
+      {{- if .HarborPort }}
+      image: {{ .HarborIPOrCustomImagePrefix }}:{{ .HarborPort }}/cmii/busybox:latest
+	  {{- else }}
+      image: {{ .HarborIPOrCustomImagePrefix }}busybox:latest
+	  {{- end }}
+      command:
+        - "/bin/sh"
+      args:
+        - "-c"
+        - "touch /mnt/NFS-CREATE-SUCCESS && exit 0 || exit 1"   #创建一个SUCCESS文件后退出
+      volumeMounts:
+        - name: nfs-pvc
+          mountPath: "/mnt"
+  restartPolicy: "Never"
+  volumes:
+    - name: nfs-pvc
+      persistentVolumeClaim:
+        claimName: test-claim  #与PVC名称保持一致
+`

agent-deploy/c_middle/CmiiEmqxTemplate.go

@@ -0,0 +1,283 @@
+package c_middle
+
+const CmiiEmqxTemplate = `
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: helm-emqxs
+  namespace: {{ .Namespace }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: helm-emqxs-env
+  namespace: {{ .Namespace }}
+  labels:
+    cmii.type: middleware
+    cmii.app: helm-emqxs
+    cmii.emqx.architecture: cluster
+    helm.sh/chart: emqx-1.1.0
+    app.kubernetes.io/managed-by: octopus-control
+    app.kubernetes.io/version: {{ .TagVersion }}
+data:
+  EMQX_CLUSTER__K8S__APISERVER: "https://kubernetes.default.svc.cluster.local:443"
+  EMQX_NAME: "helm-emqxs"
+  EMQX_CLUSTER__DISCOVERY: "k8s"
+  EMQX_CLUSTER__K8S__APP_NAME: "helm-emqxs"
+  EMQX_CLUSTER__K8S__SERVICE_NAME: "helm-emqxs-headless"
+  EMQX_CLUSTER__K8S__ADDRESS_TYPE: "dns"
+  EMQX_CLUSTER__K8S__namespace: "{{ .Namespace }}"
+  EMQX_CLUSTER__K8S__SUFFIX: "svc.cluster.local"
+  EMQX_ALLOW_ANONYMOUS: "false"
+  EMQX_ACL_NOMATCH: "deny"
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: helm-emqxs-cm
+  namespace: {{ .Namespace }}
+  labels:
+    cmii.type: middleware
+    cmii.app: helm-emqxs
+    cmii.emqx.architecture: cluster
+    helm.sh/chart: emqx-1.1.0
+    app.kubernetes.io/managed-by: octopus-control
+    app.kubernetes.io/version: {{ .TagVersion }}
+data:
+  emqx_auth_mnesia.conf: |-
+    auth.mnesia.password_hash = sha256
+
+    # clientid 认证数据
+    auth.client.1.clientid = admin
+    auth.client.1.password = {{ .EmqxPassword }}
+    auth.client.2.clientid = cmlc
+    auth.client.2.password = {{ .EmqxPassword }}
+
+    ## username 认证数据
+    auth.user.1.username = admin
+    auth.user.1.password = {{ .EmqxPassword }}
+    auth.user.2.username = cmlc
+    auth.user.2.password = {{ .EmqxPassword }}
+
+  acl.conf: |-
+    {allow, {user, "admin"}, pubsub, ["admin/#"]}.
+    {allow, {user, "dashboard"}, subscribe, ["$SYS/#"]}.
+    {allow, {ipaddr, "127.0.0.1"}, pubsub, ["$SYS/#", "#"]}.
+    {deny, all, subscribe, ["$SYS/#", {eq, "#"}]}.
+    {allow, all}.
+
+  loaded_plugins: |-
+    {emqx_auth_mnesia,true}.
+    {emqx_auth_mnesia,true}.
+    {emqx_management, true}.
+    {emqx_recon, true}.
+    {emqx_retainer, false}.
+    {emqx_dashboard, true}.
+    {emqx_telemetry, true}.
+    {emqx_rule_engine, true}.
+    {emqx_bridge_mqtt, false}.
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: helm-emqxs
+  namespace: {{ .Namespace }}
+  labels:
+    cmii.type: middleware
+    cmii.app: helm-emqxs
+    cmii.emqx.architecture: cluster
+    helm.sh/chart: emqx-1.1.0
+    app.kubernetes.io/managed-by: octopus-control
+    app.kubernetes.io/version: {{ .TagVersion }}
+spec:
+  replicas: 1
+  serviceName: helm-emqxs-headless
+  updateStrategy:
+    type: RollingUpdate
+  selector:
+    matchLabels:
+      cmii.type: middleware
+      cmii.app: helm-emqxs
+      cmii.emqx.architecture: cluster
+  template:
+    metadata:
+      labels:
+        cmii.type: middleware
+        cmii.app: helm-emqxs
+        cmii.emqx.architecture: cluster
+        helm.sh/chart: emqx-1.1.0
+        app.kubernetes.io/managed-by: octopus-control
+        app.kubernetes.io/version: {{ .TagVersion }}
+    spec:
+      affinity: {}
+      imagePullSecrets:
+        - name: harborsecret
+      serviceAccountName: helm-emqxs
+      containers:
+        - name: helm-emqxs
+          {{- if .HarborPort }}
+          image: {{ .HarborIPOrCustomImagePrefix }}:{{ .HarborPort }}/cmii/emqx:5.5.1
+          {{- else }}
+          image: {{ .HarborIPOrCustomImagePrefix }}emqx:5.5.1
+          {{- end }}
+          imagePullPolicy: Always
+          ports:
+            - name: mqtt
+              containerPort: 1883
+            - name: mqttssl
+              containerPort: 8883
+            - name: mgmt
+              containerPort: 8081
+            - name: ws
+              containerPort: 8083
+            - name: wss
+              containerPort: 8084
+            - name: dashboard
+              containerPort: 18083
+            - name: ekka
+              containerPort: 4370
+          envFrom:
+            - configMapRef:
+                name: helm-emqxs-env
+          resources: {}
+          volumeMounts:
+            - name: emqx-data
+              mountPath: "/opt/emqx/data/mnesia"
+              readOnly: false
+            - name: helm-emqxs-cm
+              mountPath: "/opt/emqx/etc/plugins/emqx_auth_mnesia.conf"
+              subPath: emqx_auth_mnesia.conf
+              readOnly: false
+#            - name: helm-emqxs-cm
+#              mountPath: "/opt/emqx/etc/acl.conf"
+#              subPath: "acl.conf"
+#              readOnly: false
+            - name: helm-emqxs-cm
+              mountPath: "/opt/emqx/data/loaded_plugins"
+              subPath: loaded_plugins
+              readOnly: false
+      volumes:
+        - name: emqx-data
+          persistentVolumeClaim:
+            claimName: helm-emqxs
+        - name: helm-emqxs-cm
+          configMap:
+            name: helm-emqxs-cm
+            items:
+              - key: emqx_auth_mnesia.conf
+                path: emqx_auth_mnesia.conf
+              - key: acl.conf
+                path: acl.conf
+              - key: loaded_plugins
+                path: loaded_plugins
+---
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: helm-emqxs
+  namespace: {{ .Namespace }}
+rules:
+  - apiGroups:
+      - ""
+    resources:
+      - endpoints
+    verbs:
+      - get
+      - watch
+      - list
+---
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: helm-emqxs
+  namespace: {{ .Namespace }}
+subjects:
+  - kind: ServiceAccount
+    name: helm-emqxs
+    namespace: {{ .Namespace }}
+roleRef:
+  kind: Role
+  name: helm-emqxs
+  apiGroup: rbac.authorization.k8s.io
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: helm-emqxs
+  namespace: {{ .Namespace }}
+  labels:
+    cmii.type: middleware
+    cmii.app: helm-emqxs
+    cmii.emqx.architecture: cluster
+    helm.sh/chart: emqx-1.1.0
+    app.kubernetes.io/managed-by: octopus-control
+    app.kubernetes.io/version: {{ .TagVersion }}
+spec:
+  type: NodePort
+  selector:
+    cmii.type: middleware
+    cmii.app: helm-emqxs
+    cmii.emqx.architecture: cluster
+  ports:
+    - port: 1883
+      name: mqtt
+      targetPort: 1883
+      nodePort: {{ .EmqxNodePort }}
+    - port: 18083
+      name: dashboard
+      targetPort: 18083
+      nodePort: {{ .EmqxDashboardNodePort }}
+    - port: 8083
+      name: mqtt-websocket
+      targetPort: 8083
+      nodePort: {{ .EmqxWebSocketNodePort }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: helm-emqxs-headless
+  namespace: {{ .Namespace }}
+  labels:
+    cmii.type: middleware
+    cmii.app: helm-emqxs
+    cmii.emqx.architecture: cluster
+    helm.sh/chart: emqx-1.1.0
+    app.kubernetes.io/managed-by: octopus-control
+    app.kubernetes.io/version: {{ .TagVersion }}
+spec:
+  type: ClusterIP
+  clusterIP: None
+  selector:
+    cmii.type: middleware
+    cmii.app: helm-emqxs
+    cmii.emqx.architecture: cluster
+  ports:
+    - name: mqtt
+      port: 1883
+      protocol: TCP
+      targetPort: 1883
+    - name: mqttssl
+      port: 8883
+      protocol: TCP
+      targetPort: 8883
+    - name: mgmt
+      port: 8081
+      protocol: TCP
+      targetPort: 8081
+    - name: websocket
+      port: 8083
+      protocol: TCP
+      targetPort: 8083
+    - name: wss
+      port: 8084
+      protocol: TCP
+      targetPort: 8084
+    - name: dashboard
+      port: 18083
+      protocol: TCP
+      targetPort: 18083
+    - name: ekka
+      port: 4370
+      protocol: TCP
+      targetPort: 4370
+`

agent-deploy/c_middle/CmiiMongoTemplate.go

@@ -0,0 +1,85 @@
+package c_middle
+
+const CmiiMongoTemplate = `
+apiVersion: v1
+kind: Service
+metadata:
+  name: helm-mongo
+  namespace: {{ .Namespace }}
+  labels:
+    cmii.app: helm-mongo
+    cmii.type: middleware
+    helm.sh/chart: mongo-1.1.0
+    app.kubernetes.io/managed-by: octopus-control
+    app.kubernetes.io/version: {{ .TagVersion }}
+spec:
+  type: NodePort
+  selector:
+    cmii.app: helm-mongo
+    cmii.type: middleware
+  ports:
+    - port: 27017
+      name: server-27017
+      targetPort: 27017
+      nodePort: {{ .MongoNodePort }}
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: helm-mongo
+  namespace: {{ .Namespace }}
+  labels:
+    cmii.app: helm-mongo
+    cmii.type: middleware
+    helm.sh/chart: mongo-1.1.0
+    app.kubernetes.io/managed-by: octopus-control
+    app.kubernetes.io/version: {{ .TagVersion }}
+spec:
+  serviceName: helm-mongo
+  replicas: 1
+  selector:
+    matchLabels:
+      cmii.app: helm-mongo
+      cmii.type: middleware
+  template:
+    metadata:
+      labels:
+        cmii.app: helm-mongo
+        cmii.type: middleware
+        helm.sh/chart: mongo-1.1.0
+        app.kubernetes.io/managed-by: octopus-control
+        app.kubernetes.io/version: {{ .TagVersion }}
+      annotations:
+        pod.alpha.kubernetes.io/initialized: "true"
+    spec:
+      imagePullSecrets:
+        - name: harborsecret
+      affinity: {}
+      containers:
+        - name: helm-mongo
+          {{- if .HarborPort }}
+          image: {{ .HarborIPOrCustomImagePrefix }}:{{ .HarborPort }}/cmii/mongo:5.0
+          {{- else }}
+          image: {{ .HarborIPOrCustomImagePrefix }}mongo:5.0
+          {{- end }}
+          resources: {}
+          ports:
+            - containerPort: 27017
+              name: mongo27017
+              protocol: TCP
+          env:
+            - name: MONGO_INITDB_ROOT_USERNAME
+              value: cmlc
+            - name: MONGO_INITDB_ROOT_PASSWORD
+              value: {{ .MongoPassword }}
+          volumeMounts:
+            - name: mongo-data
+              mountPath: /data/db
+              readOnly: false
+              subPath: default/helm-mongo/data/db
+      volumes:
+        - name: mongo-data
+          persistentVolumeClaim:
+            claimName: helm-mongo
+---
+`

agent-deploy/c_middle/CmiiMySQLTemplate.go

@@ -0,0 +1,421 @@
+package c_middle
+
+const CmiiMySQLTemplate = `
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: helm-mysql
+  namespace: {{ .Namespace }}
+  labels:
+    app.kubernetes.io/name: mysql-db
+    octopus.control: mysql-db-wdd
+    app.kubernetes.io/release: {{ .Namespace }}
+    app.kubernetes.io/managed-by: octopus
+  annotations: {}
+secrets:
+  - name: helm-mysql
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: helm-mysql
+  namespace: {{ .Namespace }}
+  labels:
+    app.kubernetes.io/name: mysql-db
+    octopus.control: mysql-db-wdd
+    app.kubernetes.io/release: {{ .Namespace }}
+    app.kubernetes.io/managed-by: octopus
+type: Opaque
+data:
+  mysql-root-password: "{{ .MySQLRootPasswordBase64 }}"
+  mysql-password: "S0F0cm5PckFKNw=="
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: helm-mysql
+  namespace: {{ .Namespace }}
+  labels:
+    app.kubernetes.io/name: mysql-db
+    octopus.control: mysql-db-wdd
+    app.kubernetes.io/release: {{ .Namespace }}
+    app.kubernetes.io/managed-by: octopus
+    app.kubernetes.io/component: primary
+data:
+  my.cnf: |-
+    
+    [mysqld]
+    port=3306
+    basedir=/opt/bitnami/mysql
+    datadir=/bitnami/mysql/data
+    pid-file=/opt/bitnami/mysql/tmp/mysqld.pid
+    socket=/opt/bitnami/mysql/tmp/mysql.sock
+    log-error=/bitnami/mysql/data/error.log
+    general_log_file = /bitnami/mysql/data/general.log
+    slow_query_log_file = /bitnami/mysql/data/slow.log
+    innodb_data_file_path = ibdata1:512M:autoextend
+    innodb_buffer_pool_size = 512M
+    innodb_buffer_pool_instances = 2
+    innodb_log_file_size = 512M
+    innodb_log_files_in_group = 4
+    innodb_log_files_in_group = 4
+    log-bin = /bitnami/mysql/data/mysql-bin
+    max_binlog_size=1G
+    transaction_isolation = REPEATABLE-READ
+    default_storage_engine = innodb
+    character-set-server = utf8mb4
+    collation-server=utf8mb4_bin
+    binlog_format = ROW
+    binlog_rows_query_log_events=on
+    binlog_cache_size=4M
+    binlog_expire_logs_seconds  = 1296000
+    max_binlog_cache_size=2G
+    gtid_mode = on
+    enforce_gtid_consistency = 1
+    sync_binlog = 1
+    innodb_flush_log_at_trx_commit = 1
+    innodb_flush_method = O_DIRECT
+    log_slave_updates=1
+    relay_log_recovery = 1
+    relay-log-purge = 1
+    default_time_zone = '+08:00'
+    lower_case_table_names=1
+    log_bin_trust_function_creators=1
+    group_concat_max_len=67108864
+    innodb_io_capacity = 4000
+    innodb_io_capacity_max = 8000
+    innodb_flush_sync = 0
+    innodb_flush_neighbors = 0
+    innodb_write_io_threads = 8
+    innodb_read_io_threads = 8
+    innodb_purge_threads = 4
+    innodb_page_cleaners = 4
+    innodb_open_files = 65535
+    innodb_max_dirty_pages_pct = 50
+    innodb_lru_scan_depth = 4000
+    innodb_checksum_algorithm = crc32
+    innodb_lock_wait_timeout = 10
+    innodb_rollback_on_timeout = 1
+    innodb_print_all_deadlocks = 1
+    innodb_file_per_table = 1
+    innodb_online_alter_log_max_size = 4G
+    innodb_stats_on_metadata = 0
+    innodb_thread_concurrency = 0
+    innodb_sync_spin_loops = 100
+    innodb_spin_wait_delay = 30
+    lock_wait_timeout = 3600
+    slow_query_log = 1
+    long_query_time = 10
+    log_queries_not_using_indexes =1
+    log_throttle_queries_not_using_indexes = 60
+    min_examined_row_limit = 100
+    log_slow_admin_statements = 1
+    log_slow_slave_statements = 1
+    default_authentication_plugin=mysql_native_password
+    skip-name-resolve=1
+    explicit_defaults_for_timestamp=1
+    plugin_dir=/opt/bitnami/mysql/plugin
+    max_allowed_packet=128M
+    max_connections = 2000
+    max_connect_errors = 1000000
+    table_definition_cache=2000
+    table_open_cache_instances=64
+    tablespace_definition_cache=1024
+    thread_cache_size=256
+    interactive_timeout = 600
+    wait_timeout = 600
+    tmpdir=/opt/bitnami/mysql/tmp
+    max_allowed_packet=32M
+    bind-address=0.0.0.0
+    performance_schema = 1
+    performance_schema_instrument = '%memory%=on'
+    performance_schema_instrument = '%lock%=on'
+    innodb_monitor_enable=ALL
+    
+    [mysql]
+    no-auto-rehash
+    
+    [mysqldump]
+    quick
+    max_allowed_packet = 32M
+    
+    [client]
+    port=3306
+    socket=/opt/bitnami/mysql/tmp/mysql.sock
+    default-character-set=UTF8
+    plugin_dir=/opt/bitnami/mysql/plugin
+    
+    [manager]
+    port=3306
+    socket=/opt/bitnami/mysql/tmp/mysql.sock
+    pid-file=/opt/bitnami/mysql/tmp/mysqld.pid
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: helm-mysql-init-scripts
+  namespace: {{ .Namespace }}
+  labels:
+    app.kubernetes.io/name: mysql-db
+    octopus.control: mysql-db-wdd
+    app.kubernetes.io/release: {{ .Namespace }}
+    app.kubernetes.io/managed-by: octopus
+    app.kubernetes.io/component: primary
+data:
+  create_users_grants_core.sql: |-
+    create user zyly@'%' identified by 'Cmii@451315';
+    grant select on *.* to zyly@'%';
+    create user zyly_qc@'%' identified by 'Uh)E_owCyb16';
+    grant all on *.* to zyly_qc@'%';
+    create user k8s_admin@'%' identified by '{{ .MySQLK8sAdminPassword }}';
+    grant all on *.* to k8s_admin@'%';
+    create user audit_dba@'%' identified by 'PjCzqiBmJaTpgkoYXynH';
+    grant all on *.* to audit_dba@'%';
+    create user db_backup@'%' identified by 'RU5Pu(4FGdT9';
+    GRANT SELECT, RELOAD, PROCESS, LOCK TABLES, REPLICATION CLIENT, EVENT on *.* to db_backup@'%';
+    create user monitor@'%' identified by 'PL3#nGtrWbf-';
+    grant REPLICATION CLIENT on *.* to monitor@'%';
+    flush privileges;
+---
+kind: Service
+apiVersion: v1
+metadata:
+  name: cmii-mysql
+  namespace: {{ .Namespace }}
+  labels:
+    app.kubernetes.io/component: primary
+    app.kubernetes.io/managed-by: octopus
+    app.kubernetes.io/name: mysql-db
+    app.kubernetes.io/release: {{ .Namespace }}
+    cmii.app: mysql
+    cmii.type: middleware
+    octopus.control: mysql-db-wdd
+spec:
+  ports:
+    - name: mysql
+      protocol: TCP
+      port: 13306
+      targetPort: mysql
+  selector:
+    app.kubernetes.io/component: primary
+    app.kubernetes.io/name: mysql-db
+    app.kubernetes.io/release: {{ .Namespace }}
+    cmii.app: mysql
+    cmii.type: middleware
+  type: ClusterIP
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: helm-mysql-headless
+  namespace: {{ .Namespace }}
+  labels:
+    app.kubernetes.io/name: mysql-db
+    octopus.control: mysql-db-wdd
+    app.kubernetes.io/release: {{ .Namespace }}
+    app.kubernetes.io/managed-by: octopus
+    cmii.type: middleware
+    cmii.app: mysql
+    app.kubernetes.io/component: primary
+  annotations: {}
+spec:
+  type: ClusterIP
+  clusterIP: None
+  publishNotReadyAddresses: true
+  ports:
+    - name: mysql
+      port: 3306
+      targetPort: mysql
+  selector: 
+    app.kubernetes.io/name: mysql-db
+    app.kubernetes.io/release: {{ .Namespace }}
+    cmii.type: middleware
+    cmii.app: mysql
+    app.kubernetes.io/component: primary
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: helm-mysql
+  namespace: {{ .Namespace }}
+  labels:
+    app.kubernetes.io/name: mysql-db
+    octopus.control: mysql-db-wdd
+    app.kubernetes.io/release: {{ .Namespace }}
+    app.kubernetes.io/managed-by: octopus
+    cmii.type: middleware
+    cmii.app: mysql
+    app.kubernetes.io/component: primary
+  annotations: {}
+spec:
+  type: NodePort
+  ports:
+    - name: mysql
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+      nodePort: {{ .MySQLNodePort }}
+  selector: 
+    app.kubernetes.io/name: mysql-db
+    app.kubernetes.io/release: {{ .Namespace }}
+    cmii.type: middleware
+    cmii.app: mysql
+    app.kubernetes.io/component: primary
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: helm-mysql
+  namespace: {{ .Namespace }}
+  labels:
+    app.kubernetes.io/name: mysql-db
+    octopus.control: mysql-db-wdd
+    app.kubernetes.io/release: {{ .Namespace }}
+    app.kubernetes.io/managed-by: octopus
+    cmii.type: middleware
+    cmii.app: mysql
+    app.kubernetes.io/component: primary
+spec:
+  replicas: 1
+  selector:
+    matchLabels: 
+      app.kubernetes.io/name: mysql-db
+      app.kubernetes.io/release: {{ .Namespace }}
+      cmii.type: middleware
+      cmii.app: mysql
+      app.kubernetes.io/component: primary
+  serviceName: helm-mysql
+  updateStrategy:
+    type: RollingUpdate
+  template:
+    metadata:
+      annotations:
+        checksum/configuration: 6b60fa0f3a846a6ada8effdc4f823cf8003d42a8c8f630fe8b1b66d3454082dd
+      labels:
+        app.kubernetes.io/name: mysql-db
+        octopus.control: mysql-db-wdd
+        app.kubernetes.io/release: {{ .Namespace }}
+        app.kubernetes.io/managed-by: octopus
+        cmii.type: middleware
+        cmii.app: mysql
+        app.kubernetes.io/component: primary
+    spec:
+      imagePullSecrets:
+        - name: harborsecret
+      serviceAccountName: helm-mysql
+      affinity: {}
+      nodeSelector:
+        mysql-deploy: "true"
+      securityContext:
+        fsGroup: 1001
+      initContainers:
+        - name: change-volume-permissions
+          {{- if .HarborPort }}
+          image: {{ .HarborIPOrCustomImagePrefix }}:{{ .HarborPort }}/cmii/bitnami-shell:11-debian-11-r136
+          {{- else }}
+          image: {{ .HarborIPOrCustomImagePrefix }}bitnami-shell:11-debian-11-r136
+          {{- end }}
+          imagePullPolicy: "Always"
+          command:
+            - /bin/bash
+            - -ec
+            - |
+              chown -R 1001:1001 /bitnami/mysql
+          securityContext:
+            runAsUser: 0
+          volumeMounts:
+            - name: mysql-data
+              mountPath: /bitnami/mysql
+      containers:
+        - name: mysql
+          {{- if .HarborPort }}
+          image: {{ .HarborIPOrCustomImagePrefix }}:{{ .HarborPort }}/cmii/mysql:8.1.0-debian-11-r42
+          {{- else }}
+          image: {{ .HarborIPOrCustomImagePrefix }}mysql:8.1.0-debian-11-r42
+          {{- end }}
+          imagePullPolicy: "IfNotPresent"
+          securityContext:
+            runAsUser: 1001
+          env:
+            - name: BITNAMI_DEBUG
+              value: "true"
+            - name: MYSQL_ROOT_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: helm-mysql
+                  key: mysql-root-password
+            - name: MYSQL_DATABASE
+              value: "cmii"
+          ports:
+            - name: mysql
+              containerPort: 3306
+          livenessProbe:
+            failureThreshold: 5
+            initialDelaySeconds: 120
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 3
+            exec:
+              command:
+                - /bin/bash
+                - -ec
+                - |
+                  password_aux="${MYSQL_ROOT_PASSWORD:-}"
+                  if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then
+                      password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE")
+                  fi
+                  mysqladmin status -uroot -p"${password_aux}"
+          readinessProbe:
+            failureThreshold: 5
+            initialDelaySeconds: 30
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 3
+            exec:
+              command:
+                - /bin/bash
+                - -ec
+                - |
+                  password_aux="${MYSQL_ROOT_PASSWORD:-}"
+                  if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then
+                      password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE")
+                  fi
+                  mysqladmin status -uroot -p"${password_aux}"
+          startupProbe:
+            failureThreshold: 60
+            initialDelaySeconds: 120
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 1
+            exec:
+              command:
+                - /bin/bash
+                - -ec
+                - |
+                  password_aux="${MYSQL_ROOT_PASSWORD:-}"
+                  if [[ -f "${MYSQL_ROOT_PASSWORD_FILE:-}" ]]; then
+                      password_aux=$(cat "$MYSQL_ROOT_PASSWORD_FILE")
+                  fi
+                  mysqladmin status -uroot -p"${password_aux}"
+          resources: 
+            limits: {}
+            requests: {}
+          volumeMounts:
+            - name: mysql-data
+              mountPath: /bitnami/mysql
+            - name: custom-init-scripts
+              mountPath: /docker-entrypoint-initdb.d
+            - name: config
+              mountPath: /opt/bitnami/mysql/conf/my.cnf
+              subPath: my.cnf
+      volumes:
+        - name: config
+          configMap:
+            name: helm-mysql
+        - name: custom-init-scripts
+          configMap:
+            name: helm-mysql-init-scripts
+        - name: mysql-data
+          hostPath:
+            path: /var/lib/docker/mysql-pv/{{ .Namespace }}/
+`

agent-deploy/c_middle/CmiiNacosTemplate.go

@@ -0,0 +1,137 @@
+package c_middle
+
+const CmiiNacosTemplate = `
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: helm-nacos-cm
+  namespace: {{ .Namespace }}
+  labels:
+    cmii.app: helm-nacos
+    cmii.type: middleware
+    octopus.control: nacos-wdd
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/version: {{ .TagVersion }}
+data:
+  mysql.db.name: "cmii_nacos_config"
+  mysql.db.host: "helm-mysql"
+  mysql.port: "3306"
+  mysql.user: "k8s_admin"
+  mysql.password: "{{ .MySQLK8sAdminPassword }}"
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: helm-nacos
+  namespace: {{ .Namespace }}
+  labels:
+    cmii.app: helm-nacos
+    cmii.type: middleware
+    octopus.control: nacos-wdd
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/version: {{ .TagVersion }}
+spec:
+  type: NodePort
+  selector:
+    cmii.app: helm-nacos
+    cmii.type: middleware
+  ports:
+    - port: 8848
+      name: server
+      targetPort: 8848
+      nodePort: {{ .NacosNodePort }}
+    - port: 9848
+      name: server12
+      targetPort: 9848
+    - port: 9849
+      name: server23
+      targetPort: 9849
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: helm-nacos
+  namespace: {{ .Namespace }}
+  labels:
+    cmii.app: helm-nacos
+    cmii.type: middleware
+    octopus.control: nacos-wdd
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/version: {{ .TagVersion }}
+spec:
+  serviceName: helm-nacos
+  replicas: 1
+  selector:
+    matchLabels:
+      cmii.app: helm-nacos
+      cmii.type: middleware
+  template:
+    metadata:
+      labels:
+        cmii.app: helm-nacos
+        cmii.type: middleware
+        octopus.control: nacos-wdd
+        app.kubernetes.io/managed-by: octopus
+        app.kubernetes.io/version: {{ .TagVersion }}
+      annotations:
+        pod.alpha.kubernetes.io/initialized: "true"
+    spec:
+      imagePullSecrets:
+        - name: harborsecret
+      affinity: {}
+      containers:
+        - name: nacos-server
+          {{- if .HarborPort }}
+          image: {{ .HarborIPOrCustomImagePrefix }}:{{ .HarborPort }}/cmii/nacos-server:v2.1.2
+          {{- else }}
+          image: {{ .HarborIPOrCustomImagePrefix }}nacos-server:v2.1.2
+          {{- end }}
+          ports:
+            - containerPort: 8848
+              name: dashboard
+            - containerPort: 9848
+              name: tcp-9848
+            - containerPort: 9849
+              name: tcp-9849
+          env:
+            - name: NACOS_AUTH_ENABLE
+              value: "false"
+            - name: NACOS_REPLICAS
+              value: "1"
+            - name: MYSQL_SERVICE_DB_NAME
+              valueFrom:
+                configMapKeyRef:
+                  name: helm-nacos-cm
+                  key: mysql.db.name
+            - name: MYSQL_SERVICE_PORT
+              valueFrom:
+                configMapKeyRef:
+                  name: helm-nacos-cm
+                  key: mysql.port
+            - name: MYSQL_SERVICE_USER
+              valueFrom:
+                configMapKeyRef:
+                  name: helm-nacos-cm
+                  key: mysql.user
+            - name: MYSQL_SERVICE_PASSWORD
+              valueFrom:
+                configMapKeyRef:
+                  name: helm-nacos-cm
+                  key: mysql.password
+            - name: MYSQL_SERVICE_HOST
+              valueFrom:
+                configMapKeyRef:
+                  name: helm-nacos-cm
+                  key: mysql.db.host
+            - name: NACOS_SERVER_PORT
+              value: "8848"
+            - name: NACOS_APPLICATION_PORT
+              value: "8848"
+            - name: PREFER_HOST_MODE
+              value: "hostname"
+            - name: MODE
+              value: standalone
+            - name: SPRING_DATASOURCE_PLATFORM
+              value: mysql
+---
+`

agent-deploy/c_middle/CmiiRabbitMQTemplate.go

@@ -0,0 +1,339 @@
+package c_middle
+
+const CmiiRabbitMQTemplate = `
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: helm-rabbitmq
+  namespace: {{ .Namespace }}
+  labels:
+    app.kubernetes.io/name: helm-rabbitmq
+    helm.sh/chart: rabbitmq-8.26.1
+    app.kubernetes.io/release: {{ .Namespace }}
+    app.kubernetes.io/managed-by: rabbitmq
+automountServiceAccountToken: true
+secrets:
+    - name: helm-rabbitmq
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: helm-rabbitmq
+  namespace: {{ .Namespace }}
+  labels:
+    app.kubernetes.io/name: helm-rabbitmq
+    helm.sh/chart: rabbitmq-8.26.1
+    app.kubernetes.io/release: {{ .Namespace }}
+    app.kubernetes.io/managed-by: rabbitmq
+type: Opaque
+data:
+  rabbitmq-password: "{{ .RabbitPasswordBase64 }}"
+  rabbitmq-erlang-cookie: "emFBRmt1ZU1xMkJieXZvdHRYbWpoWk52UThuVXFzcTU="
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: helm-rabbitmq-config
+  namespace: {{ .Namespace }}
+  labels:
+    app.kubernetes.io/name: helm-rabbitmq
+    helm.sh/chart: rabbitmq-8.26.1
+    app.kubernetes.io/release: {{ .Namespace }}
+    app.kubernetes.io/managed-by: rabbitmq
+data:
+  rabbitmq.conf: |-
+    ## Username and password
+    ##
+    default_user = admin
+    default_pass = {{ .RabbitPassword }}
+    ## Clustering
+    ##
+    cluster_formation.peer_discovery_backend  = rabbit_peer_discovery_k8s
+    cluster_formation.k8s.host = kubernetes.default.svc.cluster.local
+    cluster_formation.node_cleanup.interval = 10
+    cluster_formation.node_cleanup.only_log_warning = true
+    cluster_partition_handling = autoheal
+    # queue master locator
+    queue_master_locator = min-masters
+    # enable guest user
+    loopback_users.guest = false
+    #default_vhost = default-vhost
+    #disk_free_limit.absolute = 50MB
+    #load_definitions = /app/load_definition.json
+---
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: helm-rabbitmq-endpoint-reader
+  namespace: {{ .Namespace }}
+  labels:
+    app.kubernetes.io/name: helm-rabbitmq
+    helm.sh/chart: rabbitmq-8.26.1
+    app.kubernetes.io/release: {{ .Namespace }}
+    app.kubernetes.io/managed-by: rabbitmq
+rules:
+  - apiGroups: [""]
+    resources: ["endpoints"]
+    verbs: ["get"]
+  - apiGroups: [""]
+    resources: ["events"]
+    verbs: ["create"]
+---
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: helm-rabbitmq-endpoint-reader
+  namespace: {{ .Namespace }}
+  labels:
+    app.kubernetes.io/name: helm-rabbitmq
+    helm.sh/chart: rabbitmq-8.26.1
+    app.kubernetes.io/release: {{ .Namespace }}
+    app.kubernetes.io/managed-by: rabbitmq
+subjects:
+  - kind: ServiceAccount
+    name: helm-rabbitmq
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: helm-rabbitmq-endpoint-reader
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: helm-rabbitmq-headless
+  namespace: {{ .Namespace }}
+  labels:
+    app.kubernetes.io/name: helm-rabbitmq
+    helm.sh/chart: rabbitmq-8.26.1
+    app.kubernetes.io/release: {{ .Namespace }}
+    app.kubernetes.io/managed-by: rabbitmq
+spec:
+  clusterIP: None
+  ports:
+    - name: epmd
+      port: 4369
+      targetPort: epmd
+    - name: amqp
+      port: 5672
+      targetPort: amqp
+    - name: dist
+      port: 25672
+      targetPort: dist
+    - name: dashboard
+      port: 15672
+      targetPort: stats
+  selector: 
+    app.kubernetes.io/name: helm-rabbitmq
+    app.kubernetes.io/release: {{ .Namespace }}
+  publishNotReadyAddresses: true
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: helm-rabbitmq
+  namespace: {{ .Namespace }}
+  labels:
+    app.kubernetes.io/name: helm-rabbitmq
+    helm.sh/chart: rabbitmq-8.26.1
+    app.kubernetes.io/release: {{ .Namespace }}
+    app.kubernetes.io/managed-by: rabbitmq
+spec:
+  type: NodePort
+  ports:
+    - name: amqp
+      port: 5672
+      targetPort: amqp
+      nodePort: {{ .RabbitNodePort }}
+    - name: dashboard
+      port: 15672
+      targetPort: dashboard
+      nodePort: {{ .RabbitDashboardNodePort }}
+  selector: 
+    app.kubernetes.io/name: helm-rabbitmq
+    app.kubernetes.io/release: {{ .Namespace }}
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: helm-rabbitmq
+  namespace: {{ .Namespace }}
+  labels:
+    app.kubernetes.io/name: helm-rabbitmq
+    helm.sh/chart: rabbitmq-8.26.1
+    app.kubernetes.io/release: {{ .Namespace }}
+    app.kubernetes.io/managed-by: rabbitmq
+spec:
+  serviceName: helm-rabbitmq-headless
+  podManagementPolicy: OrderedReady
+  replicas: 1
+  updateStrategy:
+    type: RollingUpdate
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: helm-rabbitmq
+      app.kubernetes.io/release: {{ .Namespace }}
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: helm-rabbitmq
+        helm.sh/chart: rabbitmq-8.26.1
+        app.kubernetes.io/release: {{ .Namespace }}
+        app.kubernetes.io/managed-by: rabbitmq
+      annotations:
+        checksum/config: d6c2caa9572f64a06d9f7daa34c664a186b4778cd1697ef8e59663152fc628f1
+        checksum/secret: d764e7b3d999e7324d1afdfec6140092a612f04b6e0306818675815cec2f454f
+    spec:
+      imagePullSecrets:
+        - name: harborsecret
+      serviceAccountName: helm-rabbitmq
+      affinity: {}
+      securityContext:
+        fsGroup: 5001
+        runAsUser: 5001
+      terminationGracePeriodSeconds: 120
+      initContainers:
+        - name: volume-permissions
+          {{- if .HarborPort }}
+          image: {{ .HarborIPOrCustomImagePrefix }}:{{ .HarborPort }}/cmii/bitnami-shell:11-debian-11-r136
+          {{- else }}
+          image: {{ .HarborIPOrCustomImagePrefix }}bitnami-shell:11-debian-11-r136
+          {{- end }}
+          imagePullPolicy: "Always"
+          command:
+            - /bin/bash
+          args:
+            - -ec
+            - |
+              mkdir -p "/bitnami/rabbitmq/mnesia"
+              chown -R "5001:5001" "/bitnami/rabbitmq/mnesia"
+          securityContext:
+            runAsUser: 0
+          resources:
+            limits: {}
+            requests: {}
+          volumeMounts:
+            - name: data
+              mountPath: /bitnami/rabbitmq/mnesia
+      containers:
+        - name: rabbitmq
+          {{- if .HarborPort }}
+          image: {{ .HarborIPOrCustomImagePrefix }}:{{ .HarborPort }}/cmii/rabbitmq:3.9.12-debian-10-r3
+          {{- else }}
+          image: {{ .HarborIPOrCustomImagePrefix }}rabbitmq:3.9.12-debian-10-r3
+          {{- end }}
+          imagePullPolicy: "Always"
+          env:
+            - name: BITNAMI_DEBUG
+              value: "false"
+            - name: MY_POD_IP
+              valueFrom:
+                fieldRef:
+                  fieldPath: status.podIP
+            - name: MY_POD_NAME
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.name
+            - name: MY_POD_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.namespace
+            - name: K8S_SERVICE_NAME
+              value: "helm-rabbitmq-headless"
+            - name: K8S_ADDRESS_TYPE
+              value: hostname
+            - name: RABBITMQ_FORCE_BOOT
+              value: "no"
+            - name: RABBITMQ_NODE_NAME
+              value: "rabbit@$(MY_POD_NAME).$(K8S_SERVICE_NAME).$(MY_POD_NAMESPACE).svc.cluster.local"
+            - name: K8S_HOSTNAME_SUFFIX
+              value: ".$(K8S_SERVICE_NAME).$(MY_POD_NAMESPACE).svc.cluster.local"
+            - name: RABBITMQ_MNESIA_DIR
+              value: "/bitnami/rabbitmq/mnesia/$(RABBITMQ_NODE_NAME)"
+            - name: RABBITMQ_LDAP_ENABLE
+              value: "no"
+            - name: RABBITMQ_LOGS
+              value: "-"
+            - name: RABBITMQ_ULIMIT_NOFILES
+              value: "65536"
+            - name: RABBITMQ_USE_LONGNAME
+              value: "true"
+            - name: RABBITMQ_ERL_COOKIE
+              valueFrom:
+                secretKeyRef:
+                  name: helm-rabbitmq
+                  key: rabbitmq-erlang-cookie
+            - name: RABBITMQ_LOAD_DEFINITIONS
+              value: "no"
+            - name: RABBITMQ_SECURE_PASSWORD
+              value: "yes"
+            - name: RABBITMQ_USERNAME
+              value: "admin"
+            - name: RABBITMQ_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: helm-rabbitmq
+                  key: rabbitmq-password
+            - name: RABBITMQ_PLUGINS
+              value: "rabbitmq_management, rabbitmq_peer_discovery_k8s, rabbitmq_shovel, rabbitmq_shovel_management, rabbitmq_auth_backend_ldap"
+          ports:
+            - name: amqp
+              containerPort: 5672
+            - name: dist
+              containerPort: 25672
+            - name: dashboard
+              containerPort: 15672
+            - name: epmd
+              containerPort: 4369
+          livenessProbe:
+            exec:
+              command:
+                - /bin/bash
+                - -ec
+                - rabbitmq-diagnostics -q ping
+            initialDelaySeconds: 120
+            periodSeconds: 30
+            timeoutSeconds: 20
+            successThreshold: 1
+            failureThreshold: 6
+          readinessProbe:
+            exec:
+              command:
+                - /bin/bash
+                - -ec
+                - rabbitmq-diagnostics -q check_running && rabbitmq-diagnostics -q check_local_alarms
+            initialDelaySeconds: 10
+            periodSeconds: 30
+            timeoutSeconds: 20
+            successThreshold: 1
+            failureThreshold: 3
+          lifecycle:
+            preStop:
+              exec:
+                command:
+                  - /bin/bash
+                  - -ec
+                  - |
+                    if [[ -f /opt/bitnami/scripts/rabbitmq/nodeshutdown.sh ]]; then
+                        /opt/bitnami/scripts/rabbitmq/nodeshutdown.sh -t "120" -d  "false"
+                    else
+                        rabbitmqctl stop_app
+                    fi
+          resources:
+            limits: {}
+            requests: {}
+          volumeMounts:
+            - name: configuration
+              mountPath: /bitnami/rabbitmq/conf
+            - name: data
+              mountPath: /bitnami/rabbitmq/mnesia
+      volumes:
+        - name: configuration
+          configMap:
+            name: helm-rabbitmq-config
+            items:
+              - key: rabbitmq.conf
+                path: rabbitmq.conf
+        - name: data
+          persistentVolumeClaim:
+            claimName: helm-rabbitmq
+`

agent-deploy/c_middle/CmiiRedisTemplate.go

@@ -0,0 +1,596 @@
+package c_middle
+
+const CmiiRedisTemplate = `
+apiVersion: v1
+kind: ServiceAccount
+automountServiceAccountToken: true
+metadata:
+  name: helm-redis
+  namespace: {{ .Namespace }}
+  labels:
+    app.kubernetes.io/name: redis-db
+    octopus.control: redis-db-wdd
+    app.kubernetes.io/release: {{ .Namespace }}
+    app.kubernetes.io/managed-by: octopus
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: helm-redis
+  namespace: {{ .Namespace }}
+  labels:
+    app.kubernetes.io/name: redis-db
+    octopus.control: redis-db-wdd
+    app.kubernetes.io/release: {{ .Namespace }}
+    app.kubernetes.io/managed-by: octopus
+type: Opaque
+data:
+  redis-password: "TWNhY2hlQDQ1MjI="
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: helm-redis-configuration
+  namespace: {{ .Namespace }}
+  labels:
+    app.kubernetes.io/name: redis-db
+    octopus.control: redis-db-wdd
+    app.kubernetes.io/release: {{ .Namespace }}
+    app.kubernetes.io/managed-by: octopus
+data:
+  redis.conf: |-
+    # User-supplied common configuration:
+    # Enable AOF https://redis.io/topics/persistence#append-only-file
+    appendonly yes
+    # Disable RDB persistence, AOF persistence already enabled.
+    save ""
+    # End of common configuration
+  master.conf: |-
+    dir /data
+    # User-supplied master configuration:
+    rename-command FLUSHDB ""
+    rename-command FLUSHALL ""
+    # End of master configuration
+  replica.conf: |-
+    dir /data
+    slave-read-only yes
+    # User-supplied replica configuration:
+    rename-command FLUSHDB ""
+    rename-command FLUSHALL ""
+    # End of replica configuration
+---
+# Source: outside-deploy/charts/redis-db/templates/health-configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: helm-redis-health
+  namespace: {{ .Namespace }}
+  labels:
+    app.kubernetes.io/name: redis-db
+    octopus.control: redis-db-wdd
+    app.kubernetes.io/release: {{ .Namespace }}
+    app.kubernetes.io/managed-by: octopus
+data:
+  ping_readiness_local.sh: |-
+    #!/bin/bash
+
+    [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")"
+    [[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD"
+    response=$(
+      timeout -s 3 $1 \
+      redis-cli \
+        -h localhost \
+        -p $REDIS_PORT \
+        ping
+    )
+    if [ "$response" != "PONG" ]; then
+      echo "$response"
+      exit 1
+    fi
+  ping_liveness_local.sh: |-
+    #!/bin/bash
+
+    [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")"
+    [[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD"
+    response=$(
+      timeout -s 3 $1 \
+      redis-cli \
+        -h localhost \
+        -p $REDIS_PORT \
+        ping
+    )
+    if [ "$response" != "PONG" ] && [ "$response" != "LOADING Redis is loading the dataset in memory" ]; then
+      echo "$response"
+      exit 1
+    fi
+  ping_readiness_master.sh: |-
+    #!/bin/bash
+
+    [[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")"
+    [[ -n "$REDIS_MASTER_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_MASTER_PASSWORD"
+    response=$(
+      timeout -s 3 $1 \
+      redis-cli \
+        -h $REDIS_MASTER_HOST \
+        -p $REDIS_MASTER_PORT_NUMBER \
+        ping
+    )
+    if [ "$response" != "PONG" ]; then
+      echo "$response"
+      exit 1
+    fi
+  ping_liveness_master.sh: |-
+    #!/bin/bash
+
+    [[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")"
+    [[ -n "$REDIS_MASTER_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_MASTER_PASSWORD"
+    response=$(
+      timeout -s 3 $1 \
+      redis-cli \
+        -h $REDIS_MASTER_HOST \
+        -p $REDIS_MASTER_PORT_NUMBER \
+        ping
+    )
+    if [ "$response" != "PONG" ] && [ "$response" != "LOADING Redis is loading the dataset in memory" ]; then
+      echo "$response"
+      exit 1
+    fi
+  ping_readiness_local_and_master.sh: |-
+    script_dir="$(dirname "$0")"
+    exit_status=0
+    "$script_dir/ping_readiness_local.sh" $1 || exit_status=$?
+    "$script_dir/ping_readiness_master.sh" $1 || exit_status=$?
+    exit $exit_status
+  ping_liveness_local_and_master.sh: |-
+    script_dir="$(dirname "$0")"
+    exit_status=0
+    "$script_dir/ping_liveness_local.sh" $1 || exit_status=$?
+    "$script_dir/ping_liveness_master.sh" $1 || exit_status=$?
+    exit $exit_status
+---
+# Source: outside-deploy/charts/redis-db/templates/scripts-configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: helm-redis-scripts
+  namespace: {{ .Namespace }}
+  labels:
+    app.kubernetes.io/name: redis-db
+    octopus.control: redis-db-wdd
+    app.kubernetes.io/release: {{ .Namespace }}
+    app.kubernetes.io/managed-by: octopus
+data:
+  start-master.sh: |
+    #!/bin/bash
+
+    [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")"
+    if [[ ! -f /opt/bitnami/redis/etc/master.conf ]];then
+        cp /opt/bitnami/redis/mounted-etc/master.conf /opt/bitnami/redis/etc/master.conf
+    fi
+    if [[ ! -f /opt/bitnami/redis/etc/redis.conf ]];then
+        cp /opt/bitnami/redis/mounted-etc/redis.conf /opt/bitnami/redis/etc/redis.conf
+    fi
+    ARGS=("--port" "${REDIS_PORT}")
+    ARGS+=("--requirepass" "${REDIS_PASSWORD}")
+    ARGS+=("--masterauth" "${REDIS_PASSWORD}")
+    ARGS+=("--include" "/opt/bitnami/redis/etc/redis.conf")
+    ARGS+=("--include" "/opt/bitnami/redis/etc/master.conf")
+    exec redis-server "${ARGS[@]}"
+  start-replica.sh: |
+    #!/bin/bash
+
+    get_port() {
+        hostname="$1"
+        type="$2"
+
+        port_var=$(echo "${hostname^^}_SERVICE_PORT_$type" | sed "s/-/_/g")
+        port=${!port_var}
+        
+        if [ -z "$port" ]; then
+            case $type in
+                "SENTINEL")
+                    echo 26379
+                    ;;
+                "REDIS")
+                    echo 6379
+                    ;;
+            esac
+        else
+            echo $port
+        fi
+    }
+
+    get_full_hostname() {
+        hostname="$1"
+        echo "${hostname}.${HEADLESS_SERVICE}"
+    }
+
+    REDISPORT=$(get_port "$HOSTNAME" "REDIS")
+    
+    [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")"
+    [[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")"
+    if [[ ! -f /opt/bitnami/redis/etc/replica.conf ]];then
+        cp /opt/bitnami/redis/mounted-etc/replica.conf /opt/bitnami/redis/etc/replica.conf
+    fi
+    if [[ ! -f /opt/bitnami/redis/etc/redis.conf ]];then
+        cp /opt/bitnami/redis/mounted-etc/redis.conf /opt/bitnami/redis/etc/redis.conf
+    fi
+
+    echo "" >> /opt/bitnami/redis/etc/replica.conf
+    echo "replica-announce-port $REDISPORT" >> /opt/bitnami/redis/etc/replica.conf
+    echo "replica-announce-ip $(get_full_hostname "$HOSTNAME")" >> /opt/bitnami/redis/etc/replica.conf
+    ARGS=("--port" "${REDIS_PORT}")
+    ARGS+=("--slaveof" "${REDIS_MASTER_HOST}" "${REDIS_MASTER_PORT_NUMBER}")
+    ARGS+=("--requirepass" "${REDIS_PASSWORD}")
+    ARGS+=("--masterauth" "${REDIS_MASTER_PASSWORD}")
+    ARGS+=("--include" "/opt/bitnami/redis/etc/redis.conf")
+    ARGS+=("--include" "/opt/bitnami/redis/etc/replica.conf")
+    exec redis-server "${ARGS[@]}"
+---
+# Source: outside-deploy/charts/redis-db/templates/headless-svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: helm-redis-headless
+  namespace: {{ .Namespace }}
+  labels:
+    app.kubernetes.io/name: redis-db
+    octopus.control: redis-db-wdd
+    app.kubernetes.io/release: {{ .Namespace }}
+    app.kubernetes.io/managed-by: octopus
+spec:
+  type: ClusterIP
+  clusterIP: None
+  ports:
+    - name: tcp-redis
+      port: 6379
+      targetPort: redis
+  selector:
+    app.kubernetes.io/name: redis-db
+    app.kubernetes.io/release: {{ .Namespace }}
+---
+# Source: outside-deploy/charts/redis-db/templates/master/service.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: helm-redis-master
+  namespace: {{ .Namespace }}
+  labels:
+    app.kubernetes.io/name: redis-db
+    octopus.control: redis-db-wdd
+    app.kubernetes.io/release: {{ .Namespace }}
+    app.kubernetes.io/managed-by: octopus
+    cmii.type: middleware
+    cmii.app: redis
+    app.kubernetes.io/component: master
+spec:
+  type: ClusterIP
+  
+  ports:
+    - name: tcp-redis
+      port: 6379
+      targetPort: redis
+      nodePort: null
+  selector:
+    app.kubernetes.io/name: redis-db
+    app.kubernetes.io/release: {{ .Namespace }}
+    cmii.type: middleware
+    cmii.app: redis
+    app.kubernetes.io/component: master
+---
+# Source: outside-deploy/charts/redis-db/templates/replicas/service.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: helm-redis-replicas
+  namespace: {{ .Namespace }}
+  labels:
+    app.kubernetes.io/name: redis-db
+    octopus.control: redis-db-wdd
+    app.kubernetes.io/release: {{ .Namespace }}
+    app.kubernetes.io/managed-by: octopus
+    app.kubernetes.io/component: replica
+spec:
+  type: ClusterIP
+  ports:
+    - name: tcp-redis
+      port: 6379
+      targetPort: redis
+      nodePort: null
+  selector:
+    app.kubernetes.io/name: redis-db
+    app.kubernetes.io/release: {{ .Namespace }}
+    app.kubernetes.io/component: replica
+---
+# Source: outside-deploy/charts/redis-db/templates/master/statefulset.yaml
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: helm-redis-master
+  namespace: {{ .Namespace }}
+  labels:
+    app.kubernetes.io/name: redis-db
+    octopus.control: redis-db-wdd
+    app.kubernetes.io/release: {{ .Namespace }}
+    app.kubernetes.io/managed-by: octopus
+    cmii.type: middleware
+    cmii.app: redis
+    app.kubernetes.io/component: master
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: redis-db
+      app.kubernetes.io/release: {{ .Namespace }}
+      cmii.type: middleware
+      cmii.app: redis
+      app.kubernetes.io/component: master
+  serviceName: helm-redis-headless
+  updateStrategy:
+    rollingUpdate: {}
+    type: RollingUpdate
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: redis-db
+        octopus.control: redis-db-wdd
+        app.kubernetes.io/release: {{ .Namespace }}
+        app.kubernetes.io/managed-by: octopus
+        cmii.type: middleware
+        cmii.app: redis
+        app.kubernetes.io/component: master
+      annotations:
+        checksum/configmap: b64aa5db67e6e63811f3c1095b9fce34d83c86a471fccdda0e48eedb53a179b0
+        checksum/health: 6e0a6330e5ac63e565ae92af1444527d72d8897f91266f333555b3d323570623
+        checksum/scripts: b88df93710b7c42a76006e20218f05c6e500e6cc2affd4bb1985832f03166e98
+        checksum/secret: 43f1b0e20f9cb2de936bd182bc3683b720fc3cf4f4e76cb23c06a52398a50e8d
+    spec:
+      affinity: {}
+      securityContext:
+        fsGroup: 1001
+      serviceAccountName: helm-redis
+      imagePullSecrets:
+        - name: harborsecret
+      terminationGracePeriodSeconds: 30
+      containers:
+        - name: redis
+          {{- if .HarborPort }}
+          image: {{ .HarborIPOrCustomImagePrefix }}:{{ .HarborPort }}/cmii/redis:6.2.6-debian-10-r0
+          {{- else }}
+          image: {{ .HarborIPOrCustomImagePrefix }}redis:6.2.6-debian-10-r0
+          {{- end }}
+          imagePullPolicy: "Always"
+          securityContext:
+            runAsUser: 1001
+          command:
+            - /bin/bash
+          args:
+            - -c
+            - /opt/bitnami/scripts/start-scripts/start-master.sh
+          env:
+            - name: BITNAMI_DEBUG
+              value: "false"
+            - name: REDIS_REPLICATION_MODE
+              value: master
+            - name: ALLOW_EMPTY_PASSWORD
+              value: "no"
+            - name: REDIS_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: helm-redis
+                  key: redis-password
+            - name: REDIS_TLS_ENABLED
+              value: "no"
+            - name: REDIS_PORT
+              value: "6379"
+          ports:
+            - name: redis
+              containerPort: 6379
+          livenessProbe:
+            initialDelaySeconds: 20
+            periodSeconds: 5
+            # One second longer than command timeout should prevent generation of zombie processes.
+            timeoutSeconds: 6
+            successThreshold: 1
+            failureThreshold: 5
+            exec:
+              command:
+                - sh
+                - -c
+                - /health/ping_liveness_local.sh 5
+          readinessProbe:
+            initialDelaySeconds: 20
+            periodSeconds: 5
+            timeoutSeconds: 2
+            successThreshold: 1
+            failureThreshold: 5
+            exec:
+              command:
+                - sh
+                - -c
+                - /health/ping_readiness_local.sh 1
+          resources:
+            limits:
+              cpu: "2"
+              memory: 8Gi
+            requests:
+              cpu: "2"
+              memory: 8Gi
+          volumeMounts:
+            - name: start-scripts
+              mountPath: /opt/bitnami/scripts/start-scripts
+            - name: health
+              mountPath: /health
+            - name: redis-data
+              mountPath: /data
+              subPath: 
+            - name: config
+              mountPath: /opt/bitnami/redis/mounted-etc
+            - name: redis-tmp-conf
+              mountPath: /opt/bitnami/redis/etc/
+            - name: tmp
+              mountPath: /tmp
+      volumes:
+        - name: start-scripts
+          configMap:
+            name: helm-redis-scripts
+            defaultMode: 0755
+        - name: health
+          configMap:
+            name: helm-redis-health
+            defaultMode: 0755
+        - name: config
+          configMap:
+            name: helm-redis-configuration
+        - name: redis-tmp-conf
+          emptyDir: {}
+        - name: tmp
+          emptyDir: {}
+        - name: redis-data
+          emptyDir: {}
+---
+# Source: outside-deploy/charts/redis-db/templates/replicas/statefulset.yaml
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: helm-redis-replicas
+  namespace: {{ .Namespace }}
+  labels:
+    app.kubernetes.io/name: redis-db
+    octopus.control: redis-db-wdd
+    app.kubernetes.io/release: {{ .Namespace }}
+    app.kubernetes.io/managed-by: octopus
+    app.kubernetes.io/component: replica
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: redis-db
+      app.kubernetes.io/release: {{ .Namespace }}
+      app.kubernetes.io/component: replica
+  serviceName: helm-redis-headless
+  updateStrategy:
+    rollingUpdate: {}
+    type: RollingUpdate
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: redis-db
+        octopus.control: redis-db-wdd
+        app.kubernetes.io/release: {{ .Namespace }}
+        app.kubernetes.io/managed-by: octopus
+        app.kubernetes.io/component: replica
+      annotations:
+        checksum/configmap: b64aa5db67e6e63811f3c1095b9fce34d83c86a471fccdda0e48eedb53a179b0
+        checksum/health: 6e0a6330e5ac63e565ae92af1444527d72d8897f91266f333555b3d323570623
+        checksum/scripts: b88df93710b7c42a76006e20218f05c6e500e6cc2affd4bb1985832f03166e98
+        checksum/secret: 43f1b0e20f9cb2de936bd182bc3683b720fc3cf4f4e76cb23c06a52398a50e8d
+    spec:
+      imagePullSecrets:
+        - name: harborsecret
+      securityContext:
+        fsGroup: 1001
+      serviceAccountName: helm-redis
+      terminationGracePeriodSeconds: 30
+      containers:
+        - name: redis
+          {{- if .HarborPort }}
+          image: {{ .HarborIPOrCustomImagePrefix }}:{{ .HarborPort }}/cmii/redis:6.2.6-debian-10-r0
+          {{- else }}
+          image: {{ .HarborIPOrCustomImagePrefix }}redis:6.2.6-debian-10-r0
+          {{- end }}
+          imagePullPolicy: "Always"
+          securityContext:
+            runAsUser: 1001
+          command:
+            - /bin/bash
+          args:
+            - -c
+            - /opt/bitnami/scripts/start-scripts/start-replica.sh
+          env:
+            - name: BITNAMI_DEBUG
+              value: "false"
+            - name: REDIS_REPLICATION_MODE
+              value: slave
+            - name: REDIS_MASTER_HOST
+              value: helm-redis-master-0.helm-redis-headless.{{ .Namespace }}.svc.cluster.local
+            - name: REDIS_MASTER_PORT_NUMBER
+              value: "6379"
+            - name: ALLOW_EMPTY_PASSWORD
+              value: "no"
+            - name: REDIS_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: helm-redis
+                  key: redis-password
+            - name: REDIS_MASTER_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: helm-redis
+                  key: redis-password
+            - name: REDIS_TLS_ENABLED
+              value: "no"
+            - name: REDIS_PORT
+              value: "6379"
+          ports:
+            - name: redis
+              containerPort: 6379
+          livenessProbe:
+            initialDelaySeconds: 20
+            periodSeconds: 5
+            timeoutSeconds: 6
+            successThreshold: 1
+            failureThreshold: 5
+            exec:
+              command:
+                - sh
+                - -c
+                - /health/ping_liveness_local_and_master.sh 5
+          readinessProbe:
+            initialDelaySeconds: 20
+            periodSeconds: 5
+            timeoutSeconds: 2
+            successThreshold: 1
+            failureThreshold: 5
+            exec:
+              command:
+                - sh
+                - -c
+                - /health/ping_readiness_local_and_master.sh 1
+          resources:
+            limits:
+              cpu: "2"
+              memory: 8Gi
+            requests:
+              cpu: "2"
+              memory: 8Gi
+          volumeMounts:
+            - name: start-scripts
+              mountPath: /opt/bitnami/scripts/start-scripts
+            - name: health
+              mountPath: /health
+            - name: redis-data
+              mountPath: /data
+              subPath: 
+            - name: config
+              mountPath: /opt/bitnami/redis/mounted-etc
+            - name: redis-tmp-conf
+              mountPath: /opt/bitnami/redis/etc
+      volumes:
+        - name: start-scripts
+          configMap:
+            name: helm-redis-scripts
+            defaultMode: 0755
+        - name: health
+          configMap:
+            name: helm-redis-health
+            defaultMode: 0755
+        - name: config
+          configMap:
+            name: helm-redis-configuration
+        - name: redis-tmp-conf
+          emptyDir: {}
+        - name: redis-data
+          emptyDir: {}
+
+`

agent-deploy/c_middle/DeployMiddleware.go

@@ -0,0 +1,214 @@
+package c_middle
+
+import (
+	"encoding/base64"
+	"github.com/go-playground/validator/v10"
+	"wdd.io/agent-common/logger"
+	"wdd.io/agent-common/utils"
+	"wdd.io/agent-deploy/z_dep"
+)
+
+var (
+	log                = logger.Log
+	DefaultMysqlConfig = &MySQlConfig{
+		MySQLNodePort:           "33306",
+		MySQLRootPasswordBase64: base64.StdEncoding.EncodeToString([]byte("QzfXQhd3bQ")),
+		MySQLRootPassword:       "QzfXQhd3bQ",
+		MySQLK8sAdminPassword:   "fP#UaH6qQ3)8",
+	}
+
+	DefaultRabbitConfig = &RabbitMQConfig{
+		RabbitNodePort:          "35672",
+		RabbitDashboardNodePort: "35675",
+		RabbitPassword:          "nYcRN91r._hj",
+		RabbitPasswordBase64:    "blljUk45MXIuX2hq",
+	}
+
+	DefaultEmqxConfig = &EmqxConfig{
+		EmqxNodePort:          "31883",
+		EmqxDashboardNodePort: "38085",
+		EmqxWebSocketNodePort: "38083",
+		EmqxPassword:          "odD8#Ve7.B",
+	}
+
+	DefaultMongoConfig = &MongoConfig{
+		MongoPassword: "REdPza8#oVlt",
+	}
+)
+
+type MySQlConfig struct {
+	z_dep.CommonEnvironmentConfig
+	MySQLNodePort           string
+	MySQLRootPassword       string `validate:"required" comment:"string"`
+	MySQLRootPasswordBase64 string `validate:"required" comment:"base64"`
+	MySQLK8sAdminPassword   string `validate:"required" comment:"string"`
+}
+
+type RedisConfig struct {
+	z_dep.CommonEnvironmentConfig
+}
+
+type RabbitMQConfig struct {
+	z_dep.CommonEnvironmentConfig
+	RabbitNodePort          string
+	RabbitDashboardNodePort string
+	RabbitPassword          string
+	RabbitPasswordBase64    string
+}
+
+type NacosConfig struct {
+	z_dep.CommonEnvironmentConfig
+	MySQLK8sAdminPassword string
+	NacosNodePort         string
+}
+
+type MongoConfig struct {
+	z_dep.CommonEnvironmentConfig
+	MongoPassword string
+	MongoNodePort string
+}
+
+type EmqxConfig struct {
+	z_dep.CommonEnvironmentConfig
+	EmqxNodePort          string
+	EmqxDashboardNodePort string
+	EmqxWebSocketNodePort string
+	EmqxPassword          string
+}
+
+func (emqx *EmqxConfig) MidEmqxDeploy(commonEnv *z_dep.CommonEnvironmentConfig) bool {
+
+	// copy
+	utils.CopySameFields(commonEnv, emqx)
+
+	validate := validator.New()
+	err := validate.Struct(emqx)
+	if err != nil {
+		log.ErrorF("backend config validate error: %v\n", err)
+		return false
+	}
+
+	if !z_dep.ParseEnvToApplyFile(emqx, CmiiEmqxTemplate, z_dep.EmqxApplyFilePath) {
+		return false
+	}
+
+	return true
+}
+
+func MidEmqxDeploy(commonEnv *z_dep.CommonEnvironmentConfig) bool {
+	return commonEnv.ParseCommonEnvToApplyFile(CmiiEmqxTemplate, z_dep.EmqxApplyFilePath)
+}
+
+func (mongo *MongoConfig) MidMongoDeploy(commonEnv *z_dep.CommonEnvironmentConfig) bool {
+
+	// copy
+	utils.CopySameFields(commonEnv, mongo)
+
+	validate := validator.New()
+	err := validate.Struct(mongo)
+	if err != nil {
+		log.ErrorF("backend config validate error: %v\n", err)
+		return false
+	}
+
+	if !z_dep.ParseEnvToApplyFile(mongo, CmiiMongoTemplate, z_dep.MongoApplyFilePath) {
+		return false
+	}
+
+	return true
+}
+func MidMongoDeploy(commonEnv *z_dep.CommonEnvironmentConfig) bool {
+	return commonEnv.ParseCommonEnvToApplyFile(CmiiMongoTemplate, z_dep.MongoApplyFilePath)
+}
+
+func (rabbit *RabbitMQConfig) MidRabbitMQDeploy(commonEnv *z_dep.CommonEnvironmentConfig) bool {
+
+	// copy
+	utils.CopySameFields(commonEnv, rabbit)
+
+	validate := validator.New()
+	err := validate.Struct(rabbit)
+	if err != nil {
+		log.ErrorF("backend config validate error: %v\n", err)
+		return false
+	}
+
+	if !z_dep.ParseEnvToApplyFile(rabbit, CmiiRabbitMQTemplate, z_dep.RabbitMQApplyFilePath) {
+		return false
+	}
+
+	return true
+}
+func MidRabbitMQDeploy(commonEnv *z_dep.CommonEnvironmentConfig) bool {
+	return commonEnv.ParseCommonEnvToApplyFile(CmiiRabbitMQTemplate, z_dep.RabbitMQApplyFilePath)
+}
+
+func (redis *RedisConfig) MidRedisDeploy(commonEnv *z_dep.CommonEnvironmentConfig) bool {
+
+	// copy
+	utils.CopySameFields(commonEnv, redis)
+
+	validate := validator.New()
+	err := validate.Struct(redis)
+	if err != nil {
+		log.ErrorF("backend config validate error: %v\n", err)
+		return false
+	}
+
+	if !z_dep.ParseEnvToApplyFile(redis, CmiiRedisTemplate, z_dep.RedisApplyFilePath) {
+		return false
+	}
+
+	return true
+}
+func MidRedisDeploy(commonEnv *z_dep.CommonEnvironmentConfig) bool {
+	return commonEnv.ParseCommonEnvToApplyFile(CmiiRedisTemplate, z_dep.RedisApplyFilePath)
+}
+
+func (mysql *MySQlConfig) MidMySQlDeploy(commonEnv *z_dep.CommonEnvironmentConfig) bool {
+	// copy
+	utils.CopySameFields(commonEnv, mysql)
+
+	validate := validator.New()
+	err := validate.Struct(mysql)
+	if err != nil {
+		log.ErrorF("backend config validate error: %v\n", err)
+		return false
+	}
+
+	if !z_dep.ParseEnvToApplyFile(mysql, CmiiMySQLTemplate, z_dep.MySQLApplyFilePath) {
+		return false
+	}
+
+	return true
+}
+
+func MidMySQlDeploy(commonEnv *z_dep.CommonEnvironmentConfig) bool {
+	return commonEnv.ParseCommonEnvToApplyFile(CmiiMySQLTemplate, z_dep.MySQLApplyFilePath)
+}
+
+func (nacos *NacosConfig) MidNacosDeploy(commonEnv *z_dep.CommonEnvironmentConfig) bool {
+	// copy
+	utils.CopySameFields(commonEnv, nacos)
+
+	validate := validator.New()
+	err := validate.Struct(nacos)
+	if err != nil {
+		log.ErrorF("backend config validate error: %v\n", err)
+		return false
+	}
+
+	if !z_dep.ParseEnvToApplyFile(nacos, CmiiNacosTemplate, z_dep.NacosApplyFilePath) {
+		return false
+	}
+
+	return true
+}
+
+func MidNacosDeploy(commonEnv *z_dep.CommonEnvironmentConfig) bool {
+	return commonEnv.ParseCommonEnvToApplyFile(CmiiNacosTemplate, z_dep.NacosApplyFilePath)
+}
+
+func PVCDeploy(commonEnv *z_dep.CommonEnvironmentConfig) bool {
+	return commonEnv.ParseCommonEnvToApplyFile(CmiiPVCTemplate, z_dep.PVCApplyFilePath)
+}

agent-deploy/c_middle/TemplateCmiiPVC.go

@@ -0,0 +1,79 @@
+package c_middle
+
+const CmiiPVCTemplate = `
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: nfs-backend-log-pvc
+  namespace: {{ .Namespace }}
+  labels:
+    cmii.type: middleware-base
+    cmii.app: nfs-backend-log-pvc
+    helm.sh/chart: all-persistence-volume-claims-1.1.0
+    app.kubernetes.io/version: {{ .TagVersion }}
+spec:
+  storageClassName: nfs-prod-distribute
+  accessModes:
+    - ReadWriteMany
+  volumeMode: Filesystem
+  resources:
+    requests:
+      storage: 100Gi
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: helm-emqxs
+  namespace: {{ .Namespace }}
+  labels:
+    cmii.type: middleware-base
+    cmii.app: helm-emqxs
+    helm.sh/chart: all-persistence-volume-claims-1.1.0
+    app.kubernetes.io/version: {{ .TagVersion }}
+spec:
+  storageClassName: nfs-prod-distribute
+  accessModes:
+    - ReadWriteMany
+  volumeMode: Filesystem
+  resources:
+    requests:
+      storage: 20Gi
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: helm-mongo
+  namespace: {{ .Namespace }}
+  labels:
+    cmii.type: middleware-base
+    cmii.app: helm-mongo
+    helm.sh/chart: all-persistence-volume-claims-1.1.0
+    app.kubernetes.io/version: {{ .TagVersion }}
+spec:
+  storageClassName: nfs-prod-distribute
+  accessModes:
+    - ReadWriteMany
+  volumeMode: Filesystem
+  resources:
+    requests:
+      storage: 30Gi
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: helm-rabbitmq
+  namespace: {{ .Namespace }}
+  labels:
+    cmii.type: middleware-base
+    cmii.app: helm-rabbitmq
+    helm.sh/chart: all-persistence-volume-claims-1.1.0
+    app.kubernetes.io/version: {{ .TagVersion }}
+spec:
+  storageClassName: nfs-prod-distribute
+  accessModes:
+    - ReadWriteMany
+  volumeMode: Filesystem
+  resources:
+    requests:
+      storage: 20Gi
+`

agent-deploy/d_app/CmiiImageConfig.go

@@ -0,0 +1,394 @@
+package d_app
+
+var CmiiBackendAppMap = map[string]string{
+	"cmii-admin-data":               "5.2.0",
+	"cmii-admin-gateway":            "5.2.0",
+	"cmii-admin-user":               "5.2.0",
+	"cmii-app-release":              "4.2.0-validation",
+	"cmii-open-gateway":             "5.2.0",
+	"cmii-suav-supervision":         "5.2.0",
+	"cmii-uav-airspace":             "5.2.0",
+	"cmii-uav-alarm":                "5.2.0",
+	"cmii-uav-autowaypoint":         "4.1.6-cm-0828",
+	"cmii-uav-brain":                "5.2.0",
+	"cmii-uav-cloud-live":           "5.2.0",
+	"cmii-uav-clusters":             "5.2.0",
+	"cmii-uav-cms":                  "5.2.0",
+	"cmii-uav-data-post-process":    "5.2.0",
+	"cmii-uav-depotautoreturn":      "4.2.0",
+	"cmii-uav-developer":            "5.2.0-25858",
+	"cmii-uav-device":               "5.2.0",
+	"cmii-uav-emergency":            "5.2.0",
+	"cmii-uav-gateway":              "5.2.0",
+	"cmii-uav-industrial-portfolio": "5.2.0-25268-10",
+	"cmii-uav-integration":          "5.2.0-25447",
+	"cmii-uav-kpi-monitor":          "5.2.0",
+	"cmii-uav-logger":               "5.2.0",
+	"cmii-uav-material-warehouse":   "5.2.0",
+	"cmii-uav-mission":              "5.2.0-25840",
+	"cmii-uav-mqtthandler":          "5.2.0-25340",
+	"cmii-uav-notice":               "5.2.0",
+	"cmii-uav-oauth":                "5.2.0",
+	"cmii-uav-process":              "5.2.0",
+	"cmii-uav-surveillance":         "5.2.0-25854",
+	"cmii-uav-threedsimulation":     "5.2.0",
+	"cmii-uav-tower":                "5.2.0",
+	"cmii-uav-user":                 "5.2.0",
+	"cmii-uav-waypoint":             "5.2.0",
+	"cmii-uav-multilink":            "5.2.0",
+	"cmii-uav-bridge":               "5.2.0",
+	"cmii-uas-lifecycle":            "5.2.0",
+	"cmii-uas-gateway":              "5.2.0",
+	"cmii-uav-gis-server":           "5.4.0",
+	"cmii-uav-grid-datasource":      "5.4.0",
+	"cmii-uav-grid-engine":          "5.4.0",
+	"cmii-uav-grid-manage":          "5.4.0",
+	"cmii-uav-sense-adapter":        "5.4.0",
+	"cmii-uav-sync":                 "5.4.0",
+	"cmii-uav-iot-dispatcher":       "5.7.0",
+	"cmii-uavms-security-center":    "5.7.0",
+	"cmii-uav-fwdd":                 "5.7.0",
+	"cmii-uav-advanced5g":           "5.7.0",
+	"cmii-sky-converge":             "5.7.0",
+	"cmii-uav-sec-awareness":        "5.7.0",
+	"cmii-uav-security-trace":       "5.7.0",
+	"cmii-uavms-pyfusion":           "5.7.0",
+	"cmii-uav-iot-manager":          "5.7.0",
+	"cmii-uas-datahub":              "5.7.0",
+	"cmii-uav-watchdog":             "5.7.0",
+}
+
+var CmiiFrontendAppMap = map[string]string{
+	"cmii-suav-platform-supervision":      "5.2.0",
+	"cmii-suav-platform-supervisionh5":    "5.2.0",
+	"cmii-uav-platform":                   "5.2.0-011004",
+	"cmii-uav-platform-ai-brain":          "5.2.0",
+	"cmii-uav-platform-armypeople":        "5.2.0-24538",
+	"cmii-uav-platform-base":              "5.2.0",
+	"cmii-uav-platform-cms-portal":        "5.2.0",
+	"cmii-uav-platform-detection":         "5.2.0",
+	"cmii-uav-platform-emergency-rescue":  "5.2.0",
+	"cmii-uav-platform-hljtt":             "5.2.0",
+	"cmii-uav-platform-jiangsuwenlv":      "4.1.3-jiangsu-0427",
+	"cmii-uav-platform-logistics":         "5.2.0",
+	"cmii-uav-platform-media":             "5.2.0",
+	"cmii-uav-platform-multiterminal":     "5.2.0",
+	"cmii-uav-platform-mws":               "5.2.0",
+	"cmii-uav-platform-oms":               "5.2.0",
+	"cmii-uav-platform-open":              "5.2.0",
+	"cmii-uav-platform-qingdao":           "4.1.6-24238-qingdao",
+	"cmii-uav-platform-qinghaitourism":    "4.1.0-21377-0508",
+	"cmii-uav-platform-security":          "4.1.6",
+	"cmii-uav-platform-securityh5":        "5.2.0",
+	"cmii-uav-platform-seniclive":         "5.2.0",
+	"cmii-uav-platform-share":             "5.2.0",
+	"cmii-uav-platform-splice":            "5.2.0",
+	"cmii-uav-platform-threedsimulation":  "5.2.0-21392",
+	"cmii-uav-platform-visualization":     "5.2.0",
+	"cmii-uav-platform-uasms":             "5.2.0",
+	"cmii-uav-platform-uas":               "5.2.0",
+	"cmii-uav-platform-pilot2-to-cloud":   "5.2.0",
+	"cmii-uavms-platform-security-center": "5.2.0",
+	"cmii-uav-platform-dispatchh5":        "5.2.0",
+	"cmii-uavms-platform-manager":         "5.2.0",
+	"cmii-uav-platform-awareness":         "5.2.0",
+	"cmii-uav-platform-flight-control":    "5.2.0",
+}
+
+var IgnoreCmiiBackendAppName = map[string]string{
+	"cmii-uav-grid-datasource":   "0",
+	"cmii-uav-grid-manage":       "0",
+	"cmii-uav-grid-engine":       "0",
+	"cmii-uav-kpi-monitor":       "0",
+	"cmii-uav-gis-server":        "0",
+	"cmii-app-release":           "0",
+	"cmii-uav-autowaypoint":      "0",
+	"cmii-uav-integration":       "0",
+	"cmii-uav-developer":         "0",
+	"cmii-open-gateway":          "0",
+	"cmii-uav-brain":             "0",
+	"cmii-uav-data-post-process": "0",
+	"cmii-uav-multilink":         "0",
+	"cmii-uav-alarm":             "0",
+	"cmii-uav-tower":             "0",
+	"cmii-uav-clusters":          "0",
+	"cmii-uav-depotautoreturn":   "0",
+	"cmii-uas-lifecycle":         "0",
+	"cmii-uas-gateway":           "0",
+	"cmii-uav-fwdd":              "0",
+	"cmii-uav-sync":              "0",
+	"cmii-uavms-security-center": "0",
+	"cmii-uav-iot-manager":       "0",
+	"cmii-uas-datahub":           "0",
+}
+
+var IgnoreCmiiFrontendAppName = map[string]string{
+	"cmii-uav-platform-hljtt":          "0",
+	"cmii-uav-platform-jiangsuwenlv":   "0",
+	"cmii-uav-platform-qinghaitourism": "0",
+	"cmii-uav-platform-qingdao":        "0",
+	"cmii-uav-platform-uasms":          "0",
+	"cmii-uav-platform-uas":            "0",
+	"cmii-uav-platform-seniclive":      "0",
+}
+
+var CmiiMiddlewareNameMap = map[string]string{
+	"helm-nacos":    "single",
+	"helm-emqxs":    "single",
+	"helm-mysql":    "single",
+	"helm-redis":    "replication",
+	"helm-rabbitmq": "single",
+}
+
+var CmiiSrsAppMap = map[string]string{
+	"helm-live-op-v2":   "deployment",
+	"helm-live-rtsp-op": "4.1.6",
+	"helm-live-srs-rtc": "statefulset",
+}
+
+var CmiiGISAppMap = map[string]string{
+	"cmii-uav-gis-server":      "5.4.0",
+	"cmii-uav-grid-datasource": "5.4.0",
+	"cmii-uav-grid-engine":     "5.4.0",
+	"cmii-uav-grid-manage":     "5.4.0",
+}
+
+var MiddlewareAmd64 = []string{
+	"bitnami/redis:6.2.6-debian-10-r0",
+	"bitnami/redis:6.2.14-debian-11-r1",
+	"bitnami/mysql:8.0.35-debian-11-r1",
+	"bitnami/mysql:8.1.0-debian-11-r42",
+	"simonrupf/chronyd:0.4.3",
+	"bitnami/bitnami-shell:10-debian-10-r140",
+	"bitnami/bitnami-shell:11-debian-11-r136",
+	"bitnami/rabbitmq:3.9.12-debian-10-r3",
+	"bitnami/rabbitmq:3.11.26-debian-11-r2",
+	"ossrs/srs:v4.0.136",
+	"ossrs/srs:v5.0.195",
+	"ossrs/srs:v4.0-r3",
+	"emqx/emqx:4.4.19",
+	"emqx/emqx:5.5.1",
+	"nacos/nacos-server:v2.1.2",
+	"nacos/nacos-server:v2.1.2-slim",
+	"library/mongo:5.0",
+	"library/rabbitmq:3.9-management",
+	"bitnami/minio:2022.5.4",
+	"bitnami/minio:2023.5.4",
+	"minio/minio:RELEASE.2023-06-02T23-17-26Z",
+	"kubernetesui/dashboard:v2.0.1",
+	"kubernetesui/metrics-scraper:v1.0.4",
+	"library/nginx:1.21.3",
+	"library/redis:6.0.20-alpine",
+	"dyrnq/nfs-subdir-external-provisioner:v4.0.2",
+	"jerrychina2020/rke-tools:v0.175-linux",
+	"jerrychina2020/rke-tools:v0.175",
+	"library/busybox:latest",
+	"harbor.cdcyy.com.cn/cmii/doris.be-ubuntu:2.1.6",
+	"harbor.cdcyy.com.cn/cmii/doris.fe-ubuntu:2.1.6",
+	"harbor.cdcyy.com.cn/cmii/doris.k8s-operator:1.3.1",
+	"harbor.cdcyy.com.cn/cmii/alpine:latest",
+	"harbor.cdcyy.com.cn/cmii/nginx:1.27.0",
+}
+
+var Rancher1204Amd64 = []string{
+	"rancher/backup-restore-operator:v1.0.3",
+	"rancher/calico-cni:v3.17.2",
+	"rancher/calico-ctl:v3.17.2",
+	"rancher/calico-kube-controllers:v3.17.2",
+	"rancher/calico-node:v3.17.2",
+	"rancher/calico-pod2daemon-flexvol:v3.17.2",
+	"rancher/cis-operator:v1.0.3",
+	"rancher/cluster-proportional-autoscaler:1.7.1",
+	"rancher/coredns-coredns:1.8.0",
+	"rancher/coreos-etcd:v3.4.14-rancher1",
+	"rancher/coreos-kube-state-metrics:v1.9.7",
+	"rancher/coreos-prometheus-config-reloader:v0.39.0",
+	"rancher/coreos-prometheus-operator:v0.39.0",
+	"rancher/externalip-webhook:v0.1.6",
+	"rancher/flannel-cni:v0.3.0-rancher6",
+	"rancher/coreos-flannel:v0.13.0-rancher1",
+	"rancher/fleet-agent:v0.3.4",
+	"rancher/fleet:v0.3.4",
+	"rancher/fluentd:v0.1.24",
+	"rancher/grafana-grafana:7.1.5",
+	"rancher/hyperkube:v1.20.4-rancher1",
+	"rancher/jimmidyson-configmap-reload:v0.3.0",
+	"rancher/k8s-dns-dnsmasq-nanny:1.15.2",
+	"rancher/k8s-dns-kube-dns:1.15.2",
+	"rancher/k8s-dns-node-cache:1.15.13",
+	"rancher/k8s-dns-sidecar:1.15.2",
+	"rancher/klipper-lb:v0.1.2",
+	"rancher/kube-api-auth:v0.1.4",
+	"rancher/kubectl:v1.20.4",
+	"rancher/kubernetes-external-dns:v0.7.3",
+	"rancher/cluster-proportional-autoscaler:1.8.1",
+	"rancher/library-busybox:1.31.1",
+	"rancher/library-busybox:1.32.1",
+	"rancher/library-nginx:1.19.2-alpine",
+	"rancher/library-traefik:1.7.19",
+	"rancher/local-path-provisioner:v0.0.11",
+	"rancher/local-path-provisioner:v0.0.14",
+	"rancher/local-path-provisioner:v0.0.19",
+	"rancher/log-aggregator:v0.1.7",
+	"rancher/istio-kubectl:1.5.10",
+	"rancher/metrics-server:v0.4.1",
+	"rancher/configmap-reload:v0.3.0-rancher4",
+	"rancher/nginx-ingress-controller-defaultbackend:1.5-rancher1",
+	"rancher/nginx-ingress-controller:nginx-0.43.0-rancher1",
+	"rancher/opa-gatekeeper:v3.1.0-beta.7",
+	"rancher/openzipkin-zipkin:2.14.2",
+	"rancher/pause:3.2",
+	"rancher/plugins-docker:18.09",
+	"rancher/prom-alertmanager:v0.21.0",
+	"rancher/prom-node-exporter:v1.0.1",
+	"rancher/prom-prometheus:v2.18.2",
+	"rancher/prometheus-auth:v0.2.1",
+	"rancher/rancher-agent:v2.5.7",
+	"rancher/rancher-webhook:v0.1.0-beta9",
+	"rancher/rancher:v2.5.7",
+	"rancher/rke-tools:v0.1.72",
+	"rancher/security-scan:v0.1.14",
+	"rancher/security-scan:v0.2.2",
+	"rancher/shell:v0.1.6",
+	"rancher/sonobuoy-sonobuoy:v0.16.3",
+	"rancher/system-upgrade-controller:v0.6.2",
+}
+
+var CmiiSRSImageList = []string{
+	"harbor.cdcyy.com.cn/cmii/cmii-live-operator:5.2.0",
+	"harbor.cdcyy.com.cn/cmii/cmii-srs-oss-adaptor:2023-SA",
+}
+
+var Cmii530DemoImageList = []string{
+	"cmii-admin-data:5.2.0",
+	"cmii-admin-gateway:5.2.0",
+	"cmii-admin-user:5.2.0",
+	"cmii-app-release:4.2.0-validation",
+	"cmii-open-gateway:5.2.0",
+	"cmii-suav-supervision:5.2.0",
+	"cmii-uav-airspace:5.2.0",
+	"cmii-uav-alarm:5.2.0",
+	"cmii-uav-autowaypoint:4.1.6-cm-0828",
+	"cmii-uav-brain:5.2.0",
+	"cmii-uav-cloud-live:5.2.0",
+	"cmii-uav-clusters:5.2.0",
+	"cmii-uav-cms:5.2.0",
+	"cmii-uav-data-post-process:5.2.0",
+	"cmii-uav-depotautoreturn:4.2.0",
+	"cmii-uav-developer:5.2.0-25858",
+	"cmii-uav-device:5.2.0",
+	"cmii-uav-emergency:5.2.0",
+	"cmii-uav-gateway:5.2.0",
+	"cmii-uav-gis-server:5.2.0",
+	"cmii-uav-grid-datasource:5.2.0-24810",
+	"cmii-uav-grid-engine:5.1.0",
+	"cmii-uav-grid-manage:5.1.0",
+	"cmii-uav-industrial-portfolio:5.2.0-25268-12",
+	"cmii-uav-integration:5.2.0-25447",
+	"cmii-uav-kpi-monitor:5.2.0",
+	"cmii-uav-logger:5.2.0",
+	"cmii-uav-material-warehouse:5.2.0",
+	"cmii-uav-mission:5.2.0-25840",
+	"cmii-uav-mqtthandler:5.2.0-25340-1",
+	"cmii-uav-notice:5.2.0",
+	"cmii-uav-oauth:5.2.0",
+	"cmii-uav-process:5.2.0",
+	"cmii-uav-surveillance:5.2.0-21794",
+	"cmii-uav-threedsimulation:5.2.0",
+	"cmii-uav-tower:5.3.0",
+	"cmii-uav-user:5.2.0",
+	"cmii-uav-waypoint:5.2.0-011102",
+	"cmii-suav-platform-supervision:5.2.0",
+	"cmii-suav-platform-supervisionh5:5.2.0",
+	"cmii-uav-platform:5.2.0",
+	"cmii-uav-platform-ai-brain:5.2.0",
+	"cmii-uav-platform-armypeople:5.2.0-24538",
+	"cmii-uav-platform-base:5.2.0",
+	"cmii-uav-platform-cms-portal:5.2.0",
+	"cmii-uav-platform-detection:5.2.0",
+	"cmii-uav-platform-emergency-rescue:5.2.0",
+	"cmii-uav-platform-hljtt:5.2.0",
+	"cmii-uav-platform-jiangsuwenlv:4.1.3-jiangsu-0427",
+	"cmii-uav-platform-logistics:5.2.0",
+	"cmii-uav-platform-media:5.2.0",
+	"cmii-uav-platform-multiterminal:5.2.0",
+	"cmii-uav-platform-mws:5.2.0",
+	"cmii-uav-platform-oms:5.2.0",
+	"cmii-uav-platform-open:5.2.0",
+	"cmii-uav-platform-qingdao:4.1.6-24238-qingdao",
+	"cmii-uav-platform-qinghaitourism:4.1.0-21377-0508",
+	"cmii-uav-platform-security:4.1.6",
+	"cmii-uav-platform-securityh5:5.2.0",
+	"cmii-uav-platform-seniclive:5.2.0",
+	"cmii-uav-platform-share:5.2.0",
+	"cmii-uav-platform-splice:5.2.0",
+	"cmii-uav-platform-threedsimulation:5.2.0-21392",
+	"cmii-uav-platform-visualization:5.2.0",
+}
+
+var Cmii520DemoImageList = []string{
+	"cmii-admin-data:5.2.0",
+	"cmii-admin-gateway:5.2.0",
+	"cmii-admin-user:5.2.0",
+	"cmii-app-release:4.2.0-validation",
+	"cmii-open-gateway:5.2.0",
+	"cmii-suav-supervision:5.2.0",
+	"cmii-uav-airspace:5.2.0",
+	"cmii-uav-alarm:5.2.0",
+	"cmii-uav-autowaypoint:4.1.6-cm-0828",
+	"cmii-uav-brain:5.2.0",
+	"cmii-uav-cloud-live:5.2.0",
+	"cmii-uav-clusters:5.2.0",
+	"cmii-uav-cms:5.2.0",
+	"cmii-uav-data-post-process:5.2.0",
+	"cmii-uav-depotautoreturn:4.2.0",
+	"cmii-uav-developer:5.2.0-25858",
+	"cmii-uav-device:5.2.0",
+	"cmii-uav-emergency:5.2.0",
+	"cmii-uav-gateway:5.2.0",
+	"cmii-uav-gis-server:5.2.0",
+	"cmii-uav-grid-datasource:5.2.0-24810",
+	"cmii-uav-grid-engine:5.1.0",
+	"cmii-uav-grid-manage:5.1.0",
+	"cmii-uav-industrial-portfolio:5.2.0-25268-12",
+	"cmii-uav-integration:5.2.0-25447",
+	"cmii-uav-kpi-monitor:5.2.0",
+	"cmii-uav-logger:5.2.0",
+	"cmii-uav-material-warehouse:5.2.0",
+	"cmii-uav-mission:5.2.0-25840",
+	"cmii-uav-mqtthandler:5.2.0-25340-1",
+	"cmii-uav-notice:5.2.0",
+	"cmii-uav-oauth:5.2.0",
+	"cmii-uav-process:5.2.0",
+	"cmii-uav-surveillance:5.2.0-21794",
+	"cmii-uav-threedsimulation:5.2.0",
+	"cmii-uav-tower:5.3.0",
+	"cmii-uav-user:5.2.0",
+	"cmii-uav-waypoint:5.2.0-011102",
+	"cmii-suav-platform-supervision:5.2.0",
+	"cmii-suav-platform-supervisionh5:5.2.0",
+	"cmii-uav-platform:5.2.0",
+	"cmii-uav-platform-ai-brain:5.2.0",
+	"cmii-uav-platform-armypeople:5.2.0-24538",
+	"cmii-uav-platform-base:5.2.0",
+	"cmii-uav-platform-cms-portal:5.2.0",
+	"cmii-uav-platform-detection:5.2.0",
+	"cmii-uav-platform-emergency-rescue:5.2.0",
+	"cmii-uav-platform-hljtt:5.2.0",
+	"cmii-uav-platform-jiangsuwenlv:4.1.3-jiangsu-0427",
+	"cmii-uav-platform-logistics:5.2.0",
+	"cmii-uav-platform-media:5.2.0",
+	"cmii-uav-platform-multiterminal:5.2.0",
+	"cmii-uav-platform-mws:5.2.0",
+	"cmii-uav-platform-oms:5.2.0",
+	"cmii-uav-platform-open:5.2.0",
+	"cmii-uav-platform-qingdao:4.1.6-24238-qingdao",
+	"cmii-uav-platform-qinghaitourism:4.1.0-21377-0508",
+	"cmii-uav-platform-security:4.1.6",
+	"cmii-uav-platform-securityh5:5.2.0",
+	"cmii-uav-platform-seniclive:5.2.0",
+	"cmii-uav-platform-share:5.2.0",
+	"cmii-uav-platform-splice:5.2.0",
+	"cmii-uav-platform-threedsimulation:5.2.0-21392",
+	"cmii-uav-platform-visualization:5.2.0",
+}

agent-deploy/d_app/DeployCmiiApp.go

@@ -0,0 +1,189 @@
+package d_app
+
+import (
+	"github.com/go-playground/validator/v10"
+	"os"
+	"wdd.io/agent-common/logger"
+	"wdd.io/agent-common/utils"
+	"wdd.io/agent-deploy/z_dep"
+)
+
+var (
+	DefaultCmiiBackendConfig  = &CmiiBackendConfig{}
+	DefaultCmiiFrontendConfig = &CmiiFrontendConfig{}
+	DefaultIngressConfig      = &IngressConfig{
+		FrontendShortNameMaps:  FrontendShortNameMaps,
+		BackendImageVersionMap: CmiiBackendAppMap,
+	}
+
+	log = logger.Log
+)
+
+type CmiiBackendConfig struct {
+	z_dep.CommonEnvironmentConfig
+	AppName      string `json:"app_name,omitempty" validate:"required"`
+	ImageTag     string `json:"image_tag,omitempty" validate:"required"`
+	Replicas     string `json:"replicas,omitempty"  validate:"required" default:"1"`
+	NodePort     string `json:"node_port,omitempty"`
+	NeedPvcCache bool   `json:"need_pvc_cache,omitempty"`
+	CustomJvmOpt string `json:"custom_jvm_opt,omitempty"`
+}
+
+type CmiiFrontendConfig struct {
+	z_dep.CommonEnvironmentConfig `json:"z___dep_._common_environment_config"`
+	AppName                       string `json:"app_name,omitempty" validate:"required"`
+	ImageTag                      string `json:"image_tag,omitempty" validate:"required"`
+	Replicas                      string `json:"replicas,omitempty" validate:"required" default:"1"`
+	ShortName                     string `json:"short_name,omitempty" validate:"required"`
+	ClientId                      string
+}
+
+type CmiiSrsConfig struct {
+	z_dep.CommonEnvironmentConfig
+	RtmpPort              string
+	WebRTCPort            string
+	SrtPort               string
+	WebApiPort            string
+	MySQLK8sAdminPassword string
+}
+
+type IngressConfig struct {
+	z_dep.CommonEnvironmentConfig
+	FrontendShortNameMaps  map[string]string
+	BackendImageVersionMap map[string]string `json:"backend_image_version_map,omitempty" validate:"required"`
+}
+
+func (backend *CmiiBackendConfig) BackendDeploy(common *z_dep.CommonEnvironmentConfig) bool {
+
+	// copy
+	utils.CopySameFields(common, backend)
+
+	validate := validator.New()
+	err := validate.Struct(backend)
+	if err != nil {
+		log.ErrorF("backend config validate error: %v\n", err)
+		return false
+	}
+
+	if !z_dep.ParseEnvToApplyFile(backend, CmiiBackendDeploymentTemplate, z_dep.BackendApplyFilePath) {
+		return false
+	}
+	if !z_dep.ParseEnvToApplyFile(backend, CmiiBackendServiceTemplate, z_dep.BackendApplyFilePath) {
+		return false
+	}
+
+	// pvc
+	if backend.NeedPvcCache {
+		if !z_dep.ParseEnvToApplyFile(backend, CmiiBackendPVCTemplate, z_dep.BackendApplyFilePath) {
+			return false
+		}
+	}
+
+	return true
+}
+
+func (frontend *CmiiFrontendConfig) FrontendDeploy(common *z_dep.CommonEnvironmentConfig) bool {
+
+	// copy
+	utils.CopySameFields(common, frontend)
+
+	validate := validator.New()
+	err := validate.Struct(frontend)
+	if err != nil {
+		log.ErrorF("backend config validate error: %v\n", err)
+		return false
+	}
+
+	if !z_dep.ParseEnvToApplyFile(frontend, CmiiFrontendDeploymentTemplate, z_dep.FrontendApplyFilePath) {
+		return false
+	}
+	if !z_dep.ParseEnvToApplyFile(frontend, CmiiFrontendServiceTemplate, z_dep.FrontendApplyFilePath) {
+		return false
+	}
+
+	return true
+}
+
+func (frontend *CmiiFrontendConfig) ConfigMapDeploy(commonEnv *z_dep.CommonEnvironmentConfig) bool {
+
+	// copy
+	utils.CopySameFields(commonEnv, frontend)
+
+	// manual validate
+	if frontend.ShortName == "" || frontend.ClientId == "" {
+		log.ErrorF("short name or client id is empty !")
+		return false
+	}
+
+	return z_dep.ParseEnvToApplyFile(frontend, CmiiFrontendConfigMapTemplate, z_dep.ConfigMapApplyFilePath)
+}
+
+func (ingress *IngressConfig) IngressDeploy(commonEnv *z_dep.CommonEnvironmentConfig) bool {
+	// copy
+	utils.CopySameFields(commonEnv, ingress)
+
+	// manual validate
+	if ingress.FrontendShortNameMaps == nil || len(ingress.FrontendShortNameMaps) == 0 {
+		log.Error("frontend short name is empty !")
+		return false
+	}
+
+	if ingress.BackendImageVersionMap == nil || len(ingress.BackendImageVersionMap) == 0 {
+		log.Error("backend image version map is empty !")
+		return false
+	}
+
+	if !z_dep.ParseEnvToApplyFile(ingress, CmiiFrontendIngressTemplate, z_dep.IngresApplyFilePath) {
+		return false
+	}
+
+	if !z_dep.ParseEnvToApplyFile(ingress, CmiiBackendIngressTemplate, z_dep.IngresApplyFilePath) {
+		return false
+	}
+
+	if !z_dep.ParseEnvToApplyFile(ingress, CmiiGatewayIngressTemplate, z_dep.IngresApplyFilePath) {
+		return false
+	}
+
+	return true
+}
+
+func (srsConfig *CmiiSrsConfig) SRSDeploy(commonEnv *z_dep.CommonEnvironmentConfig) bool {
+	// copy
+	utils.CopySameFields(commonEnv, srsConfig)
+
+	if srsConfig.MinioInnerIP == "" {
+		log.Error("minio inner ip is nil !")
+		return false
+	}
+
+	if !z_dep.ParseEnvToApplyFile(srsConfig, CmiiSrsTemplate, z_dep.SRSApplyFilePath) {
+		return false
+	}
+	return true
+}
+
+func IngressDeploy(commonEnv *z_dep.CommonEnvironmentConfig) bool {
+	if !commonEnv.ParseCommonEnvToApplyFile(CmiiFrontendIngressTemplate, z_dep.IngresApplyFilePath) {
+		return false
+	}
+
+	if !commonEnv.ParseCommonEnvToApplyFile(CmiiBackendIngressTemplate, z_dep.IngresApplyFilePath) {
+		return false
+	}
+
+	if !commonEnv.ParseCommonEnvToApplyFile(CmiiGatewayIngressTemplate, z_dep.IngresApplyFilePath) {
+		return false
+	}
+
+	return true
+}
+
+func SRSDeploy(commonEnv *z_dep.CommonEnvironmentConfig) bool {
+	os.Remove(z_dep.SRSApplyFilePath)
+	return commonEnv.ParseCommonEnvToApplyFile(CmiiSrsTemplate, z_dep.SRSApplyFilePath)
+}
+
+func FrontendDefaultNginxDeploy(commonEnv *z_dep.CommonEnvironmentConfig) bool {
+	return commonEnv.ParseCommonEnvToApplyFile(CmiiFrontendDefaultNginxConfTemplate, z_dep.FrontendApplyFilePath)
+}

agent-deploy/d_app/DeployCmiiApp_test.go

@@ -0,0 +1,18 @@
+package d_app
+
+import (
+	"testing"
+)
+
+func TestCmiiBackendDeploymentConfig_ParseToApplyConf(t *testing.T) {
+
+	deploymentConfig := CmiiBackendConfig{
+		Namespace:    "uavcloud-dev",
+		AppName:      "cmii-uav-gateway",
+		ImageTag:     "5.2.0-123",
+		Replicas:     "2",
+		NodePort:     "31213",
+		NeedPvcCache: true,
+	}
+
+}

agent-deploy/d_app/FrontendConfigMap.go

@@ -0,0 +1,97 @@
+package d_app
+
+var FrontendShortNameMaps = map[string]string{
+	"cmii-suav-platform-supervision":      "supervision",
+	"cmii-suav-platform-supervisionh5":    "supervisionh5",
+	"cmii-uav-platform":                   "pangu",
+	"cmii-uav-platform-ai-brain":          "ai-brain",
+	"cmii-uav-platform-armypeople":        "armypeople",
+	"cmii-uav-platform-base":              "base",
+	"cmii-uav-platform-cms-portal":        "cmsportal",
+	"cmii-uav-platform-detection":         "detection",
+	"cmii-uav-platform-emergency-rescue":  "emergency",
+	"cmii-uav-platform-logistics":         "logistics",
+	"cmii-uav-platform-media":             "media",
+	"cmii-uav-platform-multiterminal":     "multiterminal",
+	"cmii-uav-platform-mws":               "mws",
+	"cmii-uav-platform-oms":               "oms",
+	"cmii-uav-platform-open":              "open",
+	"cmii-uav-platform-security":          "security",
+	"cmii-uav-platform-securityh5":        "securityh5",
+	"cmii-uav-platform-seniclive":         "seniclive",
+	"cmii-uav-platform-share":             "share",
+	"cmii-uav-platform-splice":            "splice",
+	"cmii-uav-platform-traffic":           "traffic",
+	"cmii-uav-platform-threedsimulation":  "threedsimulation",
+	"cmii-uav-platform-jiangsuwenlv":      "jiangsuwenlv",
+	"cmii-uav-platform-qinghaitourism":    "qinghaitourism",
+	"cmii-uav-platform-qingdao":           "qingdao",
+	"cmii-uav-platform-hljtt":             "hljtt",
+	"cmii-uav-platform-visualization":     "visualization",
+	"cmii-uav-platform-uasms":             "uasms",
+	"cmii-uav-platform-uas":               "uas",
+	"cmii-uav-platform-dispatchh5":        "dispatchh5",
+	"cmii-uav-platform-pilot2-to-cloud":   "pilot2cloud",
+	"cmii-uav-platform-hyperspectral":     "hyper",
+	"cmii-uav-platform-scanner":           "scanner",
+	"cmii-uav-platform-blockchain":        "blockchain",
+	"cmii-uav-platform-smsecret":          "smsecret",
+	"cmii-uav-platform-classification":    "classification",
+	"cmii-uav-platform-smauth":            "smauth",
+	"cmii-uavms-platform-security-center": "secenter",
+	"cmii-uav-platform-eventsh5":          "eventsh5",
+	"cmii-uav-platform-mianyangbackend":   "mianyangbackend",
+	"cmii-uav-platform-dikongzhixingh5":   "dikongzhixingh5",
+	"cmii-uavms-platform-manager":         "uavmsmanager",
+	"cmii-uav-platform-renyike":           "renyike",
+	"cmii-uav-platform-awareness":         "awareness",
+	"cmii-uav-platform-flight-control":    "flight-control",
+}
+
+var FrontendClientIdMaps = map[string]string{
+	"cmii-suav-platform-supervision":      "APP_qqSu82THfexI8PLM",
+	"cmii-suav-platform-supervisionh5":    "APP_qqSu82THfexI8PLM",
+	"cmii-uav-platform":                   "empty",
+	"cmii-uav-platform-ai-brain":          "APP_rafnuCAmBESIVYMH",
+	"cmii-uav-platform-armypeople":        "APP_UIegse6Lfou9pO1U",
+	"cmii-uav-platform-base":              "APP_9LY41OaKSqk2btY0",
+	"cmii-uav-platform-cms-portal":        "empty",
+	"cmii-uav-platform-detection":         "APP_FDHW2VLVDWPnnOCy",
+	"cmii-uav-platform-emergency-rescue":  "APP_aGsTAY1uMZrpKdfk",
+	"cmii-uav-platform-logistics":         "APP_PvdfRRRBPL8xbIwl",
+	"cmii-uav-platform-media":             "APP_4AU8lbifESQO4FD6",
+	"cmii-uav-platform-multiterminal":     "APP_PvdfRRRBPL8xbIwl",
+	"cmii-uav-platform-mws":               "APP_uKniXPELlRERBBwK",
+	"cmii-uav-platform-oms":               "empty",
+	"cmii-uav-platform-open":              "empty",
+	"cmii-uav-platform-qingdao":           "empty",
+	"cmii-uav-platform-qinghaitourism":    "empty",
+	"cmii-uav-platform-security":          "APP_JUSEMc7afyWXxvE7",
+	"cmii-uav-platform-securityh5":        "APP_N3ImO0Ubfu9peRHD",
+	"cmii-uav-platform-seniclive":         "empty",
+	"cmii-uav-platform-share":             "APP_4lVSVI0ZGxTssir8",
+	"cmii-uav-platform-splice":            "APP_zE0M3sTRXrCIJS8Y",
+	"cmii-uav-platform-threedsimulation":  "empty",
+	"cmii-uav-platform-visualization":     "empty",
+	"cmii-uav-platform-traffic":           "APP_Jc8i2wOQ1t73QEJS",
+	"cmii-uav-platform-jiangsuwenlv":      "empty",
+	"cmii-uav-platform-hljtt":             "empty",
+	"cmii-uav-platform-uasms":             "empty",
+	"cmii-uav-platform-uas":               "empty",
+	"cmii-uav-platform-dispatchh5":        "empty",
+	"cmii-uav-platform-pilot2-to-cloud":   "empty",
+	"cmii-uav-platform-hyperspectral":     "empty",
+	"cmii-uav-platform-scanner":           "empty",
+	"cmii-uav-platform-blockchain":        "empty",
+	"cmii-uav-platform-smsecret":          "empty",
+	"cmii-uav-platform-classification":    "empty",
+	"cmii-uav-platform-smauth":            "empty",
+	"cmii-uavms-platform-security-center": "empty",
+	"cmii-uav-platform-eventsh5":          "empty",
+	"cmii-uav-platform-mianyangbackend":   "empty",
+	"cmii-uav-platform-dikongzhixingh5":   "empty",
+	"cmii-uavms-platform-manager":         "empty",
+	"cmii-uav-platform-renyike":           "empty",
+	"cmii-uav-platform-awareness":         "empty",
+	"cmii-uav-platform-flight-control":    "empty",
+}

agent-deploy/d_app/TemplateCmiiBackend.go

@@ -0,0 +1,228 @@
+package d_app
+
+const CmiiBackendDeploymentTemplate = `
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ .AppName }}
+  namespace: {{ .Namespace }}
+  labels:
+    cmii.type: backend
+    cmii.app: {{ .AppName }}
+    octopus/control: backend-app-1.0.0
+    app.kubernetes.io/managed-by: octopus
+    app.kubernetes.io/app-version: {{ .TagVersion }}
+spec:
+  replicas: {{ .Replicas }}
+  strategy:
+    rollingUpdate:
+      maxUnavailable: 1
+  selector:
+    matchLabels:
+      cmii.type: backend
+      cmii.app: {{ .AppName }}
+  template:
+    metadata:
+      labels:
+        cmii.type: backend
+        cmii.app: {{ .AppName }}
+    spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+              - matchExpressions:
+                  - key: uavcloud.env
+                    operator: In
+                    values:
+                      {{- if .TenantEnv }}
+                      - {{ .TenantEnv }}
+                      {{- else }}
+                      - {{ .Namespace }}
+                      {{- end }}
+      imagePullSecrets:
+        - name: harborsecret
+      containers:
+        - name: {{ .AppName }}
+	      {{- if .HarborPort }}
+          image: {{ .HarborIPOrCustomImagePrefix }}:{{ .HarborPort }}/cmii/{{ .AppName }}:{{ .ImageTag }}
+          {{- else }}
+          image: {{ .HarborIPOrCustomImagePrefix }}{{ .AppName }}:{{ .ImageTag }}
+          {{- end }}
+          imagePullPolicy: Always
+          env:
+            - name: K8S_NAMESPACE
+              value: {{ .Namespace }}
+            - name: APPLICATION_NAME
+              value: {{ .AppName }}
+            - name: CUST_JAVA_OPTS
+              value: "-Xms200m -Xmx1500m -Dlog4j2.formatMsgNoLookups=true"
+            - name: NACOS_REGISTRY
+              value: "helm-nacos:8848"
+            - name: NACOS_DISCOVERY_IP
+              valueFrom:
+                fieldRef:
+                  fieldPath: status.podIP
+            - name: NACOS_DISCOVERY_PORT
+              value: "8080"
+            - name: BIZ_CONFIG_GROUP
+              value: {{ .TagVersion }}
+            - name: SYS_CONFIG_GROUP
+              value: {{ .TagVersion }}
+            - name: IMAGE_VERSION
+              value: {{ .TagVersion }}
+            - name: NACOS_USERNAME
+              value: "developer"
+            - name: NACOS_PASSWORD
+              value: "Deve@9128201"
+            - name: POD_NAME
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.name
+            - name: POD_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.namespace
+            - name: NODE_NAME
+              valueFrom:
+                fieldRef:
+                  fieldPath: spec.nodeName
+            - name: NODE_IP
+              valueFrom:
+                fieldRef:
+                  fieldPath: status.hostIP
+            - name: LIMIT_CPU
+              valueFrom:
+                resourceFieldRef:
+                  containerName: {{ .AppName }}
+                  resource: limits.cpu
+            - name: LIMIT_MEMORY
+              valueFrom:
+                resourceFieldRef:
+                  containerName: {{ .AppName }}
+                  resource: limits.memory
+            - name: REQUEST_CPU
+              valueFrom:
+                resourceFieldRef:
+                  containerName: {{ .AppName }}
+                  resource: requests.cpu
+            - name: REQUEST_MEMORY
+              valueFrom:
+                resourceFieldRef:
+                  containerName: {{ .AppName }}
+                  resource: requests.memory
+          ports:
+            - name: pod-port
+              containerPort: 8080
+              protocol: TCP
+          resources:
+             limits:
+               memory: 2Gi
+               cpu: "2"
+             requests:
+               memory: 200Mi
+               cpu: 200m
+          livenessProbe:
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            timeoutSeconds: 5
+            periodSeconds: 20
+            successThreshold: 1
+            failureThreshold: 3
+          readinessProbe:
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            timeoutSeconds: 5
+            periodSeconds: 20
+            successThreshold: 1
+            failureThreshold: 3
+          startupProbe:
+            httpGet:
+              path: /cmii/health
+              port: pod-port
+              scheme: HTTP
+            initialDelaySeconds: 60
+            timeoutSeconds: 3
+            periodSeconds: 20
+            successThreshold: 1
+            failureThreshold: 5
+          volumeMounts:
+            - name: nfs-backend-log-volume
+              mountPath: /cmii/logs
+              readOnly: false
+              subPath: {{ .Namespace }}/{{ .AppName }}
+            {{- if .NeedPvcCache }}
+            - name: data-cache-volume
+              mountPath: /cmii/cache
+              readOnly: false
+              subPath: {{ .Namespace }}/{{ .AppName }}
+            {{- end }}
+      volumes:
+        - name: nfs-backend-log-volume
+          persistentVolumeClaim:
+            claimName: nfs-backend-log-pvc
+        {{- if .NeedPvcCache }}
+        - name: data-cache-volume
+          persistentVolumeClaim:
+            claimName: {{ .AppName }}-cache
+		{{- end }}
+`
+
+const CmiiBackendServiceTemplate = `
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ .AppName }}
+  namespace: {{ .Namespace }}
+  labels:
+    cmii.type: backend
+    cmii.app: {{ .AppName }}
+    octopus/control: backend-app-1.0.0
+    app.kubernetes.io/managed-by: octopus
+    app.kubernetes.io/app-version: {{ .TagVersion }}
+spec:
+  {{- if .NodePort }}
+  type: NodePort
+  {{- else }}
+  type: ClusterIP
+  {{- end }}
+  selector:
+    cmii.type: backend
+    cmii.app: {{ .AppName }}
+  ports:
+    - name: backend-tcp
+      port: 8080
+      protocol: TCP
+      targetPort: 8080
+      {{- if .NodePort }}
+      nodePort: {{ .NodePort }}
+	  {{- end }}
+`
+
+const CmiiBackendPVCTemplate = `
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: {{ .AppName }}-cache
+  namespace: {{ .Namespace }}
+  labels:
+    cmii.type: backend
+    cmii.app: {{ .AppName }}
+    octopus/control: backend-app-1.0.0
+    app.kubernetes.io/managed-by: octopus
+    app.kubernetes.io/app-version: {{ .TagVersion }}
+spec:
+  storageClassName: nfs-prod-distribute
+  accessModes:
+    - ReadWriteMany
+  volumeMode: Filesystem
+  resources:
+    requests:
+      storage: 15Gi
+`

agent-deploy/d_app/TemplateCmiiFrontend.go

@@ -0,0 +1,98 @@
+package d_app
+
+const CmiiFrontendDeploymentTemplate = `
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ .AppName }}
+  namespace: {{ .Namespace }}
+  labels:
+    cmii.type: frontend
+    cmii.app: {{ .AppName }}
+    octopus.control: frontend-app-wdd
+    app.kubernetes.io/app-version: {{ .TagVersion }}
+spec:
+  replicas: {{ .Replicas }}
+  strategy:
+    rollingUpdate:
+      maxUnavailable: 1
+  selector:
+    matchLabels:
+      cmii.type: frontend
+      cmii.app: {{ .AppName }}
+  template:
+    metadata:
+      labels:
+        cmii.type: frontend
+        cmii.app: {{ .AppName }}
+    spec:
+      imagePullSecrets:
+        - name: harborsecret
+      containers:
+        - name: {{ .AppName }}
+          {{- if .HarborPort }}
+          image: {{ .HarborIPOrCustomImagePrefix }}:{{ .HarborPort }}/cmii/{{ .AppName }}:{{ .ImageTag }}
+          {{- else }}
+          image: {{ .HarborIPOrCustomImagePrefix }}{{ .AppName }}:{{ .ImageTag }}
+          {{- end }}
+          imagePullPolicy: Always
+          env:
+            - name: K8S_NAMESPACE
+              value: {{ .Namespace }}
+            - name: APPLICATION_NAME
+              value: {{ .AppName }}
+          ports:
+            - name: platform-9528
+              containerPort: 9528
+              protocol: TCP
+          resources:
+            limits:
+              cpu: "1"
+              memory: 1Gi
+            requests:
+              cpu: 50m
+              memory: 50Mi
+          volumeMounts:
+            - name: nginx-conf
+              mountPath: /etc/nginx/conf.d/nginx.conf
+              subPath: nginx.conf
+            - name: tenant-prefix
+              subPath: ingress-config.js
+              mountPath: /home/cmii-platform/dist/ingress-config.js
+      volumes:
+        - name: nginx-conf
+          configMap:
+            name: nginx-cm
+            items:
+              - key: nginx.conf
+                path: nginx.conf
+        - name: tenant-prefix
+          configMap:
+            name: tenant-prefix-{{ .ShortName }}
+            items:
+              - key: ingress-config.js
+                path: ingress-config.js
+`
+
+const CmiiFrontendServiceTemplate = `
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ .AppName }}
+  namespace: {{ .Namespace }}
+  labels:
+    cmii.type: frontend
+    cmii.app: {{ .AppName }}
+    octopus.control: frontend-app-wdd
+    app.kubernetes.io/version: {{ .TagVersion }}
+spec:
+  type: ClusterIP
+  selector:
+    cmii.type: frontend
+    cmii.app: {{ .AppName }}
+  ports:
+    - name: web-svc-port
+      port: 9528
+      protocol: TCP
+      targetPort: 9528
+`

agent-deploy/d_app/TemplateCmiiSRS.go

@@ -0,0 +1,515 @@
+package d_app
+
+const CmiiSrsTemplate = `
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: helm-live-srs-cm
+  namespace: {{ .Namespace }}
+  labels:
+    cmii.app: live-srs
+    cmii.type: live
+    octopus.control: wdd
+    app.kubernetes.io/managed-by: octopus
+    helm.sh/chart: cmlc-live-srs-rtc-2.0.0
+data:
+  srs.rtc.conf: |-
+    listen              {{ .RtmpPort }};
+    max_connections     4096;
+    srs_log_tank        console;
+    srs_log_level       info;
+    srs_log_file        /home/srs.log;
+    daemon              off;
+    http_api {
+        enabled         on;
+        listen          1985;
+        crossdomain     on;
+    }
+    stats {
+        network         0;
+    }
+    http_server {
+        enabled         on;
+        listen          8080;
+        dir             /home/hls;
+    }
+    srt_server {
+        enabled         on;
+        listen          30556;
+        maxbw           1000000000;
+        connect_timeout 4000;
+        peerlatency     600;
+        recvlatency     600;
+    }
+    rtc_server {
+        enabled         on;
+        listen          {{ .WebRTCPort }};
+        candidate       $CANDIDATE;
+    }
+    vhost __defaultVhost__ {
+        http_hooks {
+            enabled       on;
+            on_publish    http://helm-live-op-svc-v2:8080/hooks/on_push;
+        }
+        http_remux {
+            enabled     on;
+        }
+        rtc {
+            enabled     on;
+            rtmp_to_rtc on;
+            rtc_to_rtmp on;
+            keep_bframe off;
+        }
+        tcp_nodelay     on;
+        min_latency     on;
+        play {
+            gop_cache       off;
+            mw_latency      100;
+            mw_msgs         10;
+        }
+        publish {
+            firstpkt_timeout    8000;
+            normal_timeout      4000;
+            mr on;
+        }
+        dvr {
+            enabled         off;
+            dvr_path        /home/dvr/[app]/[stream]/[2006][01]/[timestamp].mp4;
+            dvr_plan        session;
+        }
+        hls {
+            enabled          on;
+            hls_path         /home/hls;
+            hls_fragment     10;
+            hls_window       60;
+            hls_m3u8_file    [app]/[stream].m3u8;
+            hls_ts_file      [app]/[stream]/[2006][01][02]/[timestamp]-[duration].ts;
+            hls_cleanup      on;
+	        {{- if .WebPort }}
+            hls_entry_prefix http://{{ .WebIP }}:{{ .WebPort }};
+            {{- else }}
+            hls_entry_prefix http://{{ .WebIP }};
+            {{- end }}
+        }
+    }
+---
+kind: Service
+apiVersion: v1
+metadata:
+  name: helm-live-srs-svc-exporter
+  namespace: {{ .Namespace }}
+  labels:
+    octopus.control: wdd
+    app.kubernetes.io/managed-by: octopus
+spec:
+  ports:
+    - name: rtmp
+      protocol: TCP
+      port: {{ .RtmpPort }}
+      targetPort: {{ .RtmpPort }}
+      nodePort: {{ .RtmpPort }}
+    - name: rtc
+      protocol: UDP
+      port: {{ .WebRTCPort }}
+      targetPort: {{ .WebRTCPort }}
+      nodePort: {{ .WebRTCPort }}
+    - name: rtc-tcp
+      protocol: TCP
+      port: {{ .WebRTCPort }}
+      targetPort: {{ .WebRTCPort }}
+      nodePort: {{ .WebRTCPort }}
+    - name: srt
+      protocol: UDP
+      port: 30556
+      targetPort: 30556
+      nodePort: {{ .SrtPort }}
+    - name: api
+      protocol: TCP
+      port: 1985
+      targetPort: 1985
+      nodePort: {{ .WebApiPort }}
+  selector:
+    srs-role: rtc
+  type: NodePort
+  sessionAffinity: None
+  externalTrafficPolicy: Cluster
+
+---
+kind: Service
+apiVersion: v1
+metadata:
+  name: helm-live-srs-svc
+  namespace: {{ .Namespace }}
+  labels:
+    octopus.control: wdd
+    app.kubernetes.io/managed-by: octopus
+spec:
+  ports:
+    - name: http
+      protocol: TCP
+      port: 8080
+      targetPort: 8080
+    - name: api
+      protocol: TCP
+      port: 1985
+      targetPort: 1985
+  selector:
+    srs-role: rtc
+  type: ClusterIP
+  sessionAffinity: None
+
+---
+kind: Service
+apiVersion: v1
+metadata:
+  name: helm-live-srsrtc-svc
+  namespace: {{ .Namespace }}
+  labels:
+    octopus.control: wdd
+    app.kubernetes.io/managed-by: octopus
+spec:
+  ports:
+    - name: rtmp
+      protocol: TCP
+      port: {{ .RtmpPort }}
+      targetPort: {{ .RtmpPort }}
+  selector:
+    srs-role: rtc
+  type: ClusterIP
+  sessionAffinity: None
+
+---
+kind: StatefulSet
+apiVersion: apps/v1
+metadata:
+  name: helm-live-srs-rtc
+  namespace: {{ .Namespace }}
+  labels:
+    octopus.control: wdd
+    app.kubernetes.io/managed-by: octopus
+    cmii.app: live-srs
+    cmii.type: live
+    helm.sh/chart: cmlc-live-srs-rtc-2.0.0
+    srs-role: rtc
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      srs-role: rtc
+  template:
+    metadata:
+      labels:
+        srs-role: rtc
+    spec:
+      volumes:
+        - name: srs-conf-file
+          configMap:
+            name: helm-live-srs-cm
+            items:
+              - key: srs.rtc.conf
+                path: docker.conf
+            defaultMode: 420
+        - name: srs-vol
+          emptyDir:
+            sizeLimit: 8Gi
+      containers:
+        - name: srs-rtc
+          {{- if .HarborPort }}
+          image: {{ .HarborIPOrCustomImagePrefix }}:{{ .HarborPort }}/cmii/srs:v5.0.195
+          {{- else }}
+          image: {{ .HarborIPOrCustomImagePrefix }}srs:v5.0.195
+          {{- end }}
+          ports:
+            - name: srs-rtmp
+              containerPort: {{ .RtmpPort }}
+              protocol: TCP
+            - name: srs-api
+              containerPort: 1985
+              protocol: TCP
+            - name: srs-flv
+              containerPort: 8080
+              protocol: TCP
+            - name: srs-webrtc
+              containerPort: {{ .WebRTCPort }}
+              protocol: UDP
+            - name: srs-webrtc-tcp
+              containerPort: {{ .WebRTCPort }}
+              protocol: TCP
+            - name: srs-srt
+              containerPort: 30556
+              protocol: UDP
+          env:
+            - name: CANDIDATE
+              value: {{ .WebIP }}
+          resources:
+            limits:
+              cpu: 2000m
+              memory: 4Gi
+            requests:
+              cpu: 100m
+              memory: 256Mi
+          volumeMounts:
+            - name: srs-conf-file
+              mountPath: /usr/local/srs/conf/docker.conf
+              subPath: docker.conf
+            - name: srs-vol
+              mountPath: /home/dvr
+              subPath: {{ .Namespace }}/helm-live/dvr
+            - name: srs-vol
+              mountPath: /home/hls
+              subPath: {{ .Namespace }}/helm-live/hls
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          imagePullPolicy: Always
+        - name: oss-adaptor
+          {{- if .HarborPort }}
+          image: {{ .HarborIPOrCustomImagePrefix }}:{{ .HarborPort }}/cmii/cmii-srs-oss-adaptor:2023-SA-skip-CHL
+          {{- else }}
+          image: {{ .HarborIPOrCustomImagePrefix }}cmii-srs-oss-adaptor:2023-SA-skip-CHL
+          {{- end }}
+          env:
+            - name: OSS_ENDPOINT
+              value: 'http://{{ .MinioInnerIP }}:9000'
+            - name: OSS_AK
+              value: cmii
+            - name: OSS_SK
+              value: 'B#923fC7mk'
+            - name: OSS_BUCKET
+              value: live-cluster-hls
+            - name: SRS_OP
+              value: 'http://helm-live-op-svc-v2:8080'
+            - name: MYSQL_ENDPOINT
+              value: 'helm-mysql:3306'
+            - name: MYSQL_USERNAME
+              value: k8s_admin
+            - name: MYSQL_PASSWORD
+              value: {{ .MySQLK8sAdminPassword }}
+            - name: MYSQL_DATABASE
+              value: cmii_live_srs_op
+            - name: MYSQL_TABLE
+              value: live_segment
+            - name: LOG_LEVEL
+              value: info
+            - name: OSS_META
+              value: 'yes'
+          resources:
+            limits:
+              cpu: 2000m
+              memory: 4Gi
+            requests:
+              cpu: 100m
+              memory: 256Mi
+          volumeMounts:
+            - name: srs-vol
+              mountPath: /cmii/share/hls
+              subPath: {{ .Namespace }}/helm-live/hls
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          imagePullPolicy: Always
+      restartPolicy: Always
+      terminationGracePeriodSeconds: 30
+      dnsPolicy: ClusterFirst
+      securityContext: {}
+      imagePullSecrets:
+        - name: harborsecret
+      affinity: {}
+      schedulerName: default-scheduler
+  serviceName: helm-live-srsrtc-svc
+  podManagementPolicy: OrderedReady
+  updateStrategy:
+    type: RollingUpdate
+    rollingUpdate:
+      partition: 0
+  revisionHistoryLimit: 10
+---
+# live-srs部分
+---
+kind: Deployment
+apiVersion: apps/v1
+metadata:
+  name: helm-live-op-v2
+  namespace: {{ .Namespace }}
+  labels:
+    octopus.control: wdd
+    app.kubernetes.io/managed-by: octopus
+    cmii.app: live-engine
+    cmii.type: live
+    helm.sh/chart: cmlc-live-live-op-2.0.0
+    live-role: op-v2
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      live-role: op-v2
+  template:
+    metadata:
+      labels:
+        live-role: op-v2
+    spec:
+      volumes:
+        - name: srs-conf-file
+          configMap:
+            name: helm-live-op-cm-v2
+            items:
+              - key: live.op.conf
+                path: bootstrap.yaml
+            defaultMode: 420
+      containers:
+        - name: helm-live-op-v2
+          {{- if .HarborPort }}
+          image: {{ .HarborIPOrCustomImagePrefix }}:{{ .HarborPort }}/cmii/cmii-live-operator:5.2.0
+          {{- else }}
+          image: {{ .HarborIPOrCustomImagePrefix }}cmii-live-operator:5.2.0
+          {{- end }}
+          ports:
+            - name: operator
+              containerPort: 8080
+              protocol: TCP
+          resources:
+            limits:
+              cpu: 4800m
+              memory: 4Gi
+            requests:
+              cpu: 100m
+              memory: 256Mi
+          volumeMounts:
+            - name: srs-conf-file
+              mountPath: /cmii/bootstrap.yaml
+              subPath: bootstrap.yaml
+          livenessProbe:
+            httpGet:
+              path: /cmii/health
+              port: 8080
+              scheme: HTTP
+            initialDelaySeconds: 60
+            timeoutSeconds: 5
+            periodSeconds: 20
+            successThreshold: 1
+            failureThreshold: 3
+          readinessProbe:
+            httpGet:
+              path: /cmii/health
+              port: 8080
+              scheme: HTTP
+            initialDelaySeconds: 60
+            timeoutSeconds: 5
+            periodSeconds: 20
+            successThreshold: 1
+            failureThreshold: 3
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          imagePullPolicy: Always
+      restartPolicy: Always
+      terminationGracePeriodSeconds: 30
+      dnsPolicy: ClusterFirst
+      securityContext: {}
+      imagePullSecrets:
+        - name: harborsecret
+      affinity: {}
+      schedulerName: default-scheduler
+  strategy:
+    type: RollingUpdate
+    rollingUpdate:
+      maxUnavailable: 25%
+      maxSurge: 25%
+  revisionHistoryLimit: 10
+  progressDeadlineSeconds: 600
+---
+kind: Service
+apiVersion: v1
+metadata:
+  name: helm-live-op-svc-v2
+  namespace: {{ .Namespace }}
+  labels:
+    octopus.control: wdd
+    app.kubernetes.io/managed-by: octopus
+spec:
+  ports:
+    - protocol: TCP
+      port: 8080
+      targetPort: 8080
+      nodePort: 30333
+  selector:
+    live-role: op-v2
+  type: NodePort
+  sessionAffinity: None
+---
+kind: Service
+apiVersion: v1
+metadata:
+  name: helm-live-op-svc
+  namespace: {{ .Namespace }}
+  labels:
+    octopus.control: wdd
+    app.kubernetes.io/managed-by: octopus
+spec:
+  ports:
+    - protocol: TCP
+      port: 8080
+      targetPort: 8080
+  selector:
+    live-role: op
+  type: ClusterIP
+  sessionAffinity: None
+---
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: helm-live-op-cm-v2
+  namespace: {{ .Namespace }}
+  labels:
+    octopus.control: wdd
+    app.kubernetes.io/managed-by: octopus
+    cmii.app: live-engine
+    cmii.type: live
+data:
+  live.op.conf: |-
+    server:
+      port: 8080
+    spring:
+      main:
+        allow-bean-definition-overriding: true
+        allow-circular-references: true
+      application:
+        name: cmii-live-operator
+      platform:
+        info:
+          name: cmii-live-operator
+          description: cmii-live-operator
+          version: {{ .TagVersion }}
+          scanPackage: com.cmii.live.op
+      cloud:
+        nacos:
+          config:
+            username: nacos
+            password: KingKong@95461234
+            server-addr: helm-nacos:8848
+            extension-configs:
+              - data-id: cmii-live-operator.yml
+                group: {{ .TagVersion }}
+                refresh: true
+            shared-configs:
+              - data-id: cmii-backend-system.yml
+                group: {{ .TagVersion }}
+                refresh: true
+          discovery:
+            enabled: false
+
+    live:
+      engine:
+        type: srs
+        endpoint:  'http://helm-live-srs-svc:1985'
+      proto:
+        rtmp: 'rtmp://{{ .WebIP }}:{{ .RtmpPort }}'
+        rtsp: 'rtsp://{{ .WebIP }}:30554'
+        srt: 'srt://{{ .WebIP }}:{{ .SrtPort }}'
+        flv: 'http://{{ .WebIP }}:30500'
+        hls: 'http://{{ .WebIP }}:30500'
+        rtc: 'webrtc://{{ .WebIP }}:30080'
+        replay: 'https://{{ .WebIP }}:30333'
+      minio:
+        endpoint: http://{{ .MinioInnerIP }}:9000
+        access-key: cmii
+        secret-key: B#923fC7mk
+        bucket: live-cluster-hls
+`

agent-deploy/d_app/TemplateIngressConfigMap.go

@@ -0,0 +1,218 @@
+package d_app
+
+const CmiiFrontendConfigMapTemplate = `
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: tenant-prefix-{{ .ShortName }}
+  namespace: {{ .Namespace }}
+data:
+  ingress-config.js: |-
+    var __GlobalIngressConfig = {
+      TenantEnvironment: "{{ .TenantEnv }}",
+      {{- if .WebPort }}
+      CloudHOST: "{{ .WebIP }}:{{ .WebPort }}",
+      {{- else }}
+      CloudHOST: "{{ .WebIP }}",
+      {{- end }}
+      {{- if eq .ShortName "pangu" }}
+      ApplicationShortName: "",
+      {{- else }}
+      ApplicationShortName: "{{ .ShortName }}",
+      {{- end }}
+      AppClientId: "{{ .ClientId }}"
+    }
+`
+
+const CmiiFrontendDefaultNginxConfTemplate = `
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: nginx-cm
+  namespace: {{ .Namespace }}
+  labels:
+    cmii.type: frontend
+data:
+  nginx.conf: |
+    server {
+        listen       9528;
+        server_name  localhost;
+        gzip on;
+
+        location / {
+            root   /home/cmii-platform/dist;
+            index  index.html index.htm;
+        }
+
+        error_page   500 502 503 504  /50x.html;
+        location = /50x.html {
+            root   html;
+        }
+    }
+`
+
+const CmiiFrontendIngressTemplate = `
+apiVersion: networking.k8s.io/v1beta1
+kind: Ingress
+metadata:
+  name: frontend-applications-ingress
+  namespace: {{ .Namespace }}
+  labels:
+    type: frontend
+    octopus.control: all-ingress-config-wdd
+    app.kubernetes.io/managed-by: octopus-control
+    app.kubernetes.io/version: {{ .TagVersion }}
+  annotations:
+    kubernetes.io/ingress.class: "nginx"
+    nginx.ingress.kubernetes.io/enable-cors: "true"
+    nginx.ingress.kubernetes.io/rewrite-target: /$1
+    nginx.ingress.kubernetes.io/configuration-snippet: |
+	{{- range $key, $value := .FrontendShortNameMaps }}
+      rewrite ^(/{{ $value }})$ $1/ redirect;
+	{{- end }}
+spec:
+  rules:
+    - host: fake-domain.{{ .Namespace }}.io
+      http:
+        paths:
+          {{- if .TenantEnv }}
+          {{- $tenantEnv := .TenantEnv }}
+          - path: /{{ $tenantEnv }}/?(.*)
+            pathType: ImplementationSpecific
+            backend:
+              serviceName: cmii-uav-platform
+              servicePort: 9528
+          {{- range $key, $value := .FrontendShortNameMaps }}
+          - path: /{{ $tenantEnv }}/{{ $value }}/?(.*)
+            pathType: ImplementationSpecific
+            backend:
+              serviceName: {{ $key }}
+              servicePort: 9528
+          {{- end }}
+          {{- else }}
+          - path: /?(.*)
+            pathType: ImplementationSpecific
+            backend:
+              serviceName: cmii-uav-platform
+              servicePort: 9528
+          {{- range $key, $value := .FrontendShortNameMaps }}
+          - path: /{{ $value }}/?(.*)
+            pathType: ImplementationSpecific
+            backend:
+              serviceName: {{ $key }}
+              servicePort: 9528
+          {{- end }}
+          {{- end }}
+`
+
+const CmiiBackendIngressTemplate = `
+apiVersion: networking.k8s.io/v1beta1
+kind: Ingress
+metadata:
+  name: backend-applications-ingress
+  namespace: {{ .Namespace }}
+  labels:
+    type: backend
+    octopus.control: all-ingress-config-wdd
+    app.kubernetes.io/managed-by: octopus-control
+    app.kubernetes.io/version: {{ .TagVersion }}
+  annotations:
+    kubernetes.io/ingress.class: "nginx"
+    nginx.ingress.kubernetes.io/enable-cors: "true"
+spec:
+  rules:
+    {{- if .TenantEnv }}
+    {{- $tenantEnv := .TenantEnv }}
+    {{- range $key, $value := .BackendImageVersionMap }}
+    - host: {{ $key }}.uavcloud-{{ $tenantEnv }}.io
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              serviceName: {{  $key  }}
+              servicePort: 8080
+   {{- end }}
+   {{- else }}
+   {{- $tenantEnv := .Namespace }}
+   {{- range $key, $value := .BackendImageVersionMap }}
+   - host: {{ $key }}.uavcloud-{{ $tenantEnv }}.io
+     http:
+       paths:
+         - path: /
+           pathType: ImplementationSpecific
+           backend:
+             serviceName: {{  $key  }}
+             servicePort: 8080
+   {{- end }}
+   {{- end }}
+`
+
+const CmiiGatewayIngressTemplate = `
+apiVersion: networking.k8s.io/v1beta1
+kind: Ingress
+metadata:
+  name: all-gateways-ingress
+  namespace: {{ .Namespace }}
+  labels:
+    type: api-gateway
+    octopus.control: all-ingress-config-1.1.0
+    app.kubernetes.io/managed-by: octopus-control
+    app.kubernetes.io/version: {{ .TagVersion }}
+  annotations:
+    kubernetes.io/ingress.class: "nginx"
+    nginx.ingress.kubernetes.io/enable-cors: "true"
+    nginx.ingress.kubernetes.io/rewrite-target: /$1
+    nginx.ingress.kubernetes.io/configuration-snippet: |
+      proxy_set_header upgradePrefix $http_upgrade;
+      proxy_set_header Connection "upgradePrefix";
+spec:
+  rules:
+    - host: fake-domain.{{ .Namespace }}.io
+      http:
+        paths:
+          {{- if .TenantEnv }}
+          {{- $tenantEnv := .TenantEnv }}
+          - path: /{{ $tenantEnv }}/oms/api/?(.*)
+            pathType: ImplementationSpecific
+            backend:
+              serviceName: cmii-admin-gateway
+              servicePort: 8080
+          - path: /{{ $tenantEnv }}/open/api/?(.*)
+            pathType: ImplementationSpecific
+            backend:
+              serviceName: cmii-open-gateway
+              servicePort: 8080
+          - path: /{{ $tenantEnv }}/api/?(.*)
+            pathType: ImplementationSpecific
+            backend:
+              serviceName: cmii-uav-gateway
+              servicePort: 8080
+           - path: /{{ $tenantEnv }}/uas/api/?(.*)
+            pathType: ImplementationSpecific
+            backend:
+              serviceName: cmii-uas-gateway
+              servicePort: 8080
+          {{- else }}
+          - path: /oms/api/?(.*)
+            pathType: ImplementationSpecific
+            backend:
+              serviceName: cmii-admin-gateway
+              servicePort: 8080
+          - path: /open/api/?(.*)
+            pathType: ImplementationSpecific
+            backend:
+              serviceName: cmii-open-gateway
+              servicePort: 8080
+          - path: /api/?(.*)
+            pathType: ImplementationSpecific
+            backend:
+              serviceName: cmii-uav-gateway
+              servicePort: 8080
+          - path: /uas/api/?(.*)
+            pathType: ImplementationSpecific
+            backend:
+              serviceName: cmii-uas-gateway
+              servicePort: 8080
+         {{- end }}
+`

agent-deploy/e_cmii/CmiiEnvConfiguration.go

@@ -0,0 +1,184 @@
+package e_cmii
+
+import (
+	"encoding/base64"
+	"wdd.io/agent-deploy/c_middle"
+	"wdd.io/agent-deploy/d_app"
+	"wdd.io/agent-deploy/z_dep"
+)
+
+type CmiiEnvConfig struct {
+	c_middle.MySQlConfig
+	c_middle.RedisConfig
+	c_middle.MongoConfig
+	c_middle.RabbitMQConfig
+	c_middle.NacosConfig
+	c_middle.EmqxConfig
+	d_app.CmiiFrontendConfig
+	d_app.CmiiBackendConfig
+	d_app.CmiiSrsConfig
+}
+
+var CmiiOutSideConfig = &CmiiEnvConfig{
+	MySQlConfig: c_middle.MySQlConfig{
+		MySQLNodePort:           "33306",
+		MySQLRootPassword:       "QzfXQhd3bQ",
+		MySQLRootPasswordBase64: base64.StdEncoding.EncodeToString([]byte("QzfXQhd3bQ")),
+		MySQLK8sAdminPassword:   "fP#UaH6qQ3)8",
+	},
+	RedisConfig: c_middle.RedisConfig{},
+	MongoConfig: c_middle.MongoConfig{
+		MongoPassword: "REdPza8#oVlt",
+		MongoNodePort: "37017",
+	},
+	RabbitMQConfig: c_middle.RabbitMQConfig{
+		CommonEnvironmentConfig: z_dep.CommonEnvironmentConfig{},
+		RabbitNodePort:          "35672",
+		RabbitDashboardNodePort: "36675",
+		RabbitPassword:          "nYcRN91r._hj",
+		RabbitPasswordBase64:    "blljUk45MXIuX2hq",
+	},
+	NacosConfig: c_middle.NacosConfig{
+		MySQLK8sAdminPassword: "fP#UaH6qQ3)8",
+		NacosNodePort:         "38848",
+	},
+	EmqxConfig: c_middle.EmqxConfig{
+		EmqxNodePort:          "31883",
+		EmqxDashboardNodePort: "38085",
+		EmqxWebSocketNodePort: "38083",
+		EmqxPassword:          "odD8#Ve7.B",
+	},
+	CmiiFrontendConfig: d_app.CmiiFrontendConfig{},
+	CmiiBackendConfig:  d_app.CmiiBackendConfig{},
+	CmiiSrsConfig: d_app.CmiiSrsConfig{
+		RtmpPort:              "31935",
+		WebRTCPort:            "30090",
+		SrtPort:               "30556",
+		WebApiPort:            "30080",
+		MySQLK8sAdminPassword: "fP#UaH6qQ3)8",
+	},
+}
+
+var CmiiDevConfig = &CmiiEnvConfig{
+	MySQlConfig: c_middle.MySQlConfig{
+		MySQLNodePort:           "33306",
+		MySQLRootPassword:       "Gwubc6CxRM",
+		MySQLRootPasswordBase64: "R3d1YmM2Q3hSTQ==",
+		MySQLK8sAdminPassword:   "VFJncwy58^Zm",
+	},
+	RedisConfig: c_middle.RedisConfig{},
+	MongoConfig: c_middle.MongoConfig{
+		MongoPassword: "7(#dD3zcz8",
+		MongoNodePort: "37017",
+	},
+	RabbitMQConfig: c_middle.RabbitMQConfig{
+		CommonEnvironmentConfig: z_dep.CommonEnvironmentConfig{},
+		RabbitNodePort:          "35672",
+		RabbitDashboardNodePort: "36675",
+		RabbitPassword:          "7v&7#w1ef)T-",
+		RabbitPasswordBase64:    "N3YmNyN3MWVmKVQt",
+	},
+	NacosConfig: c_middle.NacosConfig{
+		MySQLK8sAdminPassword: "VFJncwy58^Zm",
+		NacosNodePort:         "33848",
+	},
+	EmqxConfig: c_middle.EmqxConfig{
+		EmqxNodePort:          "31883",
+		EmqxDashboardNodePort: "38085",
+		EmqxWebSocketNodePort: "38083",
+		EmqxPassword:          "4YPk*DS%+5",
+	},
+	CmiiFrontendConfig: d_app.CmiiFrontendConfig{},
+	CmiiBackendConfig:  d_app.CmiiBackendConfig{},
+	CmiiSrsConfig: d_app.CmiiSrsConfig{
+		RtmpPort:              "30935",
+		WebRTCPort:            "30090",
+		SrtPort:               "30556",
+		WebApiPort:            "30557",
+		MySQLK8sAdminPassword: "VFJncwy58^Zm",
+	},
+}
+
+var CmiiDevFlightConfig = &CmiiEnvConfig{
+	MySQlConfig: c_middle.MySQlConfig{
+		MySQLNodePort:           "33307",
+		MySQLRootPassword:       "Gwubc6CxRM",
+		MySQLRootPasswordBase64: "R3d1YmM2Q3hSTQ==",
+		MySQLK8sAdminPassword:   "VFJncwy58^Zm",
+	},
+	RedisConfig: c_middle.RedisConfig{},
+	MongoConfig: c_middle.MongoConfig{
+		MongoPassword: "7(#dD3zcz8",
+		MongoNodePort: "37018",
+	},
+	RabbitMQConfig: c_middle.RabbitMQConfig{
+		CommonEnvironmentConfig: z_dep.CommonEnvironmentConfig{},
+		RabbitNodePort:          "35673",
+		RabbitDashboardNodePort: "36676",
+		RabbitPassword:          "7v&7#w1ef)T-",
+		RabbitPasswordBase64:    "N3YmNyN3MWVmKVQt",
+	},
+	NacosConfig: c_middle.NacosConfig{
+		MySQLK8sAdminPassword: "VFJncwy58^Zm",
+		NacosNodePort:         "33849",
+	},
+	EmqxConfig: c_middle.EmqxConfig{
+		EmqxNodePort:          "31884",
+		EmqxDashboardNodePort: "38086",
+		EmqxWebSocketNodePort: "38084",
+		EmqxPassword:          "4YPk*DS%+5",
+	},
+	CmiiFrontendConfig: d_app.CmiiFrontendConfig{},
+	CmiiBackendConfig:  d_app.CmiiBackendConfig{},
+	CmiiSrsConfig: d_app.CmiiSrsConfig{
+		RtmpPort:              "30936",
+		WebRTCPort:            "30091",
+		SrtPort:               "30558",
+		WebApiPort:            "30559",
+		MySQLK8sAdminPassword: "VFJncwy58^Zm",
+	},
+}
+
+var CmiiDevOperationConfig = &CmiiEnvConfig{
+	MySQlConfig: c_middle.MySQlConfig{
+		MySQLNodePort:           "33308",
+		MySQLRootPassword:       "Gwubc6CxRM",
+		MySQLRootPasswordBase64: "R3d1YmM2Q3hSTQ==",
+		MySQLK8sAdminPassword:   "VFJncwy58^Zm",
+	},
+	RedisConfig: c_middle.RedisConfig{},
+	MongoConfig: c_middle.MongoConfig{
+		MongoPassword: "7(#dD3zcz8",
+		MongoNodePort: "37019",
+	},
+	RabbitMQConfig: c_middle.RabbitMQConfig{
+		CommonEnvironmentConfig: z_dep.CommonEnvironmentConfig{},
+		RabbitNodePort:          "35674",
+		RabbitDashboardNodePort: "36677",
+		RabbitPassword:          "7v&7#w1ef)T-",
+		RabbitPasswordBase64:    "N3YmNyN3MWVmKVQt",
+	},
+	NacosConfig: c_middle.NacosConfig{
+		MySQLK8sAdminPassword: "VFJncwy58^Zm",
+		NacosNodePort:         "33850",
+	},
+	EmqxConfig: c_middle.EmqxConfig{
+		EmqxNodePort:          "31885",
+		EmqxDashboardNodePort: "38087",
+		EmqxWebSocketNodePort: "38085",
+		EmqxPassword:          "4YPk*DS%+5",
+	},
+	CmiiFrontendConfig: d_app.CmiiFrontendConfig{},
+	CmiiBackendConfig:  d_app.CmiiBackendConfig{},
+	CmiiSrsConfig: d_app.CmiiSrsConfig{
+		RtmpPort:              "30937",
+		WebRTCPort:            "30092",
+		SrtPort:               "30560",
+		WebApiPort:            "30561",
+		MySQLK8sAdminPassword: "VFJncwy58^Zm",
+	},
+}
+var CmiiIntegrationConfig = &CmiiEnvConfig{}
+var CmiiUatConfig = &CmiiEnvConfig{}
+var CmiiValidationConfig = &CmiiEnvConfig{}
+var CmiiDemoConfig = &CmiiEnvConfig{}

agent-deploy/e_cmii/ImageDownSync.sh

@@ -0,0 +1,148 @@
+#!/usr/bin/env bash
+
+### 需要修改以下的内容  ###
+#### 需要修改以下的内容  ###
+#### 需要修改以下的内容  ###
+
+cmlc_app_image_list="cmlc-app-images-4.1.6.txt"         # 需要修改版本
+rancher_image_list="kubernetes-images-2.5.7-1.20.4.txt" # 一般不需要修改
+middleware_image_list="middleware-images.txt"           # 一般不需要修改
+#DockerRegisterDomain="20.47.129.116:8033"     # 需要根据实际修改
+DockerRegisterDomain="harbor.cdcyy.com.cn" # 需要根据实际修改
+HarborAdminPass=V2ryStr@ngPss              # 需要跟第一脚本中的密码保持一致
+
+#### 需要修改以上的内容  ###
+#### 需要修改以上的内容  ###
+#### 需要修改以上的内容  ###
+
+downloadAllNeededImages() {
+  while [[ $# > 0 ]]; do
+    pulled=""
+    while IFS= read -r i; do
+      [ -z "${i}" ] && continue
+      echo "开始下载：${i}"
+      if docker pull "${i}" >/dev/null 2>&1; then
+        echo "Image pull success: ${i}"
+        pulled="${pulled} ${i}"
+      else
+        if docker inspect "${i}" >/dev/null 2>&1; then
+          pulled="${pulled} ${i}"
+        else
+          echo "Image pull failed: ${i}"
+        fi
+      fi
+      echo "-------------------------------------------------"
+    done <"${1}"
+    shift
+  done
+}
+
+downloadAllNeededImagesAndCompress() {
+  while [[ $# > 0 ]]; do
+    pulled=""
+    while IFS= read -r i; do
+      [ -z "${i}" ] && continue
+      echo "开始下载：${i}"
+      if docker pull "${i}" >/dev/null 2>&1; then
+        echo "Image pull success: ${i}"
+        pulled="${pulled} ${i}"
+      else
+        if docker inspect "${i}" >/dev/null 2>&1; then
+          pulled="${pulled} ${i}"
+        else
+          echo "Image pull failed: ${i}"
+        fi
+      fi
+      echo "-------------------------------------------------"
+    done <"${1}"
+    compressPacName="$(echo ${1} | cut -d"." -f1).tar.gz"
+
+    echo "Creating ${compressPacName} with $(echo ${pulled} | wc -w | tr -d '[:space:]') images"
+    docker save $(echo ${pulled}) | gzip --stdout >${compressPacName}
+
+    shift
+  done
+
+  echo "已经完成打包工作！"
+}
+
+pushRKEImageToHarbor() {
+  linux_images=()
+  while IFS= read -r i; do
+    [ -z "${i}" ] && continue
+    linux_images+=("${i}")
+  done <"${rancher_image_list}"
+
+  #  docker login -u admin -p ${HarborAdminPass} ${DockerRegisterDomain}
+  docker login -u rad02_drone -p Drone@1234 harbor.cdcyy.com.cn
+
+  for i in "${linux_images[@]}"; do
+    [ -z "${i}" ] && continue
+    case $i in
+    */*)
+      image_name="${DockerRegisterDomain}/${i}"
+      ;;
+    *)
+      image_name="${DockerRegisterDomain}/rancher/${i}"
+      ;;
+    esac
+
+    echo "开始镜像至私有仓库推送：${image_name}"
+    docker tag "${i}" "${image_name}"
+    docker push "${image_name}"
+    echo "-------------------------------------------------"
+  done
+}
+
+pushCMLCAPPImageToHarbor() {
+  app_images=()
+  while IFS= read -r i; do
+    [ -z "${i}" ] && continue
+    app_images+=("${i}")
+  done <"${cmlc_app_image_list}"
+
+  docker login -u rad02_drone -p Drone@1234 harbor.cdcyy.com.cn
+  #  docker login -u admin -p ${HarborAdminPass} ${DockerRegisterDomain}
+  for app in "${app_images[@]}"; do
+    [ -z "${app}" ] && continue
+    image_name="${DockerRegisterDomain}/$(echo ${app} | cut -d"/" -f2-8)"
+    echo "开始镜像至私有仓库推送：${image_name}"
+    docker tag "${app}" "${image_name}"
+    docker push "${image_name}"
+    echo "-------------------------------------------------"
+  done
+}
+
+pushMiddlewareImageToHarbor() {
+  middleware_image=()
+  while IFS= read -r i; do
+    [ -z "${i}" ] && continue
+    middleware_image+=("${i}")
+  done <"${middleware_image_list}"
+
+  #  docker login -u admin -p ${HarborAdminPass} ${DockerRegisterDomain}
+  docker login -u rad02_drone -p Drone@1234 harbor.cdcyy.com.cn
+  for app in "${middleware_image[@]}"; do
+    [ -z "${app}" ] && continue
+    case ${app} in
+    */*/*)
+      image_name="${DockerRegisterDomain}/cmii/$(echo "${app}" | cut -d"/" -f3-8)"
+      ;;
+    */*)
+      image_name="${DockerRegisterDomain}/cmii/$(echo "${app}" | cut -d"/" -f2-8)"
+      ;;
+    esac
+
+    echo "开始镜像至私有仓库推送：${image_name}"
+    docker tag "${app}" "${image_name}"
+    docker push "${image_name}"
+    echo "-------------------------------------------------"
+  done
+}
+
+#downloadAllNeededImagesAndCompress "${middleware_image_list}"
+downloadAllNeededImages "${middleware_image_list}"
+
+#pushRKEImageToHarbor
+#pushCMLCAPPImageToHarbor
+pushMiddlewareImageToHarbor

agent-deploy/e_cmii/cmlc-nfs.yaml

@@ -0,0 +1,164 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: cmlc-nfs-client-provisioner
+  # replace with namespace where provisioner is deployed
+  namespace: kube-system
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: cmlc-nfs-client-provisioner-runner
+rules:
+  - apiGroups:
+      - ""
+    resources:
+      - persistentvolumes
+    verbs:
+      - get
+      - list
+      - watch
+      - create
+      - delete
+  - apiGroups:
+      - ""
+    resources:
+      - persistentvolumeclaims
+    verbs:
+      - get
+      - list
+      - watch
+      - update
+  - apiGroups:
+      - storage.k8s.io
+    resources:
+      - storageclasses
+    verbs:
+      - get
+      - list
+      - watch
+  - apiGroups:
+      - ""
+    resources:
+      - events
+    verbs:
+      - watch
+      - create
+      - update
+      - patch
+  - apiGroups:
+      - ""
+    resources:
+      - services
+    verbs:
+      - get
+  - apiGroups:
+      - extensions
+    resourceNames:
+      - nfs-provisioner
+    resources:
+      - podsecuritypolicies
+    verbs:
+      - use
+  - apiGroups:
+      - ""
+    resources:
+      - endpoints
+    verbs:
+      - get
+      - list
+      - watch
+      - create
+      - update
+      - patch
+
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: cmlc-run-nfs-client-provisioner
+subjects:
+  - kind: ServiceAccount
+    name: cmlc-nfs-client-provisioner
+    # replace with namespace where provisioner is deployed
+    namespace: kube-system
+roleRef:
+  kind: ClusterRole
+  name: cmlc-nfs-client-provisioner-runner
+  apiGroup: rbac.authorization.k8s.io
+
+
+---
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: cmlc-leader-locking-nfs-client-provisioner
+  # replace with namespace where provisioner is deployed
+  namespace: kube-system
+rules:
+  - apiGroups: [ "" ]
+    resources: [ "endpoints" ]
+    verbs: [ "get", "list", "watch", "create", "update", "patch" ]
+---
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: cmlc-leader-locking-nfs-client-provisioner
+subjects:
+  - kind: ServiceAccount
+    name: cmlc-nfs-client-provisioner
+    # replace with namespace where provisioner is deployed
+    namespace: kube-system
+roleRef:
+  kind: Role
+  name: cmlc-leader-locking-nfs-client-provisioner
+  apiGroup: rbac.authorization.k8s.io
+
+---
+apiVersion: storage.k8s.io/v1
+kind: StorageClass
+metadata:
+  name: nfs-prod-distribute
+provisioner: cmlc-nfs-client-provisioner
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: cmlc-nfs-client-provisioner
+  labels:
+    app: cmlc-nfs-client-provisioner
+  # replace with namespace where provisioner is deployed
+  namespace: kube-system
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: cmlc-nfs-client-provisioner
+  strategy:
+    type: Recreate
+  template:
+    metadata:
+      labels:
+        app: cmlc-nfs-client-provisioner
+    spec:
+      serviceAccountName: cmlc-nfs-client-provisioner
+      imagePullSecrets:
+        - name: harborsecret
+      containers:
+        - name: cmlc-nfs-client-provisioner
+          image: harbor.cdcyy.com.cn/cmii/nfs-subdir-external-provisioner:v4.0.2
+          volumeMounts:
+            - name: nfs-client-root
+              mountPath: /persistentvolumes
+          env:
+            - name: PROVISIONER_NAME
+              value: cmlc-nfs-client-provisioner
+            - name: NFS_SERVER
+              value: yfcsnfs.com
+            - name: NFS_PATH
+              value: /drone/zyly
+      volumes:
+        - name: nfs-client-root
+          nfs:
+            server: yfcsnfs.com
+            path: /drone/zyly

agent-deploy/e_cmii/harbor-secret.yaml

@@ -0,0 +1,9 @@
+kind: Secret
+apiVersion: v1
+metadata:
+  name: harborsecret
+  namespace: uavcloud-devoperation
+data:
+  .dockerconfigjson: >-
+    ewoJImF1dGhzIjogewoJCSJoYXJib3ItcWEuc3JlLmNkY3l5LmNuIjogewoJCQkiYXV0aCI6ICJjbUZrTURKZlpISnZibVU2UkhKdmJtVkFNVEl6TkE9PSIKCQl9LAogICAgICAgICAgICAgICAgImhhcmJvci5jZGN5eS5jb20uY24iOiB7CgkJCSJhdXRoIjogImNtRmtNREpmWkhKdmJtVTZSSEp2Ym1WQU1USXpOQT09IgoJCX0KCX0sCgkiSHR0cEhlYWRlcnMiOiB7CgkJIlVzZXItQWdlbnQiOiAiRG9ja2VyLUNsaWVudC8xOS4wMy45IChsaW51eCkiCgl9Cn0=
+type: kubernetes.io/dockerconfigjson

agent-deploy/go.mod

@@ -0,0 +1,23 @@
+module wdd.io/agent-deploy
+
+go 1.22.1
+
+require (
+	github.com/go-playground/validator/v10 v10.21.0
+	wdd.io/agent-common v0.0.0
+)
+
+require (
+	github.com/gabriel-vasile/mimetype v1.4.3 // indirect
+	github.com/go-playground/locales v0.14.1 // indirect
+	github.com/go-playground/universal-translator v0.18.1 // indirect
+	github.com/leodido/go-urn v1.4.0 // indirect
+	go.uber.org/multierr v1.10.0 // indirect
+	go.uber.org/zap v1.27.0 // indirect
+	golang.org/x/crypto v0.22.0 // indirect
+	golang.org/x/net v0.24.0 // indirect
+	golang.org/x/sys v0.19.0 // indirect
+	golang.org/x/text v0.14.0 // indirect
+)
+
+replace wdd.io/agent-common => ../agent-common

agent-deploy/go.sum

@@ -0,0 +1,34 @@
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/gabriel-vasile/mimetype v1.4.3 h1:in2uUcidCuFcDKtdcBxlR0rJ1+fsokWf+uqxgUFjbI0=
+github.com/gabriel-vasile/mimetype v1.4.3/go.mod h1:d8uq/6HKRL6CGdk+aubisF/M5GcPfT7nKyLpA0lbSSk=
+github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s=
+github.com/go-playground/assert/v2 v2.2.0/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4=
+github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA=
+github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY=
+github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY=
+github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY=
+github.com/go-playground/validator/v10 v10.21.0 h1:4fZA11ovvtkdgaeev9RGWPgc1uj3H8W+rNYyH/ySBb0=
+github.com/go-playground/validator/v10 v10.21.0/go.mod h1:dbuPbCMFw/DrkbEynArYaCwl3amGuJotoKCe95atGMM=
+github.com/leodido/go-urn v1.4.0 h1:WT9HwE9SGECu3lg4d/dIA+jxlljEa1/ffXKmRjqdmIQ=
+github.com/leodido/go-urn v1.4.0/go.mod h1:bvxc+MVxLKB4z00jd1z+Dvzr47oO32F/QSNjSBOlFxI=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
+github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
+go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
+go.uber.org/multierr v1.10.0 h1:S0h4aNzvfcFsC3dRF1jLoaov7oRaKqRGC/pUEJ2yvPQ=
+go.uber.org/multierr v1.10.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
+go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8=
+go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
+golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30=
+golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M=
+golang.org/x/net v0.24.0 h1:1PcaxkF854Fu3+lvBIx5SYn9wRlBzzcnHZSiaFFAb0w=
+golang.org/x/net v0.24.0/go.mod h1:2Q7sJY5mzlzWjKtYUEXSlBWCdyaioyXzRB2RtU8KVE8=
+golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o=
+golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
+golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

agent-deploy/z_dep/G.go

@@ -0,0 +1,137 @@
+package z_dep
+
+import (
+	"bytes"
+	"fmt"
+	"github.com/go-playground/validator/v10"
+	"path/filepath"
+	"text/template"
+	"wdd.io/agent-common/assert"
+	"wdd.io/agent-common/logger"
+	"wdd.io/agent-common/utils"
+)
+
+var (
+	K8sDashboardApplyFilePath = ""
+	EmqxApplyFilePath         = ""
+	MongoApplyFilePath        = ""
+	RabbitMQApplyFilePath     = ""
+	RedisApplyFilePath        = ""
+	MySQLApplyFilePath        = ""
+	NacosApplyFilePath        = ""
+	PVCApplyFilePath          = ""
+	NfsApplyFilePath          = ""
+	NfsTestApplyFilePath      = ""
+	BackendApplyFilePath      = ""
+	FrontendApplyFilePath     = ""
+	SRSApplyFilePath          = ""
+	IngresApplyFilePath       = ""
+	ConfigMapApplyFilePath    = ""
+
+	K8sDashboardApplyFileName = "k8s-dashboard.yaml"
+	EmqxApplyFileName         = "k8s-emqx.yaml"
+	MongoApplyFileName        = "k8s-mongo.yaml"
+	RabbitMQApplyFileName     = "k8s-rabbitmq.yaml"
+	RedisApplyFileName        = "k8s-redis.yaml"
+	MySQLApplyFileName        = "k8s-mysql.yaml"
+	NacosApplyFileName        = "k8s-nacos.yaml"
+	PVCApplyFileName          = "k8s-pvc.yaml"
+	NfsApplyFileName          = "k8s-nfs.yaml"
+	NfsTestApplyFileName      = "k8s-nfs-test.yaml"
+	SRSApplyFileName          = "k8s-srs.yaml"
+	IngresApplyFileName       = "k8s-ingress.yaml"
+	ConfigMapApplyFileName    = "k8s-configmap.yaml"
+	FrontendApplyFileName     = "k8s-frontend.yaml"
+	BackendApplyFileName      = "k8s-backend.yaml"
+
+	log      = logger.Log
+	Asserter = assert.Asserter
+)
+
+type CommonEnvironmentConfig struct {
+	WebIP                       string `json:"web_ip,omitempty" valid:"required"`                           //A1C1IP
+	WebPort                     string `json:"web_port,omitempty" valid:"required"`                         //A1C1JS
+	HarborIPOrCustomImagePrefix string `json:"harbor_ip_or_custom_image_prefix,omitempty" valid:"required"` //A1C2IP
+
+	HarborPort      string `json:"harbor_port,omitempty" valid:"required"` // default 8033
+	Namespace       string `json:"namespace,omitempty" valid:"required"`   // SUPREME
+	TagVersion      string `json:"tag_version,omitempty" valid:"required"` // KIMMY
+	TenantEnv       string `json:"tenant_env,omitempty"`                   // TENANT_ENV 只在内部使用
+	MinioPublicIP   string `json:"minio_public_ip,omitempty"`              // M2C1IP
+	MinioInnerIP    string `json:"minio_inner_ip,omitempty"`               // M2D2IP
+	NFSServerIP     string `json:"nfs_server_ip,omitempty"`                // N1C2IP
+	ApplyFilePrefix string
+}
+
+func (env *CommonEnvironmentConfig) ValidateAndUniform() bool {
+	validate := validator.New()
+	err := validate.Struct(env)
+	if err != nil {
+		fmt.Printf("backend config validate error: %v\n", err)
+		return false
+	}
+
+	// uniform all
+	if env.MinioInnerIP == "" {
+		env.MinioInnerIP = env.HarborIPOrCustomImagePrefix
+	}
+
+	if env.MinioPublicIP == "" {
+		env.MinioPublicIP = env.WebIP
+	}
+
+	return true
+}
+
+func (env *CommonEnvironmentConfig) ParseCommonEnvToApplyFile(applyTemplate string, applyFilePath string) bool {
+
+	return ParseEnvToApplyFile(env, applyTemplate, applyFilePath)
+}
+
+func (env *CommonEnvironmentConfig) GenerateApplyFilePath() {
+
+	Asserter.NotEmpty(env.ApplyFilePrefix, "apply file prefix is empty!")
+
+	K8sDashboardApplyFilePath = filepath.Join(env.ApplyFilePrefix, K8sDashboardApplyFileName)
+	EmqxApplyFilePath = filepath.Join(env.ApplyFilePrefix, EmqxApplyFileName)
+	MongoApplyFilePath = filepath.Join(env.ApplyFilePrefix, MongoApplyFileName)
+	RabbitMQApplyFilePath = filepath.Join(env.ApplyFilePrefix, RabbitMQApplyFileName)
+	RedisApplyFilePath = filepath.Join(env.ApplyFilePrefix, RedisApplyFileName)
+	MySQLApplyFilePath = filepath.Join(env.ApplyFilePrefix, MySQLApplyFileName)
+	NacosApplyFilePath = filepath.Join(env.ApplyFilePrefix, NacosApplyFileName)
+	PVCApplyFilePath = filepath.Join(env.ApplyFilePrefix, PVCApplyFileName)
+	NfsApplyFilePath = filepath.Join(env.ApplyFilePrefix, NfsApplyFileName)
+	NfsTestApplyFilePath = filepath.Join(env.ApplyFilePrefix, NfsTestApplyFileName)
+	BackendApplyFilePath = filepath.Join(env.ApplyFilePrefix, BackendApplyFileName)
+	FrontendApplyFilePath = filepath.Join(env.ApplyFilePrefix, FrontendApplyFileName)
+	SRSApplyFilePath = filepath.Join(env.ApplyFilePrefix, SRSApplyFileName)
+	IngresApplyFilePath = filepath.Join(env.ApplyFilePrefix, IngresApplyFileName)
+	ConfigMapApplyFilePath = filepath.Join(env.ApplyFilePrefix, ConfigMapApplyFileName)
+
+}
+
+func ParseEnvToApplyFile(environment any, applyTemplate string, applyFilePath string) bool {
+
+	randomString := utils.GenerateRandomString(8, false)
+
+	// Deployment
+	tmpl, err := template.New(randomString).Parse(applyTemplate)
+	if err != nil {
+		log.ErrorF("parse template error: %v", err)
+		return false
+	}
+	// 应用数据并打印结果
+	var result bytes.Buffer
+	err = tmpl.Execute(&result, environment)
+	if err != nil {
+		log.ErrorF("[ParseEnvToApplyFile] - [%s] template execute error: %v", applyFilePath, err)
+		return false
+	}
+
+	// append to file
+	if !utils.AppendK8sYamlWithSplitLineToFile(result.String(), applyFilePath) {
+		return false
+	}
+
+	return true
+}